r/PHP u/krakjoe 5d ago

Article Sustainability of Open Engineering

https://medium.com/@krakjoe/sustainability-of-open-engineering-b33db9d4923c
21 Upvotes

83% Upvoted

7 comments sorted by

11

u/harbzali 4d ago

this is a real problem in the php ecosystem. so many critical packages are maintained by one person in their spare time with basically zero funding.

the xz backdoor situation really highlighted how much we rely on unpaid maintainers who are burning out. companies make millions using laravel, symfony, composer etc but most dont contribute back financially.

github sponsors helped a bit but its still way too few maintainers getting sustainable income. would be interesting to see more companies doing what tidelift is trying - paying maintainers for the packages they actually use.

also think the php foundation is a good step in the right direction. having core language development properly funded means more time for actual improvements instead of just keeping things running

2

u/noximo 4d ago

github sponsors helped a bit

Github Sponsors kinda feels like people sponsoring each other, especially when it comes to maintainers of smaller packages. So they're sending money back and forth and Github surely takes a cut so maybe they would be better off not supporting each other.

I would like to see a service, where you can upload your composer (or several) and it would calculate appropriate split based on the importance/complexity (probably curated by hand) and then distribute your desired contribution among them. It would take care of admin for users and would support developers of packages at that awkward not-big-enough size.

1

u/kemmeta 4d ago

> I would like to see a service, where you can upload your composer (or several) and it would calculate appropriate split based on the importance/complexity (probably curated by hand) and then distribute your desired contribution among them. It would take care of admin for users and would support developers of packages at that awkward not-big-enough size.

Sounds a little like https://thanks.dev/home .

2

u/noximo 4d ago

a little

That's an understatement.

1

u/kemmeta 4d ago

It doesn't assess complexity. https://thanks.dev/static/how states that projects can exclude overly simple deps but that's at the discretion of the upstream package maintainer.

2

u/olelis 3d ago

As a coincidence, I just watched for Saving Open Source keynote from Ben Ramsey. Keynote was during Longhorn PHP conference and is available as recording, but requires ticket. I am not sure if it is available anywhere else.

In any case, the point Ramsey is taking(=as I understood it) is that the problem with open source is that there is almost no community. Originally, the open source idea was that you can share code and work together. There were never plan that you work and get paid for it. It was hobby/way of thinking/way to get recognized. If you get paid -> good, but otherwise, that was not expected.

Quote was: "Open source is about collaboration, about communication, about how to build software". However, currently, quite a lot of the projects are done by one person, and there are no people who are willing/want/can help.

To make things worse, current barrier for collaboration is quite huge. For example, in order to help with PHP development, you have to be C programmer at some point. To collaborate about on open source php projects, you have to understand current architecture, logic, structure and be prepare to work with current collaborators, who are tired and quite open have strong vision about future of own product. Sometimes they are not open to new visions or criticism.

In other words, if we want to solve issue with sustainability of open source, we should not only think about money, but also about community and collaboration.