The open source community is working on many simultaneous challenges, not the least of which is addressing vulnerabilities in the core of our projects, securing the software supply chain, and protecting it from threat actors. At the same time, community health is equally as important as the security and vitality of software code.
We need to retain talented people to work on complex problems. While we work urgently on implementing security best practices such as increasing SBOM adoption to help mitigate the fallout from another Log4J scenario, we can’t put the health of our communities on the open source back burner, either.
Our communities are ultimately made up of people who contribute, have wants and needs, and have feelings and aspirations. So while having actionable data and metrics on the technical aspects of open source projects is key to understanding how they evolve and mature, the human experience within project communities also requires close examination.
How participants in open source projects interact with each other and whether they feel included make up a large component of a community’s overall long-term health. It can determine whether or not they can continue productively and positively, attract new participants, create representative technologies, and spawn new projects and communities.
Motivations for a DEI study at the Linux Foundation
DEI was always something that we wanted to include in the early days of the Linux Foundation Research agenda. The topic fell into the category of “ecosystem” research, where uncovering insights about the community at large was as critical as digging into the state of open source in a given technology horizontal or industry vertical.
As community health and DEI are core values of the Linux Foundation, conducting new research in this area was a complementary and necessary activity to support related inclusion and belonging initiatives already underway.
Research, in general, is essential to dispel myths and misperceptions about open source, regardless of the subject matter. DEI insight, generated through new research, is a vital tool to evaluate success criteria beyond looking solely at the growth of open source in terms of the supply and demand of code. With data, we can determine gaps, trends, and opportunities broadly.
This is why in the spring of 2021, we were thrilled to work with GitHub, the CHAOSS project, and Jessica Groopman from Kaleido Insights on a dedicated study on DEI in open source expanding on GitHub’s Open Source Survey in 2017. Together, we formed a working group to design and deliver the study, manifesting the notion that research really is a team sport.
The importance of understanding DEI in open source
We have so many team members working on DEI initiatives, so this topic was a natural area of interest across the organization and within our project communities. Fortunately, we also had a dozen organizations provide sponsorship for this research, which enabled the translation of the survey into ten different languages. The goal of translation was to make the survey as accessible as possible for non-native English speakers.
The research was structured to determine how well we were doing as a community in terms of diversity, but importantly, how underrepresented groups feel within open source – do they feel welcome or unwelcome? Over time, we’ll want to see how this dynamic will change for the better.
People of varying backgrounds and nationalities participate in open source, so how we measure their sentiment when they show up to work is important. There was no shortage of questions needing answers. For example, how do people view the efficacy of codes of conduct, or do people believe that they are given fair and equal opportunities? And for underrepresented groups, in particular, do they face barriers that others do not? How do we treat each other?
We designed this research to uncover gaps in belonging within open source so that we can begin not just to think about how we can “do better,” but to inspire the implementation of inclusion strategies. Why? Because study after study shows that diverse teams are smarter and financially outperform their less diverse peers.
Barriers and challenges to achieving DEI in open source
From the data, we know that barriers in open source communities exist depending on the demographics or different segmentations of participants. Whether specific to race, gender, sexual orientation, language, geographic region, or religion – which we didn’t specifically study in this report – there are clear obstacles we need to remove. For example, communities can be more conscious about not scheduling conferences or meetings during religious holidays, such as Rosh Hashanna or Yom Kippur.
We also need to be mindful that off-color jokes, sexual imagery, hostility, unwelcome sexual advances, rudeness, and name-calling don’t go over very well in open source, nor in any community for that matter. We need greater awareness that these types of behaviors exist and methods to improve how we deal with them when they occur.
And although English is the lingua franca of open source projects, native language and English fluency are barriers for some open source participants, as are geopolitical factors.
The uncomfortable truth revealed in the survey data is that people from the LGBTQ+ community are more likely to experience threats, inappropriate language, sexual advances, and other forms of toxic behavior.
So what do we do about it? We need a full-fledged commitment to abiding by and enforcing codes of conduct within our communities. It is incumbent upon us to not tolerate inappropriate and toxic behavior and appropriately support community members when abuse arises.
Above all, it’s perhaps too easy to forget the human being at the other end of a transaction or professional exchange, especially as COVID-19 exacerbated the remote nature of our interactions.
The remedy is to engage all facets of our society – not just open source communities – to dedicate resources, inspire leadership, demonstrate moral courage, pursue greater educational initiatives and spread awareness of the opportunities that come from diverse communities.
Let’s remember that diverse teams, where inclusion practices are upheld, are stronger, better teams that make more robust, more thoughtful, and higher performing technologies.
You can help the Linux Foundation spread awareness of DEI in your Open Source community by using these graphics and suggested verbiage for including in your social posts.
Linux Foundation DEI Report: By the numbers
Red Hat, VMware, GitHub, GitLab, Intel, Comcast, Renesas, Panasonic, Fujitsu, Hitachi, Huawei, and NEC. It was written by Hilary Carter, VP of Linux Foundation Research, and Jessica Groopman of Kaleido Insights. Researcher/Analyst Lawrence Hecht performed a quantitative analysis of the data with the support of Stephen Hendrick, VP of Linux Foundation Research, who conducted a peer review of the survey instrument.