OpenJS Foundation launched a new Ecosystem Sustainability Program (ESP) today to support the security and sustainability of the JavaScript and web ecosystem by generating a new revenue stream to underwrite the myriad of activities required to sustain our projects. 

ESP partners provide commercial services for security fixes to OpenJS-hosted projects that are unsupported because they are archived, end-of-life, or are older versions of current projects. Working in partnership with the Foundation and our participating projects, ESP partners would offer a revenue share based on enterprise sales.

The why behind the program

The root cause of many security issues is open source sustainability. Maintenance is largely unfunded. Only 52% of OpenJS contributors are affiliated with an organization. Despite industry demands, a majority of OpenJS-hosted projects are volunteers, which can lead to maintainer burnout, security issues and more.

“We're not just fostering innovation at OpenJS, we're investing in the longevity of our shared digital ecosystem,” said Robin Bender Ginn, Executive Director, OpenJS Foundation. “Together with our partners, we'll create a culture of open source sustainability that ensures the resilience of our communities and projects for the future.”

The ESP would help project maintainers continue to provide public support to any version of their software, including versions covered by an ESP partner, without constraint.

HeroDevs, the first ESP provider for OpenJS Foundation

As the first ESP provider, HeroDevs is contributing a 15% revenue share to all OpenJS Foundation projects participating in the program. Additionally, HeroDevs will provide public notifications for any discovered CVEs. 

HeroDevs joined the OpenJS Foundation in March, and has made quick work of supporting the program.

“We’re honored to be the first company to support the Ecosystem Sustainability Program for the OpenJS Foundation. Our mission is to keep end-of-life projects secure and supported,” said Joe Eames, Vice President of Partnerships at HeroDevs. “This program is the first step to ensure that maintainers in the OpenJS community are able to focus on the work they truly care about.”

How to support the program

The ESP is open to organizations that can provide credible technical support to our projects. Providers must meet the following requirements:

• Gold or Platinum member of OpenJS Foundation
• Co-marketing together with trademark license agreement
• Endorsed or sponsored by OSS project TSC or Core team, if applicable
• Endorsed or sponsored by the OpenJS Foundation’s Cross Project Council

“Supporting this program is a great way to support key open source projects while providing long term support for older versions of the project that are no longer maintained,” said Tobie Langel, OpenJS Foundation board director and vice chair of the Cross Project Council. “We always would like to see more organizations running the latest and greatest versions of open source projects, but there are legitimate cases where that's not an option. With ESP, organizations that are stuck with unsupported versions can get commercial support and contribute to the project's health as a result. It’s a win-win!”

To find out more about this initiative please visit our Ecosystem Sustainability page, or reach out via our contact form.