Sustainability Icon

Sustainability

57 Stories
All Topics

Adam Jacob Medium

We need sustainable free and open source communities

Adam Jacob (co-founder and creator of Chef) tldr’d his ideas to create sustainable free and open source communities by saying, “we should stop focusing on how to protect the revenue models of open source companies, and instead focus on how to create sustainable communities.” He says this will lead to better software, and that it’s also better for business. In addition to this post, Adam also wrote a short book. When I say “Sustainable Open Source Community”, I mean the following: A unified body of individuals, scattered throughout a larger society, who work in support of the creation, evolution, use, and extension of free and open source software; while ensuring its longevity through meeting the needs of the present without compromising the ability of the community of the future to meet its own needs.

read more...

.NET github.com

It is expected that all developers become a Patron to use Fody

Here’s an interesting twist on open source funding: require all users to back the project on Open Collective, but only enforce that rule via social pressure. In other words, use an honesty policy: It is an honesty system with no code or legal enforcement. When raising an issue or a pull request, the user may be checked to ensure they are a patron, and that issue/PR may be closed without further examination. If a individual or organization has no interest in the long term sustainability of Fody, then they are legally free to ignore the honesty system. The software is MIT-licensed, so all of those liberal rules apply, but don’t expect to get your PR merged or your issue taken seriously unless you’re a patron. You must be a Patron to be a user of Fody. Contributing Pull Requests does not cancel this out. It may seem unfair to expect people both contribute PRs and also financially back this project. However it is important to remember the effort in reviewing and merging a PR is often similar to that of creating the PR. Also the project maintainers are committing to support that added code (feature or bug fix) for the life of the project. The project currently has 4 organizations and 10 individuals supporting it. What do you think those numbers will look like in 6 months or a year?

read more...

Medium Icon Medium

Crowdsourcing the evolution of text parsing with unified

unified –for the uninitiated– is an interface for processing text with syntax trees and transforming between them. Maybe you’ve never heard of it, but you’ve probably relied on it as part of your software infrastructure: [unified] has been OSS for years, but has recently gotten more traction. It’s used in fancy technology such as MDX, Gatsby, and Prettier, and used to build things like Node’s docs, freeCodeCamp, and GitHub’s open source guide. Project’s like unified are crucial to the JavaScript ecosystem, but they’re difficult to fund and support toward sustainability. Hence, the unified collective. Today, we are pleased to announce the creation of the unified collective. It’s an effort to bring together like-minded organisations to collaboratively work on the innovation of content through seamless, interchangeable, and extendible tooling. We build parsers, transformers, and utilities so that others don’t have to worry about syntax. We make it easier for developers to develop. Let’s show these maintainers some 💚 and share this around to those who should be supporting it.

read more...

Twitter Icon Twitter

"Corporate purchasing and policies make funding open source literally impossible"

This is an epic open source funding thread by @SwiftOnSecurity: Corporate purchasing and policies make funding open source Literally Impossible. Nothing’s going to change until you make them pay you.Someone filed a bug?Support contract.Someone wants a feature?Support contract.It’s literally easier to pay you $1500/yr than $25 once. Followed by: I want to donate $150 to this open source project.“Do I look like a communist? Is that what you think of me?”We need a $1.5k support contract rather than pay an on-staff developer $180k.“Okay submit their IRS W-9 and Point Of Contact for vendor management to reach out to.” That’s just the beginning. Lots to ponder if you have corporate users and you’re currently using donations as your primary source of funding.

read more...

TechCrunch Icon TechCrunch

VMware acquires Heptio

Heptio is the startup founded by 2 of the co-founders of Kubernetes. We had been working on getting some time planned with the CEO Craig McLucki and CTO Joe Beda, but both were “unavailable” to speak. This acquisition might be one of the reasons why. From Ingrid Lunden’s coverage on TechCrunch: VMware acquires Heptio — a startup out of Seattle that was co-founded by Joe Beda and Craig McLuckie (two of the three people who co-created Kubernetes back at Google in 2014) Beda and McLuckie and their team will all be joining VMware in the transaction. More details can be found on the Heptio blog announcement. As for the terms of the deal, they “are not being disclosed.” For reference, when Heptio last raised money ($25M Series B in 2017) it was valued at $117M post-money. So, I’m estimating this deal to be in the $300M-$500M range. To Craig and Joe — first, congrats. Second, we’re still interested in talking with you. Maybe now is a better time and the details you couldn’t share before can now be more freely shared. This is an open invite, to you both! Congrats also to the team at Heptio for all the hard at work you’re doing to advance Kubernetes and cloud orchestration! What a ride the past few weeks for commercial open source in this recent wave of acquisitions.

read more...

Business Insider Icon Business Insider

IBM is acquiring Red Hat for $34 Billion

That’s a lot of Billions attached to a company built on the back of open source Linux. To give a quick reminder, we JUST DID A SHOW with special guest Joseph Jacks titled “Venture capital meets commercial OSS” and, of course, Red Hat was mentioned several times. They’re also on the $100M+ revenue commercial open source software company index we talked about. We’ll dig into this and keep you updated on this breaking news that’s just days off the heels of Microsoft’s official acquisition announcement of GitHub. Needless to say, this has been a BIG WEEK for commercial open source software companies.

read more...

Brenna Heaps Tidelift

How should you use funding for your open source project?

I think the consensus agrees that sustaining open source software takes more than just money. And yet money often remains a crucial part of a larger need for open source to sustain AND thrive. So, if that’s the case…how should you use funding for your open source project? Brenna Heaps writes on the Tidelift blog: We’ve been speaking with a lot of open source maintainers about how to get paid and what that might mean for their project, and the same question keeps popping up: What do I do with the money? The tldr? Fund the project, community engagement, and pay it forward… But, it’s a short read and worth it — so go read this and then share it with your fellow maintainers.

read more...

Joseph Jacks docs.google.com

The $100M+ revenue commercial open source software company index

Have you seen this spreadsheet of open source software companies from Joseph Jacks? The criteria to be added to the sheet is; the company generates $100M+ revenue (recurring or not) OR generate the equivalent of $25M of revenue per quarter. These companies have found a way to build a very large business around one or many open source software projects. Anyone on this index surprise you?

read more...

Stephen O'Grady redmonk.com

Tragedy of the Commons Clause

We’ve been tracking the community’s concerns and feedback about Commons Clause fairly well. In this post, Stephen O’Grady basically writes a book on the subject and the impact of this controversial software license. …the Commons Clause turns open source software into non-open source software, according to the industry’s accepted definition of that term. Specifically it says that the terms of the original open source license notwithstanding, you may not sell software “whose value derives, entirely or substantially, from the functionality of the Software.” …there are several logical questions to explore regarding the Commons Clause. What are the drivers behind it? What does it mean for the companies that employ it and the wider industry? And lastly, is it a good idea? Set aside 20 minutes and read this if you care about how this license is becoming popular among those (Redis as of recent) who are protecting their right to generate revenue from their open source code, while removing that ability for everyone else.

read more...

Matt Klein Medium

The (broken) economics of OSS

In response to the post from Paul Dix on the misunderstandings going on around Redis and the Common Clause license — Matt Klein tweeted: Won’t defend Redis Labs, this is a dead end move, but there needs to be more recognition that the economics of OSS are fundamentally broken. In his post he starts by saying… I want to provide a long form discussion of my two Twitter threads as this topic is nuanced and quite interesting. Note: this post is heavy on opinion and light on facts/references backing up those opinions. Thus, preface everything that follows with “IMO.” Matt goes on to share some history of open source software and his opinions on modern expectations of software being free and open, startups and open source, and who pays…

read more...

Steven J. Vaughan-Nichols zdnet.com

Will Commons Clause destroy open source?

There is a big debate underway over Commons Clause and its recent application to certain Redis enterprise add-ons. The Commons Clause license is open source and was drafted by Heather Meeker — whom you might remember from Request for Commits #9. This language from the license forbids the ability to sell the software (similar to the the Elastic License discussed on The Changelog #292). …the grant of rights under the License will not include, and the License does not grant to you, the right to Sell the Software. Steven J. Vaughan-Nichols writes for ZDNet: Redis Labs has been unsuccessful in monetizing Redis, or at least not as successful as they’d like. Their executives were discovering, like the far more well-known Docker, that having a great open-source technology did not mean you’d be making millions. Redis’ solution was to embrace Commons Clause. This license forbids you from selling the software. It also states you may not host or offer consulting or support services as “a product or service whose value derives, entirely or substantially, from the functionality of the software”. I’m really curious to see how this tread plays out as more and more organizations see service providers (cloud hosting, SaaS, etc.) and consultants (support contracts, etc.) “getting rich” off of the projects they work so hard to maintain as open source, while they struggle to find a sustainable model for funding the efforts to keep the open source ship afloat.

read more...

Paul Dix InfluxData Blog

It’s time for the open source community to get real

Paul Dix shared his thoughts on the subject of Redis and the misunderstandings going on around Redis Common Clause Licensing. Paul writes on the InfluxData blog: The accusation that RedisLabs did a bait and switch is entirely unfair. They’ve been funding open source Redis development for years and that work is now and will be in the future under the liberal BSD license. It’s not like they tricked a bunch of people into using Redis and pulled the rug out from under them. I’m sure that more than 99.99% of the Redis users are completely unaffected by this. And for those others, it’s not like the code that’s already out there is unusable. To my knowledge they can’t retroactively apply the license. So we’re really only talking about forward development to specific modules (not Redis core). Paul also shares how he favors open core, and the issues he has with other models to sustain the development of open source at scale. Open core is a fairly honest way to go about developing open source software. As long as you’re clear about what is open and what is closed. Bradley Kuhn, Executive Director and President of Software Freedom Conservancy, also shared some thoughts on “Commons Clause” style licenses. Update 2018/08/24 @ 15:09 — this Twitter thread is a nice read too.

read more...

link Icon blog.marcgravell.com

Having a serious conversation about open source

Marc Gravell: I absolutely love open source and the open source community. I love sharing ideas, being challenged by requirements and perspectives outside of my own horizon, benefitting from the contributions and wisdom of like-minded folks etc. … But: the consumers of open source (and I very much include myself in this) have become… for want of a better word: entitled. We’ve essentially reinforced that software is free (edit: I mean in the “beer” sense, not in the “Stallman” sense). That our efforts - as an open source community: have no value beyond the occasional pat on a back. I’m glad to see that as our industry matures, we’re addressing topics like these. I don’t know where to begin addressing this problem though. How do you shift the mentality of people who should start paying for things that have always been free? One thing is for sure, this isn’t sustainable. And let’s not forget, that this problem also further exacerbates the lack of developers of color who contribute to open source. Marc asks if this is a problem, and I say hell yes it is.

read more...

Salvatore Sanfilippo antirez.com

Redis will remain BSD licensed

The rumors of Redis taking on a new Creative Common license ARE NOT true. Antirez (Salvatore Sanfilippo) writes on his personal blog: Redis is, and will remain, BSD licensed. However in the era of uncontrollable spreading of information, my attempts to provide the correct information failed, and I’m still seeing everywhere “Redis is no longer open source”. The reality is that Redis remains BSD, and actually Redis Labs did the right thing supporting my effort to keep Redis core open. Here’s what IS happening… What is happening instead is that certain Redis modules, developed inside Redis Labs, are now released under the Common Clause (using Apache license as a base license). This means that basically certain enterprise add-ons, instead of being completely closed source as they could be, will be available with a more permissive license. Here’s how Redis is licensed.

read more...

Mike McQuaid mikemcquaid.com

"This is why people don’t contribute to your open source project"

Do you want more contributors and maintainers on your project? Mike McQuaid, maintainer of Homebrew (macOS package manager), writes on his personal blog: Here are a a few guidelines in thinking about this: Most contributors were users first (“scratching your own itch”: most people start contributing to an open source project to solve a problem they are experiencing) Most maintainers were a contributor and user first (people don’t just jump into maintaining a project without helping to build it first) Maintainers cannot do a good job without remaining a user (to maintain context, passion and empathy) Combined, these start to look a bit like a sales funnel. People have to travel through each stage and there’s a fairly hefty drop-off at each one. Also check out ~> Open source maintainers owe you nothing

read more...

Keenan Szulik Tidelift

Is React's development "supported" by Facebook? That depends.

Everyone knows that React is one of the most popular JavaScript libraries for building user interfaces — and many users of React choose it because they think it’s supported by Facebook. But is it really? That depends on what you mean by React, and what you mean by support. Keenan Szulik writes on the Tidelift blog: Since its release in 2013, React has grown into a proper open source phenomenon … with more than 100,000 GitHub stars, over 300,000 dependent repositories, and more than 800 contributors. Facebook’s contributions to React and the JavaScript ecosystem around it are truly epic — the stuff of legend. But when we dive into the dependencies of the default create-react-app, only 24 of the 1,103 packages come from repositories in Facebook’s GitHub organizations. That’s less than 3% of the dependencies required to build the “Hello, World” app with create-react-app! So who supports React?

read more...

Richard Littauer Medium

How to get rid of maintainer guilt

If you’re a maintainer who’s feeling the burden of your open source software, you have a few options to consider according to Richard Littauer — you can… Onboard more maintainers - spread the burden to more of the community Clearly set expectations - explain your software is provided on an “as is” basis Hire a maintenance company - wait, what?! Is that we’ve come to? Are we now hiring code maintenance companies to maintain our open source? I’m actually quite interested in the economies around this, so let this post serve as an open invite to Richard to join me on Founders Talk for a discussion on the state of open source maintenance and his lessons learned building Maintainer Mountaineer.

read more...

Pia Mancini Medium

Open Collective's new tool helps you "Back Your Stack"

Pia Mancini, CEO of Open Collective: BackYourStack is the first step to help companies discover the dependencies in their stack that are seeking to become sustainable and a way to start subscriptions to them. Each collective can set up different tiers for their subscriptions such us brand visibility, support or in-house training. Just input your GitHub org and BackYourStack will generate a list of supportable projects by analyzing your dependencies. This is a great idea and a good first step toward making it easier for organizations to put their money where their source is. (YMMV as the results are a bit limited (and maybe buggy?) at the moment. Our report is saying we only rely upon 1 open source project, which definitely doesn’t cover it.)

read more...

Eric Holmes Medium

Here's how Eric Holmes gained commit access to Homebrew in 30 minutes

This post from Eric Holmes details how package managers can be used in supply chain attacks — specifically, in this case, a supply chain attack on Homebrew — which is used by hundreds of thousands of people, including “employees at some of the biggest companies in Silicon Valley.” On Jun 31st, I went in with the intention of seeing if I could gain access to Homebrew’s GitHub repositories. About 30 minutes later, I made my first commit to Homebrew/homebrew-core. If I were a malicious actor, I could have made a small, likely unnoticed change to the openssl formulae, placing a backdoor on any machine that installed it. If I can gain access to commit in 30 minutes, what could a nation state with dedicated resources achieve against a team of 17 volunteers?

read more...

Nadia Eghbal nadiaeghbal.com

Methodologies for measuring project health

How do we know whether an open source project is doing well? Number of contributors? Number of users? Number of appearances on The Changelog*? Nadia’s been researching these things: A lot of people are interested in measuring the health and velocity of open source projects. After digging through the current research landscape, I’d like to summarize the most common approaches I’ve seen, and my conclusions here. One conclusion she’s come to is that our current methods aren’t cutting the mustard. Find out why and what some of her suggestions for improvement are in this excellent piece. *yes of course that’s a joke

read more...

Python mail.python.org

Guido van Rossum retires as Python's BDFL 😱

We were just discussing this on a recent episode, and now it’s a reality!? I’m basically giving myself a permanent vacation from being BDFL, and you all will be on your own. After all that’s eventually going to happen regardless – there’s still that bus lurking around the corner, and I’m not getting younger… (I’ll spare you the list of medical issues.) He will not appoint a successor. What happens next?! Not even Guido knows: So what are you all going to do? Create a democracy? Anarchy? A dictatorship? A federation? Grab some 🍿 because this is gonna get interesting!

read more...

Apple thedevelopersunion.org

The Developers Union - a ‘non-union union’ advocating for sustainability in the App Store

Want developers of great software to be able to make a living doing it? Want free trials in the App Store? Join The Developers Union! Dear Apple, We believe that people who create great software should be able to make a living doing it. So we created The Developers Union to advocate for sustainability in the App Store. Today, we are asking Apple to publicly commit — by the tenth anniversary of the App Store this July — to allowing free trials for all apps in the App Stores before July 2019. After that, we’ll start advocating for a more reasonable revenue cut and other community-driven, developer-friendly changes.

read more...
0:00 / 0:00