Cracks are starting to appear in this global ecosystem as many projects lack the basic funding to sustain the software that literally runs the world.
Translated from Open Source Is at a Crossroads , author Bill Doerrfeld.
Open source software is going through a midlife crisis. Open source contributors are struggling to keep up. Popular open source projects are undergoing restrictive licensing changes.
Backdoor threats are putting open source supply chains at risk. Moreover, no one seems to have a clear grasp of what “open” means in the context of artificial intelligence .
This is a scary prospect if this whirlwind of challenges is allowed to rage. "If open source software disappeared, the impact on our lives would be immeasurable," said Ruth Suehle, executive vice president of the Apache Software Foundation . However, cracks are starting to appear in this global ecosystem, as many projects lack the basic funding to sustain the software that actually runs the world .
Like a fragile climate on the verge of collapse, if the lifeblood of open source software begins to dry up, there will be significant ripple effects. “If one link in the water cycle is interrupted, well water will not be replenished and the people who depend on it will suffer,” Suehle said.
However, some open source maintainers already feel they have no choice but to redirect their software licenses to stay afloat. "Open source software today is at a tipping point," said Buoyant CEO William Morgan . According to Morgan, significant inequalities have emerged between open source contributors and the companies using these projects, which requires changes in the fundamental dynamics of the open source value chain.
Others argue that today's inflection point is nothing new for an industry that has weathered macroeconomic uncertainty for decades.
"These tensions pale in comparison to some of the other issues open source software has faced in the past," said Chainguard founder and CEO Dan Lorenc . However, he acknowledged that the industry is currently at a major crossroads in the way it thinks about and consumes open source software. In this environment, other technology leaders question whether the open source model is still an effective business strategy.
Sudden licensing changes
Most important to most open source users is the recent series of restrictive license changes for heavily used projects, including HashiCorp's Terraform , Redis , Elasticsearch , and Bouyant's Linkerd . “Last year’s licensing changes in many large open source projects took the entire industry by surprise,” said Nir Gazit , CEO and co-founder of Traceloop .
The sudden shift to more restrictive licenses has users questioning the longevity of open source software as a whole. "As the open source maintainer of the Apache-2.0 repository, I often hear this concern expressed by potential users," he said.
The move to more restrictive source code will not only affect individual developer users, but also companies that build their businesses around open source projects .
Liz Rice, chief open source officer at Isovalent and a board member of the Cloud Native Computing Foundation and OpenUK, agrees that the trend around relicensing is a pressing challenge for open source software.
"While these companies have the right to protect their commercial interests, relicensing raises many questions and concerns across the ecosystem," she said.
Another area where open source licensing is poorly defined is determining what exactly constitutes open source software in the context of artificial intelligence. For example, open language language models can be trained on proprietary assets, complicating ownership. "Open source licenses often assume that software IP exists in the source code," said Philip Rathle, chief technology officer of Neo4j . “AI moves this upstream.”
There is no free lunch
The biggest problem with the open source model is that the vast majority of organizations that use these projects for free do not actively give back , either financially or through code submissions. Instead, they are more likely to demand bug fixes or extensions, putting undue pressure on maintainers to work without pay.
As Morgan describes, "Open source has become, as Bruce Perens puts it, a ' great corporate welfare program ,' benefiting companies like Microsoft , Amazon , and Apple, which have generated billions of dollars through open source income, while charity workers serve as maintenance staff and engineers on development projects.”
Fran Mendez , founder of the AsyncAPI Initiative , said that people often don't realize that community management of open source projects is a full-time job. This includes tasks outside of coding, such as design, technical writing, marketing, dispute resolution, and maintaining a code of conduct. These initiatives require financial support, but project managers rarely receive sustainable funding.
Consider the case of Lightbend, which recently changed the open source license for Akka, an SDK for distributed applications. As Lightbend CEO Tyler Jewell explains, 13 years later, the team can no longer maintain the software without the fair contribution of the nearly 100,000 commercial organizations that use it. "We changed the licensing model to allow us to better maintain the maintenance and improvement of the project while still keeping it free for the vast majority of developers to use."
economic headwinds
The open source community's woes undoubtedly stem from the larger economic environment. The lower interest rate environment of the early 2000s, which Lorenz believes triggered a significant growth in the number of open source companies and projects. But now, we are going through a major adjustment. “Time and money are more scarce, which makes it harder for contributors or companies to allocate resources,” he said.
"Many, but not all, open source businesses are at a crossroads," said Fermyon CEO Matt Butcher . The theory has long been to build an open source tool, build a community, and then figure out how to monetize it. But now, companies in the final stages face intense pressure to grow profits, he said. "For some companies, this means abandoning the open source model."
CNCF CTO Chris Aniszczyk, explained that the lack of resources to justify open source may also stem from an "excess wealth" issue. With so many projects vying for attention, it’s easier than ever for innovative projects to lose the resources they need. "As an industry, we should consider focusing our efforts on identifying and sustaining critical open source projects," he said.
Operation is immature
It's not just business sustainability issues that threaten open source, but also immature software supply chain management practices. “Adopting projects without consideration, regardless of how to maintain or protect them, only delays the inevitable pain that we face today,” Lorenz explained.
For example, cyber threats expose vulnerabilities inherent in modern software solutions, of which the Linux Foundation estimates 70%-90% are free and open source software. A recent damaging attack involved attackers submitting malicious submissions to xz Utils , a ubiquitous open source compression tool in Linux.
What you need to survive with open source
Open Source Foundation
First, experts agree that open source infrastructure organizations like the Linux Foundation and the Apache Software Foundation will play a key role in stabilizing the future of open source. “The path we take from this intersection will likely involve more projects donated to the foundation,” Rice said. Such a body could guide open governance and set rules to prohibit reauthorization, giving developers greater peace of mind when integrating projects into their software.
A fairer ecosystem
Second, open source software maintainers will need more support in terms of funding and active contributions to sustain their projects. “A lot of what we need right now is not technology solutions but collaboration,” Suehle said, “especially from organizations that rely on open source.”
According to Aniszczyk, this collaboration must go beyond GitHub sponsorship and donation platforms, which essentially turn maintainers into gig economy workers . Mendez proposed a future model in which Open Collective enables a more Stripe-like checkout experience for certain additional features.
intentional business strategy
Not everything needs to be open source. Therefore, a more sustainable open source ecosystem will depend on carefully determining what content should be free and open and what content deserves to be premium. For Butcher, a good rule of thumb is to open source the technology that individual developers need, while limiting advanced features that are only useful to large deployments or organizations.
new framework
The traditional definition of open source does not match the rapidly evolving world of AI. “We need a new framework to accommodate all these nuances,” Rathle said. He emphasized the work of GenAI Commons and the importance of new licenses that measure the openness of all components in an AI model , such as underlying datasets, preprocessing code, model architecture, and model parameters.
Double down on security
"Security cannot be an afterthought anywhere in the industry, but this applies especially to open source, where a decentralized community of paid contributors and volunteers operates independently," Lorenc said. Memory-safe languages and default security settings can go a long way toward eliminating most bugs and attack vectors, he said. Better inventory management using SBOMs and vulnerability scanners will also be key to protecting open source software.
Case Study: AsyncAPI Initiative
An example of a community-led and sustainable open source initiative is AsyncAPI . AsyncAPI was founded in 2016 to define an open standard specification for messaging APIs. As Mendez explains , AsyncAPI became more than just a side project when he realized Slack was actively implementing AsyncAPI in production. As AsyncAPI's adoption and community support grew, companies attempted to acquire its intellectual property.
In 2021 , however , the community donated the project to the Linux Foundation , thus protecting the technology and its governance as a vendor-neutral initiative.
Mendez then got a job at Postman, which has been funding his full-time work on AsyncAPI, no strings attached. "We're very lucky," he said. It's rare, which is why he believes more companies should invest in hiring people to support open source full-time .
Case Study: Linkerd
However, not all open source projects receive fair funding this way, especially if one company is responsible for nearly all development. Consider the recent evolution surrounding Linkerd , the popular lightweight cloud-native service mesh. "We decided earlier this year to stop building Linkerd open source stable artifacts and start charging for proprietary stable artifacts," Bouyant's Morgan described.
Interestingly, this move is in line with the rules of the CNCF Graduation Project , as they do not require administrators to release new versions. While the decision to gate stable releases to premium paying subscribers has sparked outrage among some open source enthusiasts, Morgan said a healthier balance is necessary. “As a result, Linkerd is healthier and growing faster than ever, and our ability to reinvest in the project has grown exponentially.”
Times are changing
While budgetary constraints are a top challenge in the open source ecosystem, they are not unique to the space, as retrenchment and layoffs have been underway across the tech industry in recent years . In order to cut costs, enterprises are also faced with rising cloud native costs and the urgent need to streamline developer productivity . "The software industry as a whole is facing a set of challenges that I liken to a 'hangover' after years of carefree adoption," Lorenc added.
However, given the popularity of open source software, the fractures in the ecosystem are concerning. If more projects fall behind, there could be adverse effects across the board. Therefore, companies should understand the open source they are using and consider how they can give back. “Open source collaboration among our projects, foundations, nationalities and employers is vital to the world at large, whether it’s contributions of time, money, skills or other resources,” Suehle said.
The problem is, many maintainers call for collaboration, but they still lack a fair exchange with consumers. This situation could stifle early innovators and force many to rethink the open source software model. As Rice puts it, "In an environment where everyone looks down on non-foundation open source projects, it can be difficult for startups to develop and protect their intellectual property as a competitive advantage."
That said, the open source software ecosystem is huge and some areas are experiencing positive growth. “Open source is booming in both letter and spirit,” Rathle said, noting the excitement surrounding open source AI. This excitement and development could inspire a new generation of open source creators – and hopefully they’ll get the support they deserve.
A programmer born in the 1990s developed a video porting software and made over 7 million in less than a year. The ending was very punishing! High school students create their own open source programming language as a coming-of-age ceremony - sharp comments from netizens: Relying on RustDesk due to rampant fraud, domestic service Taobao (taobao.com) suspended domestic services and restarted web version optimization work Java 17 is the most commonly used Java LTS version Windows 10 market share Reaching 70%, Windows 11 continues to decline Open Source Daily | Google supports Hongmeng to take over; open source Rabbit R1; Android phones supported by Docker; Microsoft's anxiety and ambition; Haier Electric shuts down the open platform Apple releases M4 chip Google deletes Android universal kernel (ACK ) Support for RISC-V architecture Yunfeng resigned from Alibaba and plans to produce independent games for Windows platforms in the futureThis article was first published on Yunyunzhongsheng ( https://yylives.cc/ ), everyone is welcome to visit.