According to the 2024 State of Open Maintainer report from Tidelift, while open supply maintainers perform significantly more safety and upkeep work than their unpaid counterparts, a staggering 60% of all maintainers remain uncompensated for their efforts.
According to Donald Fischer, co-founder and CEO of Tidelift, “The well-being and safety of our global software program infrastructure depend crucially on open-source maintainers.” Paying maintainers enables them to dedicate resources to ensuring that their tasks consistently meet the rigorous safety standards demanded by enterprise customers. Organizations can significantly enhance their own security by supporting the vital efforts of open-source maintainers whose contributions they rely on.
According to the Tidelift survey’s key findings, 16% of the 400 respondents, self-identified as unpaid hobbyists, indicated they would not want to receive compensation, whereas 44% of this group expressed interest in being paid for their work. Despite growing focus on software supply chain security, the alarming trend persists: the proportion of maintainers being compensated for their work remains stagnant.
Maintainers who receive payment earn revenue through donation packages, employer contributions, and Tidelift’s survey.
A significant proportion, roughly 50%, of respondents reported feeling undervalued in their roles as maintainers, while a staggering 43% revealed that this perceived lack of appreciation significantly contributes to stress in their personal lives? It’s no surprise that a staggering 60% of maintainers have at some point considered abandoning their upkeep responsibilities.
As reported, the proportion of maintainers aware of initiatives like OpenSSF Scorecard, NIST Safe Software Improvement Framework, and SLSA framework has increased, with those unaware decreasing from 52% in 2023 to 40% this year.
Following the XZ Utils hack, nearly two-thirds of respondents revealed a significant decrease in trust towards pull requests from outside contributors; conversely, only approximately 37 percent reported decreased trust in code submissions from co-maintainers. One maintainer responded to the inquiry by expressing concern that adding an extra layer of vetting might inadvertently deter potential open-source contributors, introducing unnecessary “friction” in the process. “I’m unwilling to compromise my relationships by alienating others.”
According to maintainers, the introduction of AI-based coding tools has sparked concerns, with a significant 45% describing these instruments as having a notably detrimental or negative impact on their work. Furthermore, a substantial 64% stated they would be much less inclined to accept contributions from others who utilised AI in their coding processes. Youthful professionals are more likely to leverage AI-based tools than their older colleagues.
You will be able to learn the
