Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Fixing The Open Source Bus Number

Sponsored · Ship Features Fearlessly Turn features on and off without deploys. Used by thousands of Ruby developers.
Avatar for Holly Cummins Holly Cummins
March 18, 2026
Programming
0
8

Fixing The Open Source Bus Number

Open source is a marvellous multiplier which amplifies our collective productivity by allowing us to code on the
shoulders of giants. It has clear benefits for business continuity.

But things can go wrong. Many critical projects have just one or two maintainers (we’ve all seen the xkcd cartoon about
modern digital infrastructure, haven’t we?). Sometimes those maintainers no longer have time, or burn out. At the other
end of the spectrum, even projects with many active contributors can grind to a halt with the contributors all work for
the same employer, and that employer changes their business priorities. Investment can dry up or the licence can change.
After all, the business environment for open source is tough these days.

What can be done?

The classic solution for increasing a team’s bus number is to use pair programming to share knowledge. In the
asynchronous and distributed world of open source, pair programming can work, but it’s harder – and it can’t fix
changing business realities or hostile licence changes.

This talk will discuss some of the strategies used by the Quarkus team to help ensure our open source community is
prepared … for almost anything. These include

- Using GitHub organisations to allow independent contributions with a ‘safety’ backup if maintainers disappear
- Productising dependencies so that anything in the stack can be rebuilt to address vulnerabilities; this helps with
security, and also helps with investment
- Joining the Commonhaus foundation to ensure Quarkus can’t ever be owned by a single company

Some of these have been easy, some have been tough (the logistics of moving to a foundation are not for the
faint-hearted). In this talk, Holly and Sanne will reflect on what’s worked well, what’s transferrable, and how all of
us can be prepared for the future of open source.

Avatar for Holly Cummins

Holly Cummins

March 18, 2026
Tweet

More Decks by Holly Cummins

See All by Holly Cummins
Developer Journey: Accelerating Developer Productivity
Avatar for Holly Cummins hollycummins
1
41
The free-lunch guide to idea circularity
Avatar for Holly Cummins hollycummins
0
210
How Quarkus makes your apps cheaper, greener, and happier
Avatar for Holly Cummins hollycummins
0
210
Five (and a half) Cool Things You Can Do With Quarkus
Avatar for Holly Cummins hollycummins
0
250
Developer Joy - The New Paradigm
Avatar for Holly Cummins hollycummins
1
590
Things You Thought You Didn’t Need To Care About That Have a Big Impact On Your Job
Avatar for Holly Cummins hollycummins
0
460
Six and a half ridiculous things to do with Quarkus
Avatar for Holly Cummins hollycummins
0
960
Things You Thought You Didn’t Need To Care About That Have a Big Impact On Your Job
Avatar for Holly Cummins hollycummins
0
1.2k
LangChain4j, Java, and You
Avatar for Holly Cummins hollycummins
1
510

Other Decks in Programming

See All in Programming
モジュラモノリスにおける境界をGoのinternalパッケージで守る
Avatar for magavel magavel
0
3.6k
AI駆動開発の本音 〜Claude Code並列開発で見えたエンジニアの新しい役割〜
Avatar for hisuzuya hisuzuya
4
510
[SF Ruby Feb'26] The Silicon Heel
Avatar for Vladimir Dementyev palkan
0
110
AI時代のソフトウェア開発でも「人が仕様を書く」から始めよう-医療IT現場での実践とこれから
Avatar for kouki.miura koukimiura
0
150
CDIの誤解しがちな仕様とその対処TIPS
Avatar for futokiyo futokiyo
0
220
ロボットのための工場に灯りは要らない
Avatar for watany watany
10
2.9k
Claude Code Skill入門
Avatar for maya mayahoney
0
390
RubyとGoでゼロから作る証券システム: 高信頼性が求められるシステムのコードの外側にある設計と運用のリアル
Avatar for free_world21 free_world21
0
290
new(1.26) ← これすき / kamakura.go #8
Avatar for utagawa kiki utgwkk
0
2.3k
コーディングルールの鮮度を保ちたい / keep-fresh-go-internal-conventions
Avatar for NAGATA Hiroaki handlename
0
200
ふつうの Rubyist、ちいさなデバイス、大きな一年
Avatar for bash0C7 bash0c7
0
960
AWS×クラウドネイティブソフトウェア設計 / AWS x Cloud-Native Software Design
Avatar for nrs nrslib
16
3.2k

Featured

See All Featured
Leadership Guide Workshop - DevTernity 2021
Avatar for David Neal reverentgeek
1
240
From π to Pie charts
Avatar for Rasagy Sharma rasagy
0
150
Between Models and Reality
Avatar for mayunak mayunak
2
230
Applied NLP in the Age of Generative AI
Avatar for Ines Montani inesmontani
PRO
4
2.2k
Typedesign – Prime Four
Avatar for Hannes Fritz hannesfritz
42
3k
How Software Deployment tools have changed in the past 20 years
Avatar for Geshan Manandhar geshan
0
33k
Why Mistakes Are the Best Teachers: Turning Failure into a Pathway for Growth
Avatar for Umar Saidu Auna auna
0
83
The #1 spot is gone: here's how to win anyway
Avatar for Tamara Novitovic tamaranovitovic
2
990
技術選定の審美眼(2025年版) / Understanding the Spiral of Technologies 2025 edition
Avatar for Takuto Wada twada
PRO
118
110k
Reflections from 52 weeks, 52 projects
Avatar for Jefferson Lam jeffersonlam
356
21k
Skip the Path - Find Your Career Trail
Avatar for Mark Kilby mkilby
1
80
ReactJS: Keep Simple. Everything can be a component!
Avatar for Pedro Nauck pedronauck
666
130k

Transcript

  1. Holly Cummins Sanne Grinovero Monki Gras - March 19, 2026

    Fixing The Open Source Bus Number

  2. https://xkcd.com/2347

  3. Distribution of maintainers number of OSS projects https://opensourcesecurity.io/2025/08-oss-one-person/ by Josh

    Bressers

  4. Challenges for open source

  5. Lack of funding

  6. Lack of time

  7. Maintainer burnout: doing it on top of a full time

    job

  8. Slop PRs make it way worse

  9. None

  10. Maintainer boredom

  11. User boredom

  12. User hostility (or just lack of appreciation)

  13. ‐ Layoffs ‐ Re-assignment Sponsoring company strategy shifts

  14. Attacks to inject backdoors

  15. Hostile forks

  16. Hostile clones

  17. Lazy clones

  18. None

  19. “Build is the New Buy” - - Steve Yegge

  20. Code has lost its value

  21. But open source still has value does it? :( :(

  22. Hardened base components

  23. Trust

  24. Secure supply chain

  25. Familiar to LLMs

  26. Agents will use your code better if they can read

    the source

  27. Community and collaboration, for some of us :)

  28. “Bag of cats”, tracking down zillions of forks and deciding

    which to use would be terrible Spec and tests is the hardest part, community maintains these

  29. What value do maintainers bring?

  30. Maybe it’s not about code anymore?

  31. Guardians of quality + performance

  32. Consistent mission + vision

  33. - “anti-roadmap” (pushing back is hard when everything is easy,

    but it’s still important)

  34. - own the roadmap

  35. - providing guardrails, applying shared principles to PRs

  36. - maintain performance

  37. Maintainers matter.

  38. What about the bus?

  39. We have the technology to deal with epistemic debt Losing

    technical knowledge less of a concern these days

  40. Epistemic Debt? The unconscious loss of understanding of a project

  41. Losing keys is still very bad :)

  42. Losing the mission and understanding of the brand: bad

  43. Conclusion: The bus is still bad

  44. How do we fix the bus?

  45. Money, money, money.

  46. Long term license guarantees

  47. Maintenance (people writing code)

  48. ‐ Knowledge ‐ Key sharing Continuity planning

  49. Trademarks Legal protections

  50. Experience report How does Quarkus fix the bus?

  51. Convenient solution: a foundation

  52. But …

  53. Solution: A new foundation!

  54. https://xkcd.com/927/

  55. Beware Not Invented Here

  56. The Quarkus Foundation?

  57. Introducing:

  58. None

  59. A legal framework to accept donations

  60. Unlocks free stuff! ‐ 1Password (for all open source) ‐

    Scarf.sh (Commonhaus partnership) ‐ Gradle Develocity (Commonhaus partnership] “Proper OSS” stamp of approval

  61. ‐ trust ‐ continuity Trademark management

  62. Succession planning

  63. What if the money runs out?

  64. None

  65. Assets have to go to another non-profit

  66. A project in a foundation will be open source forever

  67. Beyond a foundation

  68. Simple mechanics can help a lot

  69. Resilience through idiot-proofing

  70. Resilience through road-paving

  71. Enrich existing systems to reduce friction

  72. None

  73. ‐ Common keys ‐ Release scripts ‐ Common Terraform-iness ‐

    Org-level privileges to avoid abandon-ware •

  74. What helps project survival?

  75. ‐ Consulting services ‐ Commercial support ‐ Extended lifecycle Make

    profit possible

  76. Integrations to vendors

  77. Keep it interesting

  78. Conclusions

  79. Open source is a multiplier

  80. Maintainers are the heart of open source

  81. Open source is not just “hosted on GitHub”

  82. A network of trust is everything

  83. https://xkcd.com/2347 (modified)

  84. https://hollycummins.com/monkigras-bus-factor/