Tag Archives: sustainability

General

Digital Sovereignty Runs on Open Source

The tagline for Open Forum Europe’s (OFE) EU Open Source Policy Summit on January 30th in Brussels was “Digital Sovereignty Runs on Open Source,” which is in sharp contrast to last year’s tagline, “What can open source do for Europe?” At the 2025 summit, the conversations were about convincing those working in the public sector that open source was a good idea. Given the changes in the political landscape over the past year, many of those public sector folks seem to have shifted toward talking about what it will take to use open source as a key component in the EU’s digital sovereignty strategy. While we still have a lot of work to do, it feels like the conversations are moving in the right direction from why to use open source to how open source can increase digital sovereignty.

In my post last week about Funding Open Source Sustainability at CHAOSScon and FOSDEM, I talked about how open source sustainability was top of mind for me during these events considering the increase in maintainer burnout due to a lack of resources for open source projects. What struck me about the OFE event was how many people were talking about how we need to provide more resources for open source projects if the EU wants to rely on them to facilitate digital sovereignty.

In Dirk Schrödter’s keynote, he talked about how the EU doesn’t want to be locked into big US tech firms that deliver technology as black box, proprietary solutions. He mentioned that open source provides shared knowledge and skill development that leads to open innovation and lower barriers to entry, which is a key to economic prosperity. Dirk went on to say that sustaining open source software requires shifting spending to prioritize open source solutions, and public money should be spent on open source solutions. These ideas were common threads throughout the day that came up again and again in other panels and talks.

Here are a few other key points summarized from throughout the day:

  • I heard several people say that we should “never waste a good crisis,” and the current political landscape is an opportunity to re-evaluate how the EU uses technology, but speeches aren’t enough. Many public procurement policies make it difficult to use open source, and that needs to change. Procurement policies need to focus on open source to facilitate standardization and interoperability.
  • Digital sovereignty is about choice and the need to be able to switch between solutions to avoid lock in and create a transparent ecosystem to build solutions on top of open source. The EU should define concrete steps to replace proprietary solutions and transition to open source and use this as a window of opportunity to leverage what already exists, rather than reinventing. 
  • Open source is worldwide, so there is a need to fund the maintainers and people who are contributing the code wherever they are located. Open source has always been global and there is a hope that we can continue to collaborate together, rather than being isolationist. 
  • We need to all work together to strengthen and scale open source to improve sustainability, but financing and sustainability is a big challenge, and it requires investing in open source maintenance. Maintenance keeps innovation alive; it’s like plumbing, roadworks, and other infrastructure that needs to be steadily supported over time. There isn’t enough money in public budgets to make a big enough difference, so there is also a need for industry support. 
  • There is a need for action now beyond the people attending the summit. The message of using open source to facilitate digital sovereignty needs to go well beyond the tech crowd to local officials across the EU public sector.
  • OSPOs can help put digital sovereignty and open source in context and facilitate collaboration and discussions between internal stakeholders, but also between industry and the public sector. OSPOs can help organizations take a more strategic approach by contributing to and funding open source, encouraging employees to take on leadership / maintainer positions, and increasing advocacy for open source solutions.
  • There were also two announcements at the summit. First, the Open Knowledge Foundation, Open Source Initiative, and OpenForum Europe came together to launch Open Technology Research to create a sustainable global platform for research, knowledge exchange, and policy engagement around open technologies. Second, the UN published the report from the 2025 UN Open Source Week and announced that the 2026 UN Open Source Week will be held in New York from June 22 – 26.

As someone who has been working in open source for a very long time, I’ll admit to being a bit bored at last year’s event with so many discussions about why we should use open source, since I’ve been having those discussions for 25+ years. This is why I was so pleasantly surprised to see how far the conversations have evolved in just one year. The shift toward talking about what needs to happen to make using and relying on open source in the public sector along with conversations about sustainability felt like progress. There is still a very long way to go. So many open source projects are struggling with finding people, funding, and other resources to sustain themselves over time, so we need to continue to move from conversations to action so that the open source projects we all rely on will continue to thrive as even more people rely on them to facilitate digital sovereignty.

Related Resources:

If you want help with your open source strategy, I’m available for consulting engagements.

Photo from the EU Open Source Policy Summit’s photo gallery.

General

Funding Open Source Sustainability at CHAOSScon and FOSDEM

Open source sustainability impacts all of us, and unfortunately, we know that many open source projects are struggling. Maintainers are experiencing burnout, lack of funding, and a general lack of resources to sustain their projects over the long term. This is something that was top of mind for me while I was in Brussels for CHAOSScon EU, the Open Forum Europe (OFE) Summit, and FOSDEM.

At CHAOSScon, during the opening session, I talked about demonstrating the value of open source efforts with a focus on how to articulate the value within organizations so that the open source work can continue over time (slides), which is one aspect of sustainability that I’ve already talked about here on this blog. 

We also had a fishbowl panel all about funding for open source projects to wrap up the day at CHAOSScon. The funding panel covered a wide variety of topics, so here are just a few topics mentioned by the panelists:

  • Past vulnerabilities can be used to make the case for future funding (e.g., Germany’s Sovereign Tech Fund)
  • Money isn’t something that all open source maintainers want to spend time thinking about, and it can be a problem for communities to decide who gets funding?
  • We need more recognition by policy makers about the value of open source and need to revamp procurement to make it easier to use public money to fund open source. 
  • Funders need to understand the impact of their funding, but many corporate FOSS funders programs don’t have a focus on understanding and measuring impact.
  • Funding can be exploited when it’s not well-defined, and this can happen when people who aren’t particularly familiar with open source (e.g., policy, regulators, legal folks) are defining these programs.
  • Open Source Wishlist is an effort that Emma Irwin has been working on to bridge the gap between maintainers, funders, and practitioners.

I also attended several sessions in the FOSDEM Funding Devroom. Luckily, all of the devroom talks are recorded, since I wasn’t available to watch every talk, but I did pick up a few interesting tidbits from the talks that I did attend:

  • When measuring funding impact, quantitative data can help support credibility claims, but you also need qualitative data with narratives that carry meaning. 
  • Human sustainability is harder to measure than infrastructure impact, but maintainer health is a critical blind spot that should also be considered when making funding decisions.
  • Short term deliverables dominate impact measurement while long-term sustainability is undervalued because success often looks like nothing happened. 
  • Funding impact isn’t neutral. Funders’ visions shape everything: what / who gets funded, how impact is measured, and how work is valued. Funding from companies can bias development toward corporate interests. 
  • Funders often use a trust model where they fund people, projects, and organizations they trust, but that’s fragile because it’s personal, and people change roles. This is also hard to scale and creates bottlenecks. 
  • Funders often struggle to provide funding to individuals, since it’s often easier to fund projects or organizations.
  • Funding can be a time consuming and ongoing process for maintainers and projects to continue to find more funding when one wave of funding ends. 
  • It can also be hard for funders to work together to align processes and goals to create joint funding efforts.

Seeing more people talking about funding was great, and I really appreciated the thoughtful approach from several of the speakers about how funding isn’t a panacea. Funding doesn’t solve all of our sustainability issues, but it is one important tool that can help projects improve sustainability. If you are interested in learning more, we have a CHAOSS Funding Impact Measurement Working Group that meets every other Wednesday, and I am also available for consulting on this topic.

Related Resources:

Photo by micheile henderson on Unsplash

General

SCALE 23X: Corporate Impacts on OSS Sustainability

I’m thrilled to be going back to SCALE this year to talk about corporate impacts on open source sustainability!

I’ve blogged here before about the New Power Dynamics in Open Source: Rug Pulls, Relicensing, and Forks along with What your OSPO can do about power dynamics, rug pulls, and other corporate impacts on OSS sustainability, so my talk at SCALE will be an evolution of those ideas.

Here’s a quick video about why I love SCALE and a preview of my presentation topic.

I hope to see some of you at SCALE in Pasadena!

Additional Reading:

General

Good Governance for Open Source Projects

We all want our open source projects to be sustainable, healthy, and successful, and having good governance influences project success more than many people realize. I’ve had governance discussions with so many open source projects over the years. When I was co-chair of the CNCF Contributor Strategy Technical Advisory Group (TAG) we did governance  reviews and provided feedback for CNCF projects, and when I worked at VMware, Intel, and other companies, this was a regular topic that I discussed with employees who were leading and contributing to open source projects.

Last summer, I did a series of five blog posts on the topic of governance, so I think it’s time to revisit those posts. Here is a quick summary of each topic with a link to the post where you can learn more.

Governance Part 1: Why is it important?

Ultimately the focus of open source project governance is on the people. The roles we play, our responsibilities, how we make decisions, and what we should expect from each other as part of participating in the community. It also helps create pathways to leadership where other people can better understand the process for moving into leadership roles along with an intentional process for how the project promotes people into leadership. Being proactive about governance and related topics before something escalates into a crisis can make your projects more sustainable and reliable. 

Governance Part 2: Defining Governance

In general, you should start with the simplest possible governance model and only move to something more elaborate when your project evolves to the point where the complexity is needed because otherwise you create more overhead and extra work when that time would be better spent on project development, rather than governance processes. If you don’t already have your governance and decision-making processes documented, the best place to start is by documenting and formalizing what you are already doing when you make decisions for your project. The maintainer council governance model is a simple one that many projects can use as a starting point. 

Governance Part 3: New Contributors and Pathways to Leadership

Defining the roles and responsibilities for contributors, reviewers, and maintainers can help with recruiting new people into these roles. You can think of this as a ladder because contributors climb up to become reviewers and those reviewers can become maintainers. This helps set expectations for the roles and encourages people to think about how they might take on increasing responsibility within the project. As you get more of the people moving into maintainer roles, you can reduce the workload for the existing maintainers.

Governance Part 4: Creating Intentional Culture

Defining your governance / decision-making processes along with pathways to leadership are key to creating an intentional culture for your project that encourages participation and contributions from others. However, just documenting your governance process and setting expectations in writing isn’t enough. You should also be role modeling good behavior and helping others understand what behavior is appropriate within your project. It’s important to remember that tolerating bad behavior unwittingly sets the expectation that this behavior is acceptable in your project, which can drive new contributors away. Robust governance documentation that incorporates your code of conduct, charter (or similar statement of mission, scope, and values), and includes clear processes for dealing with conflict can help make your project more sustainable over time.

Governance Part 5: Overall Ownership of a Project

While there are a few exceptions, open source projects usually have an individual, company, or foundation controlling the trademarks, project infrastructure, and other assets. This overall ownership structure often impacts how the project is governed on a day to day basis and how the project is perceived by others. Neutral foundations provide a level playing field where contributors can contribute as equals regardless of whether they are contributing on behalf of a company or as an individual. This structure allows companies to collaborate together in a neutral environment where no single company is in control of the project.

I hope you enjoyed this short summary, and if you want feedback or help with governance or related OSPO topics, I’m available for consulting engagements.

Additional Resources:

General

From First PR To Lifelong Impact: Helping People Thrive in Open Source

I spend a lot of time thinking about the sustainability of open source projects and the role that contributor sustainability plays in overall project sustainability. This involves more than just attracting contributors, but in ensuring they stay, grow, and thrive within our open source projects, and that can be a lot easier if we think outside of our traditional boxes and get creative about recruiting and retaining contributors.

Within the CHAOSS project, some of our most successful initiatives are driven mostly or partly by folks from our CHAOSS Africa chapter. We also have a CHAOSS Asia chapter that has recently re-started and is also driving some interesting work within the project. As a result, I’ve seen first hand some of the challenges, but also the rewards, that come from making it easier for people to contribute from countries that haven’t always been well-represented in many open source projects.

On a similar note, until recently, I was co-chair of the CNCF Contributor Strategy Technical Advisory Group where we were working to help CNCF projects grow their contributor bases. The CNCF mentoring programs were managed out of this group, and I was struck by how many mentees stick around after their time in the program with some mentees even becoming mentors! Another initiative within this group was the Deaf and Hard-of-hearing Working Group where I was inspired by all of the amazing work to help folks more actively participate in CNCF events and projects! This work was so successful that a second group was created by people from the blind and visually impaired community with similar goals of making it easier for people to participate.

All of this work got me thinking about how traditional pathways into open source don’t work for everyone and that we need to expand our contributor pipelines beyond the usual audiences if we want to have more sustainable open source projects where everyone can feel comfortable participating. This was the idea behind bringing together a panel of experts at the recent Open Source Summit in Denver where I led a panel discussion about this topic with Shuah Khan, Ruth Ikegah, and Matt Denny. I hope you enjoy this video of our discussion!

Note: A huge thank you to Sandeep Kanabar who helped put this proposal together, but was unable to attend at the last minute, and thanks again to Matt for stepping in on short notice! 

If you want feedback or help with how to grow your contributor base or improve your open source strategy, I’m available for consulting engagements.

Resources and Links:

Related Fast Wonder blog posts:

Photo by The Linux Foundation used under the CC BY-NC 4.0 license.

General

Contributor Sustainability Impacts Risk and Adoption of OSS Projects

I’ve spent a lot of time over the years thinking about the sustainability of open source projects and the role that contributor sustainability plays in overall project sustainability. When I was co-chair of the CNCF Contributor Strategy Technical Advisory Group, contributor sustainability came up often as a concern for CNCF projects, and the most common question was about how to get more people contributing to our projects. This is a hard problem, but there are some resources at the bottom of this post to help grow your contributor base and increase the sustainability of your open source projects.

What I think many people underestimate is how contributor sustainability is viewed through the lens of risk by companies who are deciding whether to adopt your project. It’s easy to think that your project is different. No one will leave, and the project will be wildly successful forever, but that’s not how many companies think about open source adoption. Some companies think hard about which projects to adopt, especially if those technologies are crucial for delivering solutions to their customers, and would be difficult to replace if the project suddenly wasn’t available. Projects with a single dominant contributor or contributions coming almost entirely from a single company are going to be perceived as riskier and companies will be less likely to adopt or use those projects. This is especially true given the recent wave of companies relicensing open source projects and putting them under proprietary licenses. Put in simple terms, contributor sustainability risk makes it harder to get people to adopt your open source projects.

When I was Director of Open Source Community Strategy at VMware, I would often evaluate the risks of adopting specific open source projects, especially if we were considering building commercial products that incorporated those open source technologies in ways that were critical to delivering products to our customers. Contributor sustainability played a big role in deciding whether we would adopt a project. This was especially true for projects that were more strategically important for us, and which would be hard to replace if the project became unsustainable in the future. Given the choice, we’d select projects with better contributor sustainability, which would be a lower risk for us as a company.

Just last week, I was looking at an open source project where almost all of the contributions came from employees of the company driving the project, and there was a single lead developer who made the vast majority of the contributions and code reviews / approvals. That lead developer and their employer are single points of failure for the project. These single points of failure introduce risk for potential adopters and are likely to cause people to think twice before using a project. If I was a company looking for a solution, I would be unlikely to select a project that could suddenly cease to be updated (including security updates) if something happened to the dominant contributor or the company.

In summary, contributor risk stemming from a single person or a single employer makes your project riskier and less likely to be adopted.

While growing your contributor base is hard work, there are quite a few resources to help you improve contributor sustainability along with gaining a better understanding about how companies think about risk when adopting open source projects. Here are a few of those resources, most of which also have links to additional resources:

If you want feedback or help with how to grow your contributor base or improve your open source strategy, I’m available for consulting engagements.

Update: You might also be interested in reading this follow up post: Companies Can Mitigate Sustainability Risks

Photo by Jan Kopřiva on Unsplash

General

Using CHAOSS Practitioner Guides to Improve your OSS Projects

Within the CHAOSS project, we know that people often struggle to make productive use of the tsunami of data about open source projects. One of my focus areas over the past 2 years within the CHAOSS project has been to develop a series of Practitioner Guides designed to help develop insights that can be used to improve the project health of an open source project. So far, we have 5 guides: Introduction, Contributor Sustainability, Responsiveness, Organizational Participation, and Security with more guides coming soon.

I’ve written about these guides in an OpenSource.net blog post and recorded a CHAOSScast podcast about each guide. I’ve also done quite a few talks related to the topics in these guides, which can be found on my Speaking page. The most recent one was a joint talk with Peculiar C. Umeh at FOSS Backstage with a video that is available to watch.

I won’t go into more detail here, since I’ve already linked to other blog posts, podcasts, and talks on the topic, but I encourage you to have a look at the Practitioner Guides to find ways to make your open source projects healthier and more sustainable!

If you want feedback or help with your open source strategy, I’m available for consulting engagements.