New platform serves open source developers and ecosystems by advancing Fundraising, Security, Mentoring and Diversity

San Francisco, CA – March 12, 2019 – The Linux Foundation today announced CommunityBridge – a new platform created to empower open source developers – and the individuals and organizations who support them – to advance sustainability, security, and diversity in open source technology.

Throughout 2019 and 2020, the Linux Foundation will launch a full suite of CommunityBridge tools to serve open source developers and ecosystems. Today’s initial launch of CommunityBridge offers open source communities early access to three critical tools:

CommunityBridge Funding: enabling developers to transparently raise and spend funding;

CommunityBridge Security: providing transparency into potential vulnerabilities and fixes; and

CommunityBridge People: enabling easy connections of mentors and prospective mentees interested in getting involved in projects and advancing diversity.

“While large open source projects are often well-resourced, many smaller projects require more funds, talent, security, diversity, and resources to thrive,” said Jim Zemlin, executive director of the Linux Foundation. “CommunityBridge is the platform to solve critical challenges and fuel open source innovation and sustainability by empowering people — all in one place.”

Additional Key Details

Early Access: Starting today, the Linux Foundation is providing early access to the platform for select project, members, and organizations. The early access application can be found here: communitybridge.org.

Maintainer and Developer Access and Linux Foundation Support: There is no cost for maintainers and developers to access and use the CommunityBridge platform. As an incentive for projects to get involved in the CommunityBridge early access program, the LF will absorb the cost of any platform and payment processor fees for the first $10 million USD raised through the platform.

Improving Security: According to third party studies cited in a 2017 Forrester report, 80-90% of developers use open source components as their foundation, which become critical dependencies for all software. CommunityBridge provides rich security features such as a scanning service to provide maintainers with relevant information about upstream dependencies, security vulnerabilities, usage reports, and licensing details. It also includes a bug bounty service to provide replicable defects as well as a backlog of actionable data that maintainers can easily use to improve the security and robustness of their projects.

Commitment To Diversity: The Linux Foundation is announcing a new incentive program to reward open source projects that place a focus on improving diversity in their communities through mentoring. The new Diversity Stipends Matching program will offer $3,000 matching stipends for the first 100 diverse mentees engaged by projects through the CommunityBridge platform. This program is available to encourage participation by mentees from traditionally underrepresented or marginalized groups in technology and open source communities, including, but not limited to, persons identifying as LGBTQ, women, persons of color, and/or persons with disabilities.

Join CommunityBridge: Project maintainers and core developers interested in getting set up on CommunityBridge can apply at communitybridge.org.

Developer Support for CommunityBridge

Grafana/Loki

“Grafana Labs is thrilled to be part of the CommunityBridge platform, to help us foster the open source communities around Grafana and Loki. The mentor/mentee matchmaking function will help newcomers and people from diverse backgrounds join, and create software that is built better together,” said Torkel Odegaard, creator of the Grafana project and co-founder of Grafana Labs.

Jaeger

“The Jaeger project is proud to join the CommunityBridge platform to continue funding an intern who has been investigating areas for performance improvement. With more funds, our community is able to continue to help this important work evolve,” said Juraci Paixão Kröhling, part of the Jaeger team.

Linux

“I am excited to announce our new Linux Kernel Mentorship Program on CommunityBridge, a platform that will bring opportunities for new developers to join and learn from our community and improve it at the same time. CommunityBridge enables us to improve kernel code, bring new people into our community, and find job opportunities for aspiring developers from diverse backgrounds; all at the same time. Please join me in this exciting endeavor to make the Linux Kernel strong, diverse, and secure. And for important open source projects beyond the kernel, I encourage you to take advantage of CommunityBridge to improve your communities as well.”

Mosca

“Mosca is the Node.js MQTT broker used by a huge number of companies inside their products to connect devices across the globe,” said Matteo Collina, founder of Mosca. “I started Mosca during my PhD, and the community now needs way more support than what I can provide in my spare time.”

OpenFaaS

“I am excited about how CommunityBridge is connecting sponsors with OSS communities,” said Alex Ellis, OpenFaaS Founder & Lead. “My experience with OpenFaaS has shown that when an OSS project gains traction, it also requires financial backing and full-time engineering in order to be sustainable. This sponsorship program means that maintainers can focus on the needs of the project, end-users and community. I’m thrilled that we were invited to launch on this platform today.”

R-Ladies

“We like the CommunityBridge platform because it makes very transparent the way fundings/donations are used,” said Gabriela de Queiroz, Founder R-Ladies. “This is very important for sponsors and our community at large.”

Vue.js

“We are joining CommunityBridge to help fund work like security fixes and community events,” said Evan You, Vue.js developer. “I’m happy to see a platform that sustains open source projects like Vue take off. We’ll benefit greatly from access to more donors, interns, security tools and community diversity.”

Yocto Project

“The Yocto Project is excited to be part of CommunityBridge and see how it can help us fund and develop diverse new technical talent and at the same time address key areas where we have significant untapped development potential such as license handling, security and reproducibility,” said Richard Purdie, Yocto Project architect.

Partner Support for CommunityBridge

Snyk

“CommunityBridge is an innovative and exciting solution to the complex problem of long-term open source sustainability, leveraging the Linux Foundation’s expertise and reach to help enterprises and OSS maintainers alike do more with open source,” said Guy Podjarny, Founder and CEO of Snyk. “Snyk is excited to provide a critical security facet of CommunityBridge, allowing maintainers to secure their projects easily and consumers to rest easy from understanding the security posture of the projects they consume.”

source{d}

“With the right tools to retrieve and analyze all their source code, organizations can not only improve the quality and security of their software portfolio but also streamline engineering efforts based on tangible software development metrics,” said Eiso Kant, source{d} CEO. “We look forward to working with the Linux Foundation and its partners to help them gain the maximum number of insights into their code bases.”

StackShare

“We believe CommunityBridge will have a huge impact on helping to sustain the open source community and we couldn’t be more excited to play a key role,” said Yonas Beshawred, CEO, StackShare. “Knowing which companies use a particular open source project is an important data point when considering whether or not to adopt that technology at your company. Today we’ve partnered with the Linux Foundation to expose this public data to give potential donors and supporters of projects in need of funding, greater confidence around adopting their projects.”

HackerOne

“The most powerful models rely on transparency, openness, and collaboration,” said Marten Mickos, CEO HackerOne. “Our world depends on open source and we are proud to be a founding supporter of Linux Foundation’s CommunityBridge. HackerOne brings to CommunityBridge the largest global community of hackers who stand ready to identify critical vulnerabilities in any open source software fast such as Node.js and Hyperledger. We know open source is an unstoppable force and we applaud Linux Foundation and CommunityBridge partners for coming together to support the vital projects we all count on.”

About The Linux Foundation

Founded in 2000, the Linux Foundation is supported by more than 1,000 members and is the world’s leading home for collaboration on open source software, open standards, open data, and open hardware. Linux Foundation’s projects are critical to the world’s infrastructure including Linux, Kubernetes, Node.js, and more. The Linux Foundation’s methodology focuses on leveraging best practices and addressing the needs of contributors, users and solution providers to create sustainable models for open collaboration. For more information, please visit us at linuxfoundation.org.

# # #

The Linux Foundation has registered trademarks and uses trademarks. For a list of trademarks of The Linux Foundation, please see our trademark usage page: https://www.linuxfoundation.org/trademark-usage. Linux is a registered trademark of Linus Torvalds.

Media Inquiries

Sarah Conway

The Linux Foundation

978-578-5300

sconway@linuxfoundation.org