Report: the state of commercial open source

[Posted August 25, 2025 by corbet]

The Linux Foundation, in cooperation with a couple of other groups, has announced the publication on the intersection of businesses and commercial open-source software (deemed "COSS"). Everything, it seems, is great, and COSS companies make a lot of money for their investors.

Even more encouraging, COSS project communities continue along healthy growth paths after the company receives venture funding. In essence, highly valued COSS companies tend to cultivate more vibrant, diverse, and integral open source ecosystems, reinforcing the idea that business value and community value are tightly coupled in successful COSS models.

Perforce and others seem to disagree

Posted Aug 25, 2025 13:08 UTC (Mon) by archaic (subscriber, #111970) [Link]

Even if this report had come out a couple months ago, I suspect nothing would have changed WRT the closing of the puppet sources. And they had a _very_ strong and active community that Perforce just ignored more and more over the last year. Even with strong vocal advocates in their own ranks their minds refused to be swayed. I guess the cynic in me would just assume that such companies would look at who published the report and deem it biased and irrelevant anyway. *sigh*

AI and OSS

Posted Aug 25, 2025 14:35 UTC (Mon) by excors (subscriber, #95769) [Link] (4 responses)

I don't entirely understand what qualifies as a Commercial Open Source Software company, given their top example is xAI (Elon Musk's deliberately "politically incorrect" chatbot) - as far as I can tell its only open source contributions are dumping a couple of obsolete AI models on GitHub / Hugging Face (and the latest one only qualifies as 'open' if you ignore the standard principle of "no discrimination against fields of endeavour").

The reports claim $26.4B in funding for COSS companies in 2024, but at least 85% of that is AI companies (and at least 78% is just two AI companies). Maybe there are some genuine open source successes further down the list, but lumping them together with the AI industry (with its mad investments and its dubious definition of openness) seems very unhelpful.

AI and OSS

Posted Sep 3, 2025 14:30 UTC (Wed) by KernelNomad (guest, #179148) [Link] (3 responses)

Hey, I'm one of the co author of the report

We have defined Commercial Open Source in a liberal way in that report: “Open Source” is defined broadly. It covers companies whose products rely on publicly accessible source code—whether under an OSI-approved license, open weights in AI, or products with a meaningful open-source component alongside proprietary features. This reflects the evolving reality of COSS models in today’s software landscape.

In that respect, Mistral and xAI fall into the non-OSI realm.

You have a relevant point: those 2024 deals are indeed biasing the 2024 year in terms of share of wallet of Open Source companies (the 5% of software is inflated by these deals).

But: 1) the comparisons OSS / Closed Source remains valid since outliers are by definition excluded from the comparisons (we compare medians which get rid of outlier effect, and anyway on most of the 25 years you don't have these AI OSS companies) 2) the size of the OSS VC categories remains representative: $9B / year across 250 deals is taken across a 5 year period, again mitigating the 2024 outlier year.

AI and OSS

Posted Sep 3, 2025 14:38 UTC (Wed) by pizza (subscriber, #46) [Link] (1 responses)

> We have defined Commercial Open Source in a liberal way in that report: “Open Source” is defined broadly. It covers companies whose products rely on publicly accessible source code—whether under an OSI-approved license, open weights in AI, or products with a meaningful open-source component alongside proprietary features.

That's all fine and dandy, but most folks see "commercial open source companies" and think it refers to the *creators* of said open source software, not *users* of it.

Because your definition could encompass nearly the entire software industry -- oh, and most of the (computer) hardware industry... and everything else that employs computers in any way.

AI and OSS

Posted Sep 3, 2025 14:49 UTC (Wed) by Wol (subscriber, #4433) [Link]

> and everything else that employs computers in any way.

My employer (a supermarket) would fit that definition. We use a fair bit. Look at the article on curl - that would bring in the car industry (and my VW has a option to display all the licences - GPL, BSD, whatever - used by the car, as I believe does my wife's Vauxhall (part of Peugeot)).

Probably pretty much any and every business, given that Windows includes quite a big chunk of FLOSS ...

Cheers,
Wol

AI and OSS

Posted Sep 3, 2025 14:40 UTC (Wed) by Wol (subscriber, #4433) [Link]

> “Open Source” is defined broadly. It covers companies whose products rely on publicly accessible source code—whether under an OSI-approved license,

So that would include companies whose product is, let's say, 90% BSD and/or MIT licenced, and who don't include source with their product. Not at all what the Open Source crowd would call Open Source.

Not even what I would call "open source", which to me are products that ship WITH SOURCE, the licence being irrelevant ... (other than allowing the recipient to modify it for their own use).

In other words, the title of the report sounds like click-bait ...

Cheers,
Wol

JuliaHub and Pumas

Posted Aug 27, 2025 10:37 UTC (Wed) by thomas.poulsen (subscriber, #22480) [Link]

Not sure if JuliaHub or Pumas are on the list, but here’s an interesting talk on how they support the open source Julia community through commercial activities: https://www.stochasticlifestyle.com/juliasim-building-a-p...

Everything is awesome

Posted Aug 28, 2025 22:18 UTC (Thu) by Flozza (subscriber, #170294) [Link] (1 responses)

“ Everything, it seems, is great, and COSS companies make a lot of money for their investors” hahaha thank you for this line!

When you read a report that is only positives with no downsides you know you’re reading marketing and not any kind of research. How you can publish this after BUSL and other OSS debacles and not take a critical view is beyond me.

And a personal pet peeve for the “cryptography” company that’s really just blockchain (and apparently AI somehow).

Everything is awesome

Posted Sep 3, 2025 14:30 UTC (Wed) by KernelNomad (guest, #179148) [Link]

Thanks for the thoughtful feedback 🙏

A couple of clarifications:

- The intent of the report is not to produce “marketing,” but to aggregate long-term data on how COSS companies perform financially vs. peers. That lens naturally emphasizes outcomes that investors care about, but we agree it should not be read as a full industry audit.

- You’re absolutely right that OSS has its share of challenges (license changes, governance breakdowns, company failures). In fact, we’ve noted BUSL and others as examples of how fragile the balance between community and commerce can be — we’ll make sure to expand this angle further in future editions.

- On categorization (e.g., blockchain/crypto/AI companies), we try to stick to a transparent methodology: if a company’s core product is open source and commercialized, it’s included. We welcome debate on where to draw that line — it’s part of why we publish openly.

Our goal is to start conversations, not close them — so comments like yours are exactly the kind of pushback that helps us improve.

(I'm one of the co author of the report)

Yet another attempt to water down OSi rules

Posted Sep 4, 2025 15:58 UTC (Thu) by nim-nim (subscriber, #34454) [Link]

That’s just another attempt to muddy the waters and legitimize open-core, BUSL, etc (fuck you OSI for making clear what OSS is, we’ll invent a COSS label without any inconvenient rules and flood the internet with it so no one actually checks anything is OSI of FSF compliant).

The VCs are dumb as nails but they are persistent and have a lot of money.

Shame on the LF for lending their name to this.