Who pays for open source?

Who pays for open source: 80% corporate funding

Large corporations and commercial business models primarily handle who pays for open source development today. Understanding these funding mechanisms helps developers and businesses predict software longevity and security. By exploring how labor value translates into financial support, you ensure your infrastructure remains stable and avoids the risks of abandoned or unmaintained digital tools.

Who actually pays for the free software we use?

Open source is paid for primarily by large corporations through direct employment of maintainers and corporate sponsorship of open source, alongside commercial business models like SaaS and Open Core. While the code is free to download, the labor required to build and maintain it is worth an estimated 8.8 trillion dollars. ^[1]

This massive valuation stems from the reality that most modern digital infrastructure - from cloud servers to smartphones - runs almost entirely on open-source foundations. But there is one counterintuitive factor that many developers and businesses overlook when it comes to long-term software health - I will reveal this critical sustainability gap in the section on individual maintainers below.

I spent the first five years of my career thinking open source was just a passion project for college students and hobbyists. I was wrong. I eventually realized that the library I used for every project was actually maintained by engineers at a multi-billion dollar company. Understanding how is open source funded changes how you view every line of code you pull from a repository. The digital world is built on a foundation of shared labor that someone, somewhere, is funding.

Corporate sponsorship: The silent engine of the web

When asking who funds open source development, the largest share comes from corporations that employ full-time developers to contribute to public projects. Corporate developers contribute between 80% and 90% of the code to the Linux kernel ^[2], a pattern reflected across many high-impact projects like Kubernetes or React. Companies pay these salaries because they rely on the stability of the tools for their own products. By funding development, they ensure the software remains secure, gains necessary features, and follows a roadmap that aligns with their business needs.

In my experience, corporate backing is a double-edged sword. On one hand, it provides the resources needed for professional-grade security audits and documentation. On the other hand, it can lead to corporate capture where a projects direction is dictated by a single companys interests. Companies using open source can achieve significant savings on infrastructure and licensing costs compared to proprietary alternatives ^[3], which makes contributing back a smart financial move - and not just, contrary to popular belief, a charitable one.

Why companies pay for code they do not own

The logic behind corporate funding is rooted in the common good economics. If five competing companies all need a high-performance database, it is cheaper for them to share the cost of maintaining one open-source project than for each to build and secure its own proprietary version. This collaborative funding model reduces R&D expenses while increasing the speed of innovation. It is smart engineering. It is even smarter business.

Commercial models: Open Core and Hosted SaaS

Many of the most successful projects leverage different open source business models, such as Open Core or Hosted SaaS. In the Open Core model, the base software is free, but the company charges for enterprise-grade features like advanced security, compliance tools, or dedicated support. This allows the community to use the software for free while large organizations pay for the additional complexity they require. This model has proven highly effective, with some open-source companies reaching annual recurring revenues exceeding 1 billion dollars. ^[4]

Alternatively, determining who pays for open source often leads to Software as a Service (SaaS). Instead of managing the software themselves, they pay a provider to host and maintain a managed version. This removes the operational headache of updates and scaling. For the developers, the revenue from these hosted services funds the continuous improvement of the core open-source code. It is a cycle of value. Everyone wins, provided the balance between free and paid features stays fair.

Foundations and the individual maintainer crisis

Non-profit foundations play a critical role as neutral ground for funding. These organizations collect membership dues from corporations and distribute them as grants or use them to employ a small number of core maintainers. They provide the legal and financial infrastructure that allows multi-company collaboration to happen without any one entity owning the project. This structure is essential for projects that are too important to be controlled by a single commercial interest.

Here is the critical sustainability gap I mentioned earlier: despite the billions of dollars flowing into tech, a substantial portion of critical open-source projects are maintained by a small number of people. Most of these individuals are unpaid, raising the vital question of how do open source developers get paid. While large projects get the corporate cash, thousands of invisible libraries that the entire internet depends on are kept alive by volunteers working on weekends. This is the tragedy of the digital commons - we are building skyscrapers on top of a foundation maintained by a few tired people. ^[5]

I have seen this burnout firsthand. I once relied on a data processing library that suddenly stopped receiving updates because the solo maintainer simply could not afford the time anymore. The frustration was real. My team had to spend two weeks migrating to a different tool. It was a wake-up call. If we do not find better ways to support those figuring out who pays for open source at the grassroots level through platforms like direct donations or community grants, the security risks will only increase.

Choosing a Funding and Support Model

Corporate-Led Projects

- Professional support usually available through the sponsoring company

- Moderate - the primary company often has the final say on features

- High - backed by full-time salaries and multi-year roadmaps

Foundation-Backed Projects

- Third-party consultancies often provide commercial support

- High - designed to be a collaborative space for many voices

- High - neutral governance protects the project from company shifts

Independent/Solo Maintainers

- Informal community forums or direct donations via GitHub Sponsors

- Very High - often very responsive to individual user feedback

- Low - high risk of burnout or project abandonment

The SaaS Pivot: A Founder's Struggle

Sarah, a software founder in Austin, built an open-source analytics tool that gained 5,000 users in its first year. She was thrilled but exhausted - the bug reports were constant, and she was not making a cent.

First attempt: She tried asking for donations. Result: Only 15 users donated, totaling less than 100 USD a month. She almost shut the project down because she could not justify the 40 hours a week it required.

She realized that businesses were willing to pay for convenience, not just code. She launched a hosted version of her tool, charging 50 USD a month to handle the server setup and backups.

Within six months, she reached 10,000 USD in monthly revenue. This funded her first full-time hire, allowing her to keep the core code free and open while finally paying herself a salary.

The Solo Maintainer's Reality Check

Kevin, a developer in Portland, maintained a popular encryption library used by thousands of apps. He felt immense pride until a major security vulnerability was discovered during his vacation.

He spent 72 hours straight fixing the issue while his family waited. He realized he was providing free security for billion-dollar companies while sacrificing his own mental health and time.

Instead of quitting, he applied for a foundation grant and set up a sponsorship tier for corporate users. He was honest with his users about the friction of solo maintenance.

Three major tech firms signed up for 500 USD monthly sponsorships. This allowed Kevin to reduce his day-job hours, ensuring the library stayed secure without him burning out.