From Indiegogo to Orthrus: Rethinking Open-Source Funding
I recently discovered that OpenCV had started an Indiegogo campaign to fund version 5 of its renowned library for computer vision. Celebrated for its Apache 2.0 license, OpenCV boasts over 1500 contributors and 73,000 stars on GitHub. Its legacy spans over 20 years, earning widespread acclaim for its contributions to over 175,00 papers and projects.
OpenCV's influence is global, finding applications in diverse areas from space exploration to emergency rooms and college campuses. Initially a research-focused library, it has evolved into the primary computer vision tool for 89% of embedded vision engineers. Notably, OpenCV powered Stanley, the winner of DARPA's 2005 Autonomous Driving Grand Challenge, which is now showcased at the Smithsonian.
With such a large and important project, you’d think this would have been funded within 24 hours. But unfortunately as of the time of writing, they are only at 10% of their goal. Now it isn’t all doom and gloom, the project has had a successful campaign for a course earlier on in the year. They also have some large companies listed as their partners.
This campaign is partly ideological. In its description they say they want to…
Prove to other struggling open source projects that crowdfunding is a viable option over seeking corporate donations exclusively
It’s no secret that many of the best funded open source projects are funded largely through corporate donations or corporate employment. OpenCV receives funding through donations, selling courses, books, and services to fund their project. So this Indiegogo campaign is one stream in a multi revenue stream. But many open source projects do not have the luxury of such a wide variety of support. In Andrew Kelly’s blog post titled, Why I'm donating $150/month (10% of my income) to the musl libc project we see a different story.
Musl is a lightweight, fast, and simple standard C library designed for use in Linux based systems. It is an alternative to the more commonly used GNU C Library (AKA glibc), and it's known for its efficiency and small footprint, making it particularly well suited for static linking, embedded systems, and minimal Linux distributions. It is the default libc for Alpine Linux, and is the reason that Zig is able to cross compile to Linux from other operating systems. At the time of writing it makes $334.7 per month on Patreon. This is a story that is repeated across the open source world.
Synopsis, a company that focuses on silicon intellectual property and software security, publishes an Open Source and Risk Analysis report every year. It gives interesting insights into the usage of open source libraries across a variety of industies. According to their analysis of over 1,703 code bases for the year of 2022, 17 industries had more than 80% of their code base made up of open source software. That’s a lot of open source code and is probably not a surprise to anyone.
Which leads me to my main point. As software developers we are in the golden age of open source. We have access to so many popular, high quality libraries for everything, for free use and $0. We went from things like compilers only being $49.95 being a major selling point, to free industrial grade tools like LLVM and Godbolt.
This is like the sub 3% mortgage era but for code. But things are not all sunshine and rainbows for the open source developers themselves. In an analysis by André Statlz on 58 open source projects listed on the OpenCollective, he divided projects by colors where the colors represented salary ranges.
BLUE: 6-figure salary
GREEN: 5-figure salary within industry standards
ORANGE: 5-figure salary below our industry standards
RED: salary below the official US poverty threshold
These were his results…
More than 50% of projects are red: they cannot sustain their maintainers above the poverty line. 31% of the projects are orange, consisting of developers willing to work for a salary that would be considered unacceptable in our industry. 12% are green, and only 3% are blue: Webpack and Vue.js. Income per GitHub star is important: sustainable projects generally have above $2/star. The median value, however, is $1.22/star. Team size is also important for sustainability: the smaller the team, the more likely it can sustain its maintainers.
The grim truth is… It’s hard to sustain open source development, even in large projects that you think are doing fine. Henry Zhu captured this concern in his aptly named talk Open Source: Charity or Business?
What are the options?
Some traditional ways Open Source Projects fund themselves are…
GitHub Sponsors
Merchandise
Patreon
Courses/Books
Grants
Direct Support
Donations
Corporate patreons
But many of these take large amounts of effort to set up, and some are really only viable for larger projects. But even then it isn’t always enough. For example parts of the FreeBSD operating system and software are used by Sony, Apple, Microsoft, Netflix and many other. They sell merchandise, and they have a link to donate. Yet they are 1 million dollars short of their 1.4 million dollar donation goal this year.
With developers giving their time away freely, or for a small wage, you would think people would just be grateful for the work that they do. But if the controversy around the mitmproxy library this year was anything to go by, the answer is no. Many maintainers have expressed frustration with the feelings of entitlement that users have towards their projects. On top of this, people often do not look favorably on maintainers or projects that ask for money. As one Hacker news commenter mentions.
One of the first open source developers I recall seeing raising funds so he could go work on something full time for a year was Paul-Henning Kamp (PHK from FreeBSD). He got the money, but also an insane amount of bullshit complaints from people not wanting to donate because: He pays ~40% in tax, it would be cheaper to pay someone in <insert country>, what if he doesn't deliver, why not someone else, why FreeBSD. I can understand a developer just giving up and not even trying just to avoid the negativity and complaining.
-mrweasel
Thankfully in the case of mitmproxy library we get a happy ending and we can learn a lot from maintainer Maximilian Hils perspective on interacting with open source projects.
Since this has been picked up by some news sites I'd like to provide some additional context here: I don't mind the release question at all, it's valid! But the context should ideally be along the lines of "we have an interest in this, how can we help make it happen" (contributions or $) and not "you are causing problems for our customers". I don't want the requestor to have a miserable time because of a badly-worded comment, I want large companies to have a healthy relationship with FOSS.
<redacted> has just sent me genuine apology, which I truly appreciate. Please be nice and assume good intentions. ❤
Unfortunately many of these interactions don’t end as nicely. In Brodie Robertson’s interview with Georges Stavracas, a prolific GNOME developer, Brodie asks how he deals with people being jerks on the internet. This is what he says (edited for clarity)
It's complicated. I have moments where I deal with those things well and I have had moments where I just burst it out and screwed everything up. It is it is difficult. I had to explicitly remove myself from social media and comment sections and not participate in these things in these places and to some degree shut down communications as well to only a very strict subset of places, because the attacks come from everywhere.
I can tell you I have so many stories of abuse it's not even fun. The Linux Community treats its maintainers and its developers really badly even the better ones. You know the people who just shut up and do the work. The people can be nasty online. I’ve gotten everything. I’ve gotten harrassed doxed, even my doggo was given a death threat
I want to highlight all of this because it’s the time of year to grateful. I’m grateful that we have so many high quality open source libraries. I’m grateful that we have high quality tools and languages, that allow us to continue building the software we love. And I’m grateful that their are people in this world who selflessly give to their community even in the face of poverty, entitlement, and toxicity. I also want to highlight this because a lot of open source projects could use our support right now, and I’d encourage you to donate to projects that make your life better. One such organization is the Internet Archive, a tool I use in many of the articles I provide for all of you.
With that being said I’ve been thinking a lot about open source sustainability recently and ways it could be improved, especially in the cases where large organizations don’t care or don’t know how to support the projects they rely on.
This is a touchy subject. I love my GPLv3, MIT, BSD, and Apache 2.0 licenses. I love the freedom they give me to create the software I want in the world. But I want it to be more sustainable for more developers. As it currently stands it isn’t and as one internet user mentioned…
The reason is tragedy of the commons. The software is gratis, and they're getting paid the asking price.
So then what do we do? A commenter on one of my reason posts lamenting this situation had this to say
Make a new license. But it would be proprietary, because you'd be saying some entities are too big to exercise Freedom 0 without paying money to a central organization that held the license.
Now, I am no fool. I know licenses are a complicated beasts, and any new license would require review by a lawyer before it was viable. Trying to make an open source license that had restrictions to how it could be used by certain people is against the ethos of the open source community. But I remember one time hearing someone in the open source community describing licenses in general. They said…
All software licenses are bad because they restrict the use of software in some way, even if only a little. Of all the open source licenses, The GPLv3 is simultaneously the best of the worst.
Or something like that… So in that spirit how could be make the best out of a proprietary license? I give you the Orthrus license, named after Cerberus’ two headed brother.
The Orthrus License
Introduction: The Orthrus License is a dual-tier software license. It is designed to enable various groups including individual developers, non-commercial projects, open source projects, academic researchers, educators, registered non-profits, and small professional teams (up to 25 members) to use the software under the Community Tier, akin to the Apache 2.0 license. For those who do not meet the Community Tier criteria, a Professional Tier is available, subject to terms arranged with the software maintainers.
Community Tier:
Eligibility:
Individual developers, open source projects (using this or a GPL-compatible license), academic researchers, educators, registered non-profits, and small professional teams (up to 25 members).
Not eligible: For profit organizations with….
more than 25 full-time developers
100 PCs
$1 million in annual revenue.
Permissions:
Use: The software may be used for any purpose, within the bounds of the eligibility criteria.
Modification: Users are free to modify or enhance the software.
Distribution: Both original and modified versions of the software may be distributed.
Patent Rights: Contributors grant, but retain, patent rights related to their contributions.
Restriction on Patent Litigation: Contributors cannot sue for patent infringement over their contributions.
Required Notices: Distribution must include this copyright notice in the project folder.
Limitations:
No Warranty: The software is provided "as is", without any warranties.
GPL Compatibility: For open source projects to qualify, the project must be using either the Orthrus License or a GPL-compatible license.
Professional Tier:
Eligibility:
Applicable to organizations exceeding any of the following:
25 full-time developers
100 PCs
$1 million in annual revenue
Exceptions: Open source projects licensed with the Orthrus license or a GPL-compatible license, registered non-profits, academic institutions, and individual developers.
Terms:
Organizations meeting the above criteria must complete a licensing request form provided by the software developer.
Pricing and terms (e.g., one-time fee or subscription model) are determined by the software developer.
General Provisions:
Trademark Use: The license does not grant rights to use software trademarks.
License Evolution: The terms of this license may be updated by the project maintainers, subject to versioning
It should be obvious that no one should actually use this license, but I hope that it at least kick starts a discussion about open source maintainability. What do you think? Could a license like this work? Would you use it? Let me know in the comments below
Call To Action 📣
If you made it this far thanks for reading! If you are new welcome! I like to talk about technology, niche programming languages, AI, and low-level coding. I’ve recently started a Twitter and would love for you to check it out. I also have a Mastodon if that is more your jam. If you liked the article, consider liking and subscribing. And if you haven’t why not check out another article of mine! A.M.D.G and thank you for your valuable time.