The Changelog – Episode #320

Venture capital meets commercial OSS

with Joseph Jacks


All Episodes

Joseph Jacks, the Founder and General Partner of OSS Capital joined the show to share his plans for funding the future generation of commercial open source software based companies. This is a growing landscape of $100M+ revenue companies ~13 years in the making that’s just now getting serious early attention and institutional backing — and we talk through many of those details with Joseph.

We cover the whys and hows, why OSS now, deep details around licensing implications, and we speculate the types of open source software that makes sense for the types of investing Joseph and other plan to do.


Notes & Links

Edit on GitHub


Edit on GitHub

Joseph, we’re here today to talk about OSS Capital. I think this is a first in the industry, a company that invests exclusively in commercial OSS startup companies. Very cool, you announced this recently. First of all, welcome to The Changelog.

Thank you so much for having me. It’s really, really cool to be here.

So is this the first of its kind? I feel like maybe it’s a threshold moment for the open source community. We have not just venture capital, but specifically, exclusively capital focused on open source startups.

Yeah, I think it is pretty much the first of its kind. It sort of happened organically. We’ve been thinking about the sort of nature of open source as it relates to company building, and this sort of broad class of companies that you can call commercial open source software companies.

There’s certainly been venture capital investors who have an affinity for open source and they’ve certainly invested quite a lot. People like Peter Fenton come to mind, Mike Volpi, Martin Casado, Dan Skolnik, others… It’s certainly a really exciting area, but what we felt needed to exist just in terms of the critical, profound nature of open source as it relates to changing the world and changing the technology industry and the software industry at large is really a focused firm that also has a bit of a different structure. We think it is pretty novel, and I’m super-excited to be talking about it here.

[00:04:32.10] We actually shared some interesting things that you share recently on our news feed, which was an index that you have - an open source software company index of companies with 100 million dollars plus in revenue. Now, the caveat also is recurring or not, and then also an or, which adds that also potentially could just generate the equivalent of 25 million dollars in a quarter. I put my own sub note there saying these companies have found a way to build a very large business around one or many open source software projects.

I think maybe a place to begin might be the fact that it exists, and there’s – I didn’t even count them, let me count the rows real quick.

I think it’s 36 or 37 in there. I know there were only six or seven about four years ago meeting that criteria, so… It’s quite a lot.

It’s grown. It’s a space growing then.

I think it’ll actually be a little over 40 by the end of the year. Yeah, definitely a growing space, for sure.

You were pretty close - there’s 37 rows, not including the header… Or including the header. Well, 38 not including the header, so that means 37. So you were pretty accurate. This is over a 13-year period, so it makes sense to see a fully-focused venture capital firm come into this space… But it’s 13 years later. Why so late? It’s almost late, right?

Yeah, that is a really good question. I think there’s lots of ways to answer that question, but one potential way of looking at it is 2018 is a really huge year for commercial open source. I guess open source software overall is about 20-25 years old, and just in the last five(ish) years we’ve seen a huge amount of growth in this kind of emerging category of companies that you could classify as commercial open source software companies. Your mention of the index that we’ve been managing/maintaining for several years kind of indicates that obviously there’s quite a lot of activity in companies that have formed, that have reached huge levels of scale.

100 million in revenue or 25 million revenue/quarter was chosen as a metric just based on that revenue number being pretty relevant to companies that can kind of go public, or have large outcomes.

So “Why now?” I think is really a function of 2018. I’m actually just at the GitHub Universe event right now, so GitHub’s a good one to mention, but… So far, in aggregate, we’ve had over 30 billion dollars in either IPOs, private equity events, or mergers and acquisitions of commercial open source software companies. Most of those are companies that have been in existence for several years, at least 5, 6 or 7 years, in some cases 10 years… So it takes a sort of similar or same amount of time roughly for commercial open source software companies. I believe it’s possible to do this in a shorter period, but roughly between 8 to 10 years to become large, sustainable, public, IPO-able companies…

[00:08:11.24] And I think 2018 has been sort of this tipping point year for public markets, and then seeing lots of these large outcomes occur, where most of these companies are venture-funded. But as we’ve talked about in the opening, we haven’t really seen a focused firm I think mostly because there just hasn’t been the synthesis of appreciating these companies are fundamentally different as compared to proprietary, closed source enterprise software companies or just software companies in general.

We very strongly believe that commercial open source software companies are fundamentally different functionally in almost every way, as compared to proprietary closed source software companies. And that’s kind of another motivator for starting OSS Capital - the founders need to be served differently, the support structure is very different along lots of different dimensions, and the companies kind of just grow and evolve and go to market and build products for businesses also quite differently.

But just to answer your question, I think 2018 has been a really remarkable year for large open source outcomes, obviously GitHub being bought by Microsoft, MuleSoft having their second exit to SalesForce after IPO-ing last year, Magento getting acquired by Adobe, SUSE getting acquired by a private equity firm, Elastic’s IPO, CoreOS getting acquired by Red Hat, Alfresco getting acquired by a private equity firm… We think there’s quite a lot of IPO dominoes (if you will) that are gonna fall over the next several months even. We think there’s probably a few more between now and the end of the year… So that’s one of the other factors of 2018.

I guess maybe one last comment - in 2018 almost on a monthly basis, like January, February, March, April, May, every single month we’ve actually seen a large commercial open source outcome… Every single month. So it’s been pretty amazing so far, as a year.

Definitely a head of steam going. I wanna hear from you on these differences between these types of companies, but before we go into that, let’s talk about yourself and your team, and what makes Joseph Jacks the guy to be the founder and general partner of OSS Capital. As I mentioned, you have a team, you’re not the only one; you have Asim Aslam from Micro, you have Heather Meeker, who we’ve had on Changelog shows, amongst others… But what makes yourself well-positioned to head up a fund like this, and why are you so specifically not just focused on OSS, but excited by it and want to put money there and put efforts there?

That’s a great question. First of all, I’ll say this whole thing happened organically. I’ve never had a masterplan in my mind to go out and say “I’m gonna become a venture capitalist”, or go invest in startups for a full-time thing.

I am hugely honored and blown away by the reception that we’ve had… And just on the team, Heather is really incredible, awesome. Nick White, Kevin Wang - we have this support structure of founders behind the firm, and a handful of other folks will be making announcements on over the next couple of weeks.

[00:11:52.19] I’d say, just to genuinely answer your question from my own personal standpoint, I’ve really just been thinking about commercial open source software company dynamics and developments and stuff like this for many years. That was part of why I started maintaining the spreadsheet, and part of what has drawn me into working at different open source-oriented companies, whether it was talent… Almost ten years ago, or early on at Mesosphere, working around the Kubernetes community… I think open source is just fundamentally changing the world, will change the world, continue to change the world.

For me personally, it really came down to “This just needs to exist.” We’re at a point in time in history where the investing model for companies that are fundamentally commercial open source companies is I think kind of broken. It’s not that people can’t get funded, it’s not a function of funding the unfundable, it’s more of like “This architecture, this sort of structure needs to exist.” And in terms of me, myself, why I would do this - it was sort of “If not me, who is gonna step up and who’s gonna actually do it?” So I just sort of thought, “Well, no one’s really stepping up…”, months went by, month after month… I thought “Well, this is pretty obvious. Someone should take a shot at doing this”, so I thought “If not me, who? And if not now, when?” That was the second question. If not right now, it doesn’t make better sense to do this next year, or in a couple of years.

I think I ultimately just poked on that a little bit more, and now ultimately became very clearly the right thing to do… So yeah, that’s organically how things came together.

You mentioned Heather - Heather is really incredible; she’s been leading a lot of really amazing projects in work, and initiatives around the legal side of open source software, in terms of commercial IP and licensing and things in that area for almost 20 years. We’re very honored and excited to have the team that we have.

Heather wrote a book called “The Business of Open Source”, which I highly recommend reading…

Yeah, great book.

…of some recent controversial licensing around Common Clause. I believe she penned that. Something I thought of when you were saying this was I was thinking about the different types of commonly venture-backed ventures. A typical might be a startup, which is (I’ll just say) “Bring your idea and customers. VC may back you.” In terms of an IPO – or, I’m sorry; I’ll back up and say ICO world (initial coin offering), “Bring your whitepaper”, and then maybe in open source it’s “Bring your code and community.” Is that fair to say, or are there some more layers to add on there?

That’s interesting… I never looked at it from those dimensions, like code and community to VC, whitepaper to ICO, and… What was the third one?

The first one was just “Bring your idea and customers.”

Idea and customers, right.

Shark Tank is like “What’s your idea? What’s your customer? What’s your sales?”

I see, yeah,

ICO is like “Hey, bring your whitepaper. If your whitepaper is clear enough and your idea is big enough and it’s whatever…”, and then maybe here it’s more like “Do you have code? Do you have community?”

Right. I think that’s an interesting way of looking at it. All of those things – not to be pedantic, but I think all those things probably matter a lot in any conversation with either going and doing something in the cryptocurrency blockchain world, or as a venture capital-oriented thing, or just as a general startup raising money, whether it’s open source or not… I think for us, we fundamentally take a very technical approach, and definitely look at the code and authentic open source nature of a given company and team and project, and then sort of reason up from there. So I’d definitely say the distinction, at least for whitepaper to ICO reasoning - it’s different, for sure. But yeah, that’s definitely an interesting way of looking at it.

[00:16:25.14] We should also mention, while we’re – I guess we’re past Heather slightly, but before we go completely past Heather, Request for Commits episode 9, Michael and Nadia had Heather Meeker on, talking all about open source and licensing, so we’ll link that one up. Definitely a good one for the archive. It’s evergreen. Go back and listen to Heather… She has tons of knowledge about this stuff. And for me, where I get in over my head just thinking about the challenges of commercial open source is in the nitty-gritty of the entities and the licensing and the legal… So I think you’re well-positioned to have her on your team for those things, because – I mean, you can make or break a business model with those details, ain’t that right?

I think that’s absolutely true. One of the things that we’re – I think we’ll be talking about it a little bit more as we share our perspectives and views of the world and different things that we believe in, but we think that business model innovation is a really critical topic in the world of commercial open source company building.

If it’s possible to build on what you’re saying around ICO-able, VC-fundable and just generally open source or general company funding dynamics, we think that there’s maybe 3-4 reasonably well-understood and implemented business models for commercial open source software companies, and you could sort of categorize them as – you know, maybe one is the Red Hat business model, where you don’t have any intellectual property that you’re holding back; you’re just selling support services and subscriptions, and there isn’t any proprietary code that you’re holding back through closed source license-based mechanisms where people have to sign a contract and get access to a key and then use the proprietary features.

Then there’s the open core model, which – I think we don’t really quite yet have an industry agreement on in terms of what that actually means, but… I wrote a little blog post about this a few months back, just defining open core, what that really means… Sort of a spectrum, it’s not really a binary thing. And then what some of the trade-offs are between different approaches.

We think open core is another model under the business model, and maybe a third one is hardware-based distribution… Like a kind of Sourcefire, or Snort, the IP intrusion detection project, of for example Cumulus Networks, the custom Linux-based network operating system that Cumulus goes and distributes through white box switch vendors like Super Micro and others. That’s more of like a hardware-based distribution model. Those are maybe three.

A fourth that we’re starting to see emerge – but again, I think we really strongly believe that there needs to be even more business model innovation even broader than these four. A fourth is potentially the sort of like decentralized, network-based, supply-demand dynamics between consumption and the products of a given open source project’s primitives, either over a network, or over a storage service, or what have you… So there’s one storage network that is sort of based on a decentralized model called STORJ. They made some announcements a couple months back (or a month back) around partnering with different storage-oriented open source projects for that sort of decentralized, developer-oriented business model, so that you can have more of a fractional alignment of the compensation between the developer consuming a service and the author of the project producing the service on the network.

[00:20:12.25] That’s also very interesting, but we really deeply believe there’s definitely gonna be more business model innovation, but there SHOULD be more business model innovation… And I think the main reason that causes us to have a strong conviction here is that we really believe open source software creates or generates many orders of magnitude more value than any constituent can capture, and that includes cloud providers. So if cloud providers are building a really differentiated service, like RDS for Postgres, or MySQL, or other open source databases… But then you also have the vendor ecosystem behind those projects directly building perhaps competitive cloud services, or competitive products…

We just believe that open source software is so widely deployed and so widely permeates the world in so many different environments, and it’s free to use, so the friction is basically zero in terms of the distribution cost of the code and the project itself. It’s actually impossible to calculate this precisely, but we just believe there’s sort of a fundamental math constant that you can model potentially that will say “Open source software will always generate and create orders and orders of magnitude more value than any constituent in any of those dimensions can capture.” Cloud providers, commercial open source companies like Elastic, like Cloudera, like many others… And then even including the creators. This is a more controversial topic. Even including the authors, that they can capture.

So we just think those four business models, if you could categorize them in a way that we have industry agreement, are necessary but not sufficient. We should encourage and we should try to move towards just more business models in general.

At OSS Capital we tend to be of the inclination that we’re not opinionated around a given business model engineerically, and sort of say “Oh, this is the one that works.” It tends to be more contextual, it tends to be more project-specific in many cases… But we just know for sure that there’s a lot of innovation that needs to happen here, and we’re gonna be very supportive of that.

It sounds like potentially a manifestation finally of the actual 10x developer, right? …the open source developer, which is able to generate far more value than they can even capture over proprietary. Maybe 100x. Like you said, orders of magnitude, maybe not just an order of magnitude. But the elusive, the unicorn, the 10x developer might just be an open source developer.

I think that’s actually true. One way of looking at this - and this is actually a study we’re currently working on, so I can give you a quick preview. Some data we’ll be releasing here and some research, but if you go and survey or interview, say, three or four of the large commercial open source software companies – and I’ll just pick out some random ones; I’m not selecting these for any reason other than just maybe they’re good candidates… But say Confluent, the company behind Apache Kafka, say Docker Inc, the company behind Docker and the Docker tools, and let’s say maybe Cloudera, the company that’s commercializing Hadoop and recently merged with Hortonworks.

[00:23:48.12] If you were to go and survey those companies and see how many people are using those open source projects in the industry at large, how many deployments, and then sort of tally up those numbers per company, and sort of say “Okay, maybe there’s 2-3 million deployments of Hadoop…” I’m just picking a random number; it’s probably smaller, or it might be larger, I’m not sure. For Docker maybe it’s five or so million people using the Docker toolchain, or Docker’s container runtime perhaps… For Kafka maybe it’s hundreds of thousands of deployments or companies using Kafka. So whatever those numbers are, pretty large numbers let’ say…

And then if you were to ask each one of those companies also how many paying customer entities they have relative to the number of deployments of those open source projects, it is probably – and we’ve sort of done anecdotal estimates of this, but we actually wanna get the hard, concrete data to publish that, so it’s useful for the industry, and also useful for our founders… But it’s probably likely in the range of (on the low end) a fraction of 1% that can actually go and convert over, all the way up to the very high end potentially, depending on different constraints and situations, maybe 3%-4% at the absolute most. And we actually don’t think that that’s a bad thing. We think that that’s totally fine, and just a function of how open source works in general. You can still build enormously huge, successful companies by just converting a very small fraction of the users, because the value that open source creates is always orders of magnitude more than any constituent can capture… Which is great. It’s just something that I think we should all accept as an industry; it’s one of the awesome things about open source.



Let’s talk about this huge gap, this big difference - you said there’s a fundamental difference, in many aspects, between commercial open source companies and commercial proprietary software companies, and that is why the focus of OSS Capital is important, because you have specific people like yourself, like your partners, who know the difference, who get open source, and can help guide and invest in those projects. So if you had to break down where this chasm is and why they’re so fundamentally different - help us understand that.

[00:28:03.00] Yeah, and that’s a really big question. I’ll try my best to give you sort of a concise answer, maybe in the context of how we’re building out the firm… And maybe I’ll just constrain that first to functional portfolio partners that are focusing on two really core things that we believe are very fundamentally different in commercial open source software companies, as compared to proprietary closed source software companies.

If you look at legal, which is obviously Heather’s domain - she’s extremely knowledgeable and has just deep, deep experience for a couple decades, the legal side of open source in the business context is one of the most non-standardized, hairy, polarizing, complex and error-prone topics and areas in the industry. That’s probably the first functional part of a company that I can talk about where things are really fundamentally different.

If you consider a proprietary or a closed source software company approach to licensing, it’s pretty simple, it’s pretty straightforward. You flesh out what you want to build - a design doc, or an idea, or a napkin, or you go through whatever product development methodology that gets you to understanding what needs to be implemented, and then you go and build it, implement it… And then you work really hard to get early design customers or companies to agree to use your product and give you feedback, and you probably sign different agreements to make sure that confidentiality is maintained - it’s quite a costly process, from a sort of first highly valued customer, to the tenth and the twentieth and onwards. It requires lots of manual effort.

With the licensing side of that though, as it’s a proprietary company, you don’t really think through too many complexities in terms of the customization of a license, or the nuances of open source licensing. In fact, if you could actually look at one example where we have a huge number of startups getting created - in fact, mostly software companies - and look at how licensing is standardized there, it is actually in fact standardized, and I’ll pick on one really great organization, and I’m not gonna say anything bad, I think they’re doing amazing things… This is Y Combinator, the YC incubator program in Silicon Valley.

What Y Combinator has is a sort of set of standard legal documents that they have sort of distributed out to their incubator companies, companies that get enlisted in Y Combinator, and they actually do have one for a sort of standard subscription agreement for access to software, that their startups go and license and sell to customers. And it’s really valuable - it sort of short-circuits the cost and complexity of hiring a lawyer, and drafting a custom agreement, and figuring out exactly what terms you want to implement… Because all those things are pretty standardized, Y Combinator just says “Hey, use this template subscription SaaS software agreement”, whether it’s an actual SaaS offering delivered over an API, or whether it’s on a cloud provider, or you’re gonna ship a custom proprietary binary to someone… Whatever it is, just use this license. And it’s really helpful, it’s extremely useful for the companies in Y Combinator, because it just gets them going without any friction. There’s really no need to hire a lawyer, and you can often times just get customers to look at that, and it’s something that the industry has sufficiently agreed upon as terms that aren’t super-complex and onerous.

[00:32:04.04] So that’s one dimension. We have sort of the standardization of licensing for proprietary closed source companies that are building software-based products. Y Combinator produces something like – I think it’s on the order of 600 or so startups per year, so that’s quite a good reference point.

On the open source side of things though however, the complexities are astronomical. You first have to take into account when you open-source a piece of software, which license you’re gonna choose. Do you choose Apache? Do you choose BSD? MIT? GPL? MPL? Affero? Which version of the GPL do you choose? What copyleft constraints are you interested in protecting? There’s a vast array of choices there. However, we’ve sort of standardized on the open source licensing aspect, quite a lot of industry agreements around Apache 2.0 being really valuable. The Cloud Native Computing Foundation actually encourages – I don’t believe it’s a hard requirement, but they strongly encourage new projects to use the Apache 2.0 license. We also have quite a lot of industry standardization around the MIT license, and around MPL 2.0, which is great, which Heather on our team helped write and was on the team that implemented the Mozilla Public License version two… And then we also have quite a lot of industry agreement on the trade-offs and the constraints and the reasons why say Apache 2.0 is a really good license to standardize on.

So let’s say you’re a startup and you say “Okay, great, we’ve got a new project, we’re going to release it as an Apache 2.0 licensed piece of code, we’re gonna open up the repo and call it a day”, and that’s a pretty fast decision. However, when you want to build a product around that commercial open source company, that sort of builds on that Apache 2.0-based project, you run into all kinds of complexities. It’s not a simple matter of saying “Okay, we’ve got 20,000 companies using this open source project, and we want to go and use the Y Combinator (I’m not picking on Y Combinator, but…), we’ll just bolt on the Y Combinator terms of service, and IP, and warranty, and indemnification, and trademarking, and all the sort of template terms - we’re gonna just bolt on that agreement to our open source license, and maybe hold back some code in a private repo and just distribute that to customers.” That would not work, for a myriad of reasons.

What we see with commercial open source licensing in these commercial open source companies, what we’ve observed - and Heather has been very close to this - is there are actual full-time legal teams, typically headed up by a general counsel, which is a similar role in proprietary software companies… But what they do is basically they spend a huge amount of energy and effort, case-by-case, relative to the project that a company is based on, and they write custom agreements from scratch. The cost and complexity of writing those custom agreements for the commercial proprietary bits on top of the open source project are very nuanced and tailored to what kind of product they’re building, and how they’re going to market, and what transaction volume looks like in terms of the size of the customer base, how large the deals are, how strategic customers are, what needs the customers have in terms of the indemnification side of things, and multiples, and the warranties… There’s just a huge [unintelligible 00:35:48.26] of legal customization that goes into those agreements. They’re often called Master Software License and Service Agreements (MSLSAs).

This is one of the things that we’re kind of scratching on and working on… You mentioned Commons Clause, which caused quite an uproar and a lot of excitement in the industry, which Heather did author…

[00:36:15.05] I didn’t see anything from her though on the response, just earmarking that…

Yeah, for sure. I’ll come back to that in a second, but basically just commenting on the standardization side of things, if you look at the opportunity to potentially have a level of standardization on the commercial licensing side of things for open source that we have for the open source licensing part of projects, so Apache and GPL (let’s say) being really standardized, if we had some industry agreement on the terms and the constraints of how intellectual property is protected for the commercial proprietary parts of an open source based product, that would radically deliver efficiencies to large commercial open source companies on one dimension, and it would reduce the burden and the cost of frankly building a product, going to market and dealing with a bunch of other downstream effects that come from costly legal agreements, overhead, negotiations, large contracts and many other things.

That’s how the legal side of commercial open source company building is very different from the proprietary [unintelligible 00:37:42.11]. This was a very long answer…

Well, it’s super-hairy, and it’s probably the main problem space that people need help solving right out of the bat, or maybe as they bring their product to market. It could even have implications on how you go about building things.

Definitely a huge difference, like you say - with proprietary companies licensing is very straightforward. YC startups have a canned thing; I’m sure you can buy off-the-shelf ones or you can hire a lawyer, and you basically build a license and you’re done. But for commercial open source companies, it’s a quagmire. They definitely need counsel, need advice, and it’s a place where you all can bring a lot of value for people getting started.

You said you were gonna give us two. I know that was a big one. Do you wanna dive into another difference, or should we move forward from the conversation?

I’m happy to dive into – I’ll just say, at a top-level, if you were to sort of stack rank by function, and legal is obviously a really important, super-critical function… But if you were to stack rank by function where these commercial open source companies are fundamentally different as compared to proprietary closed-source software companies, I totally agree with you that legal would definitely be at the top of the stack.

Perhaps the second rung int hat stack would be finance - how you deal with accounting, revenue recognition, reporting, auditing, general P&L management, and just overall the finance function. We have Nick White as our portfolio partner for finance. Nick is a really experienced open source company veteran on the finance dimension. He was the founding finance executive, very early on, through to the large outcomes of companies like SpringSource, which joined VMware (the company behind Spring). Talend, where Nick and I worked together many years ago, which IPO-ed as a sort of ETL, middleware company. Talend is a public company now.

[00:39:58.11] Obviously, he helped and consulted a bit with Hortonworks, but he was also the founding finance executive and head at Elastic, the company behind ElasticSearch, through to setting them up to IPO, which happened very recently. So Nick has a lot of wisdom and experience there. I can go into lots of the reasons why the finance function is very different fundamentally in many ways for open source companies.

That one confuses me, or surprises me, because once you get past the licensing, you now have a model that’s working. I would assume for any corporation you have – I mean, profit and loss works very similar across all organizations, right? Or the accounting, the checks and balances… I don’t necessarily wanna camp out here for the rest of your time, because I know you have a hard out here, but maybe just enlighten me on what I’m missing here with regards to finances being different.

Yeah, that is a really good question. I’d say that for managing a P&L, for doing the duties of the finance role in terms of generally accepted accounting practices, or rigor and industry standards overall, like legal, I don’t think things are radically different. It’s contextual to the approach of applying those functions very differently in commercial open source software companies, that you start to see a lot of divergence and just a huge amount of behavioral uniqueness.

For example, when you’re actually looking at managing a budget and applying constraints and priorities around where dollars are spent, for example, and how you actually run a budget and manage the flow of money in and out of a company, with commercial open source companies typically you’re doing a lot of upfront R&D and development for a given product, and maybe you’re also investing pretty heavily in becoming a really influential, core part of the community and the ecosystem around that project, or the set of projects that you’re building around, and perhaps also maybe you’re investing in non-product development work, which is quite different from proprietary companies. So you sort of recognize and account for those expenditures very differently in an open source company because the value that you’ll accrue from them is somewhat indirectly correlated with your valuation as a business.

If you’re a venture capitalist and you’re saying “Well, we’re pouring in 20 million dollars into a company and we expect that 20 million to come out the other end as a business that’s generating 10 million in revenue”, you probably aren’t gonna have anywhere near the same level of decisioning with a commercial open source software company. You might sort of relax the constraint of “Well, we’re not looking for 20 million in revenue out of a 20 million dollar investment. Maybe we’re looking for 5 million more end users of the project that the company is based on, and we wanna measure ourselves against spending that capital to achieve those goals.” I guess the flow of the investment and how the accounting side of things works to accomplish those goals is quite different.

Also, I’ll say one other thing, just scratching the surface (it’s a much deeper, more complex topic), but commercial open source software companies - the best ones, the ones that scale, the ones we’ve researched and observed over the years are geographically distributed and they are not fundamentally centralized in one area. That translates to running the finance function very differently.

[00:44:14.28] That makes sense.

Yeah. It translates into running office space, lease management, the size of leases, the overall scope of office space and international expansions, subsidiaries, the cost of setting up the subsidiaries, country-specific [unintelligible 00:44:32.02] laws… There’s a lot of things that can come out of that.

So there’s a couple of areas to double-click on in the finance function, but it is definitely one of the things that we think is a fundamentally different aspect of commercial open source companies.

One thing I’m seeing here too, since you mentioned Commons Clause - and just tell me if I’m poking the wrong direction here, but the connections I’ve seen is that Commons Clause definitely made a stir, begin with about a month ago, where – what was the relicense? The name is gapping me, and I hate that when it happens on air…

That was Redis.

Redis. Redis was relicensed, or some parts of it were… The commercially-viable open source sides of it were licensed under this new Commons Clause. It created a stir… It seems that the source code at least for the license was about a month old, and I’m wondering - Kevin Wang (also strategic advisor for you) was the open-sourcer of that, via his company, which is FOSSA, Heather Meeker obviously was the person who had penned it, and she’s also a partner in OSS Capital… And you mentioned a couple times YC and their way to roll out and make easy legal documents, to talk through sort of all that you just went through there. Is this all orchestrated, is that all connected, or am I just reading between the lines here?

I would say a lot of those things are connected, or sort of inter-related, slightly. Maybe just to summarize a thought of looking at Commons Clause - maybe it’s like a stepping stone or a building block. There’s a useful way of framing this, which is if you look at the problem and then reason up from there, it’s maybe easier to understand all the moving parts, because there’s quite a lot of things happening in this area.

I think the problem can be summarized as “We don’t have commercial open source licensing agreements.” We don’t really have industry agreement around how to implement the protections for products that are built fundamentally on top of a given open source project, or a small number of them… And that’s where we have all this inefficiency, and duplication of effort, and lots of overhead in terms of legal effort we spend.

Commons Clause was really an effort to protect against a couple of things, and Redis certainly has a focus area in terms of their relationship with cloud providers. I’d prefer to hold off on commenting there specifically, given that’s a pretty hot topic.

Of course. Yeah, it’s deep. Too deep.

Yeah. However, the general problem space that Commons Clause I think is a great building block for is basically trying to get industry agreement on how we can have standardization of some kind, or at least some agreements around the legal constraints and the legal terms for proprietary-based product, that has a sort of thin layer of proprietary code, or a thick layer potentially even… But that’s going back to business model implementation on top of an open source project, where you already have a huge amount of distribution in that open source project, and the base kind of open source project license is agreed upon and standardized, whether it’s Apache or GPL. That’s kind of the general problem space.

[00:48:15.27] This is a super hugely complex topic. The way I summarized it there might even be an over-simplification, but that’s how I look at the broad problem space.

Maybe a really easy yes/no question might be “Is Commons Clause fundamental to what you’re doing with OSS Capital?”

That’s a really good question, and I think what I’ll say is Commons Clause is a good building block, and there’s lots of benefit to the industry starting to talk about these problems with more rigor, with more focus, and I think Commons Clause accomplished that. Even though there’s a polarizing dynamic around how certain vendors might be for Commons Clause, many others might be against it, I think what’s happening and what’s important is getting the conversation started, and it’s a really good building block.

On your website there’s four big goals. You have strategic 15-year goals, and one of them (number four) is “Commercial OSS license best practices.” So this is like a big goal of yours - to help create this similar to the way YC did with their off-the-shelf licensing, that’s like “Let’s come around some best practices of how to do this.” You call it kind of a Creative Commons for commercial OSS. This is a goal of yours, so tell me if I’m reading correctly… What you’re saying is right now Commons Clause is a stepping stone towards that, it’s a beginning point, but it’s by no means the end game for the way you think commercial OSS companies should move forward.

Absolutely. I 100% agree with what you’ve just said. For sure. It’s a really big area, it’s something that we think is hugely important to have, a big strategic goal like that. Commons Clause is a great stepping stone, for sure.

Could you maybe just give a quick explain of why it’s so important. I know we’ve covered a bit, but just a quick version of it. What is the biggest “going to commercial” issue that companies face? [unintelligible 00:50:15.08] but let me maybe summarize what I think it is quickly, and then you say “Yeah, I agree with that” or “No”, and add to it as you need to… There seems to be an organized effort around hackers that create open source because they’re passionate about it, they eventually open-source it, build a community around it, everybody thrives, conferences, Kumbaya, everybody’s happy… And then they need to sustain and build a company around it, and they do, but then there’s threats from cloud providers - or other players if it’s a different space - and this is an effort to continue to sustain and build from the creators and/or originators of a project or community, and this licensing essentially is a pushback against that threat, so they can essentially protect some barrier or ownership of something, not to keep people out, but so that they can live, and survive.

I have my own personal perspective on that, which is very different, and I’ve tweeted a little bit about this… It’s very different from the way that Redis has communicated their intentions behind the Commons Clause. As I mentioned, Commons Clause is a building block; it could potentially be getting some good conversations started, but I do not think it’s the destination. There’s a lot of additional work we need to do beyond Commons Clause to try and really move the state of the art forward here.

[00:51:44.04] I personally do not believe that open source authors or open source companies, like Elastic, Cloudera and many others, should be trying to protect against cloud providers from capturing value that open source software creates. I think that is fundamentally wrong; I’m very opinionated here. And the reason I think it’s actually wrong is very well-summarized by a tweet that Doug Cutting, who’s the creator of Lucene and Hadoop, sent out actually I wanna say a year or so ago… It’d be really awesome to showcase it in your show notes, but I’ll read it out here. I think it’s extremely profound and concise, and I completely agree with it.

His comment, and I’m slightly paraphrasing here, but it says “It is absolutely insane to expect contribution back to open source proportional to the benefit from it.” I think that is very directly related – it’s slightly orthogonal, but it’s directly related to this topic of trying to prevent cloud providers from capturing value around open source projects… Because they have no legal obligation. They’re actually delivering great user experiences and value to their customers, and they’re furthering the distribution of the open source software through their platforms. Cloud providers have millions of customers.

I don’t subscribe to this view that we should actually try and prevent the cloud providers from capturing value around open source. Instead, what we should do is try and make open source more widely distributed, more widely adopted, we should try and push for an open source future across the whole technology industry, across the software industry, and we should try and capture the value in the context of delivering differentiated customer experiences with different approaches, and I think that’ll make for a really great future.

To maybe transition into a topic that’s probably much deeper and longer, but we’ve got about three(ish) minutes to go through it, is that seems to dovetail into maybe the kind of companies and/or open source projects you may be funding… Which was the real point of our call, and we kind of got in the weeds with licensing – and obviously, this is all layered and thick and deep, and that’s maybe why it’s taken 13 years for someone like you and your team to arrive at this table, but where are you at with in terms of the types of projects or companies or commercially viable open source companies you’re trying to invest in? Who are they, what are they, what are they doing, how much are you giving? Whatever you can answer in those blankety questions there.

Yeah, we announced our first investment on the 1st of October actually, the same day we announced the firm, and it’s a company in New York called DEV (The DEV Community). They’re the really awesome folks behind @ThePracticalDEV handle on Twitter. Their social network corollary to @ThePracticalDEV Twitter handle is – it’s sort of like a Reddit, but for software engineers; a really awesome community. They open-sourced the whole front-end site PR Workflow for content generation and for engaging developers. It’s really an exciting community; they fundamentally believe that open source is crucial to their product, and they’re building on an open source based model.

[00:55:30.17] We’ve done a handful of investments so far, we’ve done around ten. We’re not really announcing details about our fund for now, but in terms of the focus area, we’re very focused exclusively, coming back to the OSS in our name, around companies that fundamentally depend on an open source project or a small number of projects to justify their own existence. That’s the definitional constraint that we’re operating under in.

We’re super-excited to back founders anywhere. We’re not geographically constrained, and we’re very excited to talk with folks who contact us, while also reaching out to teams on a case-by-case basis.

For people who are interested in learning more or chatting with us, there’s contact info on our website, And folks can always DM me on Twitter, as well; that works, too.

Good deal. And even on your site, you do have this version of it as well, where you define what commercial open source companies really are - if a given company heavily relies on and/or builds an open source project(s), as the fundamental building block [unintelligible 00:56:38.04] it is definitionally a commercial open source company.

Good job on defining that. That’s sort of the hard part in most cases, when it’s so new and so fresh, yet 13 years later, right? Or 13 years earlier, whichever you wanna apply there… But definitions are certainly helpful, because it definitely lets you draw a line and understand where you’re operating, where this is such new territory.

Joseph, it’s been an awesome conversation with you. Enjoy the rest of GitHub Universe… We’ll definitely have more questions in the future, so we’ll look forward to talking with you down the road. Anything in closing, anything you need to close out with before we let you go?

No, I just wanna say it’s been super-fun. This is a real thrill to chat with you guys, and thanks for having me on. Really fun.

Same here, thank you very much.


Our transcripts are open source on GitHub. Improvements are welcome. 💚

0:00 / 0:00