LF Research’s "World of Open Source: Global Spotlight 2023" report, written by Adrienn Lawson and Stephen Hendrick, with a foreword by Sachiko Muto of OpenForum Europe and RI.SE Research Institutes of Sweden, serves as an invaluable resource for understanding the current state of open source software (OSS) worldwide. Let’s delve into the key insights, gaps, and actionable insights identified in the report to understand the big picture for open source in different regions of the globe.
Image: Regional difference but an overarching pattern in open source use and contribution (World of Open Source Global Spotlight 2023)
The "Global Spotlight 2023" report underscores that open source software (OSS) is a global phenomenon, with over 90% of organizations adopting it at least moderately. However, regional disparities exist, most notably in Asia-Pacific, where adoption lags at 84%. This could be due to various factors such as technological maturity, regulatory landscapes, or cultural attitudes. The report also reveals that 73% of organizations globally and 77% in Europe have a pro-open source stance. Despite this, only around 60% of organizations encourage or allow team-based decisions on OSS contributions, indicating a gap between usage and contribution. This trend is consistent across all regions.
Additionally, there's a notable lack of structured open source strategies like Open Source Program Offices (OSPOs), particularly in Europe, where 14% of organizations with permissive policies have yet to adopt such an approach, compared to just 5% in the Americas.
Image: Value of open source recognized across regions with increasing value reported in about half of organizations (World of Open Source Global Spotlight 2023)
Globally, 69% of organizations find the benefits of OSS outweigh the costs. Europe leads this sentiment, with 77% of organizations agreeing. This indicates that the value of open source extends beyond mere cost savings. It also includes intangible benefits like fostering innovation, enhancing skill development, and facilitating community collaboration.
While 68% of respondents consider OSS more secure than closed-source software, 42% have reservations about the security of specific OSS components. This suggests a nuanced view where the open source community must focus on improving security measures, documentation, and even creating standardized security protocols for individual projects.
About 51% of respondents believe that contributing to open source projects often leads to innovation in the IT industry. Compared to using OSS, there’s a significant imbalance where contribution is concerned. In fact, contribution as a mechanism to improve software security is least likely to be considered a compelling reason for organizations to contribute. underscores the importance of policies that encourage active participation in the open source community. It's not just about individual skill development but also about collective technological advancement, problem-solving, and even potentially disrupting traditional ways of doing things.
As mentioned above, the report highlights a persistent asymmetry between open source use and contribution policies within organizations. This reflects varying attitudes and strategies, indicating a need for more comprehensive education and engagement practices with laggards. Many organizations lag in implementing best practices for safe usage. One of the most astonishing findings was that the most common form of due diligence in evaluating a project’s security was checking the activity level in the project repo. There's significant room for improvement in testing and documentation when contributing code, which could be addressed through more robust internal policies or industry-wide standards.
Organizations perceive value in contributions to open source projects, encompassing both non-monetary benefits and those tied to economic gains. This diverse motivation for contributing highlights the complex interplay of policies, practices, motivations, and challenges in the open source ecosystem. A one-size-fits-all approach to encouraging open source contributions may not be effective.
Establishing an OSPO can formalize and structure an organization's open source efforts. OSPOs can provide clear policies and guidelines, address legal and licensing concerns, and empower employees to contribute confidently. Resources like those offered by the TODO Group can be invaluable in setting up and managing OSPOs. They offer best practices, case studies, and even mentorship opportunities for organizations looking to establish an OSPO.
Government adoption could encourage international collaboration and provide financial support for open source projects. This can create a ripple effect, increasing the prominence of open source solutions in the market, attracting more funding, and even influencing other governments to take similar steps. The report specifically mentions the potential role of the public sector in Europe, which could serve as a model for other regions.
The report suggests that allowing employees to contribute during working hours could increase contributions. Directly funding open source projects can also help maintain the sustainability of the open source ecosystem. It's crucial to give open source communities autonomy over the funding while maintaining transparency to safeguard community interests. This balance between autonomy and transparency can foster human-centered open source technological innovation, which companies ultimately rely on.
The "World of Open Source: Global Spotlight 2023" report paints a comprehensive picture of the open source landscape, highlighting its widespread adoption and the challenges ahead. While the insights and actionable steps outlined in the report are invaluable, they also underscore the need for collective action.
If your organization is not yet engaged in the open source community, now is the time to get started, and if you want to become more involved, there are many pathways to further your journey. As the report identifies, one effective way to formalize and structure your open source efforts is by establishing an Open Source Program Office (OSPO). Organizations like the TODO Group offer invaluable resources, best practices, and case studies to guide you. By joining such organizations, you and your organization don’t have to “go it alone.” You’ll be equipped with a wealth of knowledge, tools, and a supportive network to help you maximize your open source opportunity.