Earlier this week I submitted a privacy vulnerability disclosure to an open-source app, and the solo maintainer merged a patch the next day. The whole experience strengthened my belief that open-source apps can finally defeat the “free” apps that have been extracting data out of us for years.
Historically, the open-source projects that had the strongest level of maintenance were packages and infrastructure. Companies that have lots of money and engineers depend on those, and some of these companies have provided funding for maintainers and dedicated their engineers’ time toward contributions.
However, apps have been a different story. As apps aren’t critical to companies’ bottom lines, they haven’t received the same level of funding and support. This made app maintenance difficult to sustain, as they often had underfunded solo maintainers, and would-be contributors didn’t have enough time to meaningfully help out.
The LLM boom hasn’t helped much with this yet, as slop contributions have caused maintainers a lot of headaches. But I think the ecosystem will learn to filter out the slop soon, and then the new era of LLM-assisted gains for open-source will begin.
While LLM-enabled maintainer productivity gains will be impactful, I see the following as a more fundamental change: engineers who use the apps will be able to make meaningful contributions without dedicating an unsustainable amount of their free time. I think this can result in open-source apps becoming highly competitive with the for-data apps that have historically required full teams of engineers.
Many of us have had a deep appreciation of open-source for years, but haven’t had enough time to consistently contribute. I’ll be helping with security and privacy. What will be your contribution?