Forking Open Source Projects with Sheogorath

In this episode Open Source Security chats with Sheogorath about HedgeDoc project's journey from HackMD to CodiMD and finally to HedgeDoc. We learn what forking a project looks like, including license changes (MIT to AGPL), security vulnerability management across different codebases, naming challenges, and infrastructure migrations. The conversation goes through to journey from HackMD to CodiMD and all the lessons learned along the way. And there are many lessons. The blog post for this episode can be found at  https://opensourcesecurity.io/2025/2025-02-fork_open_source_sheogorath/

Om Podcasten

Open Source Security is a media project to help showcase and educate on open source security. Our goal is to give the community a platform educate both developers and users on how open source security works. There’s a lot of good work happening that doesn’t get attention because there’s no marketing department behind it, they don’t have a developer relations team posting on LinkedIn every two hours. Let’s focus on those people and teams then learn what they do and how they do it. The goal is to hear from the people doing the work, they know what’s up, they have a lot to teach us. We just have to listen.