There are many ways to financially support an open source project: donations, consulting, dual-licensing, bounties, or even starting a company.
These have worked really well for certain projects or maintainers, but not for open source at large. Why? There are many reasons, but a big one is that these methods only scale by the number of hours you put into them, not by the actual value you create.
What’s more, these techniques aren’t appropriate for corporations to pay projects. Even if a company wanted to financially support open source, which projects would they pay? How would they decide how much? And how could they go through the necessary accounting, legal, and procurement processes for each of their tens or hundreds or thousands of dependencies across tens or hundreds of repositories?
For organizations worth millions or billions of dollars, these complications simply wouldn’t be worth the relatively small amount they’d be paying out.
When a customer subscribes to Tidelift, we scan their open source stack to identify each of their dependencies. Then we split up their subscription fee and use it to pay the maintainers of the exact packages they use.
As a maintainer, we're offering you income to complete some straightforward tasks of interest to commercial users. Things like: verify the license of your package, supply a version map for your package, or tell us about any security vulnerabilities. We call this lifting. Here’s a walkthrough of what those tasks look like, and some more details about what they are and why we ask you to do them.
Package income is calculated each month based on subscriber usage. Payment is then sent to maintainers who've signed on to help us provide the subscription.
Read more details on how we’re paying the maintainers.
Project independence and agency are crucial to us, so we WON’T ask you to do things like help desk or consulting, or give up control of your technical roadmap.
Continue to actively maintain your project.
Keep subscribers informed about which releases are stable, long-term supported, and obsolete.
Write and share with subscribers helpful release notes for each release.
Track and respond to Tidelift-identified dependency issues (such as missing licenses, deprecated versions, etc.). We have tooling to help with this!
We'll walk you through this as needed over email, but here's what to expect:
We will ask you to sign a legal agreement and code of conduct. We've worked hard to make it understandable, and you can exit the agreement at any time with 30 days notice. You can review the agreement in its entirety here.
Our income estimate is for the entire project. If your project has co-maintainers, please discuss it with everyone.