12. Make new source code open

This guidance will help you apply standard point 12.

Everyone is responsible for meeting the Service Standard. This standard point is most relevant to:

Data architectsFrontend developersSoftware developersInteraction designers

Why it's important

Public services are built with public money. Unless there's a good reason not to, the code they're based on should be made available for other people to reuse and build on.

Open source code can save teams duplicating effort and help them build better services faster. Publishing source code under an open licence means that you're less likely to get locked into working with a single supplier.

Coding in the open encourages high quality and secure coding in development teams.

There may be times when code should not be published in the open. For example, secrets, keys or sensitive information should not be published to public repositories. DfE has guidance on managing secrets and closed code.

All phases

Things to consider:

  • any code being produced should be open by default. If at any point the code was not publicly available, the team will be asked why, and without good reason, could fail an assessment
  • it's important not to commit secrets to code. If you have some information that must be secret, for example, passwords, you can use GitHub secrets
  • use GitHub as the recommended tooling to meet this standard, as repositories in GitHub are open by default. There is a DfE organisation set up at DfE-Digital which is publicly available. Find a Tuition Partner is an example of a GitHub repo in DfE

Things to avoid in all phases

  • publishing code that contains secrets, keys, or sensitive information to public repositories

  • using closed code without clear justification