Managing the complexities of modular software
Three ways to improve the sustainability of open source projects
But what impact does this have on your software development?
Open source software has been astoundingly successful. Today, it is the basis upon which much of our technology is built, technology that keeps us warm, safe, and happy. Open source projects enable young developers to learn from veterans and entrepreneurs to build million-dollar companies in the space of months.
As great as open source is, we need to be looking out for its future.
A brief history of package management
In the last month, we’ve alluded to the relationship between package managers and small, modular packages on a couple of occasions, without explicitly diving in to what that relationship looks like.
Don't judge a project by its GitHub stars alone
Application developers today are used to relying on and pulling in a number of open source libraries to help them focus on the functionality that’s important to their business. Rather than requiring you to find and download each of those libraries individually, though, most programming language ecosystems have a standard (or defacto standard) package manager that helps you to install and manage those libraries.
But if we step back in history to a time before any of these modern package managers existed, there was an earlier form of package management for Linux. In fact, Linux distributions have provided package managers for nearly 25 years now.
What makes a top open source package?
Open source is now universally accepted and employed by developers and companies across the world. This rise in popularity, though, has raised many questions about what exactly the new world of open source looks like.
What are the most popular open source languages?
Which packages have had the greatest adoption?
How many packages are actively being used?
As we started to ask questions like these, we realized we needed to simplify our questions a little bit. When it comes down to it, do we even have ways of getting reliable answers to these questions?
Revealing a world of hidden dependencies with Libraries.io
Open source is everywhere—not just in startups or big companies but in practically every development team and every language imaginable.
And now we have a chance to better understand just how widespread it really is.
Earlier this week I wrote about Libraries.io, specifically about how its dependent repositories count provides us with the best understanding of the usage and interconnectedness of a given open source package. Today we want to look at which packages are the most interconnected within their given ecosystems, and we’ll do this through the lens of the dependent repositories count.
Our second Libraries.io open data release has arrived
A couple of weeks ago, we announced that Tidelift had joined forces with Libraries.io to make open source software work better for developers and users.
Libraries.io has done a lot of amazing things—many of which Havoc already wrote about—but one of our favorites has been their open data releases, like the one last week, of the largest publicly-available dataset of open source software packages in the world!
This dataset is really unique in how well it helps us understand the inner-workings of the open source universe, but there are a couple particular aspects that really stand out for me.
An intro to Libraries.io, the universal catalog of open source
Today we’re publishing another Libraries.io open data release with over 311 million rows of metadata about open source projects and the network of dependency data that connects them all.
Six months ago we published our first open data as part of our commitment to theAlfred P. Sloan and Ford Foundations. The data supports academics looking into trends in software development, investors to understand the success of projects they support, and developers to understand how their software is used more effectively than ever before.
Last week we announced that Libraries.io has joined forces with Tidelift to make open source software work better for developers and users. Libraries.io’s mission hasn’t changed and we’re going to continue publishing open data releases every quarter to build a stronger, more informed open source ecosystem.
Since our last release the Libraries.io dataset has grown significantly, today we’re releasing data on:
Havoc here! I’m one of the co-founders of Tidelift.
Last week we announced that Andrew Nesbitt and Ben Nickolls have joined Tidelift, bringing their Libraries.io project with them.
Libraries.io started as a side project, but Andrew and Ben spent the past year working on it full time thanks to grants from the Ford and Alfred P. Sloan Foundations. We were fortunate to get to know them and talk them into Tidelift as a long-term home for Libraries.io.
What is Libraries.io?
Simply put, Libraries.io is awesome. It’s a catalog of open source, but unlike many catalog-style sites, Libraries.io is completely language and ecosystem-agnostic. It strives to cover open source in its entirety. This means work on Libraries.io can benefit every ecosystem at once, and it means we can map relationships and make comparisons across ecosystems.
10 PRINT "HELLO, WORLD”
Hello from Tidelift!
Our mission is to make open source software work better for developers and users.
We're a team of open source true believers, with a pragmatic bent.
We’re getting started, and we’d like to share some of our perspective and early activities.
Open Source is 💯
Open source is truly everywhere. It powers financial markets, scientific discoveries, and that buzzing thing in your pocket.
Open source can level the playing field in fascinating ways. At its best, it’s a way for developers to run with their ideas, regardless of geography or background.
And billions of lines of open source code provide an amazing starting point for innovators of all kinds.
What we’ve collectively achieved with open source is incredible.