Funding OSS with Mozilla Open Source Support awards

About Mozilla Open Source Support (MOSS), in 2018 you had a year-in-review blog post, and this is what turned me on to reaching out to you all; I was just so excited to see the highlights from 2018 - Secure Drop, the Tor Project, and many others being funded… So Mehan, where can we begin to dive into 2018, but maybe MOSS at large?

Yeah, I’ll kind of start with MOSS at large, and then maybe transition a little bit into what happened in 2018 in particular. MOSS, for folks who are not familiar with the program, is the Mozilla Open Source Support program. The goal of MOSS is to broaden access, increase security and empower users by providing catalytic funding to open source technologies. In short, it’s basically an awards program that’s run out of the Mozilla Foundation; it’s unlike a lot of other foundation awards programs in that it works directly with open source technologists and gives awards to organizations, to for-profit companies, but also just the small teams of folks who are working on maintaining projects.

The MOSS awards program has existed for a few years now (about four years or so), but 2018 was the year of a lot of transition and change for the MOSS program, and also the beginning of some growth for the program as well. I think a lot of those really big, more key awards from 2018 that you mentioned were actually kind of the culmination of years of work from all the different staff who had worked on the program over the years.

Like most overnight successes, it actually took a while…

Right.

I’m curious though what your role is. If MOSS has been in place for several years now, stemming from the Mozilla Foundation, what has been your role in those four years? Were you one of the founders of this idea? Where are you sitting at?

I’m not one of the founding members of the MOSS program. The MOSS program originally started on the Mozilla Corporation side of the house. Mozilla is kind of a weird entity in which there’s two hats to Mozilla - there’s the Mozilla Foundation, which is a non-profit, and the Mozilla Corporation, which is a wholly owned subsidiary of the non-profit organization. The Mozilla Corporation is the one that most people are familiar with; they make Firefox, the digital product side of the house. The Foundation is more like a regular charitable foundation; we offer awards, and fellowships, and do other kind of charitable programs, all in the world of technology and keeping with Mozilla’s values.

[04:07] The MOSS program originally started on the Mozilla Corporation side of the house, and I can kind of go into more depth if you wanna talk about the history of the program, but… Basically, in 2018 the program transitioned mostly over to the foundation side of the house. The Foundation has gotten increasingly good at running awards programs and other charitable programs. We have the infrastructure and the processes to do that now, and so the decision was made basically to take most of the MOSS program, which in a lot of ways looked like a foundation program from the beginning, and kind of move it over to the foundation side of the house, and to bring all of those foundation processes and mechanics to the MOSS program.

I’ve been working for the foundation for a little over two years now, and I’ve first started working on MOSS probably in late 2017, and then when it transitioned over to the foundation in 2018, that’s when I started running the day-to-day operations for MOSS Track 1, which is our Foundational Technology Track, as well as MOSS Track 2, which is our Mission Partners Track.

A couple of things that stand out to me about this - I do wanna know where the initial idea sprang out of Mozilla; also, I’d like to know where the money is coming from, because the two things looking at this that surprise and delight me - first of all, this is not chump change that we’re talking about. In your 2018 post MOSS provided over $970,000 in funding to over 40 open source projects during the course of 2018. So we’re talking about a significant amount of funding.

Then secondly, really the focus on - and I’m sure there’s strings attached there, and we can get in the details of what it means to be funded and what it requires, and all that, but whereas many foundations offer supporting infrastructure, legal advice, stuff like that, you all are just giving cash to these projects, and that seems to be a little bit of a different tact from many other foundations.

Mm-hm. So why don’t I start with the history of the program, because I think that’s kind of a good way to understand how MOSS has evolved over time, and why we have kind of structured the program the way that we did.

So the program first started in 2015, and 2015 was kind of a big transitional moment for Mozilla in general, and some of the questions Mozilla as an organization was asking itself was “How do we give back to our roots, which are in the open source community?” So it was kind of this program that came together with a very small team; Mitchell Baker, who is Mozilla’s Executive Chairwoman, was very interested in this question, and she worked very closely with Gervase Markham, who was an engineer among other things at Mozilla, as well as Jane Finette, who was Mitchell’s Chief of Staff. And they just kind of put their heads together and came up with this idea for an awards program.

Mitchell has a certain amount of kind of discretionary funding that’s available to her, as is the case for executives of a lot of organizations, and she decided to use a chunk of that funding to fund awards in the open source space. So something that you hinted at is there’s a lot of foundations out there, there is a good number of them that support open source technology, but the things that they support are not usually technical development; they might support going to a conference, or dissemination of information, or all these kind of tangential activities… But there’s not that kind of core support out there for actually doing the actual development work. That was the kind of gap and Mitchell and Gervase and Jane were seeking to fill - to take a chunk of money, offer it up for folks who needed core support to build and maintain their projects, and to see what kind of impact that would have on the open source ecosystem.

[07:52] The first iteration of MOSS really began with us looking at and wanting to support the dependencies that we rely on. For Mozilla Technologies, especially a project as big as Firefox, you can imagine there are so many dependencies that we rely on, so many libraries and other pieces of code, ranging from big to small, and any one of those things could be a core dependency for us. So the original vision of MOSS was to kind of take a chunk of money and try to support those kinds of projects, and to be a steward of the ecosystem that we grew out of and that supported us in that way.

So that program existed in that kind of way for about a year, and in late 2015, early 2016, the focus shifted a little bit as Gervase and Mitchell and the other folks who were working on the project realized that there are a lot of other people in the ecosystem who are supporting and advancing Mozilla’s mission every single day, but who are maybe not building technologies that are dependencies for us in that same kind of way necessarily. So an additional chunk of funding was put into MOSS under the Track 2 part of the program, which is called Mission Partners. The original part of the program was turned into Track 1, which is what we call Foundational Technology.

Track 1 is for dependencies, tools that we use at Mozilla to get the job done. The idea behind Track 2 was “Let’s offer similar funding to any open source project that aligns broadly with Mozilla’s mission, that we think is kind of advancing the causes that we care about in the world.”

And then the last major track that came online was Track 3 in 2016, and that’s our Secure Open Source (SOS) Track. 2016 - it was shortly after the Heartbleed Bug, and there were some big open source security vulnerabilities that had been revealed that got a lot of folks at Mozilla talking about how we might address those kinds of things. For Mozilla, or for even bigger for-profit companies like Facebook or Google, mechanisms like bug bounties worked pretty well, because if you had the infrastructure to find bugs and to patch bugs, all you really need is somebody to report them, and then you can solve those problems yourselves. But of course, it’s not really the case for a lot of open source projects, especially small ones, especially ones that are kind of maintained by a core group of volunteers… So the idea behind Track 3 was, similarly to how we had provided funding to Track 1 and Track 2, let’s provide the money for audits and remediation for widely-used open source technologies.

Track 3 is a bit more hands-on than the other tracks, in the sense that Mozilla does play a matchmaker role as well. We have a bunch of folks that we like to work with as outside contractors for things like audits and remediation, and so if you know an open source project that is in need of an audit, we will connect them with the right folks to undertake that work. And if they find anything over the course of that audit, we will then also pay for the remediation, to make sure that the bugs are fixed.

One of the cool stories on the SOS Track is shortly after the Track was founded - I think it was in 2016, we gave an award to libjpeg-turbo, and we had funded a security audit for that library. In the course of doing that audit, two bugs were discovered, and then under a closer inspection, it turned out those bugs were not bugs in libjpeg-turbo, they were bugs in the underlying jpeg standard. So if you think about critical infrastructure for basically the entire internet, that’s about as serious as it gets, and those are bugs that maybe would never have been discovered.

So those are the kinds of things that really get us excited. I’m not sure that there are a lot of other programs out there in the world that would fund a security audit in that particular case.

[11:52] I guess when you look at these past fundings - you mentioned libjpeg-turbo, and I was also thinking of curl there, which is in a list from the audits you’ve done before… So let’s say you catch something in 2016, what do you do to continue to support curl, or libjpeg-turbo and these audits in the future? So you helped in 2016 - how do you deal with that in 2017 and 2018 and beyond? How do you provide that audibility or security in the long-term?

Yeah, that’s a good question, and that actually speaks to the idea of sustainability, which is something that we’re always trying to get at through MOSS awards, and talking to awardees about. We actually have a long history of giving repeat awards to different projects and different organizations. You mentioned Secure Drop before - we gave them a $250,000 award last year; that’s actually the second $250,000 award that we’ve given Secure Drop.

Very often if a project has had a successful MOSS project in the past, the committee will be excited to give them additional funding, if they can answer a few questions. One of the questions the committee is always interested in is the question of sustainability. I think like any funder, like any foundation, Mozilla doesn’t want to be the sole source of funding for any project. We want these projects to be on a path to sustainability. So when we talk about catalytic funding, we really are looking at projects where they’re on the path to sustainability, they have a vision and they have a roadmap for getting there; there’s maybe a gap in that path, and the committee loves to fill that gap to help those projects reach sustainability.

When folks come back to us to ask for additional funding, those are the kinds of questions that we usually end up asking, but if folks can tell a compelling story about the additional work that they want to do, and if folks are on track to secure additional support, those are the kinds of things that the committee will be excited to support a second time around.

So when I said this isn’t chump change, I wasn’t kidding… $500,000 over the course of two years - this is big-time money in open source. Many of us are trying to scratch out Donate via PayPal buttons, and maybe a couple hundred bucks a month from Patreon supporters, but this is significant.

So where does the money go to? I think the JS Foundation I was asking specifically why they don’t directly fund the developers in terms of their labor, and there’s good reasons why that can be problematic, but in the case of these - especially the big ones from 2018, Secure Drop $250,000, Tor Project $150,000, Processing almost $70,000, Dat $34,000… Significant funding, in open source terms. Surely, they have to justify why they need a certain amount of money, what they’re gonna use it for, but can you go into that and tell about – is it for developer labor, or for anything you think you need, or where does the money go to?

Yeah, in kind of all of the above. It’s very much on a case-by-case basis. The kind of general universe of funding that we normally see for projects is somewhere between about $10,000 US and $150,000 US, and I would say about 90% of projects will fall in that range. We funded things as small as $5,000, we’ve funded things as big as $250,000 or close to $300,000, but most things are in that 10k to 150k range.

The committee tends to look at these projects almost kind of like on a sliding scale as it were. So the more money you’re asking for, the more information and the more context they’re gonna want about how you’re gonna use that money. If you get up into that $100,000+ range, that’s really where we’re gonna be expecting you to come to us with not just a clear outline of the work that you wanna get done, and milestones, and a roadmap for achieving that work, but even just kind of a breakdown of how you’re gonna use all of those funds. We wanna know that you have a very clear plan for using all that money, that you have tied the need to the specific work that you wanna do…

[16:04] And in terms of what we fund, I would say the vast majority of it is just developer hours. A lot of what we’re funding is core work on these projects. But depending on the project, it can be all sorts of other activities as well. One of the things that we ask folks to articulate on their application is to tell us about their user base and to tell us about their community, tell us about the contributor community that they’ve built, and if they have goals for growing any of those, we wanna hear about those goals and we wanna hear about how the work they’re proposing to do feeds into those goals.

Sometimes these projects will come to us and say “We’ve built a technology that a small group of people loves to use. We’re solving a specific need for a specific group of people. We wanna grow awareness of this project in X, Y and Z ways” and sometimes the committee will choose to fund those types of projects… As well as the projects that say “We have a strong community, we have a strong user base. The thing that we just need is to be able to pay our developers to continue working on this project.”

It’s kind of a range, and it really depends on the size and the scale of the project, the size and the scale of the ask, all those kinds of things.

There’s also a grant process to this. You’ve gotta do the purpose of the grant, the project details… So some of that is even being defined by the initial ask to be a part of these programs anyways. So the project is sort of determining what they need to do, and you’re granting them a certain amount of money to achieve that, and it’s up to them to put that money to work. I’m assuming there’s gonna be some sort of report back to you, to ensure that those grant details were followed. Is that correct?

Yeah, absolutely. So why don’t I walk you through the process at a high-level? You mentioned the application form - that’s the first intake that we get from you. You will fill out the form, which is a pretty lightweight form, we think, by foundation standards and by awards standards. It’s one page, there’s character limits for each of the questions; we’re not expecting you to write a ten-page application or anything like that.

One of the things we know working on the MOSS program is that the vast majority of folks who are part of the MOSS program have never applied for awards funding before; this is not like the traditional foundation world where you have somebody who’s working in development and their whole job is applying to grants from big foundations. A lot of the folks that we work with are developers, they’re technologists; they’re not people who are familiar with this world, so we try to make the initial application form as lightweight and easy to use and clear and understandable as we can.

So you would fill out that form, you send that to us… I, as a program officer, take a look at your application and just vet it for things like completeness, and stuff like that. If any of it is incomplete, I might shoot you an email and say “Hey, can you fill in this question?” or something like that, if it looks like something’s missing. After that, it goes to the committee. We don’t have any kind of formal deadlines, unlike most awards programs. All of our applications come in on a rolling basis, and we have a committee of open source experts who meets once a month. Every month they consider the applications that have come during the previous month, they have a sense of what the budget is for the year and how much the committee has spent that year relative to each of the three or four tracks that we’re funding projects in.

Then they look at the applications, and sometimes they have additional questions they wanna go back to the applicant for, and sometimes they’ll just make a decision and they’ll say “This looks like exactly the kind of thing that we’re looking for” or “This doesn’t look like a good fit.”

So if they do choose to fund a project, then I as a program officer will kind of go back to the project and loop in my colleague Jessica Gonzalez, who’s the grant manager, and work with them on the process for signing the paperwork for that award, and for them receiving that award.

[20:01] One of the things I do at that stage is I usually work with whoever the maintainer is who has submitted the application to kind of flesh out their roadmap a little bit more and to get a set of milestones. One of the things that we always wanna have when they’re signing on the dotted line and saying “I’m receiving X amount of money”, we wanna have a set of deliverables that they are kind of committing to getting done within the 12-month award period, in exchange for that award funding. So I’ll work with them to make sure they have a clear, achievable set of milestones, that the milestones seem like they’re of appropriate size and scale, and all those kinds of things for the amount of funding that we’ve provided. Then we sign a contract and they have 12 months to complete those milestones.

As they complete each of those milestones, they will submit a pretty informal report to me; honestly, right now it’s just an email that they send me, that says “Here’s what we got done.” If they have links to pull requests and things like that to illustrate some of the work, they can send those along to show us how their codebase has changed… But a lot of it is just kind of them saying “Either we did or we didn’t achieve what we set out to do. Here are the reasons why. While we were building this feature maybe we discovered some additional technical debt, or the development went in a different direction for whatever reason”, and then I just kind of make a judgment call that whether or not it seems like they’ve completed an appropriate set of work relative to the milestones that we set.

And then the last piece, at the very end of the process - once they’ve finished all the milestones, they received all the payments, we ask folks to write a blog post; that’s right now one of our best ways of spreading the word about the MOSS program. We know that a lot of folks in the open source world will eventually see the blog post and things that folks are writing, so we ask folks to just write a blog post to say “Hey, I’ve received this award for X amount from Mozilla. Here’s what I was able to accomplish using the award, here’s the impact I was able to have”, that kind of thing.

Mehan, we’ve got some questions about money. Money is the hard topic here, and like any foundation, I’m assuming that it’s “always be fundraising”. And I’m curious how you determine this million dollars to give away in 2018 - are you doing specific fundraising for it? How are you getting this money, basically?

That’s a super-interesting question, especially in the context of MOSS. I have other awards programs and fellowship programs and things like that that I work on on the Mozilla Foundation side, and for the vast majority of those it’s exactly what you said - we go out and we do specific fundraising for specific projects. For instance, I worked on an awards program a few years ago where we got a chunk of money from the National Science Foundation. We basically partnered with them, they provided the funding, we provided the awards and the infrastructure, and we went out and ran this program around wireless networking.

MOSS is a huge outlier in that way. It’s very much unlike our other awards programs in that the funding for MOSS every year comes from Mitchless Baker’s discretionary funding, basically, and it’s a set amount each year. She basically says each year “Here is your budget.” It’s usually around somewhere around two million dollars for the year. “This is the money that I’m providing for you all to go out and give awards to folks in the open source community.”

In that way, it’s actually just Mitchell kind of opening up her wallet as it were, and kind of saying “This is how we’re gonna put our money where our mouth is this year, and fund the ecosystem that we grew out of.”

[24:27] And just in case no one knows Mitchell, can you give a precursor to Mitchell?

Yeah, so Mitchell is the Executive Chairwoman of Mozilla as a whole. She has been involved with Mozilla since the very start of the Mozilla project, and even a while before that. To me, she’s kind of a legend in the open source world, in the world of software, in the world of the web. I think she’s one of the pivotal figures in the development of the web browser and a lot of technologies that we enjoy today.

Pretty cool what she’s doing with her money, in my opinion. Of course, I’m biased towards open source, but I’m happy that she’s doing it. It’s awesome that so many projects can benefit from her opening up her wallet, as you said. Very cool.

A couple of questions about the money; so that’s where it’s coming from, different than most of these things, but straight from Mitchell’s “wallet”. The question is where does it go? We talked about what kind of projects that you’re interested in, and the application process… First of all, I did wanna say - I didn’t get a chance to say it earlier - I think the revolving door (is that what you called it?), every month… You can basically apply at any time. I think that’s really cool, versus like a once-a-year application process and selection… Because in light of sustainability, a lot of these projects, when they need money and they need help, they might not be here if they’ve gotta wait 9 months before they can get an application put together… So I think it’s pretty cool that you can just – you know, if you need the money, go ahead and apply; once a month you get a shot at it. That’s a neat formula.

But let’s talk about where the money goes, because a few of these organizations - I’m thinking about Open Collective, where they formulized a 501(c)3, and they’ll actually be able to receive the money on your behalf… There’s a lot of legalese and problems with receiving money, and so when you ahead and select a project and say “Okay, we’re gonna give the Tor Project $150,000 for the year 2018”, how do they receive that? Is it sent to an individual? Do they have to claim taxes? Is there an entity? Is it different for each project? Help us understand who receives the money and how.

Yeah, so it is kind of all of the above. It is very much a thing that varies from project to project. This is one of the ways in which we try to maintain as much flexibility as we can, and sometimes our lawyers and our grants people hate us for the amount of flexibility that we give folks… But we do wanna understand that there’s all sorts of different setups that people have for maintaining open source projects. Some of the projects we fund could be a loan developer who’s kind of the steward of that project, some of them could be a 501(c)3, a non-profit organization, like you said, like the Tor Project, or Freedom of the Press Foundation, or something like that. And then there’s everything in between, there’s all other different types of projects.

So we try to provide funding in the way that makes the most sense for the project receiving it, while also educating them on things like tax liability and some of these questions that they may have to answer down the line if we do provide them with a chunk of money. On our application form actually we ask people “Are you an individual applicant? Are you a for-profit? Are you a non-profit?” We also ask them, “How much funding do you want to receive from us, and in what currency?” And then based on those questions, that kind of starts the conversation that we have with the awardee, once the award has been granted, about “Alright, what’s the best way for you to receive these funds?”

[27:59] So if you are a 501(c)3 we can give you a grant, instead of an award. That way, since you are a non-profit organization receiving those funds, you don’t have to pay taxes on it. There’s certain other restrictions that we would maybe have to abide by in other cases, where if you’re a 501(c)3 there’s certain things that can change the way that the funding is received and handled, and things like that.

If you’re an individual, you’re a group of individuals or something like that, we normally ask one person to step up and say “I’m gonna be the person to receive this money, and then is responsible for any tax liability”, and things like that. We’ve given money to folks in Albania, we’ve given money to folks in India, we’ve given money to folks all over the globe, and in some cases if we need to make a wire transfer to a bank account in a country at the other side of the world, we’ll make that happen, if that’s what we need to do to get the funding to the person.

But then in a lot of other cases too, we’re kind of having a relationship with the grants manager at another non-profit and kind of granting them money in more of a traditional foundation way. So it really depends on the needs of the project, and we try to be as flexible with the funding as we can.

So the basic suggestion though is that when applying for the grant, when determining the amount to ask for, that you’re considering the tax implication ahead of time, for those who are asking for the award…

Yeah, that’s definitely what we would recommend for folks, and sometimes with non-profits for instance as well, they will ask for a certain amount of overhead, and that will be a part of their budget, and that’s actually a fairly common thing in the non-profit world, to say “In addition to…”, let’s say we’re asking for 50k for a grant, we might ask for a couple more thousand dollars on top of that to account for the labor that will be involved in receiving and documenting the grant and all those kinds of things. In those cases we try to work with them to make that happen as well, as long as it’s something that they’re flagging for us in the initial application.

You mentioned issuing a grant instead of an award to, say, a non-profit. What are some of the more – let’s just use 2018, for example. When you issued funds for those projects, the five or six that were mentioned in the blog post, what are the typical ways you gave it? Was it to an individual, or was it to a non-profit, or was it to some sort of foundational organization that represents that project?

The ones that we highlighted in 2018, those I think were Secure Drop, Tor Project, Processing Foundation and Dat Project. It just so happens that all of those were projects that have a non-profit core that maintains them, and so those were all fairly straightforward. At least one of those I think used what’s called a fiscal sponsorship, which means you can have another, bigger non-profit act as the receiving body for the money, and then you don’t need to have a full infrastructure of a non-profit in order to receive that money. That’s another kind of common thing too, where we will give the grant to a bigger non-profit, like Software Freedom Conservancy or somebody like that, and then they in turn will regrant it to the awardee. So if that’s what makes the most sense for the awardee, then we do those kinds of relationships as well.

One thing you’re pushing towards, and it seems like you’re having some success, is in diversifying the recipients of these awards, especially geographically. It leads me to think of things about developer labor. One problem with developer labor is it’s not all created equally; so even just looking at Secure Drop, 250k, that is a lot of money for a year. That being said, that could be a single person’s salary in the Valley.

Sure.

Maybe in the Midwest you might get two people for a year for that. Maybe in Albania you’d have an entire team for that kind of money… So are these concerns that you have as you divvy out how much to provide, and then also, are you in these weeds, or is it really “We trust the project to handle that on their own”? I’m curious of your thoughts on that.

[31:58] Yeah, so we definitely get in the weeds with some projects, and the bigger the ask, the more in the weeds we’re gonna get, and in fact the more in the weeds the committee is gonna get, as well. Secure Drop - we had already given them a large award; they had done an incredible amount of work based off of that award. The committee - everyone was very happy with the work that they had done with the previous award… But when they came back and asked for 250k again, we said “You know, Freedom of the Press Foundation - we worked with you on other things outside of this, you’re a known, trusted entity to us; we know that this team did good work with the last award, but we’re still gonna ask to see a ton of documentation, because we wanna know exactly how you’re calculating this amount.”

So in that case we did wanna see how many developer hours are working on each of these different things, what’s the hourly rate that’s being paid to the developers, we wanted to benchmark that against what we know about salaries in those places, and stuff like that… So for the big awards we do actually dig into that stuff quite a bit, just to make sure that it all kind of makes sense. We do still allow for flexibility… Like you said, everything’s relative - what makes sense in the Bay Area may be very different in Illinois, and may be very different from Albania, and so we try to be understanding of those regional differences and regional needs.

We had a project I think in 2018 that was a small group of developers working on it, and the core maintainer was a lone developer in India, and this person submitted an application and said “If you give me $5,000 US, I can basically stop working for six months and put all of my full-time energy into this project and get this project to a much better place.” So that was another one that the committee funded. It was kind of the polar opposite of Secure Drop in terms of size and scale…

Yeah, for sure.

And in that case we didn’t ask for a lot of documentation. It was a pretty small ask, but based on the documentation that was provided, they had a good amount of faith that this is a group of folks who have produced good work like this in the past, and the committee just thought that they would be able to pull off what they promised, and they did.

Let’s talk about licensing, because that’s the sticky part of open source these days - the question of if something truly is open source based on its license. Are there any particulars around licensing in terms of the project, or any concerns around that? Say, if they have a current license that is accepted, but say they change it a year from the date of funding… How do you deal with licensing when it comes to funding?

That’s a really good question. In terms of the general blanket statement that we give to people when they ask about licensing, we generally say “The MOSS committee will consider any project that’s licensed under any open license that has been approved by either OSI or FSF.” So there’s a broad range of licenses there. As long as one of those two organizations has signed off on the license as an open license, we will recognize it and we’ll say “Okay, as far as we’re concerned, this is an open source project.”

Now, of course, there are a lot of edge cases, and one of the things you hinted at there is licensing can change over time… Sometimes we deal with open core projects that want to monetize at some point, projects that wanna transition from open to closed, or maybe they have some kind of a business deal that’s influencing the licensing, that kind of thing.

So one of the things that we do is when we give away an award, we have folks sign an award agreement with us, and it’s basically like a pretty lightweight contract that says “You say you’ll do these things, we say we’ll give you this amount of money. This all will happen in the course of 12 months”, that kind of thing.

One of the asks that we have in there is for the work that’s completed under this award and during this time period, it must not just initially be under an open license, it must always be under an open license. If a project decides that later on down the line they want to close something, they can’t close the work that they completed using the Mozilla money without violating that agreement, basically.

Any stories gone wrong that you can share? Maybe not name names, but just scenarios of when the rules were bent, or the contract was broken, or just anything that helped you all learn along the way? Because I’m sure that over these last four years you’ve gotten better and better at this.

[36:12] Yeah, totally. In terms of licensing, actually we have not had a huge number of issues with that. We try to be pretty clear upfront with folks about what our expectations are regarding licensing, and generally the folks who come to us for funding are equally invested in the open source ecosystem and keeping things open, and they understand the benefit of keeping things open… So that has not really been a huge point of contention in the past.

The main learning for us I think has been understanding that with open source projects, and especially the smaller and scrappier they are, things change, people leave the project, people new come to the project… These things are living organisms, and unlike giving a grant to a big non-profit organization, if you’re giving an award to a small group of people there’s all sorts of things that can come up that will kind of change the trajectory of that project, even just within that small 12-month window in which we’re working with them.

In the distant past, something we used to do from us is provide most of the funding upfront, if not all of the funding upfront. So if you had a $50,000 award, we would just send you $50,000 on good faith, and then we would just hope that you’d get the work done over the course of 12 months. That’s not something we do very often anymore.

A part of our work around milestoning is also figuring out a payment plan, and those payments are tied to those milestones. So you have to basically complete each of those milestones in order to unlock the next payment. We’ll usually provide you with a chunk of funding upfront just to help you get started, and understanding that there are costs associated with achieving the first milestone, but then after that you’ll kind of receive a third of the payment, or a fifth of the payment or whatever, based on the size of the award and the size of the project.

Things that have happened with some regularity in the past, and continue to happen with some regularity - and this is just a part of the world that we’re operating in - is we’ll be working with a project and they’ll be six months into their project or something like that, and then somebody from the project will email us and say “Hey, the main maintainer of this project just kind of disappeared and doesn’t answer email anymore. We can’t get a hold of them.” And we see them talking on this other Slack channel somewhere, so we know that they’re still alive, but for whatever reason they’re just not involved in this project anymore and they don’t want to be. So in some of those cases we do actually have to void the agreement and say “Alright, we’re releasing you from this agreement. We understand you’re not gonna get this work done, you understand you’re not gonna get the rest of the money”, that kind of thing.

So that does happen from time to time, and I think the milestoning and the increased attention to the work plan and tying a payment plan to that was something we had to kind of learn over time by working with projects like that.

What about the team size? I’m thinking that to manage the day-to-day of that, you’d have to have some sort of oversight. How do you break down not only who’s behind MOSS, but the individual attention each project needs along its path?

Yeah, that’s a really good question. That’s something that we’ve actually gotten a lot better at, I think, in the last year or so. MOSS was originally run by Gervase Markham, and Gervase’s job title - he was an engineer at Mozilla… And MOSS was kind of like a side-of-desk project for him, so in addition to all of the stuff that he was doing, he would run these committee meetings and give out these awards. And because it was a side-of-desk project, he had a system that worked really well for him, but it was very much held together by duct tape and bubble gum kind of thing. He had a bunch of Google Docs where he would take notes, he would document decisions he or the committee made in the Google Docs or sometimes he wouldn’t, he would give out the money, and it was all done in kind of a very informal fashion… Which, I think, coming from the open source world, made a lot of sense, and was not necessarily unusual to the awardees that he was working with.

[40:11] So Gervase unfortunately passed away in 2018, and so part of the MOSS program transitioning to a new staff was us learning these processes that Gervase had built, and kind of keeping the program running, while also building some additional process around it. So a lot of the work that we’ve done in the last year has been kind of professionalizing the program, and kind of using some of the tools and best practices that we have used on the foundation side for years to build and maintain programs, to make sure that we are having those touch-points with awardees throughout the award cycle, that give them opportunities to let us know if issues come up, or things like that.

As a program officer, it’s my role to be having that day-to-day conversation with awardees, and I work very closely with my colleague Jessica, who is a grants manager and who is the day-to-day point of contact for anything having to do with payments. So if you have a question about when you’re gonna receive the next payment, or the best way to receive it or things like that, things relating to the agreement, she kind of plays a similar role in terms of answering those questions and talking to folks.

A lot of this has been informal in the past, and a lot of it has not necessarily had a process built around it, but one thing that we’re starting to do now is we have a grants management system that we use as a foundation, and when we enter a new award in there, we can enter in “Okay, these are the milestones, these are the rough dates when we expect to get those milestones, and these are the payments that are tied to those milestones.” So in the future, awardees will start seeing things like you might get an email 30 days or 90 days before you told us your next milestone is gonna come in, saying “Hey, it’s almost July 2019. You told us that you would have part 2 of this project ready in July. Expect to hear from the program officers soon.” So kind of giving folks a heads up and remind them and trying to keep them on that path.

So kind of small bits of automation and process like that are things that we’re trying to introduce to make everything run a little bit more smoothly and to give the awardees a little bit more predictability during the course of their award.

So I may have sniffed out – if I heard you correctly, in 2018 you awarded almost a million dollars, but did I hear there was a two-million-dollar budget, or maybe you just were rounding? Is that what the budget was? It sounds like there’s some unutilized money, and potentially you are looking for more applicants.

Yup, so there’s a little bit of both. Because we have this role in the application cycle, we have projects that last for 12 months, but sometimes stretch out over multiple years. If we have a two-million-dollar pot, we may give away a million dollars in 2018 (or close to a million dollars), but a lot of that additional million is already committed to additional projects that we know will be coming through with additional milestones in 2019. So the accounting gets a little bit complicated that way.

But we are always looking for more projects, and one of the things that we are doing this year that’s new is we’re trying to grow the program in general, so we’re trying to give out more money to more projects, but we’re also trying to grow the program in some specific areas. The specific areas that we’re looking at are projects that broaden access, projects that increase security, projects that empower users or projects that increase or can demonstrate a commitment to diversity and inclusion in the open source ecosystem. So we’re looking for those projects in particular, and we’re always considering any and all open source projects that align with the Mozilla mission.

How about open source podcasts? No, I’m just kidding.

[laughs]

Hey, send them in.

[laughs] Help us help our listeners who are out there thinking, “I’ve got a project. My Patreon is not doing so hot. My Open Collective has a few bucks rolling in… I would love to have a significant amount of funding from this program.” Help us check the boxes - what exactly are you looking for, what exactly do they have to do, what disqualifies them etc.

The first step, I would say, if you’re interested in the MOSS program, is go to the MOSS website and read up on what we’re looking for. That is mozilla.org/moss. If you go there, you will see a description of the different MOSS tracks, you will see a link to the application form, we also have an FAQ at the bottom at that page that I strongly recommend that folks read through, because it answers a ton of the questions that we get most commonly from folks who are interested.

In terms of the kind of profile of applicant that we’re looking for - you know, the MOSS funding decisions are made by a committee of experts, so I or really nobody else at Mozilla has a say in what gets funded; it’s a committee that has the say in what gets funded. So I can’t necessarily tell you what they like to fund with 100% accuracy, but I can tell you what the general type of project they get excited about generally looks like. That project is usually an open source project that has a specific focus on solving a specific problem, for a specific group of users. It is a project that has seen some success in acquiring those users, it’s also a project that’s seen some success in building a community of contributors who are interested in contributing to the health of that project in the long-term…

And most of these projects also have an idea about how they’re gonna reach sustainability, if they’re not actually already on the path to sustainability. There may be gaps in that path, and that’s usually the reason why they’re coming to us - they have an idea about how they’re gonna make this thing sustainable in the long-term, but they need some funding to help them survive the next six months, nine months, twelve months to be able to get there. Those are generally the kinds of projects that the committee is looking for.

One thing I should say here is I am always happy to chat with folks if folks have questions about the application, if folks have questions about “Does this seem like a good fit for MOSS or not?”, if folks have questions about the granting or the money side of things… If you shoot an email to moss@mozilla.com, that goes directly to all of the MOSS program staff, so whichever one of us is best situated to answer that question, we’ll get back to you. I’m always happy to jump on calls with folks who are interested in applying to that sort of thing, too.

I can vouch for submitting questions to that email address, because that’s exactly how we got you on the call today - we emailed you and said “Hey, do you wanna talk about MOSS 2019 on the Changelog?” and now here we are…

It works!

[48:06] It works, it works.

There are real human beings behind that email, really.

[laughs]

Yeah, it was an easy process too, so we appreciate that. I think it was Jeannette that got back to us as part of that, and then I think a couple other people, and then it ended up being you, so… Pretty smooth process.

What about education when it comes to – I know FAQs are good, that’s just scratching the surface. Are there at-length blog posts, documentation…? What’s being worked – and I’m thinking kind of like Stripe Atlas for founders. Do you have something Stripe Atlas-like for would-be or should-be leaders and maintainers of open source that could use MOSS grants or awards to make the next best thing?

Yeah, that’s a really interesting idea. We don’t necessarily have anything like an Atlas yet for projects, but one of the things that we wanna do this year is start thinking about, in addition to award funding, what are some resources that we can give to our awardees that will help them grow their projects and maintain their projects long-term, and there’s a few specific areas that we’re focusing on. Governance is one, diversity inclusion is one… We’re basically looking at some of these things that seem like they’re pressing challenges for a lot of the projects that we work with, and then trying to come up with resources that we can connect them with that can help them along that path.

In the example of diversity and inclusion, some of the things we’re working on right now are documentation that kind of helps you self-evaluate your own code of conduct, or helps you figure out “Okay, I have a code of conduct, but what kind of reporting process do I need to have, or what are the different options? And if I have a reporting process, what kind of remedies do I need to offer, what kind of actions do I need to take? How do I tie those to the reporting process?” We’re kind of starting to think about building that library of resources, but that’s still very much kind of an early thing for us.

The reason I ask that is because I look at the two links, since I’m using your FAQs as a lens here - I’m linking to what looks like one grant version, which is Kea DHCP server, and then the other one is the Tor Project, and they both kind of have “Here’s what we’re gonna do over this amount of time.” They may not be going in this order, and with each of those milestones as dollars, I’m just thinking like how do they get educated enough to even fill this thing out, to make your job easy enough to 1) just get this suggestion or this statement of work or this whatnot to figure out what to do… I’m thinking like, if I had to do that personally, I would literally just copy and paste and just replace, and hope that these examples are good… I’m just thinking maybe there’s a better way.

Yeah, so in terms of the milestones stuff, and the [unintelligible 00:50:51.10] work and all that - that’s one of the things where we don’t expect every project to have that stuff 100% figured out when they come to us. We know that for a lot of folks part of the process of working with us is actually figuring that stuff out, and I think that in some cases we have the opportunity to help provide feedback on that as they’re working through it. That, I think, really depends on the size and the scale of the project. For the examples that you gave for those big awards, that are looking for a 150k, 200k award, either we’re expecting them to come to us with that scope of work and that fleshed out work plan, or if they don’t, we’re gonna be reaching back out to them and saying, “Hey, the committee is interested in this, but they really want a more granular level of detail about what work you’re gonna accomplish, how long it’s gonna take, how much it’s gonna cost, all that kind of stuff.”

[51:37] For folks who are smaller projects, they’re asking for a smaller amount of funding, sometimes they’ll give us just kind of a very broad sketch. They might say “We want to build out the documentation for this thing, and we want to transition this thing to the next major version, and we want to shore up the security of this thing”, and that might be all they have when they come to us. And if it’s a fairly small ask, the committee might say “That sounds good. Give them the award, work with them to flesh that out.” So from that point on, I’m kind of in a relationship with those folks where they’re sending me stuff, I’m providing them with feedback… We have templates and stuff like that that we send to folks, so we kind of say “Here’s what a good set of milestones looks like, here’s what a scope of work looks like, here are the elements you need to have, which could include a rough date of when the work is gonna get done, the number of hours, depending on the size of your project maybe break those hours down among the team members, maybe let us know how much each of those team members is probably gonna be paid hourly”, that kind of thing.

We very much will work with those projects to get that scope of work to a place that both we’re happy with, and that the project is happy with, and that they think gives them a good roadmap to get the work done within the 12 months.

It’s really about momentum then. If I understand you correctly, the key thing is just to apply and share your story, whether or not it’s fully fleshed out or not. Just share the story of your project, what you’re gonna use the funding for, what a rough version of your plan is, even if it’s not perfect… And behind the scenes, since this is rolling once a month, you’re gonna reach back out and say “Let’s take it to the next step”, and hold their hand or be a partner with them to the next steps.

That’s exactly right. And there’s a whole set of different possibilities that happen when your application gets to the committee. It’s not very black and white, it’s not necessarily like “Either you get all the money or you don’t get all the money.” There’s a lot of grey area, and most projects actually fall into the grey areas, I would say. A lot of projects we’ll go back to them and say “Hey, the committee is really interested in this project, but they just need a little bit more information in this area or that area. Can you flesh this out a little bit more? Just send me a paragraph about - whatever it is; sustainability maybe.” I’ll take that back to the committee and then they’ll either greenlight it or they won’t.

Sometimes we’ll go back to folks and say “This project is really cool, the committee really likes it, they think it’s really interesting, but they don’t think you’re quite at the point yet where you are a good fit for MOSS.” That might mean that you have to grow your community of users, that might mean that you only have folks inside your organization contributing and you haven’t built any community of outside contributors… So we’ll say, “Here’s what the committee would want to see in order for them to feel comfortable funding this project. Go spend however much time you need to do to feel like you have gotten to that point, and then please come back and reapply once you have reached that point.”

There’s a small number of projects that the committee with outright just say “No, this is not a good fit”, and that’s usually one of two things. Either the nature of the project is just not aligned with the Mozilla mission… And that doesn’t just mean for-profit things, or things like that; sometimes there are very cool projects that are doing really cool stuff, let’s say around education, which is a thing that the committee believes in and thinks is great, and can be a course of good in the world, but it’s not necessarily aligned with the goals of the MOSS program. Or the other category of things they won’t fund is if the activities don’t look like the kind of activities we normally fund through MOSS. So if somebody says, “Hey, give me 50k so I can take my whole team to a conference”, the committee will usually say, “Yeah, this is a cool project maybe, but that’s not the kind of thing we like to fund. If you have an idea for technical development you wanna do, come back and give us an application for that, instead of that kind of thing.”

Is diversity and inclusion a new aspect to the application form this last year?

It is, and actually we’re containing to iterate on the way that we ask those questions on the forum. We actually just rolled out some changes in the last month that allow us to get a little bit more depth on some of those questions.

One of the initial questions we added to the form was “Does your project have a code of conduct?” After a few months we realized that the answer to that question was only giving us part of the information that we wanted to get, and so now we ask additional follow-up questions. So if you answer yes, that you do have a code of conduct, we wanna know what’s something you think you’re doing really well in your code of conduct; what’s an area that you feel like you could improve on your code of conduct? We’re teasing out a little bit more how far along are you and how much thought and care have you put into this process.

[56:11] We get a whole range of answers to that question. There’s not a one-size-fits-all there at all. Folks are at all kinds of stages of that process. We are asking some optional questions now around things like gender, and ethnicity, and geographic location… Those are 100% optional, folks don’t have to answer those questions, but we have set goals for ourselves in terms of funding projects that either increase or encourage diversity inclusion in the ecosystem. So if folks do feel comfortable providing that information, those are ways that we can internally then track our own progress against those goals.

Do you wanna speak to maybe the linked portion of that section of the application? It’s a document that says “Open source inclusion - basic checklist for projects”, and it seems pretty clear in terms of your code of conduct and your governance, but then it also gives some checkboxes to some do’s and dont’s, basically… It seems more like do’s rather than dont’s, but you get the point.

Yeah, totally. The idea here in general is that we’ve now been funding for almost five years stuff in the world of open source. We’ve funded a bunch of great projects that we’re really excited about; we’ve funded a whole range of important work that probably wouldn’t have gotten funded otherwise, and that in and of itself is a thing I think that everyone at Mozilla is very proud of… But as the MOSS program reaches the five-year mark and as it has gotten a little bit more structure and process behind it, one of the questions that we have gone into 2019 asking ourselves is “Can we get more opinionated?” We have this pot of money that we are handing out to projects, we have the ability to tell projects “This is what we and the committee wants to see in the world”, can we get a little bit louder with our voice in terms of articulating those things, and can we use the MOSS funding, the MOSS application to kind of point people in those directions?

Increasing the diversity and inclusion of the open source ecosystem is one of those opinions that I think is very aligned with broader opinions at Mozilla, and I think that in terms of MOSS, it’s one of the areas that we think that we can have an impact in and we think that we can improve the diversity and inclusion of the projects that we fund, because we think it will make those projects healthier and better overall in the long-term.

Yeah. I mean, it seems like the linked up version - a good example was the Firefox Debugger Community Team’s page. I think that’s pretty interesting how you’ve got a good example of something being done not only out there, but more particularly being done by Mozilla folks… And I think 1) it leads to healthier asks from your front to ensure that your focus is on inclusion and diversity and the different missions you mentioned there before, but more in particular healthy open source at large. So this isn’t just simply MOSS-serving, so that you can easily get through an application and ensure a project makes sense, but you’re sort of paying it forward to the future of open source that this is good behavior.

That’s exactly the idea. And something I should stress is you don’t need to have this stuff totally figured out in order to apply to MOSS. We continue to fund projects that are still kind of working through this process and that are just at the beginning stages of this process. The important thing for us is that we get a commitment from you that if you don’t feel comfortable with where your project is in terms of setting these policies around inclusiveness, that you’re willing to identify the places where you can grow, and that you commit to growing in those areas in the next 12 months that you’re working with us.

We’re rolling out new tools every day for awardees. One of the things we’re gonna be experimenting with soon is having D&I consultants that will work one-on-one with projects that need it. So if you identify a need and you see “Hey, I just really need to sit down with somebody and have them walk through my code of conduct and help me improve it line for line”, we wanna be able to provide those kinds of resources, in addition to the funding that we’re giving you, so that you come out at the other end of the 12-month cycle and you’ve built X, Y and Z things that you committed to build, but also your project is now healthier and set up for better community engagement in the long-run, far after the award segment is complete.

[01:00:17.17] Jerod, you can back me up on this, but I think one thing we’re kind of keying on here, to some degree it seems like, is that conversation we had with Gina around NumFOCUS - their focus was at the non-incubator stage, the graduated stage, where they were venture capitalists, for a lack of better terms, funding open source… And these were sort of proven teams, so to speak, and it seems similar here, but Mehan, what you’re talking about sounds a little like incubation.

Yeah. I mean, one way that Mozilla talks about itself internally sometimes with regard to the MOSS program is “an investor for good.” We see all of these VCs in the world that are providing catalytic funding to projects that have the potential to create huge returns in the long run, or to be very profitable, or whatever the case may be. We want to act in a very similar capacity, but to invest in things that we think are a force of good in the world, and that’s really kind of the reason driving us.

Of course, unlike a VC, we’re also not taking an ownership stake in these things, or anything like that… But we think that the mechanism of investment and funding can actually be very powerful even outside of the traditional venture capital context.

Well, let’s end on SEED Awards, which is something that’s very cool, and I have to admit I have a biased reason for bringing this up… Because when we were talking with Gina, Adam, I pitched you an idea; do you remember what it was?

Yes, I do.

It was Shark Tank for open source.

That’s right, Shark Tank for open source.

And I’m reading about the SEED Awards, which is a new thing you did in an effort of broadening participation in the MOSS program, at MozFest (Mozilla Festival) in London… Which sounds a lot like – you guys called it MOSS Speed Dating; it sounds a lot like Shark Tank for open source. Do you wanna tell us about it?

I will tell you that at some point in Mozilla’s distant history there was something called Dino Tank, which was also supposed to be Shark Tank for open source…

Okay, so…

Yeah, so we’ve done a few things kind of like that before. The MOSS SPEED giving event was also very much kind of Shark Tank for open source… Hopefully a little bit friendlier and less intimidating than Shark Tank, but a similar kind of dynamic.

The idea there was we give out these big awards every month, and most of the awards are $10,000 US or above, and they’re usually projects that, like I said, have figured out the community piece, they’ve figured out the contributor piece, they’ve figured out a little bit about the sustainability piece. There’s tons of smaller projects that aren’t quite there yet, that we still want to bring into the MOSS ecosystem. We would love, for example, to have some of these projects be in touch with us throughout their lifecycle, and when they’re ready for a MOSS award, they know how to reach us and they know who to ask questions and things like that.

So we started asking ourselves some questions last year about “How do we start to reach that kind of audience?” and “What is something that we could provide to some of those folks that would be interesting for them, and that would familiarize them with MOSS and bring them to the table?”

The Mozilla Foundation runs a big festival every year. Historically, it’s been in London, and tens of thousands of people from the general public attend this event, and the event touches on all of the different parts of the Mozilla mission, from security, to open innovation, to digital literacy, all that kind of stuff. It’s really kind of the biggest gathering that we do every year, that brings together Mozilla contributors, Mozilla community members, and just members of the general public.

The idea that we came up with was, you know, we have this MOSS committee meeting every month, it happens behind closed doors, people don’t get to actually take part in the conversation, and we have these folks who sometimes come to us, they’re interested in MOSS, but they’re not quite ready for a big award yet. What if we do kind of a speed dating round, where we say “Hey, if you work on an open source project, your project could use a little bit of funding, maybe you have not figured out all of the different aspects of your project yet in order to be ready or well-positioned to apply for a large MOSS award, but maybe you could talk about your project and tell us what your vision is for the project, and tell us why a small amount of award funding - in this case we did $5,000 - would make a big difference for your project.

[01:04:26.01] We put together a kind of interim MOSS committee for the event, which drew from the existing MOSS committee, as well as some Mozilla staff, some past staff members, some folks who are part of the larger Mozilla community, and just had them all sit in a room, and we did five-minute speed dating rounds - give your pitch on your project in five minutes or less to this person, and then boom, go give it to another person, then go give it to a third person.

At the end of that day we had the committee sit down and we said “You can give up to $25,000 awards. Make your selections and choose which projects are going to get those awards.” In fact, the majority of people who came and participated in the event that day walked away with a $5,000 SEED award.

Our hope with those SEED awards is a) that it will provide catalytic funding to small projects to kind of continue to grow, but b) that it will mark the beginning of their relationship with us; these are projects that the committee members saw a lot of promise and a lot of potential in, and we hope that when they get to the stage that they’re ready for a bigger award, they know where to come back to and they know who to talk to.

We’re looking to do something similar to that event again this year, and we’re kind of always looking for different ways like that to get outside of the – we have a rigid set of processes now that we use for how the traditional MOSS awards are made, and we also wanna use that two-million-dollar bucket to experiment a little bit with other ways of giving out funding and giving out different, more nimble, flexible types of funding as well.

So 14 projects selected… Do you know the total number of projects that participated?

Yeah, I think it was 20 or 21. We had a limited number of spots, so folks had to sign up for those seats before they filled up.

Pretty good odds there. It’s kind of like a lightning talk, only at the end you get $5,000. It sounds like a pretty good time.

Yeah, to fund your future of open source project. That’s pretty cool.

Yeah. Well, I love that you guys are not just doing what you’re doing with the MOSS awards, but also this experimentation, and really trying to bring more awareness, more people to the party, so to speak. That’s pretty cool, so I definitely wish you luck with that. You said you’re gonna do it again - is Mozilla Festival happening again in 2019?

I believe it is gonna happen again, yeah, and I think we’ll probably look to do something similar again this year. One of the things that we have learned over time, that we continue to learn by running MOSS, is that the open source community is incredibly diverse. There’s a huge number of different projects, of different size, and scale, and scope, different types of teams, teams spread out all over the world, in all sorts of locations… So I think it behooves us as a program that’s trying to give awards in that space to experiment with different ways of reaching different people in the ecosystem, and trying to serve as many different types of projects in the ecosystem as we can, and not just one kind of project.

So it might be cool - and I know it wouldn’t be exactly like Shark Tank for open source, but it might be cool… And people might be nervous, but it MIGHT be cool, to film that at the event, and have some assets you can take away with, and use those to spread the word about what you all are up to. It’s also nice – a little promotion for the projects involved; they get to have people watch them tell other people about their project… It could be cool.

That’s definitely an idea that we talked about last year. Last year we made the decision not to do that just because we wanted the barrier to entry to be really low, and we didn’t want anyone to be intimidated. We wanted folks to show up and feel comfortable, and kind of be like “Okay, this isn’t actually Shark Tank, but we’re giving you the opportunity to give a pitch one-on-one to folks.” But we’re definitely talking about what are some things that we could do using video to do more storytelling around the projects that we funded through MOSS, and the impact those projects have had in the world… So definitely stay tuned for some things like that in the next year.

[01:08:19.15] On that note, let’s talk about the future then, because what Jerod just mentioned would totally feed into this, but… Looking forward to 2019, your hope is to double down on your efforts to widen this applicant pool to MOSS, and I’m assuming that also means those who are submitting to these SEED awards as well; so this would lead into that, but what other things are you doing to do as you say, which is widening your reference? What are you doing there?

Yeah, so we for the first time ever in the history of the MOSS program, we actually have an outreach strategy this year. We have a share of the MOSS budget that we are dedicating to outreach, and so some of the activities that we’re gonna do using that budget are things like send our committee members to conferences to talk about the MOSS program and kind of evangelize the program, you might see us giving out additional small awards to past awardees who want to go and talk about their work at different conferences… I know that a project called Nuspell actually just gave a talk at FOSDEM, all about the work that they were able to do using their MOSS award, which is great; we love to see that sort of thing, so we may be encouraging those kinds of activities.

I talked a little bit about this idea of us getting opinionated, and us using our voice a little bit more loudly to articulate the change and growth that we wanna see in the open source ecosystem, and I think you will see us doing that a little bit more throughout 2019. Me talking on this podcast is one great example of that, but it could also look like us doing things more like opinion pieces, or interviews, things like that that raise the profile of the program, and hopefully get the word out to the right folks, and the folks who are interested in applying.

One of the things we really wanna do is encourage and empower our awardees whenever possible to tell their own stories, and particularly to tell stories about the impact that they’re having in the world. We’re constantly refining the prompts that we give folks for that end-of-project blog post. I think that in this year you will definitely see those blog posts will focus a little bit more on impact and focus a little bit more on specific themes that we are encouraging people to think about their projects in, sort of as lenses to view their projects or their work through, and hopefully we’ll get to do a little bit more storytelling also around some of these MOSS projects… Like, “Here’s a project that exemplifies these values, that is the type of project that we like to see in the world and that we’re proud to fund that kind of thing.”

One interesting thing I see is that we definitely have some crossover… In particular this last year one of the recipients, $69,700 was the number for p5.js, the Processing Foundation, and we actually talked to Lauren on Request for Commits… So there’s already been some crossover in terms of storytelling that we’re sort of tangentially helping you do. So maybe we can be a bit more deliberate in the future.

Yeah, absolutely. That’d be great.

What’s next then? What can we cover on the out-take here? Anything left unturned, anything you have brought to the table that we have not asked you yet, that we can cover before we tail off?

That is a good question. We kind of touched on the range of projects, the range of funding, we talked a little bit about the operational details, we talked about the history, some examples of projects we went through… I think that’s kind of it. In terms of what’s next, we have our budget and we have our plan for 2019, and that plan is very much around growing the project, spreading the word, we want more folks to apply, we wanna give out more awards, we wanna give out more money in general… And then those four areas of focus I talked about: broadening access, increasing security, empowering users and increasing the diversity and inclusion of the open source community. Those are the things that we really care about, and those are the places where in particular we want to provide targeted funding in 2019.

At the end of this year we would love to look back on the year and be able to tell a story about the impact that we had in each of those different areas.

[01:12:32.22] What about the would-be listeners out there that are thinking “I’ve got a project” or “I’d love to get this 5k to start my project”? Is this simply a Mozilla Festival thing, or is this an applicable thing as well, where you can kind of tee up a smaller grant?

It can be either or. The Mozilla Festival thing, the way that it worked last year at least, was you had to be physically present at the Mozilla Festival in London, so that of course kind of limits the amount of people who can apply… But the MOSS committee is accepting applications at all times, from a wide variety of applicants. If you wanna apply for a small award, like a $5,000 award or a $10,000 award, you can do that at any time. It’s just a matter of being able to hit the right notes at that award level, in terms of telling the story about your project.

For folks who are interested in doing that, check out the MOSS website, read through the FAQ, look at the application form and think about how you would do some storytelling around your project in that way. If you have questions, if you want feedback on your ideas, or if you just want kind of a thumbs up/thumbs down sense of “Is this thing a good fit for the MOSS program?” shoot us an email. We’re always happy to chat, we’re always happy to provide feedback to interested applicants.

Cool. And just to recap that for the listeners - it will be in the show notes, but just for your ears’ sake, mozilla.org/moss and/or emailing moss@mozilla.com will get you to the next step.

Mehan, thank you so much for your time today. I really appreciate all the work you and team are doing. Jerod and I are behind the scenes, clapping really loudly about all of your efforts, because this is amazing and we need more of this, so… We really appreciate all the work you’re putting into not just funding open source, but being a guiding light towards sustainable open source, and more in particular open source that builds the future we need… So we really appreciate that. Thank you for your time.

Thank you both so much for having me. We’re working hard to spread the word about the MOSS program, and we really appreciate you all giving us the platform to talk about it a little bit today.

Cool.