Chris Grams Avatar

Chris Grams

Luis Villa

Increasing the burden on open source maintainers

Luis Villa:

Here in 2021, it’s clear that a new set of standards for open source is coalescing. These bring new labor to be done, either by open source developers or as part of a metadata overlay. These new standards include:

  • Security information and auditing…
  • Legal metadata…
  • Procurement information…

Somethings’ gotta give…

Luis Villa

2019 year in review for open source licenses

2019 was a crazy year for licensing in open source. Luis Villa shared his take at what happened last year…

2019 was the most active year in open source licenses in a very, very long time, with news from China to Silicon Valley, from rawest capitalism to most thoughtful ethics. Given all that, I thought it would be worth summarizing the most interesting events, and sharing some reflections on them.

A stand out to me was on the subject of money…

Inevitably, as open source has “won,” money has become ever more central to how it functions. It turns out it is hard to sustain the entire software industry on a part time basis! Licensing has not played a central role in this discussion, but 2019 gave several examples of how licensing and money are entangled.

Tidelift Icon Tidelift

It's the end of Python 2. Are we prepared?

In just a few short months, Python 2 will officially reach the end of its supported life. 💀 This means that anyone building applications in Python will need to have moved to Python 3 if they want to keep getting updates including, importantly, fixes for any security vulnerabilities in the core of Python or in the standard library.

With over 200k Python libraries extant, I have a feeling it’ll be awhile before Python 2 is put out to pasture…

Donald Fischer

The community-led renaissance of open source

Tidelift CEO, Donald Fischer:

Today’s generation of entrepreneurial open source creators is leaving behind the scarcity mindset that bore open core and its brethren. Instead, they’re advancing an optimistic, additive, and still practical model that adds missing commercial value on top of raw open source.

(Tidelift is a frequent sponsor of ours here at Changelog)

Tidelift Icon Tidelift

Up to 20% of your application dependencies may be unmaintained

We recently added a new feature Tidelift subscribers can use to discover unmaintained dependencies. After taking an early look at the data we’re getting back, it appears that about 10-20% of commonly-in-use OSS packages aren’t actively maintained.

Click through for an explainer on how they define “unmaintained” as well as a link to their tool for analyzing your app’s dependencies (email required).

Havoc Pennington Tidelift

Open source has a working-for-free problem

Open source isn’t a charity case. We can’t expect to attract and retain level 10 players into a level 2 opportunity. So why are we treating open source maintainers and contributors like they owe us something and not finding ways to enable them to maximize the rewards they can get for playing the game?

Let’s abandon the notion that open source is exclusively charity.

In the software industry, we’re normalizing spec work in a way that the design industry successfully rallied against.

The narrative around open source is that it’s completely OK—even an expectation—that we’re all doing this for fun and exposure; and that giant companies should get huge publicity credit for throwing peanuts-to-them donations at a small subset of open source projects.

There’s nothing wrong with doing stuff for fun and exposure, or making donations, as an option. It becomes a problem when the free work is expected and the donations are seen as enough.

  0:00 / 0:00