Open Source Software and Corporate Influence

Open Source Software and Corporate Influence(alilleybrinker.com)

64 points by rrampage 1 year ago | 25 comments

schneems 1 year ago |

I went to All Things Open and asked booth staff (of corporate booths) “do you contribute to open source at your day job?”

All were a little surprised by the question. Most interpreted it as “do you release and maintain your own open source software under the banner of your company.” When I clarified that I would count spending time to make a quality issue reproduction or fixing a bug and sending a PR, I got one person who said they had. They sent a patch to fix a bug, when I dug in why: they told me there were zero workarounds and the bug blocked a critical feature, if they didn’t upstream a fix successfully they would have to fork and take on maintenance (of that fork).

I share this, because I feel that the many developers don’t quite realize that they are able to do these actions (bystander effect). And many don’t know how to speak up and advocate for that work in a professional setting.

It’s true that corporate ties to open source are pervasive. I also feel that there’s a huge untapped potential of people who are willing to contribute but aren’t ready or aren’t able.

My talk (on teaching developers how to contribute to open source) wasn’t recorded, but a longer, earlier version was at PhillyETE https://chariotsolutions.com/screencast/philly-ete-2023-how-.... I also maintain a free service for contributors getting started https://www.codetriage.com/ and wrote a paid book on the topic https://howtoopensource.dev/.

ajb 1 year ago | |

In a lot of cases, ordinary employees who want to make a drive-by contribution to open source face two hurdles:

1/ Their employment contract specifies that all IP they generate during their employment is owned by their employer. Contributing to open source, as well as being a technical action, is a legal action (that of licensing your contribution under the project license) which they don't have the authority to do as individuals, and therefore must obtain authorisation from their employer.

2/ given the former, some legally conservative projects require a signed contribution agreement from contributors employers. This usually requires the employers legal dept to approve it, since the legal dept reviews all such contracts.

It would be nice if there was some blanket scheme that employers could sign up to to authorise all de-minimis contributions to open source projects, or contributions that are actually useful for the work people are employed to do. But I'm not aware of any such scheme.

SR2Z 1 year ago | | |

Contributing code to OSS should not fall under "IP" unless the code was written on company time. IP refers to concrete things like patents and in almost every case cannot apply to stuff created outside of and unrelated to work.

schneems 1 year ago | | |

I consider any companies that would blanket prohibit open source contribution out of scope of my statement. With those that won’t even allow employees to open a bug report or post on a forum to be an extreme outlier. Especially in the context of a company that bought a booth at an open source conference.

Legal hurdles exist, but IMHO are the subject of endless hand wringing and awareness campaigns already. Most in that community are seemingly unaware that devs need much more support: socially, mentally, and tactically. In order to become successful open source contributors.

So really what I’m saying is that making things legally easier isn’t enough. Advocating that people should contribute isn’t enough. We should be actively training and helping to prepare the next generation of contributors. And doing it in a way that doesn’t overly burden existing maintainers.

chubot 1 year ago |

We should update mental models of who works on open source accordingly [corporations vs individuals]

I would like to see some numbers on how much code labeled "open source" (as opposed to having more of a free software ideology) is contributed by corporations and their employees, versus individuals

I think it's been very clear for 20+ years that the largest open source projects have corporate origins, or big corporate contributors, as I mentioned here: https://news.ycombinator.com/item?id=35941074 (Linux kernel, LLVM, Firefox, Chrome, MySQL, JVM, VSCode, Ubuntu, Red Hat, etc.)

But I wonder what happens when you look at medium size projects and libraries, like those in PyPI, NPM, the Go or Rust package ecosystems, etc.

Are corporations contributing closer to 20% of the code, or 80% of the code? I think there is a lot of code contributed by medium size companies, e.g. in the PHP ecosystem there seem to be many little companies

pjmlp 1 year ago | |

Even the Linux kernel adoption only took really off, and started to endager the UNIX ecosystem, when the likes of IBM and Oracle saw a benefit in doing so,

"1998: Many major companies such as IBM, Compaq and Oracle announce their support for Linux. The Cathedral and the Bazaar is first published as an essay (later as a book), resulting in Netscape publicly releasing the source code to its Netscape Communicator web browser suite. Netscape's actions and crediting of the essay[68] brings Linux's open source development model to the attention of the popular technical press. In addition a group of programmers begins developing the graphical user interface KDE. Linux first appears on the TOP500 list of fastest supercomputers.[69] The ARM port (initiated in 1994[70][71]) is merged"

https://en.wikipedia.org/wiki/History_of_Linux

jongjong 1 year ago |

Corporate influence on open source has served to narrow down the tools that are able to gain adoption, irrespective of their utility, often going against what users want.

For example, many developers despise React.js; I once interviewed for a dev role for Facebook years ago and they asked me if "I had any qualms about using React" (paraphrasing) and the interviewer acknowledged that many candidates did not like using React... Yet React has a near-monopoly on frontend frameworks.

The whole media landscape around open source dev tools has been a nightmare. We're being pushed in specific directions, towards a small number of silver bullet solutions which do not suit most use cases.

It feels like all the authors of popular tools form a corporate insider clique and no tools outside of that social network is allowed to get any traction at all.

ranger_danger 1 year ago | |

> Corporate influence on open source has served to narrow down the tools that are able to gain adoption

Adoption by whom?

What is it that you think wider adoption of open source would (or should) look like without corporate influence?

What is your measure of success there, and do you have any examples of this happening? What open source products have "gained adoption" without corporate influence?

ghaff 1 year ago | | |

I think there are a variety of tools like LibreOffice, GIMP, and various more minor things that have mostly been developed after-hours or completely outside of corporate developers but they're almost certainly in the minority when it comes to major projects. (And one can reasonably argue that those two examples aren't especially successful.)

jongjong 1 year ago | | |

Rewind 5 to 10 years, there were a lot of open source tools which gained adoption within startup or hobbyist communities. As some of the startups grew and merged with corporations, they seems to have slowly abandoned certain tools and software for no reason besides corporate compliance.

Nowadays, even startups use corporate tools. It's a total media echo-chamber. Everything outside of that is treated as if it doesn't exist. There are some great tools out there which solve real problems but they have few users because nobody can find out about them.

Rury 1 year ago | | |

I mean, adoption by anyone right?

Although adoption I think is largely a matter of marketing. Outside of more people willing to search into open source alternatives themselves, or contribute more to open source projects... what else is there to foster adoption?

If corporate entities weren't doing that, then it would have to be non-corporate entities doing that. No?

taurknaut 1 year ago |

People have pointed out for decades now that the OSI is a corporate alternative to free software. That was always the complaint.

froh 1 year ago | |

What do these people mean?

OSI is about untangling the licenses such that corporations understand which components carry which legal obligations.

in this way OSI is supporting the use of free software.

In that light the "an alternative of free software" part doesn't make sense to me. at all.

taurknaut 1 year ago | | |

Many open source licenses are non-free. It's simply not useful to generally conflate the two concepts when they have distinct meanings. I never have nor ever will look towards the OSI as contributing to the free software movement rather than trying to choke it out.

mistrial9 1 year ago | |

as a strong supporter of the GPL, IMHO the word "free" in English has played out and needs replacement.. instead "Libre" expresses the idea with fewer issues.