Matt Hall, a contributing writer, gives his viewpoints in the Open is Hard series. All opinions shared are solely Matt’s and don’t necessarily reflect the position of Onward.
In the early days of computing, most software was open. The industry commercialized through the 1970s and 1980s, and the proportion of open-source software diminished. But a strong community remained, eventually producing such landmark achievements as BSD Unix, Emacs, Perl, Python, and Linux.
There is open-source software in subsurface too. I've spent a good part of the last decade or so trying to convince subsurface scientists and engineers — and their employers — to use more of it. Thanks in no way whatsoever to me, they are. Today, open source software is everywhere.
Not convinced? The annual Black Duck Survey by Synopsys, which is ostensibly about risk assessment, contains all the proof you need that open source is pervasive.
According to the last survey, 99% of the 1,250 codebases audited by Synopsys contained open source components. Not one or two components, either: 445 of them on average, comprising about 70% of the average application. This is double the amount their survey found just 4 years before. There's no two ways about it: open-source software has won.
Sort of.
Every silver lining has a cloud
Personally, I'm delighted about the pervasiveness of open source. Partly because it means I don't have to eat my words, but also because I am certain that open source is A. Good. Thing. It's good for transparency, accessibility, and collaboration. Therefore, it's good for science and for business.
But why is counting open source libraries part of a risk assessment? Because the same survey shows that unmanaged and obsolete code is a problem in 91% of applications. Licensing is a problem too: a third of applications in the survey used unlicensed projects, and two-thirds used projects with conflicting licenses.
Bearing in mind that if 70% of all applications are open source code, then most of the problems are likely going to come from open source code, but I don't see a reason to panic.
Instead, there is see a reason to face up to some realities:
- Open source code works, and everyone is using it.
- Your application already contains open source code.
- Developers like open source, probably because it saves them time.
- Open source software is like all software: imperfect and incomplete.
The problem is that we're currently in a middle space. Software developers have switched to open source, but the world — the way businesses build and buy and pay for and use software — has not caught up. At all.
Businesses are playing catch-up
What does catching up require? I don’t have all the answers, but I do have nine ideas. In the future, vendors of software applications will:
- Explicitly encourage their employees to contribute to any open source projects.
- Contribute bug reports and enhancement requests to the open source projects they depend on.
- Contribute code to those open source projects.
- Contribute intellectual property to those open source projects.
- Contribute developer time to those open source projects.
- Contribute financial support to those open source projects.
- Actively participate in the developer community around the projects.
- Help fund or organize events aimed at strengthening developer communities they care about.
- Release complementary open source projects of their own, fostering an ecosystem of technology that creates value for society as well as themselves.
The level a creator chooses to rise to depends on a number of things including size, financial means, and the importance of the application in question to their business. And to be clear, contributing to open technology in these ways is not about being an altruistic benefactor, it's about investing in your own technology. It's just different from signing an end-user license agreement and forking over $3 million plus 18% annual maintenance.
If this seems scary, think of it as a different way to 'buy' software. And focus on the real purpose of open source: making technological innovation easier and faster.
This article is licensed CC-BY.