Open Infrastructure Is Not Free: A Joint Statement on Sustainable Stewardship
8 hours ago
- #infrastructure
- #sustainability
- #open-source
- Open source package registries like Maven Central, PyPI, and crates.io are foundational to the global software supply chain.
- These systems are often maintained through goodwill rather than sustainable funding models, with a small group of benefactors bearing the costs.
- Modern expectations for open source infrastructure include fast, reliable, and secure dependency resolution, publishing, and CI pipelines.
- Commercial-scale usage, including proprietary software distribution via public registries, strains infrastructure without proportional financial support.
- The rise of AI and automated systems exacerbates wasteful usage, treating infrastructure as 'free and infinite.'
- Current funding models for open source infrastructure are unsustainable, relying on donations, grants, and limited sponsorships.
- Proposed solutions include commercial partnerships, tiered access models, and value-added services to align usage with funding.
- Foundations and maintainers face challenges in long-term planning and funding, impacting security, scalability, and availability.
- The letter calls for a shift from invisible dependence to shared responsibility, urging high-volume users to contribute proportionally.
- Actions to help include learning about infrastructure needs, aligning usage with responsibility, and becoming financial partners.