In late 2022, Tidelift fielded its second survey of open source maintainers. Hundreds of maintainers responded with thoughts about getting paid for their work, the security and maintenance practices they have in place for their projects, and where they need help most, along with a host of other interesting insights. In this post, we share the first of eleven key findings. If you don’t want to wait for the rest of the results, you can download the full survey report right now.
One of the most talked-about topics in open source today is the increasing demands on open source maintainers to do additional work to make their projects more secure—and how and if they should be compensated for it. In this year’s survey, we asked maintainers to describe how they approach their role as an open source maintainer.
According to the data, 60% of maintainers consider themselves unpaid hobbyists, while only 13% identify themselves as professional maintainers earning most or all of their income from maintaining projects. Twenty-three percent of respondents fall in the middle, thinking of themselves as semi-professional maintainers who earn some of their income from maintaining projects.
Countering the regularly cited theory that most maintainers prefer to work on open source as an unpaid hobby, our survey found that 77% of the maintainers who are not paid would prefer to get paid. Only 23% would like to keep open source as an unpaid hobby.
Meanwhile, for the respondents who do get paid for maintaining open source projects, we gained more insight into the sources of their income. By and large, professional maintainers who earn all of their income from maintaining open source projects are paid all or in part by their employer for this work, while semi-professional maintainers who earn some of their income from maintaining projects were more likely to earn income from other non-employer organizations like Tidelift, foundations, or GitHub Sponsors.
Only 7% of semi-professional maintainers were paid by their employer to maintain all of their projects while this number rose to 39% for professional maintainers. Over twice the percentage of semi-professional maintainers (62%) received income from non-employer sources as compared to 28% of professional maintainers.
Overall, reported maintainer sources of income were almost identical to what we reported in the previous survey in 2021. In fact, the results were almost carbon copies for each of the four choices we provided, as seen below.
Comparing the way maintainers responded to this question and the self-identification question, we found that fewer maintainers report being paid to maintain their projects (46%) than those describing themselves as “unpaid hobbyists” (60%). The discrepancy occurs because 20% of maintainers self-identifying as unpaid also reported that they do receive some income. In these cases, the amount of income is probably so small that maintainers hesitated to choose the description “semi-professional maintainer” and chose one of the “unpaid hobbyist” answers instead.
We continue to believe that the crisis of underpaid and unpaid maintainers—especially those who would like to be compensated for their work—represents one of the biggest threats to the health of open source today.
The open source software supply chain has been impacted by an increasing number of high profile vulnerabilities over the last few years. As a result, there have been both government and industry-led efforts to improve cybersecurity by implementing stricter and more secure software development practices.
This means we’ll be requiring open source maintainers to undertake even more work at a time when a large number of maintainers report that they are not being paid for the work they are already doing, or are only doing as a part-time job.
To us, the central question of “who is going to do the work, and why should they?” is one that all users of open source should be asking themselves as they think about these emerging industry and federal efforts.
We hope you found some useful and actionable information in this post. If you’d like to get notified as future posts come out, please give us a follow. Or if you don’t want to wait, download the full survey results today!