There's never been a better time to be a developer, with a smorgasbord of no-cost, innovative open source software and low-cost, innovative cloud "hardware" at your disposal. Whether building software for use or sale, developers have been loading up on open source, with Forrester Research positing that only 10-20% of new code in applications is proprietary. Yes, really.
While that's great, it also overlooks a looming problem: Not all open source software is created equal. Or, rather, not all open source software is maintained equally. While some projects, such as Linux, come with big vendors like Red Hat to ensure disparate components are polished and up-to-date, a new wave of software like, for example, React may depend on hundreds or thousands of components, without anyone bothering to ensure they're secure, up-to-date, etc.
It's potentially a big problem. Or, as Tidelift sees it, a big opportunity.
A Red Hat for the huddled masses
The blessing and curse of open source is community. While that's mostly a blessing, there's always the risk that someone may check out of the community, leaving behind an unmaintained project that may well be a component within a larger project. While open source now has a raft of companies vying to support this or that project (e.g., Confluent for Kafka, Red Hat for Linux, etc.), many projects don't get that level of support.
SEE: How to become a developer: A cheat sheet (TechRepublic)
Nor can we really blame the individual developers behind those under-maintained projects. Open source is often a labor of love, but love doesn't pay a mortgage. Tidelift, started by several ex-Red Hat veterans including Donald Fischer and Havoc Pennington, steps in to pay developers to step up their level of support and maintenance for projects that would otherwise be at risk. As the company has described on its site: "Those who build and maintain open source software get compensated for their effort—and those who use their creations get more dependable software."
For example, Tidelift just contracted with maintainer Sindre Sorhus to provide assurances for some of the most widely-used of the 1,100+ packages in the npm ecosystem, including Chalk JS, camelCase, Strip-ansi, and more. For an enterprise that uses Chalk JS, purchasing a Tidelift subscription makes sense as it gives them confidence that the code they'll be using will be well-maintained, Red Hat style. For the developers behind those open source packages, Tidelift keeps track of how much their code gets used and pays them accordingly.
It's a win-win for open source developers and the enterprises that love them.
Making open source pay
At scale, Tidelift's model strikes me as golden. While we are awash in fantastic open source code, the ways in which we get that code are not always ideal. Sometimes great code (like Google's Kubernetes) derives from corporate self-interest. Sometimes it starts with a developer scratching a personal itch, as it were, evolving into a startup or a lifelong passion (or both). Far too often, however, the question of how to fund great open source software gets in the way of the development of that software.
SEE: Software licensing policy (Tech Pro Research)
Tidelift's approach strikes me as superior, because it appeals to the money-grubbing self-interest of corporations: If they want great software that isn't going to crap out, they can pay to ensure the open source software upon which they depend stays well-maintained. Meanwhile, they may not care that some developer somewhere can now pay her mortgage, but she sure does, freeing up her time (maybe all of her time at some point) to work on the code she loves.
This is a great way to make open source sustainable. It's Red Hat for the rest of us.
- Open source champion Munich heads back to Windows (free PDF) (TechRepublic)
- What's the deal with Microsoft's open-source friendly patents? (ZDNet)
- How to become a developer: A cheat sheet (TechRepublic)
- IBM open-sources Mac sysadmin software (ZDNet)
- Open source is written by big greedy capitalists. What else is new? (TechRepublic)
Matt is currently head of the developer ecosystem at Adobe. The views expressed are his own, not those of his employer.
Matt Asay is a veteran technology columnist who has written for CNET, ReadWrite, and other tech media. Asay has also held a variety of executive roles with leading mobile and big data software companies.