I went to All Things Open and asked booth staff (of corporate booths) “do you contribute to open source at your day job?”
All were a little surprised by the question. Most interpreted it as “do you release and maintain your own open source software under the banner of your company.” When I clarified that I would count spending time to make a quality issue reproduction or fixing a bug and sending a PR, I got one person who said they had. They sent a patch to fix a bug, when I dug in why: they told me there were zero workarounds and the bug blocked a critical feature, if they didn’t upstream a fix successfully they would have to fork and take on maintenance (of that fork).
I share this, because I feel that the many developers don’t quite realize that they are able to do these actions (bystander effect). And many don’t know how to speak up and advocate for that work in a professional setting.
It’s true that corporate ties to open source are pervasive. I also feel that there’s a huge untapped potential of people who are willing to contribute but aren’t ready or aren’t able.
In a lot of cases, ordinary employees who want to make a drive-by contribution to open source face two hurdles:
1/ Their employment contract specifies that all IP they generate during their employment is owned by their employer. Contributing to open source, as well as being a technical action, is a legal action (that of licensing your contribution under the project license) which they don't have the authority to do as individuals, and therefore must obtain authorisation from their employer.
2/ given the former, some legally conservative projects require a signed contribution agreement from contributors employers. This usually requires the employers legal dept to approve it, since the legal dept reviews all such contracts.
It would be nice if there was some blanket scheme that employers could sign up to to authorise all de-minimis contributions to open source projects, or contributions that are actually useful for the work people are employed to do. But I'm not aware of any such scheme.
Contributing code to OSS should not fall under "IP" unless the code was written on company time. IP refers to concrete things like patents and in almost every case cannot apply to stuff created outside of and unrelated to work.
This is true under California law (or was last I heard - I'm neither a lawyer nor in California). Unfortunately California is something of an exception. Many other jurisdictions allow employers to claim all IP, or broadly IP related to company work.
I consider any companies that would blanket prohibit open source contribution out of scope of my statement. With those that won’t even allow employees to open a bug report or post on a forum to be an extreme outlier. Especially in the context of a company that bought a booth at an open source conference.
Legal hurdles exist, but IMHO are the subject of endless hand wringing and awareness campaigns already. Most in that community are seemingly unaware that devs need much more support: socially, mentally, and tactically. In order to become successful open source contributors.
So really what I’m saying is that making things legally easier isn’t enough. Advocating that people should contribute isn’t enough. We should be actively training and helping to prepare the next generation of contributors. And doing it in a way that doesn’t overly burden existing maintainers.
We should update mental models of who works on open source accordingly [corporations vs individuals]
I would like to see some numbers on how much code labeled "open source" (as opposed to having more of a free software ideology) is contributed by corporations and their employees, versus individuals
I think it's been very clear for 20+ years that the largest open source projects have corporate origins, or big corporate contributors, as I mentioned here: https://news.ycombinator.com/item?id=35941074 (Linux kernel, LLVM, Firefox, Chrome, MySQL, JVM, VSCode, Ubuntu, Red Hat, etc.)
But I wonder what happens when you look at medium size projects and libraries, like those in PyPI, NPM, the Go or Rust package ecosystems, etc.
Are corporations contributing closer to 20% of the code, or 80% of the code? I think there is a lot of code contributed by medium size companies, e.g. in the PHP ecosystem there seem to be many little companies
Even the Linux kernel adoption only took really off, and started to endager the UNIX ecosystem, when the likes of IBM and Oracle saw a benefit in doing so,
"1998: Many major companies such as IBM, Compaq and Oracle announce their support for Linux. The Cathedral and the Bazaar is first published as an essay (later as a book), resulting in Netscape publicly releasing the source code to its Netscape Communicator web browser suite. Netscape's actions and crediting of the essay[68] brings Linux's open source development model to the attention of the popular technical press. In addition a group of programmers begins developing the graphical user interface KDE. Linux first appears on the TOP500 list of fastest supercomputers.[69] The ARM port (initiated in 1994[70][71]) is merged"
Corporate influence on open source has served to narrow down the tools that are able to gain adoption, irrespective of their utility, often going against what users want.
For example, many developers despise React.js; I once interviewed for a dev role for Facebook years ago and they asked me if "I had any qualms about using React" (paraphrasing) and the interviewer acknowledged that many candidates did not like using React... Yet React has a near-monopoly on frontend frameworks.
The whole media landscape around open source dev tools has been a nightmare. We're being pushed in specific directions, towards a small number of silver bullet solutions which do not suit most use cases.
It feels like all the authors of popular tools form a corporate insider clique and no tools outside of that social network is allowed to get any traction at all.
> Corporate influence on open source has served to narrow down the tools that are able to gain adoption
Adoption by whom?
What is it that you think wider adoption of open source would (or should) look like without corporate influence?
What is your measure of success there, and do you have any examples of this happening? What open source products have "gained adoption" without corporate influence?
I think there are a variety of tools like LibreOffice, GIMP, and various more minor things that have mostly been developed after-hours or completely outside of corporate developers but they're almost certainly in the minority when it comes to major projects. (And one can reasonably argue that those two examples aren't especially successful.)
Yep and these are well known because they existed for a long time before the media monopoly.
There are newer tools which we never hear about. Once in a while I come across some website of curated indie SaaS solutions and it's unbelievable what exists. Yet this massive ecosystem is probably just one bubble out of hundreds.
You only hear about the tools which received VC funding. It is VC-funding first, then traction, not the other way around as they try to portray it. You can always connect the founders socially to insiders prior to their launching and raising funding. Some failed multiple ventures yet keep receiving funding... but among those which succeed, there is almost always a social connection.
Even in cases where I met a founder who I believed to be 'self-made', turns out there's a story behind him like his wife's parents had sold their company for millions and his brother rubs shoulders with celebrities.
Rewind 5 to 10 years, there were a lot of open source tools which gained adoption within startup or hobbyist communities. As some of the startups grew and merged with corporations, they seems to have slowly abandoned certain tools and software for no reason besides corporate compliance.
Nowadays, even startups use corporate tools. It's a total media echo-chamber. Everything outside of that is treated as if it doesn't exist. There are some great tools out there which solve real problems but they have few users because nobody can find out about them.
Obviously I'm referring to the big ones. That said, most startups aren't corporations. A lot of founders wait until money start coming in before footing the registration costs.
Although adoption I think is largely a matter of marketing. Outside of more people willing to search into open source alternatives themselves, or contribute more to open source projects... what else is there to foster adoption?
If corporate entities weren't doing that, then it would have to be non-corporate entities doing that. No?
Many open source licenses are non-free. It's simply not useful to generally conflate the two concepts when they have distinct meanings. I never have nor ever will look towards the OSI as contributing to the free software movement rather than trying to choke it out.
as a strong supporter of the GPL, IMHO the word "free" in English has played out and needs replacement.. instead "Libre" expresses the idea with fewer issues.
All were a little surprised by the question. Most interpreted it as “do you release and maintain your own open source software under the banner of your company.” When I clarified that I would count spending time to make a quality issue reproduction or fixing a bug and sending a PR, I got one person who said they had. They sent a patch to fix a bug, when I dug in why: they told me there were zero workarounds and the bug blocked a critical feature, if they didn’t upstream a fix successfully they would have to fork and take on maintenance (of that fork).
I share this, because I feel that the many developers don’t quite realize that they are able to do these actions (bystander effect). And many don’t know how to speak up and advocate for that work in a professional setting.
It’s true that corporate ties to open source are pervasive. I also feel that there’s a huge untapped potential of people who are willing to contribute but aren’t ready or aren’t able.
My talk (on teaching developers how to contribute to open source) wasn’t recorded, but a longer, earlier version was at PhillyETE https://chariotsolutions.com/screencast/philly-ete-2023-how-.... I also maintain a free service for contributors getting started https://www.codetriage.com/ and wrote a paid book on the topic https://howtoopensource.dev/.