The Reality of Funding Open Source
As the founder of Packagist Conductors, a small company with just eight employees, I've had a front-row seat to one of the most pressing challenges in software development today: sustainable open source funding. We found our own way to fund a major open source project, and managed to avoid becoming full-time fundraisers. Today, our primary business is providing Private Packagist services, but our deeper mission remains maintaining critical infrastructure for the PHP ecosystem – namely Composer and Packagist.org.
The Open Source Funding Paradox
The software industry has built itself on open source foundations. From the Linux kernel powering most of the internet to the countless libraries and tools developers use daily, open source software is everywhere. Yet, the disconnect between its value and funding remains stark. Companies build billion-dollar products on top of open source components while maintainers struggle to find sustainable funding models.
Recent years have seen various attempts at addressing open source sustainability, with mixed results. Platforms like Open Collective, Patreon or GitHub Sponsors emerged, but they are primarily used by individual contributors and don't focus on corporate responsibility. This has led to an imbalanced funding ecosystem where the burden often falls on individual developers rather than the companies profiting most from open source. Other initiatives like Tidelift or thanks.dev have attempted more corporation-oriented approaches to sustainable funding, but the fundamental challenge remains: getting corporations to adequately fund the infrastructure they depend on. Meanwhile, we continue to witness maintainer burnout, abandoned critical projects, and security incidents that might have been prevented with proper funding.
Our Approach: Building a Sustainable Model
At Packagist Conductors, we've taken a dual approach. First, we've built a sustainable business around Private Packagist, which provides value to companies while generating revenue to support our open source work. This model allows us to maintain critical PHP ecosystem infrastructure without relying solely on donations.
Second, we believe in paying it forward. Despite being a small company, we've made it a priority to financially support other open source projects that our ecosystem depends on.
Our Open Source Contributions in 2024
Aside from the significant contributions to our own open source projects as well as code contributions to many of our dependencies, we support our dependencies financially as well. In 2024, we're proud to have contributed $26,714 to open source projects and maintainers. With an average of 5 full-time employees, that amounts to $5,343 per FTE – significantly exceeding the Open Source Pledge of at least $2,000/employee.
Here's how we distributed our support:
| Project | Amount |
|---|---|
| PHP Foundation | $18,000 |
| Symfony | $5,520 |
| PHPStan | $1,325 |
| XDebug | $1,269 |
| knplabs/php-github-api | $300 |
| 3v4l.org | $300 |
| Total | $26,714 |
The Broader Implications
When open source funding remains unresolved, we face several critical issues:
- Security Risks: Underfunded projects may lack resources for proper security audits and timely updates, potentially exposing millions of users to vulnerabilities.
- Innovation Slowdown: Maintainers forced to choose between paying bills and working on open source often must prioritize paid work, slowing down crucial project development.
- Ecosystem Instability: When key projects become unmaintained due to lack of funding, entire technology stacks can be affected, creating ripple effects throughout the industry.
- Maintainer Burnout: The pressure to maintain critical infrastructure without adequate compensation leads to burnout, affecting both project quality and maintainer well-being.
A Call to Action
If you're reading this, your company almost certainly relies on open source software. Each line of code you write likely depends on dozens of open source packages, each maintained by developers who deserve support for their work.
We challenge you to:
- Audit your open source dependencies and identify critical projects that need support (check out
composer fund!) - Set aside a specific budget for open source contributions
- Make supporting open source part of your company's technical strategy
- Consider not just one-time donations, but sustainable, long-term funding commitments
The future of software development depends on creating sustainable funding models for open source. At Packagist Conductors, we're doing our part – but this is a challenge that requires industry-wide participation. So ask your company to join the pledge too! And if you work with PHP, you should really start sponsoring the PHP Foundation!
Will you join us in ensuring the sustainability of the open source ecosystem we all rely on?