Brian Kardell: Okay. Hi, I am Brian Kardell. I'm a developer advocate at Igalia.
Eric Meyer: And I'm Eric Meyer, also a developer advocate at Igalia. And we're going to be talking about Ecosystem Health again. And we've invited the executive director at the Open JS Foundation, Robin Bender Ginn to join us. Robin, please tell us a little bit about yourself.
Robin Bender Ginn: Hey, yeah, I'm Robin. I always say I have the coolest job ever. I have the privilege of working on open source all time. So yeah, work on open js, which is the neutral home for JavaScript and the web.
Eric Meyer: Nice. And you get to work on open source all the time. Not many people get to do that.
Robin Bender Ginn: I know. And it was sort of part of my day job actually at Microsoft back in the day when it was actually hard to do open source, but there's still a lot of volunteer work that happens if anyone's working on open source as part of their day job. It just blends over.
Brian Kardell: And Robin recently gave a talk at NodeConf that has a title so good that we had to say. We need to put that as a show title. And so invite Robin on to talk about the same thing because the title is Magic Piles of Money. Could you tell us a little bit about the talk that you gave?
Robin Bender Ginn: Yeah, I mean, there's a lot of folks will ask us a number of questions being a foundation, and we're also affiliated with the Linux Foundation. So I think there's a misperception that we just have a magic pile of money from which to draw upon, whether at open JS or the lf. And actually, I was talking to some of my friends in big tech, and I think they said they have the same misperception amongst their team. No, there are no magic piles of money, particularly with open source.
Brian Kardell: Yeah, I mean, I hear that frequently. In fact, we just were hearing this very recently with regard to recent talk about Chrome being split off from Google. People said, well, you should just donate to Linux Foundation. I mean, that's not a solution. I think people think if you just give it to them, then there's magic piles of money to pay the people to work on it. But is there a universe in which you can just give something that requires maybe a billion or two a year in maintenance and development and they'll just pick up the bill? Is that a,
Robin Bender Ginn: I think the answer is I wish, and yes, there should be absolutely. But unfortunately today there's not. But I'll try my best to make a dent perhaps.
Brian Kardell: Yeah. People also think similar about Igalia, say like, well, Igalia can maybe do it. Igalia is about 150 people and we work on three browsers and a whole bunch of other Linux stuff ranges from multimedia to graphics kernel drivers. And we can't pick up a whole Google
Robin Bender Ginn: You.
Eric Meyer: I mean, have you been hearing that from people saying to open JS or the Linux Foundation, Hey, Chrome's going to be up for sale. Why don't you just buy it or take it under your wing and advance it? Is that
Robin Bender Ginn: Our package managers or any actually open source project, I do remind people that it's just me and two halftime people. And then we have fractional employees at the Linux Foundation. So we are essentially the product team around a development team in any traditional company. So while we do believe that when you're in a neutral organization, you will grow your developer base. We certainly don't have magic piles of money to pay developers.
Brian Kardell: You had a statistic in here that is the Linux Foundation has 604,999 contributors. That's a lot.
Robin Bender Ginn: That's a across the projects. And if the team, Jim Zemlin and team did an analysis, then they took the average salary of a developer across multiple countries around the world, and they came to $43,000 a year for the mean. So if the Linux Foundation paid every developer, all of the core maintainers working across all the projects that would come to 26 billion a year
Eric Meyer: Billion with a B.
Robin Bender Ginn: Yes. Which surpasses the Microsoft r and d budget back in, I think it was what, 2020 was that my date, which is 24 billion. So yeah, the Linux Foundation definitely does not have that resources and nor I would think that many of our maintainers would want to work for $43,000 a year.
Brian Kardell: Both of those numbers are just mind boggling to me. They're just already so much money. The fact that you can say, okay, all of those developers, if they made that salary, which I agree, most of the developers that I work with, they're not working for that salary, which is kind of terrible in the sense that that means that there's some people being really dramatically underpaid. I don't know if some of that goes to, they're making zero because they're maybe early in their career and trying to do some things for free to help establish themselves or something. But even still the fact that if you just took those developers and paid them that much money, we're talking about 26 billion and change. And then to say Microsoft r and d budget that was anywhere close to that is just mind boggling to me. But it does give you this sense though, that if companies contributed, it feels like there's plenty of money to go around to actually pay people.
Robin Bender Ginn: I mean, ideally, companies would have their employees working on open source as part of their company. If you look at open js, most of our developers who work on our projects are volunteers. That's a little different than some of the other foundations maybe in AI or CNCF, but primarily we have volunteer developers. But if these folks could work on it as part of their day job and get all the benefits that go along with having a full-time job, that obviously is ideal. That still doesn't solve the problem of some of the, I call it the boring bits that open source developers don't want to do. The infrastructure, the releases or some of the sort of specialty things like security releases. It's really hard to get folks to work on that easier to get folks to work on the right shiny new features.
Eric Meyer: So I mean, it seems like it's not just developers, it's project managers. You need people who are going to work on the releases and the compiling the notes and the read theses and the whatevers, which some developers love to do. But I think we've all experienced that most of them, they would rather just code.
Robin Bender Ginn: Yes,
Eric Meyer: That 26 billion doesn't even cover the project managers. It just covers the developers. It
Robin Bender Ginn: Just covers the developers. And we like to say, can you imagine Val's doing event logistics and putting on a collaborator summit? This is probably not something he wants to do.
Eric Meyer: Yikes. So now we're talking a much bigger number. And it would be great if every company paid for one person at a minimum to just work on open source. And it was like, we'll pay their salary, will they get our benefits? And ideally, Google's and Microsoft's of the world would pay more than one person, but if every company did just one person, would we even get to where we need to be? I'm not even sure if that's, I mean, that would be a way of distributing the cost, but are there 605,000 companies that would be able and willing to do that? Probably not, I guess.
Robin Bender Ginn: No, probably not. And we should give a shout out to some of the companies that are doing that. Bloomberg is doing that. Red Hat and IBM, Microsoft is doing that, sent others hero devs. Boy, the list goes on. I think if you look at most of our members, capital One, they're doing that. So there's some really great companies, but there's also a lot of companies not to, I'm not going to name names, but they have billion dollar businesses where some of our projects are required to run software and we're not seeing a lot from a lot of companies.
Brian Kardell: So you do have to, as part of the foundation, you do have to raise money. You have to raise money for, let's talk about what do you raise money for?
Robin Bender Ginn: So we have about a $2.9 million budget. About 1 million of that is our corporate memberships. And we've had close to 900,000 from grants. About 18% of that goes to our staff, which is below average. We're pretty lean. A lot of nonprofits run about 25 to 50% for staff. We have PM in marketing, and then we have about 7% go to the Linux Foundation for fractional staff. They're the folks that in HR who run our benefits, all of the finance team, we process anywhere from 40 to 80 individual invoices on behalf of our projects every month, all kinds of things. And so
Brian Kardell: What's an example of, what are examples of some of those invoices that you have to pay out every month?
Robin Bender Ginn: Some of 'em are infrastructure charges. Some of those we have contributed for free. We actually have $2 million a year in infrastructure contributed for free from CloudFlare and Digital Ocean and Fastly, which is awesome. But we have a lot of others just to run the infrastructure projects from Slack and Discord and Gmail and all those types of things. And of course when we run events or any sort of logistics for the organization, that drives that number up quite a bit. And we pay vendors. We have legal support. Our projects rely on our legal. About half of that is trademark, registration and enforcement. So when new projects come in, we want to sort of reinforce that trademark. So not just for marketing purposes, but if we want to be seen as the authentic download link. So it's really important that we enforce those trademarks.
Eric Meyer: So you said a 2.9 million budget?
Brian Kardell: Yes. That's not very much.
Eric Meyer: No, I was doing the math in my head. If it's 26 billion just to pay all the maintainers, your budget is approximately very close to one 10,000 of what would be
Robin Bender Ginn: Needed. And 1 million of that is new this year, close to 1 million. It's about eight 50 for an event. And the last two years we sort of took a hiatus on events. We did some co-locations, but events are the largest kind of risk for any organization and maybe outside of CubeCon, ask any event organizer if they're making money off events. It's definitely a big risk. So that's sort of skewing our budget this year with money in and hopefully money out. We just had the JS comp brand donated to us, so hopefully we'll have at least a break even year this year, but we're willing to invest a little bit.
Brian Kardell: Is fundraising part of what you do?
Robin Bender Ginn: I do, absolutely.
Brian Kardell: What's that? Because in a way, Eric and I are also fundraising for the web and open source, and we have to talk to people about what Igalia does and what's your experience, because not in the same situation, but it's a little bit similar.
Robin Bender Ginn: It's similar. And I think the three of us, we probably have, we would assume we would have a golden Rolodex. We've been around for a while. We know people, but it's not easy because everyone else is raising money as well for their technology projects. And I think the number one thing I hear all the time is it's not a priority.
Brian Kardell: Yeah, totally.
Robin Bender Ginn: Yeah, you're essentially competing against everyone else. So yeah, we hear it's not a priority. There is a lot of cuts. I will credit, I think, to our members. I think we've been flat year after year, and I've been able to essentially double our budget with grants, which is kind of a new revenue stream for a foundations affiliated with the Linux Foundation. Whereas I think during covid and some of the layoffs, we did see some foundations with a good drop. But what I found most effective for fundraising is you need to have developers sort of working in our projects to sort of reinforce the importance of what they're working on and how that benefits the company, that developer feedback they're getting. We always say developers features are sort of added by people doing the work. If you want a feature, it's important to you, it's important to your company. You just got to show up and do the work. So it's easy as that.
Eric Meyer: And when companies tell you it's not a priority, do they ever say what the priority is or is that
Robin Bender Ginn: They do often It's sort of, again, the bright shiny pennies. It's AI and it's security.
Eric Meyer: Well, one of the two I can understand.
Robin Bender Ginn: Yeah. Yeah. And we've gotten grants from Alpha Omega, which is great. There's still a lot of money funded to open ssf that provides a lot of great work as well.
Eric Meyer: Yeah. And so grants, you said that that's a new revenue stream. Is that something that you have a background in or you've found someone who's good at it, or how did that happen?
Robin Bender Ginn: Well, I do have a background. I worked on privacy and security for seven years before starting an open source, so I understand that. But I'm also a writer, so grants are really writing intensive to get that grant application. For example, the German government created the sovereign tech fund for infrastructure. My grant application was 18 pages, single space. So it's not easy. And the execution was hitting quarterly milestone deliverables, quite in billable hours.
Brian Kardell: It's like simultaneously so positive. And also, so I dunno, tricky and frustrating because I think we're still early in it, don't understand it enough as a species, but a Gallia has also been doing more grant related work for us. A lot of times what we have done in the past is purely investment. We think a thing needs to be done and nobody is doing it. So we just do it. We invest, we pay our peers to do the work, but now we get at least some of that also covered through grants. So it doubles our ability to do the same investment. We invest the same amount. We can do twice as much. And I guess it's like this for everything that requires grants is to spend a lot of time trying to get the grant. And at the end of the day, you might not get the grant. And then if you do get the grant, it's great, you do the work, but there's no guarantee you can get more.
Robin Bender Ginn: Yeah, the trick in getting a grant is to create a new program that you could not otherwise do without that grant. So that's really the trick. Now, the downside is they don't like to renew grants. And so what you've done is you've created a new program, which essentially is a new dependency on your organization. So if it is not renewed, then you are looking for to backfill that gap.
Brian Kardell: Yeah, it's really interesting. And then other things can interrupt it. The sovereign tech fund has been interrupted with recent developments in Germany. That's throwing a wrench into a lot of the things with the sovereign techs fund at the moment. But
Robin Bender Ginn: I don't want to be like EO when it comes to grants because honestly, it did help us leapfrog tremendously. Many key areas I think, of our organization. We had, I mean our infrastructure was a mess. We have a lot of older technologies, 15, 20-year-old technologies where the infrastructure were like, we joke about wobbly servers in somebody's closet who no longer works in the project, it's likes. So we really did an archeological dig and consolidated all the infrastructure, modernized it, and then moved it over to the Linux Foundation. So we could have never done that without that grant.
Brian Kardell: Yeah, I definitely don't want to be EOR on that either. Like I said, we can double basically more or less how far our own money goes by explaining why we think is important and getting some kind of, if we get somebody to fund this half, then we can do this other stuff. So yeah, we really like it. And also we see that even governments around the world or White House has put out a number of times in the past couple of years, things like parallel programming in languages like rust are the future. They must be memory safe, parallel languages must be the future. And it's like, yeah, rust, we do that. Servo is a project.
Robin Bender Ginn: Good one.
Brian Kardell: Sure could use funding government. So yeah, I think I'm very positive on ways that we can get other kinds of funding that is more like the ecosystem finds a way. But on that note, I have a question. The Linux Foundation, is it founded, headquartered in the us?
Robin Bender Ginn: It is headquartered in the us
Brian Kardell: And so it's a nonprofit but is a 501c3.
Robin Bender Ginn: It's a 501c6
Brian Kardell: C6. So that means that you can't write off donations to it, right?
Robin Bender Ginn: Correct.
Brian Kardell: That's a thing that I've heard a number of times would really help incentivize businesses to give. Have you heard that as well?
Robin Bender Ginn: No, to be honest. And actually open js, however, is independently incorporated. We're one of three projects at the lf, so we have a master service agreement. So the LF does have a charity, a 501c3 I've heard if you want to apply for a 501c3 today, I've heard from our attorneys, it's about a 18 to 24 month wait, but they do have that set up at the lf. I sort of hear the opposite. We have a sustainability collaboration space, which are our working groups at open js, and people are bouncing around, should we have a for-profit? What should we think about? And we started thinking about it a little bit with our ecosystem partner program where hero devs is the first partner and hero devs is giving us a revenue share from their enterprise customers if we co-market with them. And so that was a really interesting challenge with our attorneys and tax attorneys and nonprofit attorneys. We came to understand that because this is helping the broader ecosystem on the code that's already been put to bed, we're fine with our 501c6, however, if we bring in too much revenue, we may have to spin off of for profit. So kind of pushing the boundaries I think of open source a little bit. But
Brian Kardell: Yeah, I like it though. I mean, I think we need to figure out ways to push the boundaries because they're currently kind of running up against the limits of it. Maybe honestly running a little bit on borrowed time in a few ways
Eric Meyer: At a 501c6, what is a C six? It's like
Robin Bender Ginn: Think about an industry trade organization. It's just a little different.
Eric Meyer: Okay,
Robin Bender Ginn: So
Eric Meyer: This might be a little bit spicy, but it seems to me that there's an attitude in open source that if you're not volunteering, you're not doing it for the right reasons. You should be giving your labor for free essentially. And people who want to get paid are to use a term for my youth sellouts. Is that something that you encounter and is it a source of friction in trying to make all this sort of thing happen?
Robin Bender Ginn: It's not something I've experienced or seen. I think because again, we're primarily volunteer led. I also think the newer generations are pretty solid with their work-life balance, and they're doing it out of passion. The big problem with that sort of model on volunteering is it really hurts women to enter open source projects. And the Linux Foundation did some research and on diversity and time was the biggest blocker because unfortunately still women, you could have a great career, but you're still coming home and they still take on the majority share often of household chores, childcare and things like that. So if you're taking that approach, then that does not help or cause
Eric Meyer: Yeah, and I don't know if you looked at people from underserved populations or marginalized populations, it also tends to exclude them because they don't necessarily have the economic resources to just, I'm going to give 10 hours of my week to maintaining this software package or contributing to the software package because they are trying to get by. When we talked about a lot of developers wouldn't work for 43,000 a year. I mean in some countries that is not much above what is now considered the poverty line.
Robin Bender Ginn: And don't you think open source is just mainstream now? So because it is and every company's using it, it should just be normalized within your day job,
Brian Kardell: You're saying? Contributing to it.
Robin Bender Ginn: Contributing,
Brian Kardell: Contributing to it. So I can tell you that for me, I was doing contributions to open source when I was working for previous companies and for them they had no problem using it. But for you to participate, you sign agreements when you work there that say that you kind of can't without special permission. And I think a lot of developers don't try to get it and those who do it winds up being difficult. Maybe they're the first ones at their company and you have to involve the legal teams. And I dunno, for me, I think at a few companies drew attention to, gee, what is that guy doing? We have to pay lawyers special to deal with this guy. I mean it all worked out in the end, but I do think that I can see a lot of situations that are discouraging for people wanting to do it at a lot of companies. So it would be great if it could be normalized, and it's been a minute since I worked in a corporation, but at least when I did that was my experience. And
Robin Bender Ginn: Yeah, I heard from osbo open source programs office leader of a financial organization a couple of weeks ago that it takes two months to get a full request open at their company, which is far different from another, for example, say Capital One who's one of our members who has a great innovative oswell program. So hopefully the industry will help bring others along. But you're right, it's a challenge.
Brian Kardell: So I've had a unique opportunity the way that I've interacted with open source and corporations and the different corporations that I've been able to work with, and I think for a lot of companies it would be easier to somehow give money. So there's very clear delineation of that's your thing, and we use it. And I like the ideas that we're talking about how you would fund that both government and for-profit models, the for-profit thing. The interesting thing about this to me is that both of them are just really trying to say, well, nobody wants to pay for the boring stuff. It's the roads and the bridges, and it's the stuff that we all use to make the stuff that people really want, but people will pay for the stuff they really wants. Generally, we just need a way to subsidize it to place some kind of levy and the amount of money that is generated through these projects and the amount of products and things that enables us to build all of it is funded by a tiny, tiny, tiny fraction of that. So I think it's just finding a better way to structure that model somehow. Are you
Robin Bender Ginn: Talking public or private or combo?
Brian Kardell: No, I'm trying to tap into what do you think? What are your ideas? I think it's probably a combo. I mean I know that I was saying the government in the US has made a number of statements, but I don't think that it has generated, it has in some other countries funding action. Maybe we're just early in those days. Maybe there should be a lot more of that. Maybe we need, I don't know. I don't know. I don't what we need. I'm asking what do you think? Yeah,
Robin Bender Ginn: I think typically when there is a government mandate, money follows, I think is what we found. We found it with the Obama administration with electronic health records. We found it privacy and security a little bit. There hasn't been much on the federal side, but once the US government starts putting out security directives and then they release grant opportunities for an open tech fund, and they said that they would only fund four projects. Geez, I have 30 projects and that's just me. So we have a long ways to go. I also participated an OECD Organization of Economic Development event in Korea this year on cybersecurity. So it's essentially the German sovereign tech fund leaders of many countries. I found there's not a lot of international coordination. There's still folks like the sovereign tech fund leaders like Fiona and others who really have to be pretty scrappy to do pilots and sell up through the government. Then of course, then the administration changes and then what? So we do have a long ways to go. And I think with privacy, the choice point data breach was really the eyeopener and everyone's like, oh my gosh, privacy is important. We should do something. I don't know if we've had that. Do we need a crisis? I don't want a crisis on my watch for sure.
Eric Meyer: Yeah, we've had enough crises really. I feel like it would be nice if we could learn without one, but there isn't a thought of let's commit to this for 20 years. Let's commit our company, our organization, our government or whatever to support this thing for a generation. The best you can get is usually however long the current government lasts or whoever was the champion at a given organization retires or leaves for another job or whatever, and it's frustrating.
Robin Bender Ginn: This is the nice segue for Brian to talk about standards and how planning for 500 years ahead,
Brian Kardell: I mean that is very interesting to me because we talk a lot on this show. This show will go into our web ecosystem health series, which is how is all of it funded is tricky and changing W three C recently only in the past, I think two or three years became a legal entity itself and is a 501C3. I'm really curious. Time has not passed long enough yet for us to know if that will impact people's ability or willingness to donate money. But yeah, the thing that makes it all possible today in terms of implementations is ultimately Google default search money. And that's probably going to get disrupted here pretty quickly. And then what, we're still early in standards even. We only have been doing standards as something that humans are trying to solve as a thing for about a hundred years before that, there were standards, but they were just defacto.They were just like, Roman roads are this big because we said do it. But I just think we're still learning. We all know what we're doing and we're defi nitely not planning sustainably for the long run yet. They're really important standards. I mean, they're the foundation of everything at this point. I mean, the call that we're doing right now recording this podcast is using a ton of web standards implemented in, I don't know what browser you both are using, but it doesn't matter. It will work in any of them. But then at the end of the day, at some point you start making a lot of money. It would be great if you were to help pay for the roads and bridges that make all this possible. That's the part we got to work on somehow. I would love to hear what ideas are banging around about how you make it for profit. Because you can see from the way that we fund all this, that there are plenty of ways. There's so much money being generated, you barely need to tap into any of it really. These are huge numbers we're talking about, but when the population is billions and billions of people and money is floating all over the planet to pay for everything, it's not that much money really.
Robin Bender Ginn: I always like to say we don't like to pick winners or losers with open source projects, but I mean, I bet my career on coming to a foundation, and I think a lot of companies are sort of betting their technology choices on foundation hosted projects. Where do you invest your future? Would you invest in an open source project being hosted by a company that may or may not be around in the future? Or would you do it at a neutral organization? So I'm kind of hoping that at least sort of makes a dent in where people invest
Brian Kardell: Hopefully.
Robin Bender Ginn: But you're asking what for-profit models? So some of the things, the mud on the wall that people have been kicking around, there's a couple of things. People, again, I said they'll want to come and they'll want to buy a feature. Let's just say that and we'll say it's important to you come work on it. But some folks from big companies have told our collaborate, our sustainability collaboration space, we'd probably pay for that. They probably won't let me work on it as part of my day job, but we might just pay for that. So that's an idea.
Brian Kardell: This is another tricky thing because it suffers from the first thing that you talked about, which is shiny feature. More people will be willing to pay to implement shiny feature, but then shiny feature has a maintenance cost and the maintenance cost is really boring. And when we think about maintenance costs, it can be, I don't know, it's tricky. I have a website that I could leave for 10 years and it's probably okay. It's just a website. It's built on standards, so there's no problem. But all of the things that make it possible, the web browser, the operating system, all those things, they're constantly evolving. They have security vulnerabilities that people are trying to patch and operating systems are updating. If you do nothing, they bit rot, they become less secure. And so to keep those updated, you need lots of boring stuff. You need CI infrastructure, you need testing, you need people doing security releases, maintaining all that boring infrastructure.
Robin Bender Ginn: That's a big part of my budget for next year is the infrastructure.
Brian Kardell: And so I think I say it suffers from that problem that you said earlier that nobody wants to pay for the boring stuff. They don't think about the boring stuff, but also the comparison that you made for government grants, right? It's like you can get a grant to get the new program, but then you have a program, they don't want to continue funding it.
Robin Bender Ginn: And that's where the pickle we got in, I think with sovereign tech funds. So to maintain the infrastructure that we've just migrated requires $200,000. You have to have people on call all the time, and it's just the operational costs, which is actually not bad, but that's $200,000. So big for me, a silver member ranges from $5,000 a year to $25,000 a year year. So those are primarily a lot of new members. So I have to sell a lot of silver memberships.
Brian Kardell: No, but this is actually a really difficult thing to even gauge to even. It's also is one thing to sit on this side and criticize, but also if I were to put myself on the other side, it's hard. We are a little bit on the other side. So we have LIC as a web browser that we make, and we can't get enough investment to do any real upstream work. We barely are keeping that going. So at what point do you become responsible? Because honestly, if somebody was like, here's 5 million more dollars, we would be like, great, we can definitely spend 5 million on wic. I mean easily
Eric Meyer: Or servo.
Brian Kardell: Yeah, that's what I'm saying, right? Well, with Servo it's easier because you are putting it directly into the engine. It is the roads and bridges you're investing in there, but with wic, you're investing in the interface and the product that is painting the stuff onto the screen, but not the engine. But yeah, I'm saying that stuff at the top also costs money, and you also want it to be good product, and you also have to make it competitive, and you also have to do all the boring stuff. You have to keep up the security releases and how do we figure out this arrangement, which I think we'd need to figure out where you can do good things. You can create, you innovate, you can do all the stuff that we love about open source. I mean, you can do personal projects, can do, there's so many things that you can do without having to go and get investment. But then at some point, how do we make this arrangement so that at some point you're like, yeah, but now you kind of have to pay, you have to contribute back. There is no agreement like that. And I don't know, I've thrown around that maybe we should have some kind of non-binding covenant that we promote that, Hey, look, it's not binding, but we're just going to kind of publicly shame you if you don't do it.
Robin Bender Ginn: Yeah, we're joking. Everyone should have an LLC and then they should be able to say, but some of our top maintainers do have service companies, and when someone says, Hey, they basically treat our maintainers like their own personal help desk, Hey, this is broken, fix this. And we're like, no, this is open source. This is how it works, but I have a separate company. If you want to pay me, we'll do it. And then it's crickets, right? Nothing.
Brian Kardell: Totally, totally. I mean, Igalia is a service consulting company, and so we're totally familiar with that concept. Sure.
Robin Bender Ginn: Yeah. On the flip side with security, I always like to say we're good at turning money into security, and we have hired engineers to work on security and also add to their plate that they need to grow the ecosystem. So for example, node js did not even have a working or an active security working group. And then we got an Alpha Omega grant three years ago. We've gotten it three years in a row, and now they've just doubled the output. They created processes and policies. They have half the churn now. They have a really thriving security working group. So there are some success stories, but that was a paid person whose full-time job was to make it happen.
Eric Meyer: It's so discouraging because obviously it's a huge scale problem. When you put up numbers that say, if we funded every one of the maintainers, that's 26 billion, immediately everyone just goes, well, it can't be fixed. And at the same time, that would be a bargain at the global level, at a holistic level, that would be a huge bargain for what it would yield. And I don't have to tell you how hard it is to convince people that they should contribute to solving this problem. It almost does feel like somebody's national power grid is going to have to go down because the XKCD comic, the open source maintainer, stopped working on the thing that holds up the entire national power grid, and then maybe that nation will start investing. And then does that just have to happen for every country to start getting those investments in every company? That's so frustrating and disheartening.
Brian Kardell: What's wild to think about to me is that we live in such an age of subscription services at this point. Do you have Netflix? Do you have Hulu? Do you have Amazon Prime? Do you have Disney plus? Do you have Max Apple tv? One of those services costs me 10 or $20 a month. If everybody who has streaming services through 10 or $20 a month into a pot, that would be so much money. And what I'm saying is, the reason I'm saying that is because the fact that whole product exists to help you find ones that you don't even know you have, probably we could afford to do it, is what I'm saying. It's not going to drive anybody into serious financial hardship. That's what we need to do. Let's make an open source project that is the thing that scans to make sure that you don't have accidental things. And it says, Hey, how about just one of those you donate to the Linux Foundation or something? Right.
Robin Bender Ginn: Well, and I sort of joke, I spent my whole life kind of rocking the proprietary software boat at Microsoft, so free and open source. So yeah, It's A free slope.
Brian Kardell: Yeah, I think it's worked out pretty well for Microsoft. At the end of the day, I think open source isn't hurting them too much.
Robin Bender Ginn: No, the cloud is a wonderful thing. Right?
Brian Kardell: Yeah. Okay. I had just pulled out of the notes a thing that I wanted to throw in there a while back, but you had mentioned the Obama administration allocated some money for the adoption of electronic health records.
Robin Bender Ginn: $36 billion
Brian Kardell: 36 billion. What's that one number?
Eric Meyer: I'm just curious. 36 billion over what span of time?
Robin Bender Ginn: It passed in 2009, the high Tech Act like a couple of years, two or three years earlier, or I think EHRs were in doctor's offices perhaps at 10%. I think when it passed and was starting to be implemented in 2009, they were about 44%. And just a couple of years later, they went up to almost 90%.
Eric Meyer: Wow. So 36 billion to raise that number over a couple of years. So we can even say over three years because they hit 90% in two years. But even if it's over five years, that's still around 7 billion a year. And that's, that would be nice to have that kind of investment just sort of in the open source ecosystem long term. Like I said, that's one country.
Robin Bender Ginn: One country, yeah.
Eric Meyer: And I mean, granted one of the most affluent countries for the country with one of the largest economies in the world, but if that one country could do, let's just say 5 billion a year for 25 years, and you could get the European Union to kick in another 5 billion a year for 25 years and then a few other countries, and you're starting to get close to that 26 billion that you were talking about to pay all the maintainers, which is granted not necessarily what you would do with that money, it would probably be invested in other ways. But you could at least, I mean, rather than trying to say, we'll pay you $43,000 to work on this, but if you could say $20,000 a year for 10 hours a week or $10,000 a year for five hours a week, and I'm not even doing the math in my head. I'm just saying, here's this amount that means that you are not having to give up all this free labor. Well, you're being paid it in some way. And I would help the underserved populations that you talked about earlier, women and marginalized communities, and people who are not in $250,000 a year engineering job or whatever, to be able to say, yes, I can actually donate some of my time to this. And some of those people could be project manager types, not just the developers, but people who are doing the release notes so that the developers don't have to do it.
Brian Kardell: One of the things that I feel is related with standards that I should have probably said is that in the process of growing, we've included lots of different people, and they initially, at least were talking a lot in theory and also in terms of how we relate to these things. Are they just a bunch of disjointed things or are they all part of a web browser or whatever? And one of the things that I see is that there's a lot that happens in standards organizations that is aspirational, I guess, and that's fine. But one of the things that happened with the creation of the what working group is like, but if you don't have the browsers, then, I mean, it's just aspirational. I mean, there's not anything wrong with it being aspirational, just you need a way to ultimately fund it. And one of the things that I've been thinking and pitching for a while is that those working groups should have a common pool that they pay into that then given their magic pile of money, that's not so magic. They just paid into it at the end of the year. They can prioritize that. And that, I think is the way that some of the technical steering committees work and things like that. What do you think about that as an idea that when we make these things, somehow rooting it in the concrete of how are we going to pay for it is helpful and it helps keep it grounded.
Robin Bender Ginn: I think it goes back to when you're talking about having magic piles of money within open governance, and how do you prioritize the spend? That's something that we're thinking about as well. And there's been some best practices. There's also some pitfalls we talk about, there's a big difference between paying for pizza and paying for people. Very easy to pay for pizza. But when you start paying for people, it gets very complicated. And really, sometimes you can't do that with all of the other business and legal pieces around you, so
Brian Kardell: Very much. Yeah.
Robin Bender Ginn: So it's more complicated than it seems. And that's why sometimes sitting again, if it was just a working group with some developers, that becomes a little more complicated. But having a fiscal host, so to speak, a foundation or another entity helps provide all of the other essentially compliance pieces that you need.
Brian Kardell: If we did have big funds like this too, then you need governance. I mean, one of the things with Lennox Foundation, open js, there's a lot of things around governance, a lot of thought around that. Yeah. I mean, if there was a really giant fund, if you had a big pool of money, there's definitely questions about what's fair, not just fair. I don't want to say right, because maybe there's not a right. It's a challenging problem.
Robin Bender Ginn: I mean, governance is key. And I've developed these grants with the projects, and I think the node project, and even jQuery before that really set kind of a north star with governance, and it really does work. It's amazing. And so working on grants and spending money with the technical steering committees and open governance has worked as well. I think the more money that comes, I think there will be challenges. I know folks worry, will it be fair? How do you reward one working group over another? So, boy, I like to do this in my own time. I don't like having expectations on delivering certain things at certain times. So that sort of brings some discomfort, I think, with the idea of money.
Brian Kardell: Yeah, totally. And I think part of the challenge is for us to figure it out. Like I say, I think we just haven't figured some of this stuff out as a species yet. I think we will. We need more time to explore it, and it's exciting to see the things that are happening, because nothing is radically altered anything yet. But I think you mentioned grants, you had a pretty significant overall increase given the grants, so that's great. Is there anything else that you would like to tell us about?
Robin Bender Ginn: Well, I think, again, as a species, we do have that sustainability collaboration space. We are totally throwing mud against the wall right now, so all ideas are good ideas. So that's kind of where we are. We were even just sort of working on the time, and we've had a few people show up, but I'm very comfortable pushing the edges of comfort. I always think the best lawyers, we have some of the best lawyers, they're our business partners. They want to help us succeed. And then I have this wonderful community with the Linux Foundation. I'm part of the leadership team where we joke, we shamelessly rip each other off. So yeah, they're my great cohort. We meet biweekly. So if anyone has any idea and you participate in any of these foundations, bring it to us because we're totally open and cool, because we know how important this is in the work that's being done.
Brian Kardell: And how would people bring it to you?
Robin Bender Ginn: Well, for us, we have a public calendar and a public open invite on our Slack channel. So we have a sustainability channel on our Slack and our calendar. You just need to go to the homepage of the open JS website. That's open jsf.org. You'll see the little calendar icon, and then you'll find our meetings. So all under sustainability and final thoughts, if you have a magic pile of money sitting in your organization, hit me up.
Brian Kardell: Or even if it's not magic,
Robin Bender Ginn: If it's real. Yeah. Yeah. Our membership at different levels, sponsoring events, very deeply appreciative. And I always say we balance our budget every month. We know where every dollar goes. We're quite diligent about that.
Brian Kardell
Eric Meyer
Robin Bender Ginn