About the Pledge

What is the Open Source Pledge?

Open Source Pledge is a group of companies with a shared commitment to paying the maintainers of the Open Source software we all consume. Our goal is to establish a new social norm in the tech industry of companies paying Open Source maintainers, so that burnout and related security issues such as those in XZ and Apache Log4j can become a thing of the past.

What is the Pledge's mission?

A massive portion of the software we all depend on is based on Open Source projects. Though these projects are very important, the people who tirelessly maintain them often do so without being paid at all. This means that many maintainers have to either struggle to make ends meet, or work a second shift after working hours to maintain projects that often have to be looked after for years or decades.

This xkcd comic shows a Jenga-like tower of blocks, illustrating “all modern digital infrastructure”. The structure precariously rests on a small load-bearing block, titled “a project some random person in Nebraska has been thanklessly maintaining since 2003”.
xkcd #2347 — Dependency

This arrangement isn't fair to the maintainers who build software we value. And it leads to a fragile ecosystem that's susceptible to security issues, because the people who look after our digital infrastructure are likely to suffer from burnout. This has led to issues such as the XZ backdoor, the Log4Shell vulnerability, and many other serious issues.

This is why our main goal is to get companies to pay maintainers of software they depend on. We believe that by doing this, we can contribute to a healthy, thriving and secure Open Source ecosystem. We recognise this is a multifaceted problem, but the solution we are focusing on is providing direct payments to maintainers, in order to support them and their work.

What does joining the Pledge entail?

Our new norm is for companies to pay a minimum of $2000 per year per full-time equivalent developer on the company's staff, to Open Source maintainers of each company's choosing.

What about other ways to support Open Source?

Some companies support the Open Source ecosystem by hiring developers to work on Open Source Software, or by giving gifts such as cloud computing credits. While we agree that developer time and gifts in kind are valuable and important, only cash payments count towards the pledge, because the point of the Pledge is to get money to underpaid and overworked maintainers of important Open Source projects. If maintainers of software we rely on can pay the bills, we will have a healthier, fairer, more stable and more secure Open Source ecosystem.

What payments are eligible?

The primary intent with the Pledge is no-strings-attached payments to Open Source maintainers. Starting with that, here are some clarifications:

  1. Open Source projects that your company controls are out of scope. If you own the trademark, it doesn't count.
  2. Open Source projects that exclusively benefit your company's own ecosystem are out of scope.
  3. Directly employing maintainers is laudable, yet outside the core scope of the Pledge, because of the complexity and subtle conflicts of interest that come along with that.
  4. It's okay if you get non-exclusive logo placement or other acknowledgement for your payments, or an hour or two of consulting time along with a large sponsorship, but anything beyond such minimal benefits puts the payment out of scope.
  5. Payments to foundations are generally in scope, even though most foundations today are not set up to pay maintainers (they focus more on conferences, trademarks, etc.). We hope that the Pledge will enable foundations to shift towards paying maintainers in the future.
  6. It's great if your company also actively participates in the projects you fund, via code contributions, membership on an advisory council or board, and the like.
  7. Platforms such as thanks.dev, Open Collective, and GitHub Sponsors are a common way to pay maintainers, though some can also be used to make payments that are out-of-scope for the Pledge. Only payments that fit our criteria are in scope, regardless of payment platform.

When in doubt, use your best judgement and be transparent in your annual report.

Does Open Source Pledge handle funds?

Payments are made directly to maintainers — we never handle any funds.

Who has already joined?

Here are some of our members:

How can I join?

To join our 25 members and help promote a healthy Open Source ecosystem, see our instructions:

Can individuals join?

While we've had companies-of-one join, we don't yet have a route to individual membership. We're discussing whether to add this in issue #21. Feel free to join the conversation.

Is it unfair to ask companies in different countries to pay the same amount?

Our current ask is set to US$2000 per dev per year. We're trying to find ways to take purchasing power disparities into account to make this requirement more accessible to companies worldwide, but there are many details to consider. We'd love to hear your thoughts over in issue #36.

Are there local initiatives similar to the Pledge?

French readers may be interested in Copie Publique, whose goals align with ours. Let us know about any other initiatives we may have missed.

Who maintains Open Source Pledge?

Open Source Pledge is brought to you by Sentry and contributors.

We have four working groups and a steering group comprised of working group leads.

Working Group Lead
Member Outreach Vlad-Stefan Harbuz
Maintainer Outreach Ethan Arrowood
Marketing & Media Michael Selvidge
Design & Build Chad Whitacre
Steering Chad Whitacre

How can I help?

To help us build Open Source Pledge, read CONTRIBUTING.md, dive into our issues, and feel free to reach out to the working group leads either in issues or on Discord.