Announcing the first POSS Fund
7.500 € for Lombok and PyPi - and that is just the beginning! From 2022 PRISMA is sponsoring open source projects with annual donations. We start off with this two, but 2023 we intend to sponsor three projects with 5.000 € each! Additionally, employees can choose projects to give a small contribution to. Why do we do so? Because it’s time to give back. Philipp Zins, Frontend Engineer at PRISMA, explains all.
It isn’t an overstatement to say that Free and Open Source Software (FOSS) drives the world. If you’re reading this article digitally, the chances are you’re doing so via one of four browsers: Edge, Chrome, Safari, or Firefox. And the primary aspects (or, in the case of Firefox, the entire aspect) of each of these browsers are built as open source software.
In essence, open source software allows anyone to view the software’s source code and gain an understanding of how it was created. Usually, anyone is able to contribute bug fixes or new features to the software, or even create alternative versions of them.
We all rely on Open Source Software
And it’s not just the core of these browsers that are open source. They depend on open source software themselves, either by directly including their code or using open source tools to develop them. Furthermore, every open source dependency might have their own dependencies too, which might have their own dependencies, which might … and so on.
Reading this, you might be starting to appreciate quite what a complex beast the open source ecosystem is. Indeed, as an engineer, I’m often left in wonder that it works at all - especially when I look closely at the kind of dependencies I highlight above.
Driven by Engineers in their Freetime
While most open source software projects are backed by big international multimillion dollar companies like Microsoft, Google, or Apple, there are some that are supported by non-profit organizations like Mozilla.
But the truth is that the open source software that most companies depend upon is often entirely driven by engineers in their free time. In fact, it’s not unusual to see a project solely maintained by a single person. If the communities behind such a project grow over time, the number of bug reports, support questions, and feature requests also increases. Sometimes maintainers might be able to turn their hobby projects into a business, but often they simply burn out, development stalls, and they stop participating in their own projects completely.
If we at PRISMA were dependent on such a project, the consequences could be severe, resulting in us no longer receiving bug and security fixes or new features. Sometimes we might be able to pick up such an abandoned project, but ideally, we’d like to prevent the situation developing at all.
That’s why we’re announcing PRISMA's Open Source Software Fund - the POSS Fund.
We know there are many factors that determine the long-term sustainability of an open source project. But we believe that monetary support, in particular - and in turn time, since project maintainers also have full-time jobs - is the most important.
Reasons to choose Open Source Software
Before revealing more about our sponsoring program, I’d like to briefly explain why - besides all the complexity and risk mentioned above - I believe it’s a good idea to depend on open source software to cover general use cases.
Firstly, let’s consider the alternatives, which would either be to implement everything on our own or to buy all solutions as closed source software. Not only could both of these options become rather expensive, but there are other downsides too. Onboarding new developers would become harder as it would be less likely they’ve used our solution before - or it would be downright impossible if we use a custom build solution. And while it’s not the case as a general rule (nor exclusive to open source), the most popular open source solutions do have a reasonable amount of freely accessible documentation and tutorials, as Python offers for example. Or have a look at this free tutorial video from Lombok.
Then there’s the fact that having a closed source software would also make it harder, or even impossible, to contribute bug fixes or features back into the code. What’s more, being able to read the source code can create a better understanding of what happens in certain situations.
And on the topic of understanding, a modern software platform has many different general but complex concerns. Take authentication as an example. There are hundreds of organizations specializing just in this specific area over multiple years. For a small company, it would simply be unfeasible (nor indeed sensible) to create an authentication from scratch.
Of course, as is often the case, there are exceptions to this rule, and it remains true that it’s sometimes better to avoid an open source solution for a general problem. But I hope my explanation above shows that the pros of open source outweigh the cons by some distance.
How the POSS Fund works
After some internal brainstorming, we settled on two different ways to sponsor open source software. We called them Critical Tier and Personal Tier.
The Critial Tier: projects we rely on
PRISMA will sponsor open source projects which are very - yep, you guessed it - critical to us. These are dependencies on which we rely heavily and that can neither be easily replaced with a different dependency nor maintained by us. We have a high interest in the future support of these dependencies to ensure security fixes, improvements and compatibility with other parts of our technology stack. To gain our support, these dependencies must have a proven track record of helping the wider developer community and shouldn’t already be funded by one of the larger international companies.
Our intention is to sponsor these kinds of projects on an annual basis and for the first year we’ve chosen Lombok, which will receive 5.000 €, and PyPi, which will get 2.500 €.
Lombok - an annotation-based Java library
Lombok is a Java library that automatically plugs into your editor and builds tools, spicing up your java. It improves the expressiveness of the Java language by automatically adding necessary boilerplate code during the compile process. Despite being largely a two-person project without huge funding, it is omnipresent in the Java ecosystem and its use is advocated by many developers and organizations. Thank you, Roel Spilker and Reinier Zwitserloot - we owe a beer!
PyPi - the official Python Package Index
PyPi is an important piece of infrastructure, that allows us as developers to actually publish and depend on other open source projects. It is of course in and of itself an open source project. You can think of it kind of like a store from which you can get your groceries. PyPi solves some incredibly hard problems. Every improvement they make, will save time and resources for every user who depends on them. Basically, if checkout at the store is faster, everybody wins.
We’ve already made an update to this process and, as a result, from the start of next year, we’ll actually sponsor three projects with 5.000€ each!
The Personal Tier: Employee's choice
Under this tier, every two weeks any individual PRISMA employee can choose a project of his or her choice to sponsor with 50 €. This is done on a rotational basis and there are no significant restrictions. It doesn’t matter if we ever actually use this project in our code base - if someone thinks the project is worthy of receiving monetary recognition, we’ll do it.
The only requirement is that the project is shared in our bi-weekly community of practice meetings attended by internal and external PRISMA engineers. This way, not only can we support smaller projects, but we can also create incentives to share news about cool new projects and spark discussions among our engineers. For example, we’ve already sponsored smaller developer communities like Schrödinger Hat up to the omnipresent cURL, which has mainly been driven by a single person - Daniel Stenberg. Thanks Daniel!
So there we have it. We hope you’ve come away from reading this post with an enhanced appreciation of why open source software can be such a valuable tool for everyone - and why we are embracing it through our POSS Fund.