Why open source matters for developers
Organizations' use of open source is continuing to increase. In fact, in 2021, some 77% of companies reported that they were using more open-source software, while 36% said they were using significantly more open-source tools.
That's according to a survey of more than 2,600 open-source software professionals by OpenLogic and the nonprofit Open Source Initiative.
Consequently, no matter where they work or what type of software they're building, most of today's developers rely at least partially on open source. There are a number of reasons open source matters for developers.
Speeds things up
In the modern development world, it's all about speed, and that includes continuous everything, said Ori Bendet, vice president of product management at security software vendor Checkmarx.
Development teams must keep up with the business's needs, so those teams need to utilize whatever they can that already exists. This includes infrastructure as a service, other external services, and open source.
Why build it yourself if people already built it for you? Bendet asked. "That's one of the benefits of open source."
Ash Arnwine, director of developer relations at Nylas, which sells a communications platform as a service, agreed. He said that open source provides frameworks for developers to build on top of, meaning they don't have to start from scratch.
"Open source makes it possible for developers to engage in ways that wouldn't be possible otherwise," he said. "With open source, developers can report an issue, write the code, and solve a problem on their own, which is much harder to do in a proprietary system."
Proprietary software "is generally a black box for everyone but the company creating it—there's no way to peek inside, see what's going on, contribute changes, or make a whole new version for yourself or for others," Arwine added. With open-source software, "you are allowed to be an active participant in a project."
Facilitates collaboration
Open-source software is freely available, meaning it helps facilitate collaboration, innovation, and the development of new technologies to help solve shared problems, said Zachary Bobroff, director of the product office at firmware vendor AMI. (I couldn't find LinkedIn or Twitter for him; this is a Zoominfo link that Linda provided / JA.)
With open source, developers can get code that is used, tested, and updated by companies in the same industry, which results in a set of best practices, said Steven Hegenderfer, senior director of the developer ecosystem at semiconductor supplier Semtech." You get the power of an entire sector working to solve issues with the software," he said. "We all pull in the same direction to try and make software work for everyone."
When developers look for a particular technology, product, or library, open source is usually their first choice, said Miguel Valdes Faura, CEO of business-process management software vendor Bonitasoft. If there is an open-source alternative to a closed source with equivalent functionalities, the open-source software will win out.
Open source can provide the mechanism to create an egalitarian technical environment in which developers can work in the same repositories and work toward sector or industry norms for technology platforms, said Hegenderfer.
It motivates developers to move ahead, innovate, and move beyond updating the same enterprise software builds year after year by contributing to something that thousands of people will use daily, he said.
"In addition, an open-source approach allows developers to decide what they want to deploy," by choosing the main branch or a branch of their own" and when they want to issue their software and updates," Hegenderfer said.
It's free
"If you think about the sheer number of engineers around the world contributing to the development of algorithms and software," all for free, it reinforces how important the open-source movement really is, said Alex Iceman, CEO and founder of home-automation supplier Genium.
Companies use these open-source tools to build projects, and research organizations use them to further their research, Iceman said. Engineers collaborating in this way have the power to build products and services that can change the world.
"While open source is essentially unpaid labor, it's a community that is looking to come up with new ideas, push the transparency of the software, fix bugs," Iceman said.
Often times, they are doing so to help solve some of the world's biggest problems, whether that is finding cures for cancer or creating digital security products for consumers, he said. For software developers, open source means there is an opportunity to collaborate with other engineers in ways companies could never make happen on their own.
Some even go on to monetize through open source by changing the code and creating a product of their own, Iceman said.
Open-source technologies are typically based on open standards and open architectures and have a community of developers working/collaborating together, Bonitasoft's Valdes Faura said. The source code is available to all and free to use and integrate.
"Those are the perfect ingredients to establish trust between developers and therefore really important criteria for developers when they are selecting new technologies," he said.
Open source allows you to save precious time and budget versus buying proprietary software or building it yourself, Checkmarx's Bendet said.
Tradeoffs to using open source: Ownership and security
Open source "only works if you have a driving force behind the open-source repository and strong initial support," said Semtech's Hengenderfer.
Without a guiding light, developers won't get the support or direction they may need. No one wants to take on the maintenance of a codebase themselves, he said.
"The ultimate goal is to have an open-source repository popular enough to motivate the community to step up and really invest in it," he said. "However, this takes care, nurturing, and time."
Security is also a key issue with open source, AMI's Bobroff said. The software community has assumed that open source is generally secure due to its transparency, but there really is little to no accountability to ensure its security. Plus, its distributed nature of ownership and development means there are inherent security risks.
The fact that anyone can contribute to open-source projects is both a plus and a minus, said Om Vyas, co-founder and chief product officer of cloud-security vendor oak9.
"Enhancements and fixes are crowdsourced, but there is often little organization, planning, or coordination," he said. "Because code is available to everyone, security vulnerabilities may be exposed to the public."
Security strategies
Organizations need to keep those tradeoffs in mind when using open source and align them to what is most important to their business, Vyas said. Among other steps, they can have security teams review the open-source software for their developers. Having a community-built approach provides transparency, making it easier for the community to find and fix security issues.
Enterprises need to secure not just the code they write, but also the code they consume from open-source components. This can be done with software composition analysis, providing better visibility into the open-source inventory of applications by examining components.
"Successful management of open-source security requires close monitoring and accountability, meaning leadership, coordination, and collaboration to take charge of disclosing and fixing security vulnerabilities," said Bobroff. In this way, security vulnerabilities can be discovered and remedied relatively quickly."