A holistic vision of open source beyond 2021

Open source is a common technological equilibrium for exchanging intellectual and financial values. But the lack of an open funding infrastructure means, there still what we can wish for…

After working with open source for over a decade, from startups to the world’s largest open source company, and cataloging more than 100 open source monetization and funding platforms for my side project, I came to a realization. The term open source does not have a broad enough perspective to capture all of the perceived values of modern software built in the open. To achieve that, open source needs a broader vision and a supporting infrastructure for open governance and open funding.

The meaning of open source in 2021

In the past, the value of open source was in the source code and we can see that in the essential freedoms of free software and the distribution criteria of the open source definition. That is no longer the case. Today, open source is produced fast, but more importantly, it is rotting and getting obsolete even faster. There are other characteristics of open source projects than access to source code that is valued. The value of open source is in adoption that sometimes can be up to the point that a project becomes the de facto standard for a certain class of technology (such as Apache Kafka for messaging). The value is in the loosely coordinated, open collaboration and partnership among competing participants towards a joint goal (such as Kubernetes SIGs contributors). The value is in the long term sustainability of a project, that can outlive a company acquisition or bankruptcy (such as Oracle and the Jenkins project). Today, the successful open source model is more an epitome of user adoption, healthy community cooperation, and long-term sustainability, along the free as in free speech source code.

Key ingredients of successful open source projects

First, I’d say that is the license. The license dictates how the source code and its derivatives (binaries, services) can be distributed or not. It is the single non-negotiable yay or nay factor for many users. It is what qualifies a project as open source or not. Unfortunately, the license alone cannot guarantee that a project will deliver the full potential of open source project benefits.

Second, I’d say project governance. The governance model sets the rules for making important project decisions and dictates how the “owners” of the project interact with the community. There are examples where the governance is managed through a trusted software foundation, that offers neutrality, stability, and transparency, but at the same time, it can cause a lack of flexibility and lead to community stagnation. There are also examples of projects governed by a single company, which can lead to changes to the project license and even transition to proprietary software models.

As a user of an open source project, I want it to be open source so I can exercise my freedoms. At the same time, I want it to be widely adopted so I can find questions and answers, blog posts and best practices, developers, and support providers, even consume the software as a service. An open source project, w/o community, is a marketing tool in disguise. An open source project, that hasn’t reached the critical community mass, doesn’t deliver full value. Today, the value of open source is in the community, as much as in the source code. And a project’s license and governance directly impact its community health.

And the third aspect of an open source project is the financial model for long term sustainability. An open source project w/o continuous financial incentives for its supporters can become unmaintained overnight. An unmaintained project is a full of security vulnerabilities project. An open source project with security vulnerabilities is a dead project. A dead open source project is… nobody gives a damn about the freedoms of a dead project.

We have seen many times how open source projects w/o predictable financial stability are left unmaintained, or get forced to change their license and become proprietary. Sometimes, such projects are run by a single company. An open source project in the hands of a single company does not deliver open collaboration benefits. It becomes a company project aligned with the company strategy, roadmaps, and tied to the company’s financial health. That is not a bad thing, but it is not a true open source thing either.

The foundation for sustainable open source projects

The long term financial health of project maintainers is very often the missing link between the source code and its community. The funding model of a project, or the lack of one, can influence the governance, the license choice, and even break a community.

Key health indicators of open source projects

This is where a new broader open source vision and infrastructure is needed. When I go to Github, the things I notice about a project are the number of stars and forks. These are easily gameable metrics that are supposed to indicate community engagement. The second thing I notice is the license of the project that tells me what I can do with the source code. Those who are about to invest significant amounts of time, effort, and their professional reputation into an open source project, would also check the governance model. If the project belongs to a foundation, who is sponsoring the foundation. Who is in the project management committee and how are these elected? How to change any existing procedures, project features, and who are the gatekeepers, etc. On some occasions, these rules are written down on a Wiki page, but for smaller projects, they are not written, and the project owners can do anything they wish and do it even without community involvement or transparency. Unless a project is part of a software foundation, there are no open source governance frameworks that represent the best of breed practices. There is no way to apply a governance model to a project by adding a single file (similar to the license file). When there is a governance model, there is no automatic way to guarantee that these governance rules are respected.

The last thing I want to see about a project is its financial health and sustainability metrics. As explained earlier, a financially unhealthy open source project is a promise for unexpected changes and headaches. Today, there is not a single indicator of a project’s financial health status. If a project is part of a software foundation, we can see what benefits the project is getting from such membership, but usually, these are for sustaining the foundation rather than projects. If a project is run by a single company, there is no way to know the contribution of the project to the company finances. If the project maintainers are using Github Sponsors, we can see the current sponsors, or we can check Patreon for donations, or search tens of other places for similar indicators. None of these open source funding platforms is feature-complete, or popular enough with open source supporters to ensure the sustainability of the backed projects. Today, there aren’t any widely adopted long term financial commitment platforms for open source users. There aren’t any trusted financial health indicators for open source projects either.

The missing infrastructure for open source

Imagine a future world where open source is more than a development methodology or marketing opportunity. Instead, it is an open technological equilibrium where intellectual and financial values are exchanged. In such an open source dominated future, I want to be able to do:

  1. Start an open source project by choosing a license, a governance model, a funding model, click the “Create” button, and get all the required infrastructure in one place in an open and trustless manner.
  2. I want the governance model I pick to be based on existing best practices, be known by its name and offer certain assurances to the community (like the licenses).
  3. I want the governance model to be executable, enforced, and audited automatically (through open source technology such as smart contracts).
  4. I want to see not only the number of commits to a project but also metrics about accumulated (financial) funds, and future monetary commitments.
  5. I want to see not only the git URL for cloning the source code of a project but also the smart contract address to validate the existence of its funds.
  6. I want to see not only the release plan and roadmaps but also the release schedule of the funds and how they are intended to be used.
  7. I want to see not only the breakdown of programming languages but also the breakdown of money allocation.
  8. I want to see not only software foundations focused on the technological superiority of open source projects but foundations responsible for the financial success of open source.
  9. I want to see new financial software foundations that are focused on educating, growing, sustaining, monetizing, and funding aspects of open source projects.
  10. I want to see these foundations competing with each other to onboard new successful open source projects. I want to see foundations getting financial support from successful projects, not the other way around.
  11. I want to see project supporters financially incentivised for taking the risk of supporting a project early and helping bootstrap it.
  12. I want to see projects graduating from incubation, not only when they have enough contributors, but also when there are enough funds to become sustainable for a few months or years.
  13. I want to see not only metrics for community activity but also metrics for financial activity, indicating underfunded projects that can motivate users to raise funds and prevent maintainers from moving to other projects.
  14. I want to see developers joining a project community not only because of interesting technology but also because a project has a generous funding model.
  15. I want to see companies make a goal and outcome-driven fund allocations into specific open source projects, rather than sponsoring foundations for marketing purposes only.
  16. I want to see not only occasional donations but also funds time-locked up for targeted project needs such as documentation, testing, training, community growth.
  17. I want to see companies not only adding their names to the project users list but find their names in the supporting financial transactions lists.
  18. I want to see not only employee retention programs but also companies investing in open source retention programs.
  19. I want to see the reputation of different community members based on the work they have done for a project.
  20. I want to see an automatic measurement of merit and distributions of funds and governance power based on it.
  21. I want to see governance rules in control of project funds and have them executed only by people with proven merit.
  22. I want to see companies being able to support open source projects safely and transparently, and that to be part of the project metrics, so I can make more informed decisions when I’m deciding to join an open source project or not.

Imagine you look at a software project, and you can see it has an open source license, transparent governance model, AND financial backing. This is the open source project with the fundamentals to deliver sustainable freedom for a long period. Some of this future vision is aspirational and some is explored and applied by blockchain projects.

For example, SourceCred is a platform for communities to measure and reward value creation. It is a transparent and open way of tracking merit based on work performed in open communities.

Dev Protocol is another one that allows OSS creators to tokenize their projects and distribute the incentives to the token holders. It also offers a unique funding model through staking where both maintainers and supporters earn yield.

Gitcoin is the leader in bounty offerings for the blockchain space. More interestingly, Gitcoin also offers gamified ways to learn and earn rewards, grants that are backed by the Quadratic Funding method that increase donations, etc. If you are interested in what’s next for open source, go and check these projects and keep an eye on my twitter feed as I cover these projects next time.

Conclusion

I know the term open source was never meant to include governance, community, and financing aspects of the software. But today, these are key characteristics of open source projects that can indirectly limit user freedoms and benefits in the long term. A fully open source project requires a more holistic perspective. It is more than source code in the open. It is more than an open development methodology. It is more than a consumer marketing opportunity. It is more than a roadmap for more sales. It is all of these forces managed all in the open. At that point, perhaps it is not open source only any longer. It becomes a decentralized open source software (DOSS) with open governance and open funding.

This article was first published on my newsletter here. Sign up and don’t miss any updates.

Author of Kubernetes Patterns | Technical Product Manager @RedHat for @Debezium & Data Integration | Committer @ApacheCamel