IT Brief New Zealand - Technology news for CIOs & IT decision-makers
Story image
GitHub launches fund to sponsor open source developers
Fri, 24th May 2019
FYI, this story is more than a year old

Open source is powering more software projects than ever – open source community GitHub says that 99% of new software projects rely on open source code, which demonstrates how open source is now at the forefront of technology development.

To support the next generation of open source, the company has announced a new donation-based initiative to help communities contribute to open source, and to support developers financially.

“The open source approach to software development, and the use of open source platforms across teams is becoming increasingly popular because it helps organisations speed up innovation and increase collaboration across all areas of a business, not just within tech teams,” says GitHub's APAC vice president, Sam Hunt.

That initiative, called GitHub Sponsors, is a new way to financially support the developers who build the open source software people and organisations use every day.

It is designed to fund all work that advances open source software. Anyone who contributes to open source is eligible for sponsorship.

“Open source is the heart of GitHub. The developers who build our shared digital infrastructure are what make this community so strong,” writes GitHub's Devon Zuegel in a blog.

“As a thank you for these valuable contributions, GitHub Sponsors charges zero platform fees when you support the work of other developers. We'll also cover payment processing fees for the first 12 months of the program to celebrate the launch. 100% of your sponsorship goes to the developer.

GitHub supports donations in every country where it does business. It has also integrated sponsorship directly into workflows. Users can check out a developer's profile or hover over their profile to sponsor their work.

GitHub is launching the GitHub Sponsors Matching Fund to support the initiative. GitHub will match all contributions up to $5,000 during a developer's first year in GitHub Sponsors.

GitHub has also announced enhanced security tools, as well as new features for GitHub Enterprise.

Enhanced security tools include partnerships and features designed to help developers secure code.

  • GitHub has acquired and integrated Dependabot into its platform.With the help of Dependabot, GitHub will monitor dependencies for known security vulnerabilities and automatically open pull requests to update them to the minimum required version.
  • Security vulnerability alerts now with WhiteSource data: a new partnership with WhiteSource data broadens GitHub's coverage of potential security vulnerabilities in open source projects and provides increased detail to assess and remediate vulnerabilities.
  • Token scanning is now generally available and supports more token formats including those from Alibaba Cloud, Mailgun, and Twilio to make sure accidental check-ins don't turn into data breaches.

GitHub Enterprise has added improvements, including more granular administrative controls and flexibility for interconnected organisations (operating on GitHub.com and via a private GitHub Enterprise environment).

GitHub Enterprise developers can now easily implement internal repositories, allowing companies to easily adopt innersourcing principles. Other additions include new roles and permissions for maintainers and administrators to have greater access controls.