Rockford Lhotka

VP, Open Source Creator, Author, Speaker

Responsible Use Of Open Source In Enterprise Software

11 May 2021

Originally published on Forbes

Nearly every modern software development project relies heavily on open-source software. This is particularly true of any web client or node.js software, where a typical app relies on dozens of open-source packages. It is also true of any Java or .NET software, as both of those platforms are open source.

As consumers of open source, have we considered the impact we have on the open-source ecosystem? Are we enabling and supporting the ecosystem on which we’re building our enterprise software, or are we crossing our fingers and hoping the ecosystem doesn’t collapse out from under us?

Certainly, some open source has excellent funding, such as Microsoft for .NET, Apple for Swift or Google for Angular. One might argue that these products don’t need extra support because they have major corporate patrons. I am not sure I agree with that, but I do understand the sentiment.

In any case, when building enterprise software, most of us rely heavily on other open-source products that do not have major corporate patrons. These might be UI widgets, productivity tools or backend libraries. It is extremely rare to build a web app without bringing in numerous small open-source products, and the same is true for many Java and .NET backend systems. It is a virtual impossibility to build node.js backends without relying on numerous open-source products.

Failure of any of these products can leave us and our enterprise software at risk. When adopting any open-source product into our software, we owe it to ourselves to investigate the creator and community around the product, identify how they are funded or supported and determine how we can become involved to ensure the success of that product.

The unspoken contract of open source is that users are part of the same ecosystem as creators. We succeed or fail together.

Some open-source products are funded by patron corporations, others by selling consulting services, and still others by selling content such as videos, books or other training. Many have mechanisms by which their work can be funded through GitHub Sponsors or Patreon. In nearly every case, open-source projects rely on quality contributions from their users — often in the form of bug reports, documentation, community participation and code contributions.

I have been an open-source creator for nearly 25 years, and I interact with a great many other open-source creators. All of us know that the vast majority of open-source consumers do not contribute back to the ecosystem in any way; they simply cross their fingers and hope that we never become frustrated and stop working on the frameworks, libraries and tools used to create those multimillion-dollar enterprise systems based on our work.

The rare and precious user is active in our discussion channels of choice — asking questions, helping to answer questions and building the community around a product. Even more valuable are users who file quality bug reports or feature suggestions, though such people are hard to find. The most valuable and extraordinary are the people who contribute documentation or code back into the project, helping the product, the ecosystem and the software industry at large.

I understand that many employees of companies sign away their IP rights and are unable to contribute to open source. That is a major challenge to the personal career growth of those employees as well as the health of the open-source ecosystem. One way to help is to support employees when they express interest in supporting open source. Often, this is just a matter of organizational culture and letting employees know that contributions back to open-source products is something to be valued.

Organizations that can’t support contributions to open source in terms of community, bug reports, documentation or code should identify other ways to support the products on which they are basing their enterprise software. The most obvious solution is to identify the revenue streams on which each product relies and engage in those streams. Again, this might be via paying for consulting, training or content, or it could be becoming a sponsor or patron if the product supports GitHub Sponsors or Patreon.

We all directly rely on the open-source ecosystem for the future of our enterprise software, and we are all vulnerable to the failure of open-source products. As consumers and users of open-source products, we have the responsibility to support those products, their ecosystems and the open-source industry.

comments powered by Disqus