36. Supporting Open Source through Open Collective

Josh: My name is Josh, and I am the VP of the Open Source Initiative. I work at Salesforce with Chris Kelly forming the Open Source Programs Office at Salesforce to help everybody use more open source, release more open source, and maintain healthy relationships with open source communities.

Joe: Yeah, I'm Joe Kutner. I'm an architect at Salesforce Heroku, and I'm working on our open source program, so contributing to open source, using open source, and participating in the communities.

Chris: Cool. Great. Well, let's kick it off with just giving people a description of what is Open Collective, Pia, and what do you do?

Pia: Yeah, Open Collective, we started by approaching the problem of the sustainability of our communities. We realized that many of our communities, they don't necessarily want to become a corporation in order to raise funds so I started thinking how I can help all of these groups that are distributed around the world, that they are groups that have a shared mission, a shared purpose, how can we help them be sustainable? How can we help them get the funding they need without turning into something that they're not? We created Open Collective, that is a platform that enables groups to collect money and disperse it transparently. One of our first use cases on Open Collective, one we started three years, ago was Yeoman.

Pia: We helped them. That was, I think, our first or second collective. We helped Yeoman onboard and they started receiving funding, and just like that, we started growing a lot in the open source space, and looking back, it made a lot of sense because open source, like the open source sustainability, it's super important. We'll get into detail about why later on. But if you want the space that was more ready to receive funding and they didn't have a proper way to do it, a very lightweight and easy way of doing it. We started working more and more in the open source space, and right now we're mostly focused on supporting our open source communities on Open Collective.

Chris: Cool. Can you share a couple of other examples of groups or open source projects that people might recognize that work with Open Collective?

Pia: Yeah, for sure. For example, one of our most successful projects on the platform currently is Webpack. Babel is also super popular on Open Collective. Vue.js. We have a lot of JavaScript groups on the platform. But then we started seeing the other languages, other communities grow, and now we are all the way down to more customer. If you under user facing projects like OBS, they open broadcasting software, that is super successful in Open Collective. From there, we grew into user groups, meetup groups, .NET groups, Drupal... It's been amazing. It's been a joy ride.

Chris: I want to hear many more details about how Open Collective specifically works with organizations. But let's step back a little bit and talk about open source funding in general. Pia, can you talk to us a little bit about, why do we need to or want to sustain open source with funding specifically? Why is this an important thing that needs to happen, and yeah?

Pia: Yeah. It goes down to the nature of what open source is. I think the open source, it's a non-excludable public good, which means that it's a public good that is not scarce, really to have any marginal costs for another person to use your code, right? The code is there, so once it's out there, just anyone can use it and there is not marginal cost for someone else using it, and you cannot exclude someone from using it. The nature of what open sources makes it really tough to sustain, because how can you create scarcity? How can you make someone pay for something that they can have access to?

Pia: But the problem with that is that open source in itself is not relief free. Someone else is paying for it, someone else is paying for it with their time, right? The maintainers are actually using their time, not only to create this technology but also to maintain it. Whereas creating a hot open source project or ... it's fine. Maintainers or developers get a lot from it as well. But then when it comes into maintenance mode, that gets really tricky because it's the time of the person behind the project that we are talking about, and their responsibility. These projects are maintained sometimes by one or two people and they bear all the responsibility for something that they created maybe 10 years ago.

Pia: We took us our mission to help not sustain open source, because we think that the situation that we're at, something's got to give. What's giving is either you have packages that are dropped but are still being used by thousands of other projects and no one is maintaining it, or the person instead of maintaining it suddenly sees himself or herself super burdened by all of these issues. They're not getting any money from it, they're doing it in their free time at the cost of maybe time with their families or time doing something else. It's almost quite a toxic situation that we are in, in something that is so beautiful and that has given so much to the world of open source, Chris.

Josh: If I can add a little bit more here, I think, a refrain I've heard often is that open sources is not free as in beer, but free as in puppy. Puppies require maintenance, and so a lot of developers are people who create open source projects. They'll create something to scratch their own itch in the course of solving some sort of problem, and then in a spirit of generosity, in the spirit of open source, they'll license it under an open source license, and share it with everybody. But that doesn't mean that they're necessarily going into it thinking about the longterm maintenance requirements and the commitment that open sourcing a project comes with.

Josh: We find a lot of people have created these projects and have a created responsibility over time to maintain all these projects. To Pia's point, that's wonderful, and that's the design of open source. But also that leaves us with a lot of people who are doing work on these projects and they're not being necessarily compensated or supported for the work. That has really concrete consequences.

Chris: Great. Yeah. It's like a foundational package that's installed on every Linux operating system-

Pia: Exactly, yeah.

Chris: ... almost every ... Yeah.

Joe: When the maintainers extract value from the project, it isn't just for them. I think it's more of an investment in that maintainer, and the project and the community that uses that project gains from it as well. An example of this is a the JHipster project, which uses Open Collective. As it grew in popularity, it was an inundated with issues and it just wasn't possible to continue working through those. We started a bug bounty program, so we're actually paying people to fix bugs. They're getting value from that and money, and the community and the project is actually becoming more stable and reliable.

Joe: Then very recently, just last week, there was a contributor who uncovered a pretty serious vulnerability in the project, and so we paid out a $500 bug bounty. All of our users are safer. It's value for the maintainers but it translates to value for everyone using the project as well.

Chris: Yeah, yeah. That makes sense. What are some other ways the community or open source users and creators have come up with to support open source in a sustainable way? I know some things that come to mind are like GitHub's recent, like addition of the button on the top that says, "Sponsor this project," I think. There's Patreon, right? Things like that. Are those good examples or what?

Pia: Yeah.

Chris: Are those accurate examples, or what are some other examples of funding open source that are out there?

Pia: Absolutely. When we started Open Collective, it's coming up to four years soon. Gosh. We really had to push forward this idea of, "Hey, we need to get money into open source ASAP." I think that what we've seen is like a bit of a cultural shift happening in, "Yep, this is not going to last. How can we support it?" We are seeing new projects coming up that have that intention, and I think that that's amazing. GitHub Sponsors, for example, it's a really good example. GitHub, today, is like the platform where a lot of open source takes place. So it's a natural place for them to think about developer economics and how they can support individual developers. Some developers are also using Patreon, and some projects are receiving support, not money, but support in other ways from foundations. Right?

Chris: Yeah.

Pia: For example, something that a lot of open source projects needs that Open Collective doesn't provide is custody of assets, for example. Right? We do not own trademark, we do not provide legal advice, but there are amazing foundations out there that are doing that. The way I think about it is, it's a little bit like alternative energies. At the beginning, there was this idea of which is the alternative energy that is going to replace fossil fuels, and then we realized that thinking about that is silly. It's probably a combination of different strategies that make sense for different spaces, and this is the same, right? You have projects that have different levels of maturity, or that are in different levels of the stack that need different strategies to support themselves.

Josh: Absolutely.

Pia: Yeah. That makes sense. I like that analogy. That's pretty cool. Josh, did you have something to add to that, sorry?

Josh: Yeah, I think Pia's take here is spot on. Historically, the way that open source and free software projects have been supported has been through being a member project of a foundation, and foundations are organized as nonprofits, often as charitable nonprofits. What they do is they will often provide, like Pia mentioned, a custody of assets. They'll hold the trademarks or the assets in a trust. They'll also provide legal counsel for the project. They will provide access to banking services so that projects can receive and disburse funds. But they also tend to come with some level of policy requirements.

Josh: Depending on the foundation, it may be Apache Software Foundation or Software Freedom Conservancy. You name it. They each have a different requirement for their member projects, and so not every project has the bandwidth to really become a member of a foundation. This has been the model for 20 plus years depending on how far back you want to go. For some projects, it works but for many they don't have the bandwidth to set up project governance or-

Chris: Or even learn it or figure it out.

Josh: Go through your--

Chris: Figure out what governance they even need.

Josh: Yeah, exactly. It may be that that project will grow to that point and mature to the point where it does have the bandwidth to figure those things out. But in the meantime, as these projects are growing, they still need a way to receive and disperse funds in a transparent fashion. So that's why I think it's really, really promising to see Open Collective in this space as a lightweight model for open source projects to support themselves.

Chris: What are some of the, I guess products, maybe is what you'd call them, or methods that Open Collective offers to provide funding? The specific things that you ... programs, I guess, that you create to ... that a project can use to provide funding to itself?

Pia: The first thing, and I think it's still today the most important thing we offer is an invoice, right? Just think about Salesforce or Heroku, and think about trying to get funding out of your companies to a PayPal account of a maintainer in Ukraine. How is that going to go down? It's almost impossible, right?

Chris: Right.

Pia: The Open Collective works with a nonprofit organization that we created specifically to provide fiscal sponsorship services to open source projects around the world. We are able to onboard as vendors of any company, provide invoices, purchasing orders and all of that. That is super helpful. That was one of the first things we did to make it easy for our sponsors to be able to get funding out to open source projects, as troops, right? Not as maintainers, because as maintainers, it's almost impossible to do.

Chris: Yeah.

Pia: Right? That was the first thing. Then each open source projects started doing their own fundraising, they connect themselves with ... I don't know, CTOs, so they talk to engineers in different companies and then they find different ways. Then we also notice that it's a big ask for some maintainers to be able to do that because it's not their skill set, right? And it shouldn't be. Or maybe yes, but it's fine if it's not right. We still need to help. We created two new tools to help companies support open source projects. So the first one is BackYourStack. BackYourStack, it's a separate project but from the Open Collective ecosystem.

Pia: But essentially, BackYourStack scans your organization and GitHub, and tells you which projects are on Open Collective, which projects are seeking funding throughout Open Collective. So you can run backyourstack.com/salesforce, and see which projects that you are currently using in your public repos that are on Open Collective, or you can drag and drop your dependency file and just read a private file.

Chris: Cool.

Pia: That was a way of solving, how can we help companies know, from their huge stacks, which projects to support? Then the next version of that that we are launching very soon, it's a subscription model to all your dependencies. We are enabling companies to say, "Okay, I want to give $1000, $100, $5000, $10,000 a month to BackYourStack, and then we take care of distributing that among all the dependencies that are currently on Open Collective. They don't need to think about which dependencies.

Chris: Cool.

Pia: The ideas also here is not just making it easier for companies, it's also making it easier for lower level dependencies or less fashionable dependencies to also get funding, right? Because a lot of funding is now concentrating maybe in the framework level or the top level. But how do we trickle that down? Right? So we can help push that down to lower level dependencies or less hot dependencies.

Chris: Yeah, it's like easy access or a quality in funding, I guess?

Pia: Yeah, absolutely. Then maybe the third feature that we released for this is ... Again, we're thinking about how hard it is sometimes for companies to make the decision about who they should support. So one thing we created is this service called Gift Cards, where companies just purchase gift cards for their engineers to ... At the end of the day, it is the engineers that are working that know which open source projects is just saving them so much time, right? We want to help companies to put that decision making in the hand of the engineers, and so help them avoid the centralized vertical decision making process about, "Okay, we should support this project," but really distribute the decision making process of which projects to support. So Gift Cards is our attempt to do that.

Pia: Then the last thing that we are doing is a much more traditional thing, that is we are hiring. We did a large open source survey, and the number one ask from open source projects is, "We need help with marketing. We do not know how to talk to CTOs or decision makers in companies, we didn't even know who they are. We don't know how to present ourselves, how to market ourselves." The Open Source Collective, so the nonprofit we're creating, is hiring a person to do that, to do outreach and help get funding to all open source projects through BackYourStack, but also help build the tools that the projects need to fundraise themselves. Right? And help them develop those skills.

Chris: That reminds me of what Joe said about the bug bounty. The idea of an open source project like JHipster, or any open source project paying out a bug bounty seems like very foreign to me. How does that work? I associate open source with them not having any money and being on the shoestring, if any budget at all. It's cool that these projects can have these more mature structures within them, whether it's a bug bounty that they pay out or a marketing team or person or someone helping with governance.

Joe: It really empowers the developers. I think the Gift Cards are an example of this too, where it lets the developers or the engineers be the king maker and decide which projects are going to be successful. I mean, if you put in the work and people use it, it'll be a success. But for Heroku, something like the Gift Cards also lets us not just empower our developers, but our customers as well, by saying, "We're going to give these gift cards out to our users, to our audience, and let them decide which projects are important." The benefit to Heroku is that when those projects are healthy and working well, that makes our platform a better experience.

Chris: One other thing that came up when we were talking before this podcast, Pia, was the wellbeing of maintainers, the health of maintainers, and it's related, right? You talked about the non code support or we talked about marketing, supporting marketing, or supporting governance, or supporting other things like that. But then there's this soft topic of the, I guess, emotional or mental wellbeing of maintainers, which maybe you could call maintainers people doing a very, very thankless job. Can you talk a little bit about what Open Collective has been doing to not just support financially, but also the wellbeing of maintainers?

Pia: Yeah, absolutely. This is something that came out of ... So we started organizing these one day conversation called Sustain Open Source. It's a one-day conversation that we of invite different stakeholders from practitioners, open source maintainers, companies, corporate foundations, documentation, right? We bring together a 100 people from very different spaces, and we have a conversation about sustainability, and it's just a one-day conversation, which is ... It's amazing. The energy there is incredible. But we can only do it once a year because it collapses after that.

Pia: This is something that kept coming up at Sustain, right? So we took upon ourselves to define sustainability in the way we understand it. Sustainability, we're talking both and equally about the sustainability of the open source resources and as the sustainability of its people, right? Because if you don't have people behind open source, it doesn't really matter, right?

Chris: Right. Yeah.

Pia: The code is going to be there, but what really matters is the people that build that and the community around it. Maintainer health and burnout, it's a topic that keeps coming up. It's related to the community imbalances that I was mentioning before. Just imagine you're maintaining open source project, which thousands of products around the world depend on, right? And you have like a list of... I don't know, 500 open issues and you need to triage them, because maintaining is also the boring task of having to deal with all of that, right?

Chris: Right. Yeah.

Pia: Not just creating something. It's having to close issues, see what's important, discuss. You should take a ride through some of them. You should track yourself through these projects. Seriously the cheek ... I don't know, some folks is amazing, and that is like, "Why aren't you answering me?" Right? "I have my whole development. Stop now because you can't fix this. You have to make it right." This is for something that they're getting literally without paying anything. This takes a toll. This takes a toll on maintainers.

Pia: We've been avoiding talking about this for awhile, because I think it falls in the larger reticence that we have, generally as a society, of talking about these issues, and especially in-

Chris: Mental health issues in general.

Pia: Exactly, and especially in the open source space that it's still super male-driven, right? We started this program called the Maintainer Support Group. Essentially, we're just bringing maintainers together to talk about anything that's not called really, anything that is just about how you deal with all of these, how you deal with your angry users, how you deal with having to say no. How do you onboard more people for those tasks that are triaging or replying or closing issues, right? Because everyone wants to contribute when he's making up a commit, but no one wants to be there when it has to do with replying to users, closing issues, triaging, et cetera, or writing documentation.

Pia: So how can we help each other open our ourselves up to these different types of contributions? Yeah, we just started it but I'm super proud of this program because I think that is what's underlying everything that is happening now in open source, and it's hard to fix, I guess. It's just about creating spaces for it, and acknowledging that this is an issue, and just being there, being there for maintainers to talk to someone about this thing.

Josh: Right. Absolutely. If I may build on that.

Pia: Yeah.

Chris: Yeah.

Josh: Pia, you've noted that there's the matter of wellbeing of the maintainer themselves and the personal sustainability angle of things. Then there's a sustainability of the projects that they're maintaining. The funding certainly can help with the maintainers' well being, and the Maintainers Support Group is an incredible resource. In that vein, I also want to give a shout out to Open Sourcing Mental Illness, OSMI, which is a wonderful group that's been bringing attention to burnout and mental health issues and raising awareness and providing resources there.

Josh: Then zooming out to the matter of, "Okay, well, what does it mean for a project to be healthy and sustainable?" I think that that gets us to these next order problems that we still need to solve. Say we get to a point where maintainer themselves has their needs met, right? They're healthy and they're getting support. Well, that maintainer may want to move on to bigger and better things sometime in their life, or maybe they want to change careers or ... Someone doesn't necessarily want to maintain a package for the rest of their waking life.

Josh: To that end, for a project to really be sustainable beyond any one individual, I think that's when we really need to start thinking about, "Well, how is this project governed? What is the on-ramp from becoming a user to contributor, to core committer, to the new maintainer of a project. That cuts to the question of succession planning. I think these are issues that, at Sustain, the events that Pia and others that run with Open Collective, that's another thread that keeps coming up. I don't know that we have solutions there yet, but as we make progress on the question of funding, I think that's really the next problem that we need to start solving, is helping maintainers figure out what's their plan to hand off the project in the long run to somebody else.

Pia: Absolutely. That is also related ... I think at Sustain we called it free the maintainer, free them from the gift they gave to the world at one point in their life, and maybe they ... that's it. But it's related to this idea of sustainability, social sustainability of the community. How resilient a community is? What's the ability of a community to attract different skillsets, and to attract contributors at different stages, and that can provide that resilience that when a maintainer leaves then the community doesn't die?

Pia: That absolutely must be must be a focus. We need to understand that sustainability is not just funding, it's sustainability of the resources, of its people, and also of the community. Because a healthy community is what's going to enable a project to be sustainable in time.

Chris: As an open source user or maintainer or probably both, how might I get involved or learn more about Open Collective?

Pia: Yeah, so opencollective.com is our website. From there, you can create your collective. We're also obviously open source, so we really appreciate your contributions. So github.com/opencollective is the place to go. We have quite a robust bounty program for paid contributions and back hunting that you're super welcome to join. We are in interest period of becoming a collective ourselves, an open collective ourselves.

Pia: We are starting to have paid contributions for non code contributions, so guest blog posts, for example, documentation, and we are part of the Google Summer of Doc program, and so we're going to extend that during the year to have paid documentation contributions. That's all happening in slack.opencollective.com, is probably the place to go for that.

Chris: Cool. Well, thanks very much for joining us, Pia. Same to you Josh and Joe. There's so much interesting and innovative stuff happening here, and it sounds like spinning around in your mind, Pia. Yeah, thanks for taking some time to join us. Thanks listeners for joining us for another episode of Code[ish].

Chris: Thanks for joining us for this episode of the Code[ish] podcast. Code[ish] is produced by Heroku, easiest way to deploy, manage, and scale your applications in the cloud. If you'd like to learn more about Code[ish], or any of Heroku's podcasts, please visit heroku.com/podcasts.