Skip to main content
Category

Blog

Unveiling the 2023 World of Open Source: Japan Spotlight

By Blog, Linux Foundation

The 2023 World of Open Source: Japan Spotlight report, featuring a foreword by Noriaki Fukuyasu, VP of Operations for the Linux Foundation in Japan, offers a thorough and insightful analysis of the current state and trends of open source software (OSS) in Japan. Authored by Adrienn Lawson and Stephen Hendrick of Linux Foundation Research, this report is pivotal in understanding the dynamics of Japan’s involvement in the OSS arena.

Fukuyasu-san, in his foreword, sheds light on Japan’s distinctive role within the global OSS framework. He emphasizes the importance of comprehending how Japanese organizations and the wider community engage with OSS regarding usage and development and their leadership roles within this space. He provides a relevant backdrop to the report, highlighting Japan’s unique contributions and challenges in OSS.

This report is an invaluable resource for anyone keen to grasp the depth and breadth of Japan’s OSS landscape. It highlights the country’s evolving role in the global OSS community, offering a rich, survey-based exploration into how Japan contributes to, consumes, and leads in the world of open source software. Whether you are a developer, an executive, a policy maker, or simply an OSS enthusiast, this report is a must-read to understand the multifaceted nature of OSS in Japan and its implications for the global technology ecosystem.

Download the Japanese Version of the Report here: World of Open Source Japan Spotlight 2023 – Japanese

 

The uniqueness of Japan in the OSS landscape

This analysis reveals a dichotomy of findings, juxtaposing Japan’s alignment with global trends against its unique challenges and opportunities within the OSS ecosystem. The report offers a dual perspective on Japan’s OSS journey, shedding light on its achievements and highlighting areas for improvement.

Adoption rates and security perceptions vs. regulatory and knowledge barriers

WoOS_Japan_2023_Infographic-1

  • High OSS adoption: Japan’s OSS adoption rate at 82% closely aligns with the global average, indicating robust engagement with OSS.
  • Contrast with challenges: Despite this high adoption rate, Japanese organizations grapple with regulatory compliance and a lack of understanding of OSS nuances. Concerns about quality, security, and intellectual property further complicate this landscape.

Trust in security vs. contribution challenges

WoOS_Japan_2023_Infographic-2

  • Security confidence: 62% of Japanese organizations trust OSS to be more secure than proprietary alternatives, reflecting strong confidence in OSS security.
  • Hesitation in contributions: This trust contrasts with the challenges in contributing to OSS, shaped by cultural and organizational factors and a lack of incentives for contribution.

Diverse contributions vs. legal and IP hurdles

WoOS_Japan_2023_Infographic-5

  • Broad engagement: Japan’s OSS community actively contributes beyond coding, including issue reporting and documentation.
  • Legal barriers: Intellectual property, legal concerns, and complex licensing issues are significant barriers to deeper OSS engagement.

Recognizing OSS benefits vs. underappreciation of non-technical benefits

WoOS_Japan_2023_Infographic-8

  • Strategic advantages acknowledged: Japanese organizations recognize the strategic benefits of OSS, such as improved productivity and innovation.
  • Non-technical benefits overlooked: There remains an underappreciation of the non-technical benefits of OSS, like community building and cultural improvement.

Policy and training shortcomings: an area for growth

  • Lack of structured policies: The absence of structured policies and comprehensive training programs in Japan highlights a critical area for development.

Actionable insights for a thriving OSS ecosystem in Japan

Establishing Open Source Program Offices

WoOS_Japan_2023_Infographic-9

  • Role of OSPOs: Establishing Open Source Program Offices (OSPOs) can provide clear guidelines, ensure compliance, and foster a culture of open source contribution within organizations.
  • Strategic implementation: OSPOs can act as organizational strategic centers to streamline OSS adoption, contribution, and policy development.

Enhancing security in OSS

  • Prioritizing secure development: Enhancing security practices within OSS projects can alleviate concerns and encourage broader adoption.
  • Collaborative security efforts: Organizations can collaborate on shared security initiatives, benefiting the wider OSS community.

Expanding educational initiatives

  • Bridging the knowledge gap: Expanding OSS education and training programs can bridge the understanding gap and illuminate the full spectrum of OSS advantages.
  • Community and academic partnerships: Collaborations with academic institutions and community groups can further enhance OSS knowledge and skills.

Promoting OSS contributions

  • Boosting the ecosystem: Encouraging the open-sourcing of internal tools and company products can significantly contribute to the health of the OSS ecosystem.
  • Recognition and rewards: Implementing recognition systems for OSS contributions within organizations can incentivize active participation.

Tackling legal and licensing challenges

WoOS_Japan_2023_Infographic-4

  • Legal and licensing support: Addressing legal and licensing issues can empower more organizations to engage in OSS projects confidently.
  • Educational programs on licensing: Providing detailed educational resources on OSS licensing can demystify legal complexities for organizations.

Call to action

We hope this report encourages stakeholders across Japan to realize the full value of open source software and the communities supporting it. Whether you are a developer, an IT professional, a policy maker, or simply an enthusiast of technology and open source culture, this report offers a first-of-its-kind perspective into how OSS is shaping the technological landscape in Japan and how it compares and contributes to the global context.

To get involved, consider the following steps:

  • Educate yourself: Start by reading the full report to understand the current state of OSS in Japan. Knowledge is power, and understanding the landscape is the first step to making a difference.
  • Engage with the community: Join local and online OSS communities. This week, Open Source Summit Japan is taking place in Tokyo, which is the forum of choice for engagement. Participating in forums, attending meetups, and contributing to discussions can provide practical insights and networking opportunities.
  • Contribute to projects: Whether you’re a coder, a documentation specialist, or a tester, your skills can contribute significantly to various OSS projects. Find a project that aligns with your interests and skills, and start contributing.
  • Advocate for OSS in your organization: If you’re in a position to influence your organization’s software choices, advocate for adopting OSS and supporting OSS policies and training.
  • Educational and professional development: Continuously seek opportunities to learn more about OSS, whether through formal education, workshops, or self-guided learning. LF Research is a great place to start! 

ISO-PAS 8926 Overview and ISO 26262 3rd ed. Activity Planning (Video)

By Blog, Seminar Series

ISO PAS 8926 “Road vehicles – Functional safety – Use of pre-existing software architectural elements” has been approved by the ISO community. This achievement represents a recognition of the work done in the last 2 years by ISO Sub-Group experts from multiple organizations / delegation to include the evaluation of pre-existing complex software for Functional Safety without losing the original ISO 26262 backbone.

The goal of this talk is to provide an overview of ISO PAS 8926 content and its connection with the current ISO 26262 second edition. Moreover, it will be the opportunity to introduce at a high-level the ISO 26262 initiatives related to the 3d edition and their planning.

As part of the ELISA Seminar series, Roberto Paccapeli, Functional Safety Manager at Red Hat, and Gabriele Paoloni, Sr. PE at Red Hat, gave a presentation titled, “ISO-PAS 8926 Overview and ISO 26262 3rd ed. Activity Planning.

 

The ELISA Seminar Series focuses on hot topics related to ELISA’s mission to define and maintain a common set of elements, processes and tools that can be incorporated into Linux-based, safety-critical systems amenable to safety certification. Speakers are members, contributors and thought leaders from the ELISA Project and surrounding communities. Each seminar comprises a 45-minute presentation and a 15-minute Q&A, and it’s free to attend. You can watch all videos on the ELISA Project Youtube Channel ELISA Seminar Series Playlist here.

For more ELISA Project updates, subscribe to @ProjectElisa or our LinkedIn page or our Youtube Channel.

BASIL: the FuSa Spice

By Blog

Written by Red Hat’s Luigi Pellecchia, Senior Software Quality Engineer, and Gabriele Paoloni, Senior Principal Engineer

Introduction

Most of the safety standards across different industry domains are based on requirements definition and associated verification and validation measures to bring the residual risk of failure down to an acceptable level (according to the target safety integrity level). When it comes to claim the systematic capability of SW elements, it is very important to trace requirements down to the specification of such SW elements and to respective tests at different levels (unit tests, integration tests, validation tests).

There are different reasons behind this:

  1. Verification of completeness of safety activities: once we have full traceability in place from requirements to testing, it is much easier to detect if there is a gap between safety requirements, SW specifications and tests.
  2. Assessment feasibility: with traceability in place it is easier to verify the correctness of tests against associated requirements and code specifications.
  3. Maintainability of the safety case against incoming SW changes: if there are SW commits added later, with such traceability in place it is easier to determine the scope of requirements being impacted.
  4. Scalability of the safety case: if there are requirements to be added / removed, with such traceability in place it is much easier to determine the impact on the rest of the safety case (i.e. which code and associated tests to be added or removed)

Complying to safety standards imply a great effort for quality departments.

Quality Engineers  have to produce different work items, like Software Requirements, Test Specifications, Test Cases, Test Reports and need to provide evidence and traceability for internal and/or external audits.

Usually that happens across a complex toolchain that involves several tools, and different file formats.

Having the data organized in a structured way helps to keep the situation under control and enables a proper data visualization for the most meaningful picture at any time.

BASIL provides a way to create quality related work items and to relate them to a snippet of the specification document or to a snippet of the source code creating a view that will help you keep track of the status of the analysis.

A snippet is identified in BASIL with an offset and a text. That is because we can have the same text multiple times in a document and we need to be able to distinguish which one we want to use.

When creating a work item and a relationship against a snippet of the target document, the latter will be split in different sections showing the related work items in a 2 columns view.

Work items can be nested in different ways and BASIL provides different views focused on work items with direct mapping against the specification document or source code.

That is because any company can implement its own workflow and define which work items want to create and maintain.

So we can distinguish two different types of relationships in BASIL: direct and indirect.

Direct means the relationship is against the specification document or to the source code.

Indirect means that a work item is related to another work item and the relationship with the specification document or to the source code happens via an hierarchy of work items more less complex.

Each relationship, direct or indirect, will be characterized by a coverage percentage and the overall coverage will take care of all the work item hierarchy that users can specify.

BASIL can be easily integrated in other tool chains thanks to SPDX and a REST api.

All the data can be exported to SPDX in json format and it is possible to interact with the data via http requests as well.

Even if this level of traceability is mostly requested by Functional Safety projects, any software company can leverage BASIL to implement software quality management.

Software, its Specifications and work items are in continuous evolution and BASIL keeps track of this.

So any changes to any work items or relationship will be recorded in the database and it will be possible to see the history of each one.

What happens if the source code or the specification change?

First of all we can test in advance how our work items are affected by any change and we can automatically fix what the tool recognizes as a warning.

A warning means that a particular snippet still exists in the target document or source code, however it does in a different position (offset). We can set BASIL to automatically fix all these warnings.

If a new version of the specification document or of the source code  breaks any relationships, BASIL will show them in a separate section and we can adjust the mapping or delete it if no more needed.

BASIL was created to be a collaborative tool and due to that it comes as a web application and It provides also support for comments.

BASIL was developed by Red Hat during the first stages of RHIVOS (Red Hat In Vehicle Operating System) certification story and  was presented to the Elisa community in June 2023 during the workshop we had in Berlin. Thanks to the interest of the community we published it as an open source project in the Elisa GitHub repository in October 2023.

Started as a static html report of test mapping software components, it became little by little a dynamic tool that today implements state of art web technologies like REACT and PatternFly and it also comes with an e2e test suite in Cypress and a unit test suite for the REST api written in python.

Learn more:

 

A Recap of the Munich Workshop

By Blog, Workshop

Written by Philipp Ahmann, Chair of the ELISA Project TSC, and Kate Stewart, Vice President of Dependable Embedded Systems at the Linux Foundation 

On October 16-18, ELISA Project gathered at the Red Hat Munich office for an in-person workshop. The event had a great mix of attendees, including both familiar faces and first-time participants, with representatives from non-member companies such as Canonical, Volvo, MBition, Harman, and Valeo. While the workshop was primarily focused on automotive companies, there was also one participant from NASA.

Discussions centered around the core part of Linux, with a need to define what constitutes a core or minimal configuration. It was suggested that distro providers be consulted to determine their kernel configurations. The topic may continue in the architecture working group. A guide and methodology to strip down the kernel to a smaller use case and system-adjusted setting could also be useful.

A major part of the workshop was the discussion around BASIL, a new tool for tracing requirements code and tests that was proposed in the Berlin workshop earlier in the year. Introduced by Red Hat and open sourced just before the event, it has gained interest among other members, including SUSE. SUSE presented their approach on Automotive SPICE SWE processes for complex Open Source Software to get an argumentation around QM state of Linux and components in use of these systems. It is seen as promising by others and will be taken forward. It can be a path towards quality management argumentation of Linux systems.

Nvidia presented a more technical discussion on the kernel level, with a systematic approach to using the Linux kernel in safety scenarios. This was also interesting for Windriver and Elektrobit. The idea is to have a shared list of risk factors and potential interference between system elements. It is a bit of a direction like CVE to CWE if you want to compare it to security.

A session about the SPDX-SIG on Safety focused on requirement traceability with code and tests and gave a good fit to the discussions around BASIL. This was in line with the ELISA’s discussions around enhancing SBOMs to support safety argumentation and evidence.

Sessions were held on how to catch up newcomers, and understand member needs, the ELISA big picture, outreach to adjacent communities, and current challenges to comply with different aspects of the ISO26262 were held as well.

The workshop concluded with a strategy and path towards 2024. ELISA will take a stronger driver towards tools and documentation, with good documentation around PREEMPT_RT being one of these elements. It is further important to show the results so that others can better understand where ELISA is reaching and where it fits into their industrial use cases.

Overall, the workshop was a great success, with many interesting discussions and presentations. The ELISA looks forward to the next workshop and continuing to drive innovation in the Linux ecosystem.

Testimonials

“I am thrilled to have attended the ELISA workshop in Munich, where I gained valuable insights into the complexities of achieving functional safety for Linux, particularly in the automotive industry. The engaging presentations and collaborative discussions with industry experts highlighted the importance of strong collaboration in addressing this challenge.” – Bertrand Boisseau (Canonical)

“I found the ELISA workshop to be very educational and engaging. The speakers were really skilled and had a great understanding of both safety and Linux aspects. I will closely follow ELISA and hope to engage with more OEM presence” – Robert Fekete (Volvo Cars)

How to get involved

ELISA hosts workshops on a bi-annual basis. Check out the list of workshops and sessions in the ELISA Workshop Series and workshop-related blog posts and videos.

Putting Linux into Context – Towards a reproducible example system with Linux, Zephyr & Xen 

By Ambassadors, Blog, Industry Conference

Last week, developers from around the world traveled to Richmond, Virginia for the annual Linux Plumbers Conference. Hosted at the Omni Richmond Hotel on November 13-15, the event was mostly in-person with a live-streaming element for those who couldn’t make it.

Philipp Ahmann, Product Manager for Embedded Open Source at Robert Bosch GmbH and Chair of the ELISA Project Technical Steering Committee (TSC), was at the event and gave presentation titled, “Putting Linux into Context – Towards a Reproducible Example System with Linux, Zephyr & Xen.” You can find his presentation video and PPT  below:

 

Demos on embedded systems using Linux are plentiful, but when it comes to reproducing them, things get complicated. Additionally, on decent embedded systems Linux is only one part of the system and interacts with real-time operating systems and virtualization solutions. This makes reproduction even harder.

Within the Linux Foundation’s ELISA project, we started to create a reproducible example system consisting of Linux, Xen, and Zephyr on real hardware. This is the next step after we achieved a reproducible system with a pure Linux qemu image.

The idea is to have documentation, a continuous integration including testing, which can be picked up by developers to derive and add their own software pieces. In this way they should be able to concentrate on their use case rather than spending effort in creating such a system (unless they explicitly want this). We also show how to build everything from scratch. The assumption is that only in this way it is possible to get a system understanding to replace elements towards their specific use cases.

We had challenges finding good hardware, tools, freely available GPU drivers and more and we are still not at the end. A good system SBOM is also creating additional challenges, although leveraging the Yocto build system has provided some advantages here.

While we are setting up the first hardware with documentation from source to build to deployment and testing on embedded hardware, we aim to have at least two sets of all major system elements like Linux flavor, a choice of virtualization technique, real-time OS and hardware. Only when software elements and hardware can be exchanged, we identify clear interfaces and make a system reproducible and adoptable.

Open Questions are:

  • What will be a good next hardware to extend this PoC scope?
  • Where do open source, security, safety, and compliance come best together?
  • Which alternative real-time operating systems and virtualization should be incorporated?

For more ELISA Project updates, subscribe to @ProjectElisa or our LinkedIn page or our Youtube Channel.

 

The Road to Safe Space Exploration (Video)

By Blog, Seminar Series

The current stage of space exploration has brought with it an increase in the complexity of systems deployed, in the number of players involved, and in the need for autonomy. This video describes two efforts taking place at NASA to help on that front. One the one hand, the use of runtime monitoring with Ogma and Copilot makes it possible to assure applications that are otherwise too costly to verify formally or test fully.

On the other hand, the use of Kaiaulu to process information about version control systems and issue trackers facilitates providing evidence of compliance with software engineering requirements, and to minimize deviations from the software plans. We believe that, together, they can enable more complex autonomous systems in space applications and shorten the time to that it takes systems to be put in production.

As part of the ELISA Seminar series, Ivan Perez Dominguez, Senior Research Scientist, KBR Inc at NASA Ames Research Center, gave a presentation titled, “The Road to Safe Space Exploration.

 

 

The ELISA Seminar Series focuses on hot topics related to ELISA’s mission to define and maintain a common set of elements, processes and tools that can be incorporated into Linux-based, safety-critical systems amenable to safety certification. Speakers are members, contributors and thought leaders from the ELISA Project and surrounding communities. Each seminar comprises a 45-minute presentation and a 15-minute Q&A, and it’s free to attend. You can watch all videos on the ELISA Project Youtube Channel ELISA Seminar Series Playlist here.

For more ELISA Project updates, subscribe to @ProjectElisa or our LinkedIn page or our Youtube Channel.

Linux Foundation Europe Member Summit Recap (Videos)

By Blog, Linux Foundation

This blog originally ran on the Linux Foundation EU Newsroom. For more content like this, click here.

Linux Foundation Europe proudly hosted its first annual Member Summit! This milestone event marked its inaugural year, bringing together LF Europe participants for an unforgettable gathering. The summit served as a groundbreaking platform for fostering collaboration, open innovation, and strategic partnerships among individuals and organizations in the private and public sectors. All participants worked collectively to advance digital transformation through the lens of open collaboration. This blog recaps the key moments and must-see sessions from the 2023 Member Summit.

Opening Keynote: State of Linux Foundation Europe

The event commenced with an insightful keynote address by Gabriele Columbro, General Manager of Linux Foundation Europe and Executive Director of FINOS. He provided a comprehensive overview of LF Europe’s current state and future prospects, setting the stage for what is to come.

https://youtu.be/RcFwfh86334?feature=shared

Protecting Wildlife with OpenCollar Devices Running Zephyr RTOS

Luka Mustafa, Founder and CEO of IRNAS Institute for Development of Advanced Applied Systems, delved into the vital issue of wildlife protection. He explained how open source technology, particularly Zephyr RTOS, plays a crucial role in creating OpenCollar animal trackers and sensors. These innovative devices are designed to combat poaching and protect endangered species.

https://youtu.be/jH3Ifkaf2-s?feature=shared

Panel Discussion: Open Source as a Game Changer for Sustainable Industry Transformation in Europe & Beyond

A panel discussion featuring Rimma Perelmuter (VP of Strategic Growth of FINOS & Linux Foundation Europe), Mark Lane (Head of Software Engineering Centre of Excellence, Lloyds Banking Group), Lucian Balea (Deputy Director of R&D and Open Source Director, RTE), Philippe Ensarguet (VP of Software Engineering, Orange) and Philipp Ahmann (Product Manager, Bosch) delved into the role of open source collaboration in driving digital transformation across various industries. They discussed how open source initiatives can address common challenges and foster industrial growth and sustainability in Europe and beyond.

https://youtu.be/vA7X8RU7kuE?feature=shared

Linux Foundation Europe & Global Project Updates

Representatives from various projects, including Sylva, OpenNebula, LF Energy, OpenWallet Foundation (OWF), Agstack, Servo, and RISE, provided updates on their respective initiatives. These projects spanned a wide range of fields, from telecommunications to energy systems, agriculture, and web rendering engines, highlighting the diverse impact of open source technologies.

https://youtu.be/J4qedc-0pjs?feature=shared

Project Setup and Hosting in LF Europe

The LF Formation Team and Mirko Boehm (Senior Director, Community Development, Linux Foundation Europe) explored options for project setup and the advantages of hosting projects within Linux Foundation Europe.

https://youtu.be/aj1AXRo3zNs?feature=shared

Insights from LF Research

Hilary Carter (SVP, Research and Communications, Linux Foundation) discussed two Europe-focused research reports,, highlighting their significance to Europe in terms of sustainability, contribution, and security.

https://youtu.be/zSygqHF5q0E?feature=shared

Outcomes of Open Source Congress

Hilary Carter and Mirko Boehm  shared key outcomes from Open Source Congress which took place in Geneva in July. The talk described the origins of the gathering, the issues on the agenda, and the current state of global collaboration across open source organizations. 

https://youtu.be/-RZfkfiOxFc?feature=shared

EU Policy Update

Mirko Boehm followed with an update on European Union (EU) policies impacting open source and the technology industry. This session shed light on the evolving regulatory landscape and its implications for the open source community.

https://youtu.be/8zGekC9TIik?feature=shared

Better Together: Strategic Partnerships and The Linux Foundation

Robert Reeves (VP of Strategic Partnerships, Linux Foundation) emphasized the importance of strategic partnerships in advancing the goals of the Linux Foundation, and encouraged prospective partners to join us in supporting our mission.

https://youtu.be/KA-pu7RTy5M?feature=shared

Panel Discussion: Why Open Source AI Matters: The EU Community & Policy Perspective

A lively panel discussion tackled the significance of open source AI, its benefits, risks, and role in EU policy. The discussion was led by industry players and policymakers Justin Colannino (Director, Developer Policy and Counsel GitHub), Astor Nummelin Carlberg (Executive Director, OpenForum Europe), Ibrahim Haddad (Executive Director, LF AI & Data and PyTorch Foundation), Sachiko Muto (Chairman, Senior Researcher, OpenForum Europe, RI.SE), and Stefano Mafulli (Executive Director, Open Source Initiative)

https://youtu.be/KjUTtCM_nDU?feature=shared

Looking Ahead: The Future of LF Europe

The event concluded with Gabriele Columbro providing insights into the future of Linux Foundation Europe, setting the stage for further innovation and collaboration.

https://youtu.be/vjUSkbbCmss?feature=shared
Attendee Reception
53200807998_6c1922f951_o

LF Europe members were treated to an exclusive reception at the Guggenheim Museum Bilbao, featuring a special celebration for the Linux Foundation Europe’s 1st anniversary. The event included a cake-cutting ceremony, a sumptuous array of foods and drinks, and an opportunity for attendees to explore the museum’s exhibits.

The Linux Foundation Europe Member Summit 2023 was an informative and inspiring event that brought together leaders, innovators, and enthusiasts from the open source community. It highlighted the pivotal role of open collaboration in driving digital transformation and sustainability across various industries in Europe and beyond. We thank all who joined us, and look forward to reconvening again in the future.

For information about becoming a member of LF Europe, please get in touch with us at info@linuxfoundation.eu.

Demystifying the Linux Kernel Security Process (Video)

By Blog, Linux Foundation, Mentorship

There is a lot of misunderstanding about how the Linux kernel deals with security vulnerabilities. Greg Kroah-Hartman, Kernel Maintainer & Fellow at the Linux Foundation, presented a complimentary Mentorship Session exploring Demystifying the Linux Kernel Security Process on October 3. Watch the video below, which will go into how the Linux kernel security team works, how changes are propagated out to the public, and how users must take advantage of these changes in order to have a secure system.

Check out other upcoming webinars in the LF Live Mentorship Series here.

Lessons from Maintainers of the World’s Most Critical Software

By Blog, Linux Foundation
52895003750_4cfa62b672_k

Image: Attendees at Open Source Summit North America 2023 in Vancouver.

This blog originally ran on the Linux Foundation website. For more content like this, click here.

In our latest research, we interviewed dozens of maintainers who worked on some of the most used and widely dependent software projects. The result was a new report, “Open Source Maintainers: Exploring the people, practices, and constraints facing the world’s most critical open source software projects.

When Norbert De Langen inherited the maintainership of Storybook.js, he thought the best approach was to actively design himself out of his role. This would mean bringing in as many good contributors as possible. So he undertook heroic measures. De Langen sent a meeting scheduling link requesting to speak in person to anyone who emailed him with a suggestion or question about the project code. De Langen met with over 200 people using this method during the project’s first year. He estimates that nearly 20% of those he met with later became repeat contributors to Storybook, including many core contributors. With this effort, De Langen boosted his contributor pool and significantly reduced his coding burdens, making his maintainership more manageable. 

A broad representation of open source

Open source software (OSS) provides the foundation for much of our global technology infrastructure, from operating systems to databases to developer tools. While the whole world benefits from using OSS, a relatively small number of developers are responsible for maintaining the code and nurturing the projects that are linchpins for the complex and critical open source ecosystem. 

De Langen’s story is just one of the numerous smart tactics we learned in interviewing 32 “Super Maintainers” — people working on critical projects as identified by the Linux Foundation’s surveys of the broad open source software ecosystem. The projects in question ranged from databases like PostgreSQL to frameworks like JavaScript and Storybook to lower-level languages like Julia and Rust to ML infrastructure like PyTorch. The maintainers came from a wide variety of backgrounds. 

Most maintainers interviewed work full-time maintaining OSS projects, often as an explicit part of their job at a company that relies on the project. Maintainers tend to start as contributors, then become core contributors, and eventually, maintainers as they gain experience. Many began contributing to OSS in school or at their first job.

Maintainers derive intrinsic satisfaction from working on cutting-edge technology and being part of an open source community. As one Julia maintainer recounted, “When I first met some of the people in person in the community, I was giving everybody hugs. It was a very emotional moment because we had been so invested and committed for so many years working on things together.” Extrinsically, their OSS work helps their career by making them more attractive hires. However, most companies do not always sufficiently recognize their OSS contributions. 

Summary of the learnings of super maintainers

Every interviewee for this project had their own distinct views. They generously shared their hard-won lessons and their favorite tips and tricks for what is always a challenging balancing act. Here is a quick summary of their recommendations, which are addressed in much greater detail in the full report.

Growing contributions

52894102447_b7bc3b655d_k

Image: Shuah Khan, Linux Foundation Fellow, kernel maintainer, and founder of the LFX Mentorship program, working to cultivate a new generation of open source software maintainers.

Maintainers shared best practices to cultivate communities: personal engagement, inclusive communication, diverse channels of communication, and straightforward onboarding processes. Successful projects guide newcomers by pinpointing suitable tasks. Maintainers are advised to spot and nurture potential successors. Swift triage and team handling of submissions enhance the contributor experience.

Governance and control

All interviewees agreed on the essential nature of community governance for a project’s longevity. Early incorporation of best practices like a code of conduct, promoting civility, decentralizing power, and ensuring neutral community management are vital.

Documentation

Maintainers unanimously felt the need for better documentation. Recommended best practices include elevating the importance of documentation, hiring dedicated coordinators, and streamlining the contribution process.

Funding

While only one maintainer was primarily concerned about living expenses, many expressed frustrations over the inadequate funding of critical OSS projects. Some pursued employment at supportive organizations due to this funding gap. Independently operating maintainers voiced concerns about sustaining OSS projects without major backers.

Diversity

Most maintainers found it challenging to ensure diverse participation. While some lacked clear diversity initiatives, others actively engaged in programs like Outreachy. However, the general consensus is that OSS needs significant strides in diversity.

Preventing burnout

Maintainers recommended several strategies to avoid burnout: understanding OSS is an ongoing task, balancing personal and professional lives, limiting unpaid administrative tasks, implementing automated processes, setting clear boundaries, and taking necessary breaks. The emphasis is on self-awareness and recognizing personal boundaries.

Conclusion: Building on the shoulders of Successful maintainers

The open source movement is a vibrant and dynamic ecosystem. But building successful open source projects does illuminate common patterns and anti-patterns which may not necessarily be apparent to a first-time maintainer. Every interviewee said they viewed their time maintaining as fulfilling and worthwhile and often spoke as if they were advising a younger self. By capturing some of their wisdom, we hope to package it in a digestible format and preserve it for the next generation of maintainers. The most valuable resource any maintainer can ever attain, or share is the institutional knowledge built up in their project and their experience. This will improve the next project and enable the movement to continue to thrive.

Introducing Basil (video)

By Blog, Seminar Series

Basil is a tool developed to support Software Specification analysis, testable requirements definition and coverage. It comes with a web user interface and also a simplified view of work item relationships. As per the complexity and non uniformity of toolchains used in the automotive field, and in general to support functional safety effort, Basil will also provide a rest web api and SPDX data import/export.

As part of the ELISA Seminar series, Luigi Pellecchia, Senior Software Quality Engineer at Red Hat, introduces “Basil: an open source tool for tracing requirements, code & tests.

The ELISA Seminar Series focuses on hot topics related to ELISA’s mission to define and maintain a common set of elements, processes and tools that can be incorporated into Linux-based, safety-critical systems amenable to safety certification. Speakers are members, contributors and thought leaders from the ELISA Project and surrounding communities. Each seminar comprises a 45-minute presentation and a 15-minute Q&A, and it’s free to attend. You can watch all videos on the ELISA Project Youtube Channel ELISA Seminar Series Playlist here.For more ELISA Project updates, subscribe to @ProjectElisa or our LinkedIn page or our Youtube Channel.