Elevate company time/code contributions

[chadwhitacre]

In talking with companies about the Pledge both online and especially in person at OS Summit last week, one theme is that code contributions are currently seen as a major way a company participates in Open Source. In other words, they employ developers to work on OSI-licensed software. Our current story is that we invite them to report the annual dollar value of these contributions if they wish, but that $/dev is calculated exclusive of that.

I think it's a legitimate position to take to say that FTEs working on Open Source is a major investment and should be acknowledged more seriously in the Pledge. Here's a proposal for how to do that with minimal impact on our current model and member base:

1. Add a field to report on number of FTE developers working on Open Source. We have averageNumberOfDevs, so call the new field averageNumberOfOpenSourceDevs or something.
2. Expose this field in the member listing and profiles.

3. Account for the new field in $/dev computation as follows:

   diff --git a/src/members.ts b/src/members.ts
   index 2ec3053..5cb1647 100644
   --- a/src/members.ts
   +++ b/src/members.ts
   @@ -14,7 +14,7 @@ export function getReportFullTotal(report: MemberReport) {
   }
   
   export function getDollarsPerDev(report: MemberReport) {
   -  return report.payments / report.averageNumberOfDevs;
   +  return report.payments / (report.averageNumberOfDevs - report.averageNumberOfFOSSDevs);
   }
   
   export function fmtCurrency(num: number) {

4. Deprecate the moneyValueOfTime field.
5. Rename moneyValueOfMaterials to giftsInKind (I think @ezekg is the only one using it right now?).

[vladh]

I think this makes sense, but should we be very clear that this only applies to employees who exclusively (or almost exclusively) work on Open Source software?

Also, I'd call it averageNumberOfOpenSourceDevs or something, we don't use “FOSS” anywhere else.

Minor note: removing a field means we have to actually make it optional, lest we run into failing Zod validation. 😛

[chadwhitacre]

Also, I'd call it averageNumberOfOpenSourceDevs or something, we don't use “FOSS” anywhere else.

👍

Minor note: removing a field means we have to actually make it optional, lest we run into failing Zod validation. 😛

Right, until if ever we could remove it from all upstreams. ☺️

I think this makes sense, but should we be very clear that this only applies to employees who exclusively (or almost exclusively) work on Open Source software?

Yes, and we should also exclude FTEs working on single-vendor commercial Open Source projects. Best way to define that is probably trademark, if your company owns the trademark for the project then your FTEs working on the project don't count. I just hashed this out in person with @mitsuhiko and it seems to cover most cases.

[mitsuhiko]

Dedicating resources towards Open Source full time is a larger financial commitment so this does make sense. This basically turns the financial sum that is contributed separately do that into how large you want that $/dev number be (up to inifite).

averageNumberOfDevs	averageNumberOfFOSSDevs	payments	$/dev
10	0	50000	5000
10	1	50000	5555.56
10	5	50000	10000
10	9	50000	50000
10	10	50000	inf

The most important part here will be having a reasonable definition of what a "FOSS dev" is.

[chadwhitacre]

In The 10 and 10 case is essentially a FOSS foundation at that point and should be receiving rather than joining the Pledge. :P

Let's go with averageNumberOfOpenSourceDevs and let's define it as "full-time equivalent developers on staff working on Open Source projects for which your company does not own the trademark." Reasonable?

[vladh]

I would specify something like “fully” Open Source, so that I can’t work on an Open Core project with 9 Open Source bits and 1 proprietary bit where I spend a lot of time working on the one proprietary component.

[mitsuhiko]

The only challenge I see with the trademark is that not necessarily each open source project has a trademark to begin with though I suppose with commercial involvement it's more likely that it will.

[chadwhitacre]

not necessarily each open source project has a trademark to begin with

Expressing it negatively helps in this regard, "projects for which your company does not own the trademark." If a company's devs work on projects that don't have a trademark then that counts for Pledge, because of course the company doesn't own the trademark.

specify something like “fully” Open Source, so that I can’t work on an Open Core project with 9 Open Source bits and 1 proprietary bit where I spend a lot of time working on the one proprietary component.

Armin and I were thinking that this case would be excluded. Cal.com devs working on Cal.com, regardless of license (OSI or not), do not count for Pledge because Cal owns the trademark for the project/product. You think this should count?

[ezekg]

Armin and I were thinking that this case would be excluded. Cal.com devs working on Cal.com, regardless of license (OSI or not), do not count for Pledge because Cal owns the trademark for the project/product. You think this should count?

I don't think it should count, because they're working on Cal.com's core product. The trademark thing is a good idea, but I'm still not sure e.g. $company should be able to count employees working on $company's core product regardless of trademark.

It should be actual OSS contributions, e.g. Heroku funding Ruby by employing Matz (example — not 100% sure if true).

[chadwhitacre]

$company should be able to count employees working on $company's core product regardless of trademark.

Any concrete examples come to mind of a core product for which a company does not own the trademark? Seems to me only theoretical but open to examples.

[vladh]

Armin and I were thinking that this case would be excluded. Cal.com devs working on Cal.com, regardless of license (OSI or not), do not count for Pledge because Cal owns the trademark for the project/product. You think this should count?

Yep, I agree, I had misunderstood.

[ezekg]

$company should be able to count employees working on $company's core product regardless of trademark.

Any concrete examples come to mind of a core product for which a company does not own the trademark? Seems to me only theoretical but open to examples.

No specific examples.

[patak-dev]

About only counting devs that work 100% of their time on OSS, I think we would discourage some healthy contribution models. In our case, for example, I'm working full-time in Vite (external OSS project for StackBlitz), but Ari is working half-time in Vitest (external OSS) and half-time in StackBlitz OSS projects. I think that counting him as 0.5 for averageNumberOfFOSSDevs would be important. I know of others that are employed under the same model (I was offered the same deal before joining StackBlitz too), and IMO it is a very interesting arrangement that works great in a lot of cases. So, in our case, that field would be 1.5.

About the change in the calculation of getDollarsPerDev, I think it makes sense. I just realized that not only we aren't counting towards the pledge but hiring us actually makes the per-dev amount goes down. So at least not affecting the number negatively is a good improvement.

I would prefer if the Open Source Pledge could go even further and encourage the hiring model more (only talking about OSS devs that aren't working on the company products here, even if they are OSS). For example, there could be an equivalence about 1 full-time OSS hire counting as N 2k per-dev per-year towards the pledge. It doesn't need to be at market rates. If a 25 dev company hires 1 external OSS dev full-time, that could contribute the same or more to me than donating 50k per year (I would probably go even higher, maybe 50 dev / 1 OSS FTE equivalence). It doesn't matter if this value is added to the per-dev/year amount, but IMO, this company should be welcomed to the pledge too. I think this is important if we'd like to avoid companies that have the budget to hire one FTE dev (but not to also do 2k per-dev/year on top of that) and would like to join the pledge to be able to choose that option instead of dropping the hiring idea in favor of external contributions. I may be bias because of my own experience here, but being hired to work on external OSS projects is very healthy for both the maintainer and the maintained project if done right.

[dcramer]

Let me give you my opinion and insight, as I've driven most of the programs that fund things at Sentry, and I pushed hard to make something like this pledge a thing.

High level:

1) We do not need to appease everyone. We're trying to solve an unsolved problem and thats improtant to remember. The issue isnt "Linux needs funding", its "look at all these semi-popular npm deps that no maintainers". 2) Deducting FTE that work on Open Source is a non-starter for me (from a "$2k/dev" agenda). Its great that people do that, but that doesn't help solve the above problem. Almost always those people working on OSS are not actually free to work on whatever they want, and its almost always only the major projects that are already often well funded. 3) A fair question to ask is if you employ someone thats working on open source full time, does that count? I dont think it should because of the notes above. Its not to say its bad, but its not solving the problem we've identified. A bunch of companies would instantly qualify for the pledge - without contributing to their hodge podge of upstream deps - by employing one or two devs to mostly work on OSS.

I'll give some insight into Sentry - into ways we give money which we do not qualify as part of the Pledge:

1) We employ a lot of engineers, they work on Open Source. A lot of this is permissive, most of its Sentry-needed. Questionably, but I don't consider it a qualifier. 2) We pay contributors to almost all of our projects historically (primarily our SDKs). 100% not a qualifier. 3) We fund some projects we think are important to our business here and there, often with no strings attached. rrweb is a good example that we used to fund a core maintainer of. "pay us for time you spend on this, no strings attached". 100% qualifies. 4) We give a lot of money each year to open source deps. We had a semi-arbitrary budget historically we approved yearly. This was primarily via thanks.dev. 100% qualifies and what we built the pledge on. 5) We go to a lot of community run events, sponsoring them, etc etc. That money sometimes goes to help fund their core maintainers (e.g. DSF). 100% doesnt qualify. 6) We recently hired Ryan Carniato and gave him largely free reign to work on Solid.js (more than most companies give, based on all the examples I've ever seen). I don't think this qualifies, but its something that more companies could easily do.

So lets talk about (6) because thats the core thing here. There's three core points:

1) A couple of folks working on open source full time is not that much money in the 2k/year equation. People can pay up. 2) If we allowed you to deduct the money you spend on the engineers, the math is non obvious, and no ones going to really want to deal with it except people who could already pay up. For example, say its 50% time. Do we take 50% of salary? 50% of salary+equity? 50% of total cost of employment including benefits? It just gets silly. 3) How does funding Solid.js help solve the upstream dep issue where most of our deps are largely unmaintained? 4) We benefit from funding Solid.js both from a brand awareness point of view, as well as (hypothetically) nudging Ryan in ways to help us make sure certain things are supported. This is how most of these commercial relationships work in my experience.

I understand academically why we think we should special case these FTE's that work on Open Source, but frankly, it looks too complicated, and doing it doesn't really service the primary goal we had in mind.

[AlemTuzlak]

I would like to give my 2c here. I am the co-founder of a new company called Forge 42 (https://github.com/forge42dev) and we are very young (not even half a year) and there are 2 co-founders and 1 dev. We contribute 2.4k annually to OSS projects we support and use + I personally maintain 10 OSS projects that can be found on our org Github. We have no benefits from maintaining the projects (at least monetary) and we do it to help others. We have dedicated time of the week (1x day per 2 weeks) where I fix issues, add new features etc.

I am not sure how much do we count towards the pledge, we would like to contribute more money but at the moment we are unable to do so, but we are strong supporters of this pledge and want to be a part of it. One of our core beliefs is support of OSS and hence why we contribute at this stage of our growth.

Also, something else I find important and I'd like to highlight, in the US, and other developed countries, 2k a year is maybe not a big deal but in 3rd world countries it's a HUGE amount of money, devs get paid pennies, for example a junior in my country has an average salary of 600-800€ and a senior anywhere between 1.5k-2.5k €. This pledge is a bit exclusive when it comes to poor countries, maybe that's by design, maybe not, but something I wanted to highlight.

[chadwhitacre]

Thanks for weighing in @AlemTuzlak. We have #36 to discuss ways to better account for purchasing power disparities in the future. For launch we need to focus on developed economies.

As to the main question on this thread, it seems we have a few options:

1. Keep things as they are. For purposes of $2k/dev/yr, devs are devs, no matter what they work on.
2. Soft-acknowledge OSS devs. Of course companies can report whatever they want for numberOfDevs. We aren't auditing, we're going on trust. We could put it in our documentation, "Feel free to not include OSS devs."
3. Hard-acknowledge OSS devs. Add a new field like I initially proposed.
4. Encourage the hiring model more. Formalize some equivalence as @patak-dev suggested, 1 full-time OSS hire counts as N 2k per-dev per-year.

To my mind (4) dilutes our message too much. As @dcramer says, Pledge is about paying maintainers, meaning very specifically unlocking funds from companies to third-party upstream projects. This is the biggest pain point in the ecosystem, and this is the problem we aim to solve with the Pledge.

We learned with Fair Source that properly limiting scope is key to clarity and adoption. Specifically over there we decided at the last minute to make DOSP a hard requirement, we alienated a potential partner but it has made the whole thing much more understandable and impactful overall. The way I am applying that lesson here is that we need to limit the Pledge to focus on payments to third-party maintainers.

Now, we still need to decide between (1), (2), and (3). Considering (2) and (3), I do think we could find a simple definition for OSS devs such as:

full-time equivalent developers on staff working on Open Source projects for which your company does not own the trademark

We're not talking dollar equivalents so that simplifies greatly. For StackBlitz I would round up to two (no sense fiddling with fractional FTEs). For Sentry the number might be something like 10: one for Ryan, and nine to account for the random upstream contributions the rest of our 100+ engineers have made over the past year.

If we feel that the "nine to account for the random upstream contributions" introduces too much ambiguity, we could tighten up the definition to require publicly naming specific people. Ryan for Sentry. Matias for StackBlitz. This would bring some accountability and transparency.

That said, as soon as Fastly or Cloudflare gets in here they're going to say, "What about our donated bandwidth? That should offset our $2k/dev/yr, too!" and I kinda feel like this whole thing is easier to reason about and promote if we keep the story simple: Pledge is $2k/dev/yr in no-strings-attached payments to external Open Source maintainers, regardless of whatever else you do.

[chadwhitacre]

I'm getting ready to close this as won't-do, for the reasons above. Last call for comments.