
Let’s talk about open-source sustainability - steveklabnik
https://github.blog/2019-01-17-lets-talk-about-open-source-sustainability
======
randlet
My personal feeling is that funding has got to be the biggest issue with open
source sustainability.

I'm the lead developer of an open source project[1] used in radiation therapy
clinics around the world and I know I would be ecstatic to be able to get
enough funding to work on the software full time. I'm trying to bootstrap a
consulting business[2] around the software now, but it's tough getting people
to open their wallets (and it's much less fun than writing code)!

I think having funding in place for OS projects might have trickle down
effects as well. I know I would spend more time contributing patches back to
other OS projects I use if I didn't have to worry about trying to build a
business so I can put food on my kids table. I imagine there are many other
project maintainers who feel the same.

[1] [http://qatrackplus.com](http://qatrackplus.com) [2]
[https://www.multileaf.ca](https://www.multileaf.ca)

~~~
demircancelebi
I also think the biggest issue in OSS is incentives and see two ways of
handling this issue:

1) Bounties: Some mechanism for people to easily pay $100 for fixing the bug,
$1000 for implementing a feature, and so on. If Github takes care of the
payment part, I think it can even be used in big companies and would
definitely incentivize people. Sites like bountysource.com show that the model
already works, it just has to be handled by Github so adoption would
definitely be higher.

2) Second one is more ambitious: Although bounties are a nice way for people
make money, it still cannot allow people to just focus on their OSS work,
since it does not offer a revenue stream. Github should become what Youtube is
to video creators. If Github were to share a percent of its revenue with OSS
maintainers, that'd make a huge difference in the OSS space and in the world.

This recent tweet from the creator of ESLint captures the essence of the
status-quo really well:
[https://twitter.com/slicknet/status/1086053326007881728](https://twitter.com/slicknet/status/1086053326007881728)

~~~
pjc50
> Github should become what Youtube is to video creators

What, a metrics-driven controversy/clickbait factory?

We'd be far better off with what _Patreon_ is to creators, a system that gives
people enough predictability of income that they can make a job of it.

~~~
demircancelebi
You are right about what Youtube is, but what I meant by Youtube instead of
Patreon is this: With Patreon, you have to work for building an audience, but
Youtube pays you based on your views. A Github that pays people based on the
usage of their code might not be the easiest problem to solve, but what I'm
suggesting in the end is the same thing with you. Only time might show what
such incentives may turn the platform into, but considering the general
audience of the site, I doubt it'd turn out like Youtube.

~~~
pjc50
Getting the money from the intermediary to the developer is only half the
problem. First you have to get the money into the intermediary.

On youtube this is done with advertising. I can't imagine people being happy
with that embedded in open source software. People got upset enough about
Ubuntu and the Firefox/Pocket deal.

> A Github that pays people based on the usage of their code might not be the
> easiest problem to solve

A github that charges people to use code is even harder; that sounds like
instant suicide.

~~~
demircancelebi
I was happily paying 7 USD/month up until last week for the private repos, and
they apparently had 300M USD/year revenue when Microsoft bought them a few
months ago. I am not aware of their costs, but since they are part of
Microsoft now and trying to foster adoption, integrating money into the system
should be considerable.

------
olingern
Neat that that Github is looking into making open-source sustainable. I think
a lot of maintainers hit a wall at some point. You have to have pretty thick
skin to weather the entitlement people have to the thing(s) you put your
life's free time into.

Some ideas that I frequently wish existed:

1\. It would be neat if there was some sort of place in Github where people
could upvote interesting project ideas, i.e. "Load testing tool in Go"

2\. I'd also love to have a way to say, "I can devote 1-5 hours a week to this
project" and be notified when someone tags an issue as 'help wanted'

3\. Harder, but still do-able (I think). A place for open sourcers to organize
a "team" to get a new project off the ground. I often think that there _must_
be other people interested in the same sort of projects I am -- but we have no
way to "discover" each other unless you're some high profile Twitter user.

4\. Moderation for trolls. Some people frequently open issues that frustrate
maintainers. While they can just create a new account, I think creating a
small barrier to entry would do some good.

5\. A way for companies / individuals / etc. to donate to maintainers through
Github. I think this would be a huge incentive for people to continue their
work long-term and not just "hand over" repositories to people with ulterior
motives.

~~~
Ensorceled
5a) a way for me to add a bounty to an issue, I’ve had team members fix bugs
and do pull requests that I’d have happily paid $50 $100 or more to the
maintainer instead

~~~
thekyle
This. I've always wondered why sites like GitHub/GitLab won't allow issues to
have a bounty. It seems to me like its the obvious solution to crowdfunding
OSS.

When I find an issue on GitHub requesting a new feature or reporting a bug
that is important to me I should be able to throw down $5+ bucks to
incentivize someone to fix it. I also know that I would personally contribute
to OSS more if it didn't feel like I was doing community service but rather
actually getting paid for my time.

~~~
voltagex_
Probably less of an issue now they're part of Microsoft, but if you're focused
on source control / open source, you probably don't want to take on
crowdfunding with all the associated drama and complexity, too. That's a
business in itself.

~~~
paulryanrogers
True, but with the right hooks in place other providers could fill that niche.

------
sudhirj
My suggestion was to add a page allowing maintainers to sell licenses. I think
dual licensing can work really well if 1) there’s a very easy and trusted way
to buy licenses -with strong predefined terms set by a trusted third Party
like Github, and 2) if there are well written and understood commercial
licenses available for use that businesses can trust on sight.

Every oss project trying to make money by dual licensing currently sets up
their own payment system, and winds up writing their own commercial license
because the well known ones like MIT, Apache or BSD don’t work (if a business
buys one of those licenses they can just make a competitor to your project).
Because each project writes their own license, businesses need to waste time
reviewing each license carefully. It’ll be so much easier if there’s a Github
Commercial License that’s Apache 2.0 plus a non compete and no resale clause.

~~~
fxfan
This is the best suggestion I've seen and yet the one which Microsoft cannot
do for tear of people running after then with pitchforks.

~~~
sudhirj
Github could do it. Doesn't look they're rebranding into Microsoft Code Office
Space (TM) any time soon. And one would assume they'd put the licenses on
Github as well, so you could suggest changes and sell your project on
whichever version of the license you want.

What Github would bring to the table are easy marketplace dynamics, trust, and
a team of lawyers capable of writing good licenses. Also, the same code
analysis tools that check for security problems in your dependencies could
also license checking. There's a very compelling use case for businesses if
all their code hosted on Github can 1) automatically check for license
violations and 2) just pay for all licenses on a single screen with a single
click.

------
octref
Well, here are two things that have been brought up many times:

1\. Required fields on new issues. Has been requested since 2016[0].

2\. Better issue search.

Open Source projects face a lot of issues. It's good to talk about them, but
some GitHub can solve some GitHub can't. I'd be much happier to see these
problem addressed instead of learning about updating my profile status[1].

Currently when a project becomes popular the issues easily drown the author.
As the communication portal between OSS authors and users, GitHub can and
should give OSS authors more power.

[0]: [https://github.com/dear-github/dear-github](https://github.com/dear-
github/dear-github)

[1]: [https://github.blog/changelog/2019-01-09-set-your-
status/](https://github.blog/changelog/2019-01-09-set-your-status/)

~~~
Karunamon
Regarding 1: Please no. Prefilling the entry box is a decent compromise and
doesn't require turning the Github issue screen into a Jira issue screen.

~~~
jnbiche
If someone is filing an issue to an open source project -- whose maintainer
will very often be working on said issue for free -- the least that person can
do is submit the issue with the information that the maintainer requests.

I really like this idea if for no other reason that it would raise the bar for
submitting an issue. So many open source maintainers on Github are overwhelmed
with vague issues or support requests masquerading as issues.

~~~
hobofan
Issue templates already exist. As I've seen recently the possibility for
multiple issue templates (that also auto-apply some labels) even exists now.
If an issue doesn't fall into any of those templates, they are still free to
close the issue and ask for it to be resubmitted with the correct information.

------
3pt14159
If you're worried about the domain github.blog, be aware it's what
blog.github.com redirects to. I really hate what's happened with TLDs, but at
least this one is verifiable.

~~~
devonzuegel
Hi! Thanks for clarifying this for everyone. Yes, we just migrated the blog,
so both `github.blog` and `blog.github.com` work.

(I'm the open source PM at GitHub, for context... and yes I realize that's not
directly verifiable from my sn here so feel free to tweet at me if you want to
check: [http://twitter.com/devonzuegel](http://twitter.com/devonzuegel))

~~~
mbrock
Hey, that reminds me about Keybase. It's not talked about that much anymore,
as far as I can see, but it's nice how it lets you verify your identity across
different sites.

------
dbg31415
I think the biggest issue with open-source projects is that we can't
incentivize the creators to do the work. What I'm looking for is an easy way
to "donate now" on the library.

Without this, I can't pay someone to make some minor changes. I'm left hunting
for their details, and when I do connect with them over GitHub or LinkedIn,
I'm at their mercy to respond, and most of the time I can't give any valued
weight to my request since I'm not paying them to do the work.

When I do hear back, devs aren't always the most gracious folks, and they
don't have the same priorities I do. Money can help make people more cheerful,
and helps me align their priorities to my own. I've lost count of times I've
gotten a snarky, "I didn't build this to do what you're asking."

There are so many great libraries out there that went stagnant. I make money
off their work, but I can't pay them to make upgrades and they find the work
to be boring or my request to be out of their target audience (if they even
think that way).

I think if GitHub could build in some features around donations that would be
great.

~~~
thekyle
It would be ideal to integrate the donation system with the existing issues
system. That way individual issues could carry a bounty added by people
wanting that issue fixed.

~~~
dbg31415
I love this idea.

"Fix this, and I'll pay you $50."

Only trick... how to verify the fix.

A lot of times someone would just mark the issues as done, but it'd need to be
verified as being completed as expected. And that creates a situation where
the person looking to make $50 does the work and (rightfully) says, "Pay me,"
but the person who has to pay the $50 says, "Uh... hold on, I have to do a new
build, and that'll be 3-4 weeks minimum to get it prioritised and tested and
through UAT and into production before I can get procurement to release funds
for this," or, "Doesn't work on my build..."

Not impossible... just complicated in practice. Thinking it through, I can see
why GitHub hasn't done anything like this yet. I think I'd prefer bounties,
and donations -- I can easily get a donation approved as basically a "license
fee" but bounties would be very hard to get through the accountants I think.
At least in agency-land where I work.

~~~
korethr
I think for this to be feasible, a project would need to maintain firm to
strict discipline about testing and versioning. Let me expand on that.

When an issue comes in, once verified, a test that reproduces the
unwanted/unexpected behavior is attached to the issue. This lets both the
reporter and dev prove the issue exists, and lets the dev trigger the behavior
on-demand to aid in his troubleshooting efforts. Then, once the issue is
fixed, the test proves it. Afterward, that test should go into the regression
test suite that gets run before each release to make sure it doesn't come
back.

When the fix is released, it ideally would be released only in a bugfix
release, bumping only the patch version number a al SemVer, and not wrapped up
in a feature release. It should be a lot easier to get a patch release
prioritized through testing, staging, UAT, and finally into production when
the version number tells you that the bugfix was the _only_ thing that has
changed, and the test suite can prove that.

Coming back from fantasy land to reality there's other things that would have
to happen to make this feasible, but it's well past bed o'clock for me. I'll
try to remember to post an additional reply later this morning.

~~~
dbg31415
From a technical perspective, this isn't wrong.

From a finance perspective... I don't want to argue that this is sane, but a
lot of firms view software still as a Capital Expenditure (CapEx), not
Operational Expenditure (OpEx).

CapEx is like buying a car, or buying a laptop. OpEx is like a taxi service,
or monthly power bill.

With CapEx, I generally can't get approval for payment until the product is
fully delivered, and signed off.

A lot of companies use agencies to do software work for them, and see an
agency as a sort of credit card / insurance policy for getting the work done
before they have to pay, and getting work done on a fixed-price scheme.

A lot of times too, work has to come with like a 90-day warranty, and final
payment won't be due until that period is up. For larger clients anyway.

Yes, I like bounties... and we use a lot of open-source software, but I don't
think anyone would want to get paid the same ways as agencies get paid. Likely
we'd be better off just being able to donate.

------
dessant
Integrating bug bounties and donations into GitHub could be one of the best
things to happen to Open Source. Funding new features and bug fixes could
become seamless, and it would sway more devs to adopt this model for their
projects.

------
tbrownaw
Oh nice, it looks like an _actual_ "let's talk", rather than a "I have
something to say" like I've apparently started to expect that phrase to mean.

~~~
kemitchell
Have talked to Dave about sustainability. Strongly recommend.

~~~
kemitchell
Autocorrect fail. s/Dave/Devon/

------
echohack5
Also probably worth mentioning:

[https://sfosc.org/](https://sfosc.org/)

[https://medium.com/sustainable-free-and-open-source-
communit...](https://medium.com/sustainable-free-and-open-source-
communities/we-need-sustainable-free-and-open-source-communities-edf92723d619)

And my own personal take on this whole Game of Throne'ing that's currently
happening out there with open source:

[https://medium.com/@echohack/we-need-more-sustainable-
free-a...](https://medium.com/@echohack/we-need-more-sustainable-free-and-
open-source-software-before-its-too-late-a168fdaf7237)

~~~
Conan_Kudo
Some U.S. states have "social purpose corporation", which might work for open
source:
[https://en.wikipedia.org/wiki/Social_purpose_corporation](https://en.wikipedia.org/wiki/Social_purpose_corporation)

~~~
hobofan
Something similar exists in Germany. Sadly in the past courts have ruled that
even corporations that have been solely dedicated to providing a structure for
open source projects are not eligible for tax exemption because "they serve
special interest groups rather than the common good".

~~~
detaro
Seems to be not a hard rule though, since e.g. the Center for the Cultivation
of Technology ([https://techcultivation.org/](https://techcultivation.org/))
managed to achieve gGmbH status.

~~~
hobofan
I can't seem to find much info about the CCT. Have the actually picked up
stewardship for any projects, and managed to file taxes without the tax
authorities challenging their status? As long as there is nothing to tax,
gGmbh status is quite attainable.

All the examples I know are from what seems to be much bigger projects, with
all of them failing to be recognized as tax-exempt.

~~~
detaro
No, haven't seen much of them, just remembered reading about them somewhere,
and looking at the issue tracker they link seems activity stopped a while back
- if status is easier if not active, then that's a problem, I would have
thought the initial step is hard already. :/

------
crumpets
Maybe if github itself was open source people could make a lot of improvements
to it to help other open source contributors. I don’t understand why we expect
people writing a closed source system to fully grok open source.

~~~
Wuzzy2
My thoughts, exactly! It's so ironic, isn't it? I keep saying this to fellow
developers all the time, it seems I am talking against a brick wall.

------
ghubber
It's not always about money. You put out free software because you're proud of
it and hope it can help others. But I've given up on sharing and maintaining
open source because of the users' toxic self-entitlement. It's not worth the
aggravation.

Bounties are not a good incentive to maintaining high quality open source - in
fact it's the opposite. It encourages putting in rarely used functionality
that is not in line with the goal of the software. In the cases where adding a
feature is warranted, a small bounty rarely comes close to the development
time required to implement it.

Even the act of properly vetting pull requests is an extremely time consuming
process. Will this contribution affect the stability and performance of the
code base? Does it follow the conventions of the project and include
comprehensive test cases and documentation?

Micropayment donations are nice in theory but don't work in practice. The
handful of projects that are able to self-fund do so only because large
corporations support them, not individual users. And even those popular
projects do not pay for the development of the the many project dependencies
they rely on - without which their software would not be possible.

So I don't have any solutions to free software sustainability. The users of
the software derive great benefit, but the producers - not so much. By in
large, open source will always rely on the charity of its creators.

------
cavneb
Thank you Devon for this post and for your ongoing efforts to help make the
open source economy thrive. I’m very eager to see the follow up based on
visitor feedback. This is Eric Berry btw

~~~
cavneb
I should also mention here that I am the founder of
[https://codefund.app](https://codefund.app). We generate recurring,
consistent revenue for open source projects and developers through ethical
advertising.

~~~
humanetech
You were downvoted, maybe because some people consider all advertising as evil
per definition, but _ethical advertising_ is an interesting subject. I made
mention of Codefund in a forum discussion we have on the topic:

[https://community.humanetech.com/t/humane-advertising-
ethica...](https://community.humanetech.com/t/humane-advertising-ethical-and-
mutual-beneficial-it-is-possible/1419/9)

------
tokyodude
I have a feeling this would be a bad idea for some reason I can't quite put my
finger on but ... what if github added a sponsor/donate/pledge button and ran
a service for doing such?

Some projects use Patreon. Why not just make it direct for those projects that
are using github to host?

I think the harder problems are things like "who gets the money", "how is it
used", etc... How to deal with scam clones. (once money is involved the
scammers will show up)

~~~
goostavos
"who gets the money" was a hard enough question to push me away from trying
the patreon / tip jar approach. There are a ton of documentation / translation
/ one-liner style contributors on my project. Do they all get an ongoing cut
of the funds? Or is it a one time thing? How is that number determined?

As soon as you introduce money, some people will get alienated, work 'value'
will be ranked, just -- all kinds of new headaches on top of what maintaining
a large project for free (which is already often a big headache)

------
dade_
I now list all of the open source (applications, libraries, etc) I use at the
end of the year and I decide on a bucket of funds and split the donations
between the top 5 most important projects to me this year (application,
library, etc).

Giving money away feels great (not sure why) and you can pretty much count on
a thank you note.

I am now trying out cloud providers that use and contribute to open source
software and standards. ie, mailbox.org

------
lifeisstillgood
Thought: OSS Kickstarter - a developer puts up a page for say "improve config
handling for apache spark" or "fix the radiation therapy UI".

Companies can commit a small amount till the funding point is hit

And then code is released for a limited time only to sponsors - the code base
is released to everyone else only after a known time period.

We get scarcity, openness and funding???

------
33a
All those problems could be solved with money.

------
mrob
"Sparse analytics" is not a problem; it's a feature.

------
hodgesrm
I love Github dearly but this proposal to "talk" is hard to understand. The
questions we should be asking go to the economics of open source projects.
Problems like overload or lack of resources look like symptoms not root
causes.

My first question would be: Who are the users of your project and how did you
find them?

------
burtonator
I'm working hard now on trying to make my project sustainable:

[https://getpolarized.io/](https://getpolarized.io/)

It's a weird situation as we're a desktop app. Many Open Source users aren't
used to paying for things but if you want good tools there needs to be a
economic background.

I've started polling my users to ask WHY they aren't donating and I'm getting
some interesting initial feedback.

So far "I didn't know how to donate" is apparently a big issue I have to
resolve.

Additionally a top issue is that the user base doesn't feel the core feature
set is there.

Now part of this might be bias. They might not want to support simply because
they don't have money.

In the next month I'm going to be turning on monetization so this should be an
interesting process.

~~~
jammygit
I tried polar at one point and found that adding web pages was a bit clunky in
terms of UX. I'm looking forward to trying it again in the future however
since I love the premise.

Have you considered scoping out a browser extension that would let you send
polar a webpage with a single button click? I'm not sure what complications
there would be getting firefox and polar to talk to each other, but maybe in
conjunction with the sync feature it would be easier?

Might give you a feature to charge for too since you it does afterall cost
money to run servers

edit - elaborated

------
siliconc0w
Crypto has crashed a bit but there could be some opportunity for an ethereum
style contract to help here. Opensource projects are like the ideal
'DAC'(decentralized autonomous corporations) so they could have funding pools
that pay out for feature or bug additions. Basically if enough of the DAC vote
a feature or bug is important and you contribute code that addresses said
issue, you get paid. Similarly OSS licenses could shift to a scheme where if
your MRR > $X you are obligated to kick either ether or equivalent code value
into pool. Self sustaining, self governing. Corporations might even open
source more projects to basically outsource work where hiring dedicated
software engineering doesn't make sense.

~~~
wz1000
How exactly is a "smart" "contract" going to decide if some code fixes some
bug? And how is it going to measure someones MRR?

The fundamental problem with "smart contracts" is that they are neither
"smart", nor are they "contracts". Contracts deal with ambiguous meatspace
issues, and are resolved through courts. Smart contracts are in no form a
novel idea, they are just trading/finance bots with some added blockchain to
get the suckers to give up their money. They cannot make any decisions on
things that can't be verified on the network itself, which includes things
like "who does this apple belong to?", "does this code solve the issue?" etc.

~~~
cvrjk
Smart contracts are smart enough to allow formation of groups of devs, form a
vote and disperse funds. Devs who are directly responsible for maintaining a
portion of code can vote if the contributed code solves the issue.

~~~
wz1000
If a trusted group of developers is in charge of dispersing funds, why involve
a blockchain/smart contracts at all? You can just donate to the developers,
and they can disperse funds according to some predefined terms. The DAO or
whatever is exactly that, but with extra steps. In either case, you still have
to trust that the people in charge of distributing the funds will do so
according to the terms that were agreed upon(fixing bugs or adding features or
whatever).

~~~
swift532
They'd still be trusted in the sense that they decide if a bug was fixed or
not, but at least transparency would be achieved. You could independently
check exactly where your money went.

------
chewxy
I've been working on my own open source projects (the Gorgonia family of deep
learning packages for Go[0]). Competing with TensorFlow and PyTorch is hard
and I'm quite sure, unsustainable.

When the project started, Gorgonia had dynamic and static graphs. Then TF
caught up and now has surpassed Gorgonia in terms of features.

I wonder what Github would be doing to help maintain projects. Right now it's
just pretty five people maintaining Gorgonia. Sustainability for me would
simply be more contributions to maintain feature parity with TF

[0]: [https://github.com/gorgonia](https://github.com/gorgonia)

------
tschellenbach
Definitely a problem. Initially I really enjoyed sharing open source projects.
But after a while you get a little bit fed up with the support requests and
random why you no haz feature x threads on Github.

~~~
BucketSort
We need new open source cultural leaders that set the tone for open source
engagements. I see the poor attitude here on HN all the time. Someone posts
about their open source project and they often get burned down for not doing
x,y,z. It's open source. We should all be grateful for the work people are
putting in so that we may benefit. I don't know why so many people regress to
neolithic end-users when an OSS project they are using doesn't do something
they like or has bugs. It's like just because they have access to it and use
it, they are entitled to world class support, as one would expect as a paying
user. It's a toxic situation. We need a cultural change that curbs this
behavior.

------
yingw787
I'm in the process of moving from macOS to Ubuntu for everything that is not
my phone, and I was looking to replace Google Keep and Inbox as they are EOL
this year. Found this note tool called Standard Notes
([https://standardnotes.org/](https://standardnotes.org/)). Linux and iOS
support, extensions, 2FA and encryption, and FOSS. Tried it out. Plunked down
$150 USD for a five-year membership without further hesitation.

------
kvark
I find the communication tools to be lacking most, for the goal of solving the
problems collaboratively. Github issues are absolutely unusable for
discussions whenever there is more than 10 comments. External sites like
discourse help a bit, but still far from ideal.

TL;DR: please give us a Google Wave analogue built into Github

------
fxfan
Github summer of code for projects except there is a voting from community
taken into account for final decision.

------
Wuzzy2
What is very ironic about this poll is that GitHub itself isn't open source at
all.

For instance, to even use this site, you have to allow JavaScript in your
browser. Otherwise, some features are completely broken (because fuck
security-minded people, right?).

The JavaScript that GitHub ships is obfuscated and proprietary, so the moment
you visit GitHub with default browser settings, you have already executed
proprietary software. Heck, even the poll about open source does not work
without proprietary JavaScript, which is _especially_ ironic.

------
sgentle
I think the biggest problem is the fundamental impedance mismatch between
companies and independent open source projects, especially smaller ones.

As any b2b startup will tell you, the number one concern of a large client is
"how do I know you'll still be here in a year?" They say nobody gets fired for
buying IBM, but what they really mean is nobody gets surprised by IBM; nobody
outgrows IBM and has to find a bigger vendor; nobody includes IBM insolvency
in their contingency planning. IBM is predictable in the exact way an
independent open source developer isn't.

The mismatch is that an ideal vendor delivers a predictable result across a
wide price range, and a small open source project just can't do that. Think
AWS: you can spend $1 or $100,000 and you know exactly what you're going to
get. It's not so hard to get $100,000 of value from an open source project:
just hire the maintainer. But how do you get $1,000 worth? Or even $10,000?
You can definitely get a result for that much money, but you can't get
certainty. Unless you're paying that maintainer enough to live off, they're
always just one really good coffee chat away from the loving arms of FAANG.

I think the missing piece is a trustworthy intermediary to handle professional
services contracts for open source projects. Rather than dealing with the
overhead and uncertainty of a bunch of individual contributors directly, you
just pay for one central service that covers your entire open source surface
area. This organisation then contracts out to a network of interested open
source contributors for maintenance and feature development.

In many cases, this would mean the maintainer of the project, but it could
also be someone on the team, a new maintainer if the project is abandoned, or
even someone to keep a fork up to date if you need changes that upstream
doesn't want. The point is you don't have to manage this in great detail: you
just pay the money like you would with any other service. In this case, the
service is "all my open source software works, continues to work, and will
grow with my business"

In order to be trustworthy, I don't think this could be a for-profit company.
Many developers are skeptical of commercial interests in open source, and the
larger independent projects often specifically limit the influence of any one
company. For developers or companies to trust an intermediary, it would have
to be provably acting in their interests. In other words: an independent non-
profit with an open and transparent governance model.

Further, I think it would need to be run by respected figures from various
open source communities. Open source is fundamentally weird to people who
don't deal with it regularly, and there are plenty of opportunities for
boneheaded mistakes that destroy trust. Why contribute and engage with the
community rather than fork everything? Why invest in existing contributors
instead of paying the cheapest contract devs you can find? Why not use your
leverage against contributors that don't agree with your decisions?

The answer to all of those, as well as many similar scenarios it would be easy
to imagine, is the same: it's bad for open source, which is bad for businesses
that rely on open source. Businesses won't always know that or act
accordingly, but an organisation working on behalf of the community will. And,
of course, all of this only works if the projects and contributors in question
trust it to do so.

There is a fair bit of successful precedent for community-driven foundations
(eg Linux Foundation), the professional services model (eg Red Hat), and
project-agnostic funding (eg Google Summer of Code). But, as far as I know, no
initiative that combines all three. That's not incredibly strong evidence that
it'll work, but at least suggests it might, and it's not like we're exactly
drowning in workable ideas for open-source funding.

~~~
leethargo
> how do I know you'll still be here in a year?

But this applies to early-stage startups just as well as to open-source
projects?

------
homero
The quickest and easiest thing to add first is bounties.

~~~
quadrangle
Quick and easy ≠ good

------
fxfan
A Microsoft product using google forms. Lol. I mean I know they want to keep
their image of "startup" but using inferior tools isn't necessary for that.

------
sonnyblarney
Kudos to this initiative.

------
bberenberg
Reads like begging the question for all the stuff they're saying will come at
[https://spectrum.chat/features](https://spectrum.chat/features)

------
sneak
These hyper-polished, exactly on-tone, on-message blog posts from what is
basically Microsoft PR are causing credibility loss for the GitHub brand in my
eyes. I don’t really believe we’ll see non-corporatese from them ever again,
now.

~~~
exolymph
...what? Devon Zuegel doesn't come from Microsoft and she's not working in PR.

~~~
yarrel
They do now.

------
asien
Honestly the person who wrote this post is absolutely out of touch with
reality.

FOSS , except for a few technology, will never be sustainable .

Why ?

\- Because entreprises prefer to pay Billions to proprietary products and have
someone that can be held accountable for failure.

\- Because entreprises executives consider that Open Source = You don’t have
to pay anything.

\- Because Oracle , IBM , Microsoft have spent the last decades telling
entreprises executives that FOSS « does not scale » and is « very insecure »
while they are actually just copying stuff from open source and rebranding it
as their own.

FOSS will never ever be sustainable because the industry has been shaped
around proprietary ecosystems by companies who are now worth hundreds of
Billions of dollars.

Outside of few startups very few companies make donations to FOSS projects to
keep them running.

Maybe it’s juste me but I’m fairly confident that a blog post and a Google
Form won’t fix anything in the industry.

On the other hand , Microsoft , IBM advocating their customers to fund open
sources instead of buying proprietary products while they are selling
consulting services would fix the entire problem.

Will this ever happen ? It won’t. Licencing bring billions in revenue to these
companies it would be absolute suicide.

~~~
no-such-address
When you say sustainable, do you mean, is it possible to train another
generation of engineers to take over the maintenance and development of the
software?

I wonder about software that has a secondary or supporting role in the
ecosystem. Working on them does not provide the level of career opportunities
that seem to be available from working on core distributed computing or
machine learning platforms. Apparently the default is that they will be
abandoned in place.

