All OSS projects exist in precarity. This is neither news, nor is it surprising considering the tremendous amount of labor and effort involved in maintaining these projects without clear financial incentive. My colleague Stephen O’Grady has written at length on the subject. His recent Why Open Source Matters is a response to the spate of license changes by commercial entities that previously supported OSS including Elastic, Redis, and MongoDB, with HashiCorp’s decision to relicense Terraform, among its other products, from the permissive Mozilla Public License v2.0 (MPL 2.0) to BSL, looming most heavily.
In the frontend space we haven’t seen commercial entities change licenses, but they have been disruptive in other ways—and, to be fair, not always at the expense of the OSS community. The fact is that external funding and OSS make uncomfortable, but sometimes necessary, bedfellows. In fact, Astro does not fall under the remit of the “indie” label, as they are recipients of VC seed funding. Purity is not conducive to the success of software products, and, frankly, trying to stay too nicely within these definitional bounds is unhelpful. For all of these reasons, it is the evolving convention of the platform that decides to partner with an OSS JS framework that interests me. These relationships illuminate the risks commercial entities pose to the developer communities that blithely form around these frameworks.
It’s worthwhile to pause and flesh out what these partnerships look like. Unsurprisingly, it depends. Netlify acquired the web development platform Gatsby outright, and thereby undertook the maintenance of its native framework called, a bit confusingly, GatsbyJS. Vercel has committed to “sponsoring $5,000 each month towards the ongoing open source maintenance and development of Astro.” In the case of 11ty, its creator Zach Leatherman was able to work on his framework as a Staff Engineer at Netlify. Although he created 11ty before joining Netlify, in 2022 Netlify made the decision to sponsor the framework by having Leatherman work on it full time. This was a boon to not only this project’s development, but also its popularity. Indeed, last year on an episode of the Changelog podcast Leatherman credited some of 11ty’s success to “hitching our wagon to Netlify”:
I would say a lot of Eleventy’s success in the last two years is partially – I mean, at least partially – tied to Netlify. It’s just a lot of legitimacy we get from having our logo on Netlify’s homepage etc.
This sponsorship was not long lived. In June of this year, Leatherman announced on his personal blog that Netlify was no longer sponsoring 11ty. Although he thanks Netlify graciously for the months of support, this post makes clear that: “Realistically it must be acknowledged that this news is a bit of a setback for Eleventy.” It is also worth noting that Leatherman left Netlify to join CloudCannon soon after.
Although large commercial entities are responsible for some of the most popular frameworks, with Facebook’s React being the most enduring, but which also includes Google’s Angular, there is less concern about how funding issues might affect these projects. As platforms and OSS framework maintainers, Google and Facebook are not subject to the same economic forces as Vercel, Netlify, and, until recently, Gatsby. They have also expressed less interest in partnering with indie frameworks as a co-marketing strategy, and, in fact, many indie frameworks are metaframeworks built on top of React such as GatsbyJS, Remix, and Vercel’s homegrown NextJS.
Netlify seems to have been much more interested in acquiring Gatsby’s platform than undertaking the maintenance and goodwill of the community of developers which have rallied around and invested in GatsbyJS. According to Matt Biilmann, co-founder and CEO of Netlify, what made this acquisition desirable was Gatsby’s Valhalla Content Hub, which he explains was:
built in order to help customers get data out of their headless CMS’s, their headless content sources, their legacy systems…and make [the data] query-able in the frontend, through a GraphQL API [which] is an area of composable architectures that we’ve had an eye on for a while.
Although GatsbyJS continues under the MIT license, Netlify is actively damaging this OSS community by seeming to shirk this framework’s maintenance. A July 2023 thread in the r/gatsbyjs subreddit expresses concern that Gatsby starters are no longer being maintained. User the-music-monkey sums up the GatsbyJS’s community’s gloomy outlook in their reply:
Likely outcomes are… Gatsby will move back entirely to open source Or Gatsby is dead.
Would be great for Netlify to shine some light on the matter.
Pre-acquisition Gatsby was well respected by developers not only for the quality of the product, but also for the vibrancy of their workplace culture. Among other laudatory benefits, Gatsby paid developers to interview—an admirable move even in the notoriously cushy tech industry. But things have changed. Now, developers appear hesitant to use a framework at the crossroads of, to paraphrase the-music-monkey, open source and death.
Will the Open Source Rug Pull Come for Frontend Developers?
So, where does the JS framework community go from here? How can we keep the sort of rug pull from happening in the future?
I recently spoke with Matteo Collina, member of the Node.js Technical Steering Committee and the Board of Director of the OpenJS Foundation, about the state of OSS in the JS ecosystem. Collina has seen a lot in his work on the OpenJS Foundation, a Linux Foundation project committed to supporting JS and other web technologies by “providing a neutral organization to host and sustain projects, as well as collaboratively fund activities that benefit the ecosystem as a whole.” In our conversation, Collina noted parallels connecting OSS JS frameworks with the recent influx of commercially backed runtimes like Bun, Cloudflare Workers, and Deno, which purport to offer an improvement on the OSS Node runtime. However, without a community voice in the governance of these projects, there is a danger that the will of the users will be overcome by the financial demands of the sponsoring company, and the VCs funding them. I won’t belabor this point here, as he has expounded on these ideas elsewhere. Instead, I want to draw out an aphorism Collina shared that connects in tangible ways to the future of OSS JS frameworks:
It’s better for the commons to be in a foundation, and not to be part of a commercial entity
Collina succinctly expresses my own beliefs. In fact, this is something backend developers and IT practitioners have been, and still are, coming to terms with as well. The Linux Foundation backed OSS Terraform alternative OpenTofu is a significant case in point. Hashicorp’s licensing rug pull caused many previously complacent developers to sit up and take notice. Without distributed and democratic governance models, commercial interests will take an upper hand to bend a project in ways counter to the community that uses it.
We are in a transitional moment in the frontend space. The market is adding heavily at the same time there is an explosion of new developers—many self taught or trained at bootcamps. Platforms that lower the barrier to entry like Vercel and Netlify, not to mention Firebase, AWS Amplify, and Render, are fulfilling a significant market need. However, the amount of VC money being funneled into these web development platforms has a tendency to undermine the values of OSS, meaning that developers should be vigilant to combat rug pull opportunities, and I suggest looking to foundations as the best means for countering them.
Disclaimer: AWS, Google, Render, Redis, CloudFlare, Hashicorp, Vercel, Elastic, and MongoDB are all RedMonk clients.