“Software is eating the world” quipped Mark Andreessen in 2011 [4]. Today it is apt to say that “Open Source is eating the software world.” From toasters to a helicopter on Mars, systems are using a robust amount of open source software in their stack. According to the 2021 Open Source Security and Risk Analysis Report by Synopsys [1], 75% of all codebases were comprised of open source code alone.
However, it is still not always easy to work with open source projects 30 years after open source came into being. Organizations and individuals experience challenges in gauging the health of a project: is it stable, secure, sustainable, and will it be there if I depend on it, are common concerns. While the acquisition of open source is free, there is significant effort needed to comply with the hundreds of open source licenses used. To be successful, it is important for organizations that consume open source to contribute back, and to engage with the project. Projects come in all shapes and sizes, with different processes, tools, and funding models; knowing how to navigate open source is a learned skill. As open source companies mature, they also need to learn to release code that they have created, and learn to build communities of users and contributors around it.