Luis Villa:

Here in 2021, it’s clear that a new set of standards for open source is coalescing. These bring new labor to be done, either by open source developers or as part of a metadata overlay. These new standards include:

• Security information and auditing…
• Legal metadata…
• Procurement information…

Somethings’ gotta give…

You’ve likely heard a lot about Google’s monorepo and how it impacts the org’s development productivity, but have you heard how it makes managing their open source efforts easier as well?

Are we setting up for another wave of recession-induced open source migration? Donald Fischer weighs in:

It’s been hard to be optimistic the last few weeks. But as I look for a silver lining in the current crisis, I believe there is an enormous opportunity for organizations to get even more nimble in their use of open source.

We’ve been logging a few of the ways the open source community has rallied to pitch in our skills around this global pandemic… now our friends at opensource.com created a round-up of their own.

2019 was a crazy year for licensing in open source. Luis Villa shared his take at what happened last year…

2019 was the most active year in open source licenses in a very, very long time, with news from China to Silicon Valley, from rawest capitalism to most thoughtful ethics. Given all that, I thought it would be worth summarizing the most interesting events, and sharing some reflections on them.

A stand out to me was on the subject of money…

Inevitably, as open source has “won,” money has become ever more central to how it functions. It turns out it is hard to sustain the entire software industry on a part time basis! Licensing has not played a central role in this discussion, but 2019 gave several examples of how licensing and money are entangled.

In just a few short months, Python 2 will officially reach the end of its supported life. 💀 This means that anyone building applications in Python will need to have moved to Python 3 if they want to keep getting updates including, importantly, fixes for any security vulnerabilities in the core of Python or in the standard library.

With over 200k Python libraries extant, I have a feeling it’ll be awhile before Python 2 is put out to pasture…

Tidelift CEO, Donald Fischer:

Today’s generation of entrepreneurial open source creators is leaving behind the scarcity mindset that bore open core and its brethren. Instead, they’re advancing an optimistic, additive, and still practical model that adds missing commercial value on top of raw open source.

(Tidelift is a frequent sponsor of ours here at Changelog)

We recently added a new feature Tidelift subscribers can use to discover unmaintained dependencies. After taking an early look at the data we’re getting back, it appears that about 10-20% of commonly-in-use OSS packages aren’t actively maintained.

Click through for an explainer on how they define “unmaintained” as well as a link to their tool for analyzing your app’s dependencies (email required).

Open source isn’t a charity case. We can’t expect to attract and retain level 10 players into a level 2 opportunity. So why are we treating open source maintainers and contributors like they owe us something and not finding ways to enable them to maximize the rewards they can get for playing the game?

Let’s abandon the notion that open source is exclusively charity.

In the software industry, we’re normalizing spec work in a way that the design industry successfully rallied against.

The narrative around open source is that it’s completely OK—even an expectation—that we’re all doing this for fun and exposure; and that giant companies should get huge publicity credit for throwing peanuts-to-them donations at a small subset of open source projects.

There’s nothing wrong with doing stuff for fun and exposure, or making donations, as an option. It becomes a problem when the free work is expected and the donations are seen as enough.

This interview with Evan You (founder of Vue.js) is all about the path that led him to being able to work full time on open source. It’s a good read 👍

(Want to dive deeper? We’ve interviewed Evan on The Changelog #184 as well as Request For Commits #12)

Danny Crichton, writing for TC:

Open source maintainers are exhausted and rarely paid. A new generation wants to change the economics.

It’s great to see more-mainstream-than-us news outlets shedding light on the situation. 👌