Open Source is Not Enough

535 Words in OSS Sustainability on
TL;DR

In response to Joost de Valk's post saying that open source is the right start but not enough, I suggest some conditions needed for healthy open source projects. Without proper governance and a model that ensures sustainability, a briefcase full of funding could kill a project as easily as stimulating it.

Earlier this week, Joost de Valk wrote a post titled Open Source First is right, but not enough. The spark is an open letter from SuSE and a group of European open source companies concerning the pending Cloud and AI Development Act being proposed by the European Commission. The act calls for public procurement processes to assess whether qualified open source alternatives exist before a proprietary solution is considered.

I think that’s a great move, both for digital sovereignty and responsible stewardship of public funds. Joost says it’s not enough, citing his experience with FAIR, and the reason he and Karim Marucchi had to step back from establishing a funding model to implement it for the WordPress ecosystem. At that time, he said, “If the ecosystem won’t fund neutrality neutrality won’t materialize.”1 The missing piece, Joost suggests, is the neutrality of the underlying infrastructure. Even if the procurement process funds the software project, that crucial infrastructure may remain unfunded.

In September 2025, OpenSSF and a group of software registries released a statement, Open Infrastructure is Not Free: A Joint Statement on Sustainable Stewardship, pointing to the fact that relying on donations alone is not a reasonable expectation for funding the global software ecosystem. The situation hasn’t improved.

As for the EU legislation, my mind goes to what would be considered a qualified open source alternative. Suitability to purpose is obvious, but doesn’t go far enough, as project health should definitely be a consideration if the procurement department isn’t prepared to have to adopt the project. A healthy project needs sound governance and a sustainability model. I’d say “revenue model”, but I’m open to someone coming up with a model that ensures project sustainability without requiring cash. I am, however, somewhat skeptical about the prospect, so a revenue model (funding or otherwise) would be my default expectation.

At this point, I feel I should call out established, accountable, trustworthy governance as a prerequisite to funding. In a conversation about funding and open source sustainability last week, I pointed out that you can’t fund projects that don’t have proper governance, or you risk killing the project with a cash injection. It should be axiomatic that a harmonious group of like-minded collaborators can be stymied by a briefcase full of cash faster than the most vexing of technical problems. The first question to ask is whether the project is ready to be funded. You know, that, and all the stuff Joost said about the infrastructure.

Sustainable OSS isn’t easy, but many of us are committed to it. We’ve seen some very challenging years for open source, but we still have plenty of successful models as exemplars.

Update: May 28, 2026

See Karim Marucchi’s post on this today, The Other Half of Funding Open Source. Karim presents a well-reasoned picture of an Open Source Renaissance where private equity can help fund open source infrastructure rather than leaving it to the public sector alone — or in his words, policy and capital.

  1. This was indeed the crux of the matter: with significant ecosystem stakeholders declining to fund it, the neutrality offered by FAIR faces an uphill battle to establish, should the ecosystem want it.