Despite the many advantages of using open source software, one of the often-cited downsides is the lack of constant support. If people using the software run into issues and need help, it may not come immediately. That’s because dedicated — but often overworked — volunteers are often the ones that maintain open source software.
Most tech companies have paid developers on their internal teams, but they also rely on bits of open source code overseen by people who give time to those projects without pay.
However, a new partnership between Pallets, a Python Software Foundation fiscal project, and open source management company Tidelift, will allow programmers and coders to be paid for the software they develop and maintain.
Details of the Collaboration
This pairing between Python and Tidelift centers on The Pallets Projects, which a collection of web development libraries. Community members keep them going, and millions of people download the libraries each month for web applications of all types and sizes.
“The Pallets Projects, including the Flask web development microframework and Jinja2, Werkzeug, itsdangerous, MarkupSafe, click, and Flask-SQLAlchemy libraries, are some of the most widely-used projects in the Python ecosystem,” says Donald Fischer, co-founder and CEO of Tidelift. “This partnership means Tidelift and our customers will pay the Pallets maintainers for the value they create.”
“If you are a user of the Pallets Projects, the bottom line is that the maintainers will have additional financial support for their work, which will help the projects continue to thrive,” he says. “If you are a Tidelift customer, it means that you’ll be able to expect an even deeper level of assurances around these projects—including additional maintenance, security updates, indemnification, and integration — as part of the Tidelift Subscription.”
Tidelift is a company that provides an open source management service on a subscription basis. The companies that rely on open source software sign up for subscriptions from Tidelift. Then, Tidelift uses a portion of the subscription fees to pay the developers who work on resolving issues. Tidelift actively engages with maintainers, encouraging them to flag the problems cited by the companies paying for Tidelift subscriptions.
A Tidelift representative confirmed that the company already provides commercial support for more than 1,000 of the most common open source components, including some associated with Pallet. But, this focus on Pallets Projects is new.
Enabling Companies to Avoid Using Internal Resources
As mentioned earlier, the volunteer nature of the maintenance for open source projects means they don’t get updated or fixed as often as necessary.
As a result, some of the companies that depend on open source components have to use people from their own IT teams, plus bear the responsibility of anything that might go wrong after the tweaks. Beyond that, Tidelift’s subscriptions let those companies provide direct support to the volunteers who know Pallets best.
“Tidelift customers will receive an even deeper level of assurances around the Pallets Projects — including additional maintenance, security updates, indemnification, and integration — as part of the Tidelift Subscription,” says Fischer. “More broadly, these are some of the most commonly used Python projects. By paying their maintainers, Tidelift and our customers hope we’re contributing in an immediate and meaningful way to development that benefits the Python community at large.”
How Does This Pairing Between Pallets and Tidelift Help Developers?
From the perspective of the people who sign up as maintainers with Tidelift, they get compensated for their time and effort. Tidelift achieves this arrangement by scanning a subscriber’s open source stack to verify which packages it uses.
Then, the company splits up the subscription fee to distribute it to the people who maintain the exact packages the company uses. Maintainers also have the opportunity to earn more by participating in a process that Tidelift calls “lifting.” It breaks the lifting tasks down into four work categories. Security is one of them. So, if a maintainer provides information about security vulnerabilities with The Pallets Projects, that could boost their earnings potential.
Not surprisingly, maintenance is another category of lifting tasks. By signing up as maintainers, people accept the responsibility of keeping a package up to date and informing its users of any changes made. Tidelift also alerts maintainers to some of the issues identified by subscribers. Its data shows that developers spend about one-quarter of their code maintenance time dealing with open source components and dependencies.
Addressing Known Issues
Tidelift is a startup company founded in 2017 that’s attracting attention — probably due to how it aims to solve a marketplace need. At the start of 2019, the company raised $25 million in Series B funding only seven months after a previous round. That success brought the total financial backing to $40 million since the company’s launch.
Much of the company’s success so far likely comes from the fact that Tidelift wants to tackle an identified pain point about open source software. Companies need to depend on some open source components, but they want to do so without worrying about having trouble getting support regarding updates and identified bugs.
A lack of accountability is another downside of open source software, but it’s one that compensation could reduce. Since Tidelift only compensates maintainers who adhere to a defined set of responsibilities, this gives more consistency to the companies that use Pallet. Plus, it sets the expectations for maintainers that are working to make Pallet’s web development libraries as trouble-free and current as possible.
Making Open Source Contributions More Sustainable
Even the people who love Pallets and spent years volunteering to make it better sometimes get burned out and frustrated.
But, since Tidelift’s model involves the corporations that use Pallet, Python or other open source programs paying subscriptions that help compensate the contributors, the company may bring about a drastic change in what it means to work on open source software and how to do it without getting overwhelmed and exhausted.
“Community-led open source projects like the Pallets Projects are the backbone of modern software development,” Fischer said. “[T]hey make up 70% to 80% of the code in new applications. Every corporate application development team relies on them, yet they typically don’t have a corporation controlling their technical direction or investing in them.”
He says, “[t]o help ensure the health and vitality of Pallets and thousands of other community projects, Tidelift will continue to seek opportunities to partner with independent open source maintainers and community-led foundations like the Python Software Foundation and Ruby Together.”
Tidelift is a sponsor of The New Stack.