New Initiatives to Create Sustainable Open Source Projects at The Linux Foundation
Jim Zemlin | 13 September 2017
Open Source Summit North America 2017
Open source software isn’t only growing. It’s actually accelerating exponentially in terms of its influence on technology and in society.
The sheer number of projects and developers in open source today are just amazing. There are:
- 23 million open source developers worldwide
- 22 million accounts and 64 million repositories on GitHub
- 41 million lines of code
- 1,100 new open source projects every day
- 10,000 new versions of open source projects every day
Even within individual projects, the pace of development, not just the number of projects, is accelerating. Linux is the best example of this. Today we have 4,300 developers contributing to the Linux kernel, adding 10,000 lines of code daily. Think about that: a codebase that changes 8.5 times an hour.
It’s self-evident at this point that no single organization could ever keep up with a development pace that fast and robust.
Open source is just the way modern application development works. And open source isn’t really slowing down anytime soon. The prediction is that we’ll have hundreds of millions of open source libraries available to build the technologies of the future.
We have an abundance of code — but with that abundance comes a bit of anxiety as well. Developers have a problem knowing if they’re choosing the right framework, or package. Is it secure or not? Which projects are safe to bet my future, or my company’s infrastructure, on?
Creating sustainable open source projects
The big question we ask ourselves at The Linux Foundation is: Of the 64 million open source projects out there, which are the ones that really matter?
We think that projects with sustainable ecosystems are the ones that really matter. These are the open source projects that will be supported. They provide the security and quality codebase that you can build future technologies on.
If you look, you’ll see a pattern in sustainable open source projects:
- Developers create open source projects.
- Those projects are used in products — whether it’s Google Cloud or Amazon Kindle or a Galaxy Note.
- Value is then created from those products.
- That value is reinvested into the projects.
This investment is largely in the form of employing developers to work at companies such as Samsung, Google, or Amazon to contribute upstream to the Linux kernel or any number of other projects. That investment begets better code, which begets better products and features, functionality, security, performance, etc., which begets more value and more reinvestment.
This virtuous cycle is really the hallmark of sustainable open source. And this is the future we’re working for.
At The Linux Foundation, we are home to a whole bunch of projects that are entering into this positive feedback loop. And it’s not just us. Other organizations including the Apache Software Foundation, The Eclipse Foundation, and the OpenStack Foundation are hosting open source projects that move the world and create these sustainable ecosystems.
New initiatives to support sustainable open source
This week at Open Source Summit North America we’ve announced several new initiatives to help ensure the growth and sustainability of open source:
The biggest bottleneck to the growth of many open source projects is that organizations don’t know how to be a participate in open source. If we can train organizations to become leaders in open source we will move the needle on the number of developers participating in these projects. These guides, created with the TODO Group of professional open source managers, have created a series of guides to help organizations be successful in open source development.
Community Health Analytics for Open Source Software is a new Linux Foundation project to build a platform for measuring and analyzing open source projects.
100 projects granted a CII security badge
We need a collective secure coding culture. You can’t mandate security practices for open source projects. The Core Infrastructure Initiative (CII) has a badging program where projects can go to prove they care about security. Since its launch in May 2016, more than 1,000 projects have registered for the badge and 100 have achieved a badge.
This is a training program that will help the industry support the Kubernetes project early on in its hyper growth. For organizations with more than three certified Kubernetes administrators can become a Kubernetes service provider and that helps grow the project ecosystem.
Thinking big together
2017 has been an amazing year for open source and we are just getting started. I want to encourage you to get involved in one of our new initiatives, or any one of our other 75+ open source projects here at The Linux Foundation. Together we can think big and accomplish what no single company or individual could on their own.
2023 Cloud Computing Compliance and Security Projects Linux How-To Diversity & Inclusion Events Open Source Best Practices 2022 Open Source Cross Technology Training and Certification LFX Newsletter Legal Research LF Research Networking and Edge Blog Data Governance Featured LF Energy Open Mainframe OpenChain System Administration