The use of open source software has been steadily increasing to the point that is now mainstream. In the ninth Future of Open Source Survey, prepared by Black Duck Software and North Bridge Venture Capital, research results indicated that 78% of companies run on open source in 2015. That contrasted with a mere 42% using open source in 2010.
On the other side of this demand, is supply delivered by a very few individuals who do not get paid directly for their contributions. With the number of open source libraries increasing dramatically and overall system and network complexity exploding, what could go wrong?
A 2017 Open Source Survey on GitHub not only corroborated the penetration of open source in corporations (72% of respondents said they always looked for an open source option first), but also highlighted the very real issues associated with it. The two top issues were found to be a lack of documentation (93% reported) and unresponsiveness (78%). Within the documentation issue, over 60% of people say that a clear license was extremely important.
Another set of four issues points to a general level of hostility that has emerged between those who provide the open source code and those who consume it. These include dismissive responses (57%), conflict (43%), unexplained rejection (26%), and unwelcoming language and content (17%).
Why is this? Very few people are supporting any given module that is now in use by thousands of companies and touched by millions of users. They are not getting paid to fix problems, maintain security, write documentation, or add new features and support new configurations. This incentives issue also impacts decisions to create new libraries under permissive license. Why spend the time to build a great library if it will mostly benefit others who don’t pay for it?
An article in Vice from 2019, uses the Heartbleed bug introduced into OpenSSL as a classic case of how this ongoing irritation manifested into a major industry wide security problem. The author later provides extensive use cases that reinforce the general issue of maintainer burnout from not getting paid and being asked to fix their code as if they were a software vendor.
In our opinion, it’s become fairly obvious those who create the open source modules used by industry should get paid. The question is really how the money should be distributed, to whom and for what purposes. Over an NouGit, we argue that an ecosystem must emerge for building and supporting open source software in a largely distributed way through incentives appropriate to the participants involved.
As these many issues with open source were identified in the past five years, a few competitors formed to address them at the high level. While these responses have seen some success, and some investment, they do not fundamentally fix the underlying issue in open source. Innovative and entrepreneurial contributors are not getting paid to work on early stage ideas, and there is hardly any way to connect people socially in such a way that project teams stick together. Here are the more challenging issues that NouGit addresses.
Open source has a high newcomer drop out rate. For example, 82% of new Apache Hadoop contributors drop out after one contribution. Reasons for the high dropout rate fall into six categories: Newcomers’ Characteristics (26%), Newcomers’ Orientation (22%), Reception Issues (5%), Cultural Differences (7%), Technical Hurdles (25%), and Documentation Problems (15%). Original research on needs and possible solutions is also found in Guidelines for the Successful Onboarding of Newcomers to Open Source Projects. NouGit will enable projects to pay devs to build out documentation and onboarding materials.
Of the time that isn’t spent programming, developers spend it on designing software, going to meetings, testing, bug fixes, maintenance, security related issues or others. Of developers who contribute to open source, 49.20% just want more time to be able to contribute. By modularizing workload and posting bounties for smaller parts (such as bug fixes and minor feature requests), developers free up their time to contribute to OSS. NouGit’s ability to post code contributions and feedback loops should help this.
Contributors have expressed a need for tools specific to their differentiated contributions. Current tools are one-size fits all. Six types of activities explained 61% of the data variance in the referenced study: Knowledge Sharing, Code Contribution, Issues Coordination, Progress Control, Code Tweaking and Issue Reporting. This research also identified four active roles and five supporting roles of open source contributors. NouGit’s community management tool sets and communication tools can accelerate this.
A longitudinal study on the exits of 58,091 people from OSS projects on GitHub found that people with higher social capital were less likely to exit a project. Essentially, people with stronger ties to the project were more likely to stay and contribute. This is positive because they are already trained and know the project well. NouGit’s social network feature set can help enable this.
A recent study of bounties processed through the Bountysource platform with a total bounty value of $406,425, found the timing of proposing bounties and the bounty-usage frequency to be the most important factors that impact the likelihood of an issue being addressed. More specifically, issue reports are more likely to be addressed if they are for projects in which bounties are used more frequently and if they are proposed earlier. NouGit will allow both maintainers and everyday developers to propose, crowdfund and code what we’re referring to as a “Task”, which can be used for bug bounties, feature requests, documentation writing and full on software products.