If your development team is like most, roughly 70%-80% of your app is built using open source components, with your own custom code layered on top. But many of these components are developed by volunteer open source maintainers who do the work for free, often as a labor of love.
You wouldn’t think of using a commercial software product where the vendor doesn’t support it with regular security updates, maintenance, and other assurances, but when it comes to the open source that makes up the bulk of your application, you use code without these sorts of guarantees every day.
Perhaps you’ve even looked into what it would take to get someone to stand behind a piece of open source software that is crucial to your app, and realized there was no one to write a check to. And your legal and procurement teams wouldn’t sign off on writing a check to a random open source developer without a contractual exchange in place anyway. So you end up supporting the open source packages yourself, which ends up draining resources that might be better spent developing your application.
This problem—that there is no good way to get enterprise-quality support and maintenance for the vast majority of open source packages used to develop modern applications—finally has a solution.
It’s called managed open source, and it is now available via the Atlassian Marketplace.
Managed open source gives application development teams a way to offload the complexity of managing their open source components themselves, saving time and reducing open source-related risk. It gives you the same capabilities you’d expect from commercial software—but for the open source components you are using to build your application.
At Tidelift, an Atlassian partner, we’ve put an interesting spin on managed open source: we actually partner with the maintainers of the packages you are using to provide the kinds of capabilities that enterprise application development teams are looking for—like security updates, licensing assurances and indemnification, maintenance and code improvement, roadmap input, and more. You get enterprise-ready open source, managed for you. Maintainers get paid to ensure their projects keep getting better. It’s a win-win.
If you’re already using Bitbucket to host your repositories, it’s now easier than ever to see for yourself how a managed open source approach might save time and reduce risk in your organization. It begins with the Tidelift Subscription, the only managed solution for open source that directly partners with the open source maintainers.
Let’s take a look at how to transition your Bitbucket repositories to begin using managed open source:
If you’re ready to try a managed open source with your development team, you can get a free 14 day trial of the Tidelift Subscription.