The open source industry is booming as firms invest billions in ecosystem each year
Four-in-ten firms contribute open source code on a daily basis


The open source software industry is booming, according to recent analysis, with organizations now investing around $7.7 billion in the ecosystem each year.
Researchers from GitHub, the Linux Foundation, and the Laboratory for Innovation Science at Harvard (LISH) found the median investment in open source now stands at $520,600 on a business-by-business basis.
This isn't all direct funding, however, with only 14% of this coming from direct financial contributions. Instead, the study showed 86% of investment comes in the form of labor contributions by employees and contractors working for organizations.
In fact, more than half of direct funding went to contractors, with 17% for specific projects and 16% to foundations. Communities and maintainers accounted for 4% each, and bounty platforms 1%.
Beyond code contributions, funding was most likely to be through donations, at 21%, foundation membership at 17%, or event sponsorship at 14%.
In a blog post via the Linux Foundation in December, authors Hilary Carter and Martin Woodward said identifying funding sources within the open source community was challenging.
This has been a long-running issue, they noted, with investment remaining an “opaque subject with limited visibility”.
Get the ITPro daily newsletter
Sign up today and you will receive a free copy of our Future Focus 2025 report - the leading guidance on AI, cybersecurity and other IT challenges as per 700+ senior executives
"Organizations have blind spots when it comes to the specifics of their contributions. Many respondents knew where they contribute, but only a portion of those could answer how many labor hours went into their OSS contributions or the percentage of budget that went to OSS," they said.
"Second, the decentralized nature of organizational contributions, without explicit policies or centralized groups that encourage and organize this effort, make reporting even more challenging."
Organizations have varying levels of open source experience, the researchers found, with nearly 44% either having or wanting to create an open source program office. Only 21% contribute to projects, 18% release projects, and 16% influence projects via leadership or maintainer roles.
Four-in-ten firms contribute open source code daily and six-in-ten at least weekly. There doesn't appear to be any strong correlation between company size and frequency of code contribution, the study noted.
RELATED WHITEPAPER
"Very seldom do we contribute. We are a non-profit. If we were better funded we would allocate more resources to contribute back to the community but we already serve an underrepresented community," said one respondent.
Organizations are most likely to contribute in the form of bug reports (19%), features (19%), general maintenance (18%), and documentation (16%), with governance accounting for 7%, cybersecurity audits for 6%, and legal advice for just 3%.
Four-in-ten contributors are developers or software engineers with 17% being community or developer advocates and 11% in IT, sysadmin or DevOps roles. For most of these, open source is just part of their job.
Respondents were keen to access long-term open source funding streams for all aspects of project development - and said they weren't always getting it.
"We have created several popular and useful open source tools over the years. It is always a struggle to find funding for basic maintenance for these projects," said one.
"Funding sources like to pay for new features but not closing issues and basic maintenance. It would be good if the Linux Foundation had funding streams for this type of work for projects."
Emma Woollacott is a freelance journalist writing for publications including the BBC, Private Eye, Forbes, Raconteur and specialist technology titles.
-
Security experts issue warning over the rise of 'gray bot' AI web scrapers
News While not malicious, the bots can overwhelm web applications in a way similar to bad actors
By Jane McCallion Published
-
Does speech recognition have a future in business tech?
Once a simple tool for dictation, speech recognition is being revolutionized by AI to improve customer experiences and drive inclusivity in the workforce
By Jonathan Weinberg Published
-
‘Awesome for the community’: DeepSeek open sourced its code repositories, and experts think it could give competitors a scare
News Challenger AI startup DeepSeek has open-sourced some of its code repositories in a move that experts told ITPro puts the firm ahead of the competition on model transparency.
By George Fitzmaurice Published
-
Flaws in a popular dev library could let hackers run malicious code in your MongoDB database
News A popular third party library of MongoDB could allow attackers to execute malicious code on company servers.
By Solomon Klappholz Published
-
Want a return on your AI investment? Open source could be the key to success
News Organizations using open source AI tools are more likely to report a return on investment
By Nicole Kobie Published
-
AI 'slop security reports' are driving open source maintainers mad
News Low-quality, LLM-generated reports should be treated as if they are malicious, according to one expert
By Emma Woollacott Published
-
"Markets do not stand still": The UK needs to up its game to fend off open source competition
News Investment in the open source ecosystem needs to increase alongside broader government support
By Emma Woollacott Published
-
Reprieve for open source industry as agreement reached on Cyber Resilience Act
News The Cyber Resilience Act has been maligned by open source advocates across Europe
By Ross Kelly Published
-
Application performance management for microservice applications on Kubernetes
whitepaper How to improve business-critical app performance in a Kubernetes environment
By ITPro Published