There was a long discussion at the end of last year regarding the state of open source, and if I see one more time the XKCD image with the one small project that holds everything to not fall, I swear I’m gonna scream. Not because it’s not partially true, but mostly because it’s one of the things that basically open source is about and proliferating that picture is all about „let’s make everything corporate”.
The discussion started around the log4shell vulnerability ended up fixing log4j and the silly feature needlessly implemented by a logging system, and leaving hundreds of thousands of websites and devices still vulnerable, mostly because they are out of maintenance or their administrators don’t care about these things (how many times did you hit skip on the „update now” dialog?). But what it didn’t do is fix the fundamental flaw of 2022 open source world. Its uncomfortable symbiosis with the corporate world.
Nor can that be fixed. The scale at which software is developed in 2022 is many orders of magnitude higher that what was possible in 1992. In 1992 you started writing software by implementing a linked list or whatever data structure you needed for your program. In 2022 if you can’t ship a fully functional e-commerce site in half a day you’re not doing computing right, and while I do exaggerate for rhetorical purposes, the essence is there. Software in this day and age incorporates a million little pieces we don’t know nor care about, which we expect to fit in like LEGOs, and there’s no time to write a better linked list if one’s needed. But software was not always done like that, and it was a combination of scarcity and trade-secrecy that protected all the possible pieces you could use to deliver a solution, which meant you could never compete with corporate products that had these pieces, these solutions, all locked inside their own secret circles.
Open source was meant to fix that. And it’s been quite a change from when I first started writing software and the current day. When I started, open source was seen as a distraction for the amateurs, something small, for passionate hobbyists. Now not using open source is virtually impossible, especially since all the currently developed browsers are forks of the open source KHTML engine. Open source is everywhere.
So much so, that even inside corporations not using open source software to implement your solutions requires in-depth explanations to your management. Naturally, corporations ended up taking care of a lot of the open source technological stack too. Redhat is the most notable - a business built on open source software, contributing enormously to the development of open source, ending up so big that the only reason that IBM is still called IBM after its merger with Redhat is, probably, the cost of rebranding the otherwise dying giant.
So what did the proliferation of open source at global level meant, beside the impact it had on corporation? The culture of reuse, a basic tenet of the software world, meant that one should reuse existing components before implementing their own solution. That meant that you’d prefer dropping your own proprietary solution in the favor of public, open implementations that are at least in theory vetted by a lot more people than your business can affort to spend looking at the source code of individual pieces. It meant that people started treating open source software like LEGO pieces - even if they are not perfect, they will fit, and they will have to fit, because you can no longer afford to build that piece yourself.
Open source also had a certain appeal - the cool factor - on its side. Writing open source made you visible, allowed you and your creation to gain traction and visibility. And that was a reward in itself - so you now have millions of developers trying to do open source for the fame or for the portfolio. And you end up with a gazillion little pieces of open source that end up being incorporated in larger projects, as their careers evolve and they don’t want to give up their past creations. That’s how you have the leftpads of the world creeping into bigger projects, that’s how you have failed terrorists holding corporations hostage in faux protest against corporations not paying developers (aka himself).
But should they? Corporations obviously depend on open source software, so they should give back and they do. Most of the open source code out there is corporate through and through. Very few individuals can develop at the scale of how software is done today „from scratch”, and most corporations end up fixing and/or maintaining a lot of open source estates - making it, at the same time, near impossible to contribute as an individual developer in open source projects. Or starting your own. And if you do the only way you can be really successful is if your project is trusted by a corporation and they start to use it, and propagate it.
Sure, corporations don’t maintain all the open source software, and all the people are crying Wolf about the fact that there are people out there that are not paid (by corporations, hehe) and still thanklessly maintaining crucial projects.
But is this what open source is about? Is it about being „good corporate soldier, but visible to everyone?” Or is it about the freedom of thanklessly developing a better C++ build system and being ignored by the rest of society when doing so?
So when you complain about corporations not paying open source developers, I can only tell you „please, shut the heck up”. You’re speaking out of your ass. Open source was never about getting paid. And while corporations do their amount of thievery (I’m talking about you, Apple, and your shameless stealing from KHTML that went on for years without contributing back) they also give back enough to even make me forget for some time that 20 years ago they were paying people not to use open source software (I still remember the FUD from Microsoft #neverforget).