Hi HN! I'm one of the founders of Instant 2FA (instant2fa.com), an easy way for developers to add 2FA support to any website or app in 30 minutes.<p>We're in private beta right now, but since it's such a security-critical product, from the beginning we've planned on open sourcing the entire business. With a little more than a month until we plan to launch and do that, we're starting to get all of our ducks in a line and are hoping the HN community can help us avoid making common mistakes!<p>My question for the HN community is this: if you run an open source business, what issues have you run into that we might? Are there any we should definitely do before we open source everything?
Presumably you want your code to be open source to allow others to contribute.<p>It is important to pick the right license for your project, because it will change which contributors you will attract (and what your competitors can do with your code). Using a popular well-known license will make it easier for contributors, because they (or their employer) don't have to worry about understanding a license they've never heard of.<p>So preferably pick something like GPLv2 (use the "or any later version" wording for max compatibility), Apache v2 or MIT.<p>If possible, don't use a CLA, you don't need it [1] and it's just a bunch of extra paperwork for you and your contributors.<p>[1] <a href="https://sfconservancy.org/blog/2014/jun/09/do-not-need-cla/" rel="nofollow">https://sfconservancy.org/blog/2014/jun/09/do-not-need-cla/</a>