The issue of open source funding is very real, with startups, corporations, and venture capitalists recently launching a variety of programs to support some of their most important projects through equity-free financing. initiatives are emerging.
Today, it's GitHub's turn to launch the GitHub Secure Open Source Fund with $1.25 million in initial funding from investors including American Express, 1Password, Shopify, Stripe, and GitHub's parent company Microsoft. Other donors include the Alfred P. Sloan Foundation, Chainguard, HeroDevs, Kraken, Mayfield Fund, Superbloom, Vercel, Zerodha, and more.
GitHub briefly teased this new initiative at its annual GitHub Universe developer conference last month, but today it announced the full details and officially opened the program for applicants. This program will be reviewed on a “rolling basis” until the end date of January 7, 2025. Programming and funding will begin shortly thereafter.
For better or worse, GitHub has emerged as the de facto platform for open source software development, which is the main reason why Microsoft spent over $7 billion on the platform in 2018. However, open source software is not always well maintained. Regardless of how pervasive it is in the global software stack, this will wreak havoc on the software supply chain and strengthen open source security in a Big Tech-driven 2022.
Today's news includes the launch of GitHub Sponsor, which landed in 2019 and is the driving force behind the new fund, of previous GitHub initiatives designed to support project managers working on key components of critical software. Based on a number of things, but more directly, the GitHub Accelerator program was launched. Its first cohort was established last year. The GitHub Secure Open Source Fund is essentially an extension of that.
“We are finally acknowledging the fact that this is the home of open source, and we have a duty to help open source continue to thrive and get the support it needs. ” said Kyle, GitHub Chief Operating Officer. Daigle said in an interview with TechCrunch.
Eligible projects will be almost any project with an open source license, but of course GitHub will focus on the projects that need the funding the most. Therefore, Kubernetes can powerfully attack its applications.
“We're looking for outsized impact, and that tends to be large projects with very few maintenance personnel that we all rely on,” Daigle said.
While $1.25 million may sound like a reasonable amount, it would be divided into 125 projects. That means each project costs just $10,000. Of course it's better than doing nothing, but in the grand scheme of things it's just a drop in the ocean. However, Daigle was quick to stress that money is only part of the reward here. Similar to the first accelerator program, maintainers will embark on a three-week program that includes mentorship, certifications, educational workshops, and continued access to GitHub tools.
“The main thing I learned from that was [accelerator program] It was direct funding, but the important part was really the hands-on support from our team and experts,” Daigle said. “So we wanted to take what worked well from that hands-on approach and bring it to the larger problem of security and software.”