Looking for more podcasts? Tune in to the Salesforce Developer podcast to hear short and insightful stories for developers, from developers.
36. Supporting Open Source through Open Collective
Hosted by Chris Castle, with guests Pia Mancini, Joe Kutner, and Josh Simmons.
Open source communities face several challenges. Besides receiving fair compensation, there are questions of sustainability, governance, mental health, marketing themselves to CTOs, alongside technical challenges such as issue triage and relevant documentation. Open Collective is an organization that aims to help. They serve chiefly as a legal banking entity to collect funds from individuals and companies and disperse them to maintainers in need. They also go beyond the fiscal and into the social elements of open source sponsorship by guiding individuals towards stewarding their communities into sustainability.
Chris Castle, developer advocate at Heroku, sits down with several individuals working towards making the lives of open source maintainers a little easier: Josh Simmons is the VP of the Open Source Initiative and a Senior Open Source Strategist at Salesforce; Joe Kutner works on open source programs at Heroku; and Pia Mancini, is the co-founder and CEO of Open Collective, a platform that gets funding from companies and individuals and disperses it to the open source projects they use, without those projects needing to have their own business bank account.
The issues involved with financing open source projects are two-fold: first, there's the challenge of actually collecting money from corporations profiting off of open source developers' free time; and after that, actually sorting out how to disperse these funds to contributors. Pia provides an example of the struggle of a Ukranian developer invoicing a company and receiving compensation from a U.S. bank account. Open Collective's goal is to solve both of these problems, by connecting funders with projects, and handling all of the messy paperwork involved as a consequence.
Josh and Joe both point out that the strategy isn't just to provide a monthly donation charge, either. Funds can be allocated to support bug bounty programs, where security experts not necessarily involved in a project can participate and receive pay-outs. That's necessary work that a maintainer might not necessarily think about organizing, and which definitely benefits the project.
The Open Collective provides two other services within its umbrella. BackYourStack is a website which will scan the public repositories of a GitHub organization, and identifies which dependencies are part of the collective, such that companies can fairly sponsor projects they didn't even know they depended on. Gift Cards is an opportunity for companies to provide gift cards to their engineers, who then in turn give those to maintainers who they acknowledge as being tremendously helpful. This places the decision making for sponsorship on the developers who most often interact with other open source developers .
The episode concludes with a foray into issues beyond financing, specifically a maintainers' well being. Open source isn't just about creating software; you've got to also delve into issues, identify what's important, have discussions, and sometimes, fend off abuse from users' unreasonable expectations. Josh explicitly mentions Open Sourcing Mental Illness as a resource for assisting individuals experiencing burnout. The Open Collective is also exploring ways in which to assist maintainers with tasks such as triaging issues or updating documentation.
Links from this episode
- Open Collective accepts corporate sponsorships and distributes funds to open source communities
- Open Source Initiative has been promoted adoption of open source technologies since 1998
- BackYourStack scans your organization and GitHub, and tells you which projects are seeking funding throughout Open Collective
- Gift Cards from the Open Collective allow employees of companies using open source projects to support maintainers directly
- Open Sourcing Mental Illness, provides resources to support mental wellness in the tech and open source communities
Chris: Hello, and welcome to Code[ish], an exploration of the lives of modern developers. Join us, as we dive into topics like languages and frameworks, data and event-driven architectures, and individual and team productivity, all tailored to developers and engineering leaders. This episode is part of our Tools and Tips Series.
Chris: Hello, and welcome to another episode of Code[ish]. I'm Heroku developer advocate, Chris Castle, and I'm here today with a few bright faces and we're going to be talking about different ways of funding open source, open source software, different groups. I'm here today with Pia Mancini, Josh Simmons, and Joe Kutner. I guess I'll let each of you introduce yourself. Pia, why don't you start?
Pia: Sure. Hi, everyone. Thank you guys for having me. I'm Pia Mancini, I'm co-founder and CEO of Open Collective. Open Collective is a platform that helps communities be sustainable through open finances, so getting funding from sponsors and backers, from companies and individuals, and without having to have their own business bank account to do it.
Joe: Yeah, I'm Joe Kutner. I'm an architect at Salesforce Heroku, and I'm working on our open source program, so contributing to open source, using open source, and participating in the communities.
Chris: Cool. Great. Well, let's kick it off with just giving people a description of what is Open Collective, Pia, and what do you do?
Pia: Yeah, Open Collective, we started by approaching the problem of the sustainability of our communities. We realized that many of our communities, they don't necessarily want to become a corporation in order to raise funds so I started thinking how I can help all of these groups that are distributed around the world, that they are groups that have a shared mission, a shared purpose, how can we help them be sustainable? How can we help them get the funding they need without turning into something that they're not? We created Open Collective, that is a platform that enables groups to collect money and disperse it transparently. One of our first use cases on Open Collective, one we started three years, ago was Yeoman.
Pia: We helped them. That was, I think, our first or second collective. We helped Yeoman onboard and they started receiving funding, and just like that, we started growing a lot in the open source space, and looking back, it made a lot of sense because open source, like the open source sustainability, it's super important. We'll get into detail about why later on. But if you want the space that was more ready to receive funding and they didn't have a proper way to do it, a very lightweight and easy way of doing it. We started working more and more in the open source space, and right now we're mostly focused on supporting our open source communities on Open Collective.
Chris: Cool. Can you share a couple of other examples of groups or open source projects that people might recognize that work with Open Collective?
Chris: I want to hear many more details about how Open Collective specifically works with organizations. But let's step back a little bit and talk about open source funding in general. Pia, can you talk to us a little bit about, why do we need to or want to sustain open source with funding specifically? Why is this an important thing that needs to happen, and yeah?
Pia: Yeah. It goes down to the nature of what open source is. I think the open source, it's a non-excludable public good, which means that it's a public good that is not scarce, really to have any marginal costs for another person to use your code, right? The code is there, so once it's out there, just anyone can use it and there is not marginal cost for someone else using it, and you cannot exclude someone from using it. The nature of what open sources makes it really tough to sustain, because how can you create scarcity? How can you make someone pay for something that they can have access to?
Pia: But the problem with that is that open source in itself is not relief free. Someone else is paying for it, someone else is paying for it with their time, right? The maintainers are actually using their time, not only to create this technology but also to maintain it. Whereas creating a hot open source project or ... it's fine. Maintainers or developers get a lot from it as well. But then when it comes into maintenance mode, that gets really tricky because it's the time of the person behind the project that we are talking about, and their responsibility. These projects are maintained sometimes by one or two people and they bear all the responsibility for something that they created maybe 10 years ago.
Pia: We took us our mission to help not sustain open source, because we think that the situation that we're at, something's got to give. What's giving is either you have packages that are dropped but are still being used by thousands of other projects and no one is maintaining it, or the person instead of maintaining it suddenly sees himself or herself super burdened by all of these issues. They're not getting any money from it, they're doing it in their free time at the cost of maybe time with their families or time doing something else. It's almost quite a toxic situation that we are in, in something that is so beautiful and that has given so much to the world of open source, Chris.
Josh: If I can add a little bit more here, I think, a refrain I've heard often is that open sources is not free as in beer, but free as in puppy. Puppies require maintenance, and so a lot of developers are people who create open source projects. They'll create something to scratch their own itch in the course of solving some sort of problem, and then in a spirit of generosity, in the spirit of open source, they'll license it under an open source license, and share it with everybody. But that doesn't mean that they're necessarily going into it thinking about the longterm maintenance requirements and the commitment that open sourcing a project comes with.
Josh: We find a lot of people have created these projects and have a created responsibility over time to maintain all these projects. To Pia's point, that's wonderful, and that's the design of open source. But also that leaves us with a lot of people who are doing work on these projects and they're not being necessarily compensated or supported for the work. That has really concrete consequences.
Chris: Great. Yeah. It's like a foundational package that's installed on every Linux operating system-
Pia: Exactly, yeah.
Chris: ... almost every ... Yeah.
Joe: When the maintainers extract value from the project, it isn't just for them. I think it's more of an investment in that maintainer, and the project and the community that uses that project gains from it as well. An example of this is a the JHipster project, which uses Open Collective. As it grew in popularity, it was an inundated with issues and it just wasn't possible to continue working through those. We started a bug bounty program, so we're actually paying people to fix bugs. They're getting value from that and money, and the community and the project is actually becoming more stable and reliable.
Joe: Then very recently, just last week, there was a contributor who uncovered a pretty serious vulnerability in the project, and so we paid out a $500 bug bounty. All of our users are safer. It's value for the maintainers but it translates to value for everyone using the project as well.
Chris: Yeah, yeah. That makes sense. What are some other ways the community or open source users and creators have come up with to support open source in a sustainable way? I know some things that come to mind are like GitHub's recent, like addition of the button on the top that says, "Sponsor this project," I think. There's Patreon, right? Things like that. Are those good examples or what?
Chris: Are those accurate examples, or what are some other examples of funding open source that are out there?
Pia: Absolutely. When we started Open Collective, it's coming up to four years soon. Gosh. We really had to push forward this idea of, "Hey, we need to get money into open source ASAP." I think that what we've seen is like a bit of a cultural shift happening in, "Yep, this is not going to last. How can we support it?" We are seeing new projects coming up that have that intention, and I think that that's amazing. GitHub Sponsors, for example, it's a really good example. GitHub, today, is like the platform where a lot of open source takes place. So it's a natural place for them to think about developer economics and how they can support individual developers. Some developers are also using Patreon, and some projects are receiving support, not money, but support in other ways from foundations. Right?
Pia: For example, something that a lot of open source projects needs that Open Collective doesn't provide is custody of assets, for example. Right? We do not own trademark, we do not provide legal advice, but there are amazing foundations out there that are doing that. The way I think about it is, it's a little bit like alternative energies. At the beginning, there was this idea of which is the alternative energy that is going to replace fossil fuels, and then we realized that thinking about that is silly. It's probably a combination of different strategies that make sense for different spaces, and this is the same, right? You have projects that have different levels of maturity, or that are in different levels of the stack that need different strategies to support themselves.
Pia: Yeah. That makes sense. I like that analogy. That's pretty cool. Josh, did you have something to add to that, sorry?
Josh: Yeah, I think Pia's take here is spot on. Historically, the way that open source and free software projects have been supported has been through being a member project of a foundation, and foundations are organized as nonprofits, often as charitable nonprofits. What they do is they will often provide, like Pia mentioned, a custody of assets. They'll hold the trademarks or the assets in a trust. They'll also provide legal counsel for the project. They will provide access to banking services so that projects can receive and disburse funds. But they also tend to come with some level of policy requirements.
Josh: Depending on the foundation, it may be Apache Software Foundation or Software Freedom Conservancy. You name it. They each have a different requirement for their member projects, and so not every project has the bandwidth to really become a member of a foundation. This has been the model for 20 plus years depending on how far back you want to go. For some projects, it works but for many they don't have the bandwidth to set up project governance or-
Chris: Or even learn it or figure it out.
Josh: Go through your--
Chris: Figure out what governance they even need.
Josh: Yeah, exactly. It may be that that project will grow to that point and mature to the point where it does have the bandwidth to figure those things out. But in the meantime, as these projects are growing, they still need a way to receive and disperse funds in a transparent fashion. So that's why I think it's really, really promising to see Open Collective in this space as a lightweight model for open source projects to support themselves.
Chris: What are some of the, I guess products, maybe is what you'd call them, or methods that Open Collective offers to provide funding? The specific things that you ... programs, I guess, that you create to ... that a project can use to provide funding to itself?
Pia: The first thing, and I think it's still today the most important thing we offer is an invoice, right? Just think about Salesforce or Heroku, and think about trying to get funding out of your companies to a PayPal account of a maintainer in Ukraine. How is that going to go down? It's almost impossible, right?
Pia: The Open Collective works with a nonprofit organization that we created specifically to provide fiscal sponsorship services to open source projects around the world. We are able to onboard as vendors of any company, provide invoices, purchasing orders and all of that. That is super helpful. That was one of the first things we did to make it easy for our sponsors to be able to get funding out to open source projects, as troops, right? Not as maintainers, because as maintainers, it's almost impossible to do.
Pia: Right? That was the first thing. Then each open source projects started doing their own fundraising, they connect themselves with ... I don't know, CTOs, so they talk to engineers in different companies and then they find different ways. Then we also notice that it's a big ask for some maintainers to be able to do that because it's not their skill set, right? And it shouldn't be. Or maybe yes, but it's fine if it's not right. We still need to help. We created two new tools to help companies support open source projects. So the first one is BackYourStack. BackYourStack, it's a separate project but from the Open Collective ecosystem.
Pia: But essentially, BackYourStack scans your organization and GitHub, and tells you which projects are on Open Collective, which projects are seeking funding throughout Open Collective. So you can run backyourstack.com/salesforce, and see which projects that you are currently using in your public repos that are on Open Collective, or you can drag and drop your dependency file and just read a private file.
Pia: That was a way of solving, how can we help companies know, from their huge stacks, which projects to support? Then the next version of that that we are launching very soon, it's a subscription model to all your dependencies. We are enabling companies to say, "Okay, I want to give $1000, $100, $5000, $10,000 a month to BackYourStack, and then we take care of distributing that among all the dependencies that are currently on Open Collective. They don't need to think about which dependencies.
Pia: The ideas also here is not just making it easier for companies, it's also making it easier for lower level dependencies or less fashionable dependencies to also get funding, right? Because a lot of funding is now concentrating maybe in the framework level or the top level. But how do we trickle that down? Right? So we can help push that down to lower level dependencies or less hot dependencies.
Chris: Yeah, it's like easy access or a quality in funding, I guess?
Pia: Yeah, absolutely. Then maybe the third feature that we released for this is ... Again, we're thinking about how hard it is sometimes for companies to make the decision about who they should support. So one thing we created is this service called Gift Cards, where companies just purchase gift cards for their engineers to ... At the end of the day, it is the engineers that are working that know which open source projects is just saving them so much time, right? We want to help companies to put that decision making in the hand of the engineers, and so help them avoid the centralized vertical decision making process about, "Okay, we should support this project," but really distribute the decision making process of which projects to support. So Gift Cards is our attempt to do that.
Pia: Then the last thing that we are doing is a much more traditional thing, that is we are hiring. We did a large open source survey, and the number one ask from open source projects is, "We need help with marketing. We do not know how to talk to CTOs or decision makers in companies, we didn't even know who they are. We don't know how to present ourselves, how to market ourselves." The Open Source Collective, so the nonprofit we're creating, is hiring a person to do that, to do outreach and help get funding to all open source projects through BackYourStack, but also help build the tools that the projects need to fundraise themselves. Right? And help them develop those skills.
Chris: That reminds me of what Joe said about the bug bounty. The idea of an open source project like JHipster, or any open source project paying out a bug bounty seems like very foreign to me. How does that work? I associate open source with them not having any money and being on the shoestring, if any budget at all. It's cool that these projects can have these more mature structures within them, whether it's a bug bounty that they pay out or a marketing team or person or someone helping with governance.
Joe: It really empowers the developers. I think the Gift Cards are an example of this too, where it lets the developers or the engineers be the king maker and decide which projects are going to be successful. I mean, if you put in the work and people use it, it'll be a success. But for Heroku, something like the Gift Cards also lets us not just empower our developers, but our customers as well, by saying, "We're going to give these gift cards out to our users, to our audience, and let them decide which projects are important." The benefit to Heroku is that when those projects are healthy and working well, that makes our platform a better experience.
Chris: One other thing that came up when we were talking before this podcast, Pia, was the wellbeing of maintainers, the health of maintainers, and it's related, right? You talked about the non code support or we talked about marketing, supporting marketing, or supporting governance, or supporting other things like that. But then there's this soft topic of the, I guess, emotional or mental wellbeing of maintainers, which maybe you could call maintainers people doing a very, very thankless job. Can you talk a little bit about what Open Collective has been doing to not just support financially, but also the wellbeing of maintainers?
Pia: Yeah, absolutely. This is something that came out of ... So we started organizing these one day conversation called Sustain Open Source. It's a one-day conversation that we of invite different stakeholders from practitioners, open source maintainers, companies, corporate foundations, documentation, right? We bring together a 100 people from very different spaces, and we have a conversation about sustainability, and it's just a one-day conversation, which is ... It's amazing. The energy there is incredible. But we can only do it once a year because it collapses after that.
Pia: This is something that kept coming up at Sustain, right? So we took upon ourselves to define sustainability in the way we understand it. Sustainability, we're talking both and equally about the sustainability of the open source resources and as the sustainability of its people, right? Because if you don't have people behind open source, it doesn't really matter, right?
Chris: Right. Yeah.
Pia: The code is going to be there, but what really matters is the people that build that and the community around it. Maintainer health and burnout, it's a topic that keeps coming up. It's related to the community imbalances that I was mentioning before. Just imagine you're maintaining open source project, which thousands of products around the world depend on, right? And you have like a list of... I don't know, 500 open issues and you need to triage them, because maintaining is also the boring task of having to deal with all of that, right?
Chris: Right. Yeah.
Pia: Not just creating something. It's having to close issues, see what's important, discuss. You should take a ride through some of them. You should track yourself through these projects. Seriously the cheek ... I don't know, some folks is amazing, and that is like, "Why aren't you answering me?" Right? "I have my whole development. Stop now because you can't fix this. You have to make it right." This is for something that they're getting literally without paying anything. This takes a toll. This takes a toll on maintainers.
Pia: We've been avoiding talking about this for awhile, because I think it falls in the larger reticence that we have, generally as a society, of talking about these issues, and especially in-
Chris: Mental health issues in general.
Pia: Exactly, and especially in the open source space that it's still super male-driven, right? We started this program called the Maintainer Support Group. Essentially, we're just bringing maintainers together to talk about anything that's not called really, anything that is just about how you deal with all of these, how you deal with your angry users, how you deal with having to say no. How do you onboard more people for those tasks that are triaging or replying or closing issues, right? Because everyone wants to contribute when he's making up a commit, but no one wants to be there when it has to do with replying to users, closing issues, triaging, et cetera, or writing documentation.
Pia: So how can we help each other open our ourselves up to these different types of contributions? Yeah, we just started it but I'm super proud of this program because I think that is what's underlying everything that is happening now in open source, and it's hard to fix, I guess. It's just about creating spaces for it, and acknowledging that this is an issue, and just being there, being there for maintainers to talk to someone about this thing.
Josh: Right. Absolutely. If I may build on that.
Josh: Pia, you've noted that there's the matter of wellbeing of the maintainer themselves and the personal sustainability angle of things. Then there's a sustainability of the projects that they're maintaining. The funding certainly can help with the maintainers' well being, and the Maintainers Support Group is an incredible resource. In that vein, I also want to give a shout out to Open Sourcing Mental Illness, OSMI, which is a wonderful group that's been bringing attention to burnout and mental health issues and raising awareness and providing resources there.
Josh: Then zooming out to the matter of, "Okay, well, what does it mean for a project to be healthy and sustainable?" I think that that gets us to these next order problems that we still need to solve. Say we get to a point where maintainer themselves has their needs met, right? They're healthy and they're getting support. Well, that maintainer may want to move on to bigger and better things sometime in their life, or maybe they want to change careers or ... Someone doesn't necessarily want to maintain a package for the rest of their waking life.
Josh: To that end, for a project to really be sustainable beyond any one individual, I think that's when we really need to start thinking about, "Well, how is this project governed? What is the on-ramp from becoming a user to contributor, to core committer, to the new maintainer of a project. That cuts to the question of succession planning. I think these are issues that, at Sustain, the events that Pia and others that run with Open Collective, that's another thread that keeps coming up. I don't know that we have solutions there yet, but as we make progress on the question of funding, I think that's really the next problem that we need to start solving, is helping maintainers figure out what's their plan to hand off the project in the long run to somebody else.
Pia: Absolutely. That is also related ... I think at Sustain we called it free the maintainer, free them from the gift they gave to the world at one point in their life, and maybe they ... that's it. But it's related to this idea of sustainability, social sustainability of the community. How resilient a community is? What's the ability of a community to attract different skillsets, and to attract contributors at different stages, and that can provide that resilience that when a maintainer leaves then the community doesn't die?
Pia: That absolutely must be must be a focus. We need to understand that sustainability is not just funding, it's sustainability of the resources, of its people, and also of the community. Because a healthy community is what's going to enable a project to be sustainable in time.
Chris: As an open source user or maintainer or probably both, how might I get involved or learn more about Open Collective?
Pia: Yeah, so opencollective.com is our website. From there, you can create your collective. We're also obviously open source, so we really appreciate your contributions. So github.com/opencollective is the place to go. We have quite a robust bounty program for paid contributions and back hunting that you're super welcome to join. We are in interest period of becoming a collective ourselves, an open collective ourselves.
Pia: We are starting to have paid contributions for non code contributions, so guest blog posts, for example, documentation, and we are part of the Google Summer of Doc program, and so we're going to extend that during the year to have paid documentation contributions. That's all happening in slack.opencollective.com, is probably the place to go for that.
Chris: Cool. Well, thanks very much for joining us, Pia. Same to you Josh and Joe. There's so much interesting and innovative stuff happening here, and it sounds like spinning around in your mind, Pia. Yeah, thanks for taking some time to join us. Thanks listeners for joining us for another episode of Code[ish].
Chris: Thanks for joining us for this episode of the Code[ish] podcast. Code[ish] is produced by Heroku, easiest way to deploy, manage, and scale your applications in the cloud. If you'd like to learn more about Code[ish], or any of Heroku's podcasts, please visit heroku.com/podcasts.
A podcast brought to you by the developer advocate team at Heroku, exploring code, technology, tools, tips, and the life of the developer.
← Previous episode
35. Bringing Open Source to Work
Next episode →
37. Bonus: Organizing a Memorable Tech Conference
December 1st, 99. The Technical Side of Deep Fakes
Director, Developer Advocacy, Heroku
Chris thrives on simplicity and helping others. He writes code, prototypes hardware, and smiles at strangers, helping developers build more and better
Co-founder & CEO, Open Collective
Democracy activist, open source sustainer, Chair of DemocracyEarth Foundation. YC Alum, YGL (World Economic Forum), globe-trotter and Roma's mum.
Java Language Owner, Heroku
Joe is the Java Language Owner at Heroku. He is the author of the Healthy Programmer, and a co-founder of buildpacks.io.
Senior Open Source Strategist, Salesforce
Josh is a short stack developer, dusty foot philosopher, and dedicated advocate of open culture, inclusive community building, and ethical tech.
More episodes from Code[ish]
Alex Serdiuk and Julián Duque
The rise of manipulated pictures and videos have given a name to this notorious practice: deep fakes. But Alex Serdiuk, the CEO of Respeecher, suggests its how we use these tools that makes them bad, not the technology in and of itself.... →
Tim Panagos, Trey Ford, and Jacob Silzer
The COVID-19 pandemic has forced many industries to rethink how they operate. Amidst those changes, businesses are looking for new ways to keep on top of rapidly changing health guidelines. Microshare is a provider of data-driven solutions... →
James Maidment, Ammar Akhtar, and Greg Nokes
Not every tech company gets to move fast and break things. For companies operating in heavily regulated spaces, like banking, efforts to modernize legacy systems must be made carefully. Yobota explains how they're able to deliver custom APIs... →