I try to make a habit of writing summaries for our contributing.today meetups. For background, read this post.
June 8th we talked about funding and sponsoring programs in open source.
Our esteemed panelists:
- Tobie Langel, through his consultancy UnlockOpen, advises some of the biggest names in tech (Google, Microsoft, Mozilla, Intel), promising startups (Airtable, Coil), and industry organizations on a pro bono basis (OpenJS Foundation, OASIS, W3C).
- Estelle Weyl has been "building the Web since 1999, and documenting the Web since 2007". Estelle is a Sr. Technical Writer / Community Engineer at Open Web Docs. Also: Conference Director, Community Manager.
- Phoebe Quincy is a Senior Community Relations Manager at DigitalOcean, previously Community Programs Associate at Elastic. Phoebe is all about open source at DO.
- Per Ploug is the Open source Program Office Lead at Spotify. Spotify recently launched a FOSS Fund, with the purpose of donating money and bringing attention to independent open source projects. They announced the 8 recipients to share this year’s fund budget of 100,000 EUR on their blog June 2nd.
Suzanne Daniels, Developer Relations Lead at Spotify, took on the moderator role for this panel.
Open source economic viability
Tobie often speaks about the topic of open source sustainability. He's worried that the funding mechanisms that exist today are not cutting it - by far.
Tobie brings up recent security issues: OpenSSL, Log4J, Color.js / Faker.js. "And when you go down dependency trees it gets worse. If this isn't a wake up call for the industry, I don't know what is!" We shouldn't just fix the immediate issue, but think long term. "Governments are pushing for supply chain security. Next should be labor rights. Companies making money of people's work without paying them is a huge liability."
Phoebe says that visibility into reliability is difficult, extracting that information is going to be key in rallying corporate support for open source. Per also recognizes bad software assets management with open source. "Which is unimaginable with commercial products that come with SLAs and support contracts attached."
Phoebe tells us that Hacktoberfest since last year highlights projects that don't get a lot of attention (money) to support using Open Collective or GitHub Sponsors. "The smaller projects may need your help more than Kubernetes as a project, even if you heavily rely on Kubernetes." In agreement, Estelle says that the project that doesn't reach out to you asking for help, is the one who needs it the most (they don't have the budget to do fundraising campaigns). We can't rely on individuals to do the work of the industry.
The OpenSSF has done a great effort to identify the most critical projects, says Tobie. The Census II report aggregates data from over half a million observations of FOSS libraries used in production applications at thousands of companies, and sheds light on the most commonly used packages at the application library level. One of the conclusions? "Much of the most widely used FOSS is developed by only a handful of contributors." Who'd sit on a governance board of a fund to support these critical projects, Per wonders.
Better funding
Estelle and the other folks working on Open Web Docs are on the receiving end of sponsorship, and she says she personally has a hard time asking for money. Or to reimburse things like a Grammarly subscription. "Will people get upset if the team meets up in person and uses sponsorship to cover air fare (which, to be clear, OWD didn't do)?"
Tobie: "People don't understand what it takes to run a business (or: an open source project). Nobody scrutinizes companies providing healthcare, or bathrooms for their workers. Why would we be harder on open source maintainers?"
Estelle: "Most sponsoring programs are small pockets of money, just enough to cover server costs". Finding corporate sponsors that don't tell you what to do is where it is at. "At Open Web Docs we're fortunate that corporations realize this project is vital." Time spent on administration could escalate when you're using Patreon, where you exchange extra services, content or access in exchange for subscription/sponsorship tiers.
Phoebe: "FOSS Funds award lump sum, large amounts of money. The next challenge is doing that consistently." Estelle adds that not having to spend the amount within the year or risk losing it, would help with budgeting.
Per and Phoebe agree that companies awarding funds should get out of the way as much as they can. Per: "Trust that maintainers know how to spend the money in the best interest of the project." That said, he hopes more maintainers will start to pay themselves a salary so that they can prioritize open source work over consultancy to pay the bills. "We need to normalize this, even to do back payments for all the time they have already spent on the project."
Estelle agrees. "Some people get paid by their employers to work on open source, just not me historically." Her comment triggered Tobie. "Women have less free time to spend on open source. Open source work equals career advancement, that means that the people who have more time, get paid more, and the people who have less opportunities to engage in OSS have a harder time asking for more money."
Follow the money
Last year we had a very similar conversation with contributing.today and Henry Zhu (Babel) told us people got upset that he spends time on podcasts and marketing to get more donations, instead of writing code to sustain the project. Tobie: "What people don't understand is that that's just basic fundraising. The industry is paying ridiculous amounts of money on software engineers' salaries, but we think awarding 10.000 Dollar on a project is anything other than what it really is: a drop in the ocean."
Phoebe agrees that prize money alone is not a sustainable path for the projects, or for the users.
Per: The ASF (Apache Software Foundation) and the Eclipse Foundation support many of the "plumbing" projects. But the donating a project to a foundation route isn't for everyone. There needs to be the option for people to create a business for managed services or support around their project, as well as other avenues.
Per notices a "foundation fatigue". "The Python Software Foundation, ASF, the Linux Foundation, the CNCF, they raise a lot of money without batting an eye. But there's little they can do in terms of directly funding maintainers because their bylaws are limiting that way."
Tobie adds that it "kinda feels there's no real desire to change that either."
Phoebe: "Most companies outline on their website how they support projects with free services and credits, or sponsorship opportunities. That's one thing. But maintainers are not fundraising experts, maybe there should be an intermediary. I don't want to say foundation, but maybe... another foundation?"
Estelle: "There's so much money, but very few people choose to contribute. The person creating the software earns way less than the person using it. Companies should figure out how much they're saving by using OSS, and put at least part of that money to fund some maintainer's salary."
Per: "In Denmark a McDonalds worker gets paid a manifold of what they'd get in the US (7 Dollar 25, the minimum wage), but McDonalds can still charge the same price for a burger. They earn a decent wage because they're supported by a union. Open source developers don't have any bargaining power, you can't opt out of open source because of the career opportunities and expectations."
Towards the end of the meetup Phoebe asks how the other panelists feel about actual contributions to open source, not monetary ones. Tobie: "Open source is so meaningful. Organizations that support their employees to contribute back, that's what I advocate for. Companies that dump PRs without much context and then leave again, or forking a project, adding a whole bunch of features that really only make sense for them, and then get angry when their work doesn't get merged back upstream - my beef is with them. Corporations need to understand they're part of an ecosystem."
Phoebe: "We need to keep talking about this, and changing minds, one company at a time."
For past sessions, check out our playlist on YouTube. We're taking a summer break, but we'll be back on September to talk about security: https://contributing.today
Top comments (0)