diff --git a/public/images/dependency.png b/public/images/dependency.png new file mode 100644 index 00000000..4260011a Binary files /dev/null and b/public/images/dependency.png differ diff --git a/src/layouts/Layout.astro b/src/layouts/Layout.astro index 1ac34482..7da537e5 100644 --- a/src/layouts/Layout.astro +++ b/src/layouts/Layout.astro @@ -214,6 +214,9 @@ const { title, navless } = Astro.props; p:last-child { margin-bottom: 0; } + table { + margin: 1rem 0; + } code, pre { font-family: Menlo, Monaco, Lucida Console, Liberation Mono, DejaVu Sans Mono, monospace; font-size: 0.8rem; diff --git a/src/pages/about.astro b/src/pages/about.astro index eb842c47..db23a719 100644 --- a/src/pages/about.astro +++ b/src/pages/about.astro @@ -3,29 +3,162 @@ // SPDX-License-Identifier: Apache-2.0 import Blob from "../components/Blob.astro"; +import Button from "../components/Button.astro"; import Layout from "../layouts/Layout.astro"; +import MiniLeaderboard from "../components/MiniLeaderboard.astro"; +import TextButton from "../components/TextButton.astro"; +import { + getMembers, filterInactiveMembers, +} from '../members.ts'; + +const members = filterInactiveMembers(await getMembers()); ---
+
+
+

About the Pledge

+ +
+

What is the Open Source Pledge?

+ +

Open Source Pledge is a group of companies with a shared commitment to paying the maintainers of the Open + Source software we all consume. Our goal is to establish a new social norm in the tech industry of companies + paying Open Source maintainers, so that burnout and related security issues such as those in XZ and Log4j can + become a thing of the past.

+
+ +
+

What is the Pledge's mission?

+ +

A massive portion of the software we all depend on is based on Open Source projects. Though these projects + are very important, the people who tirelessly maintain them often do so + without being paid at all. This means + that many maintainers have to either struggle to make ends meet, or work a second shift after working hours to + maintain projects that often have to be looked after for years or decades.

+ +
+ This xkcd comic shows a Jenga-like tower of blocks, illustrating “all modern digital infrastructure”. The structure precariously rests on a small load-bearing block, titled “a project some random person in Nebraska has been thanklessly maintaining since 2003”. +
xkcd #2347 — Dependency
+
+ +

This arrangement isn't fair to the maintainers who build software we value. And it leads to a fragile + ecosystem that's susceptible to security issues, because the people who look after our digital infrastructure + are likely to suffer from burnout. This has led to issues such as the + XZ backdoor, the + Log4Shell vulnerability, and many other serious + issues.

+ +

This is why our main goal is to get companies to pay maintainers of software they depend on. + We believe that by doing this, we can contribute to a healthy, thriving and secure Open Source ecosystem. We + recognise this is a multifaceted problem, but the solution we are focusing on is providing direct + payments to maintainers, in order to support them and their work.

+
+ +
+

What does joining the Pledge entail?

+ +

Our new norm is for companies to pay a minimum of $2000 per year per full-time equivalent developer on the + company's staff, to Open Source maintainers of each company's choosing.

+
+ +
+

What about other ways to support Open Source?

+ +

Some companies support the Open Source ecosystem by hiring developers to work on Open Source Software, or by + giving gifts such as cloud computing credits. While we agree that developer time and gifts in kind are + valuable and important, only cash payments count towards the pledge, because the point of the Pledge is to get + money to underpaid and overworked maintainers of important Open Source projects. If maintainers of software we + rely on can pay the bills, we will have a healthier, fairer, more stable and more secure Open Source + ecosystem.

+
+ +
+

What payments are eligible?

+ +

Companies directly pay maintainers of Open Source projects they depend on, with no strings attached. Paying + developers to do specific work does not count towards the Pledge. Feel free to participate in our ongoing discussion on what counts + and what doesn't.

+
+
-

About the Pledge

+

Does Open Source Pledge handle funds?

-

Open Source Pledge is a group of companies with a shared commitment to - paying the maintainers of the Open Source software we all consume. We aim - to prevent maintainer burnout and reduce flare-ups of high-profile - security incidents such as XZ, Log4Shell, and Heartbleed. We invite all - companies to join the Pledge.

+

Payments are made directly to maintainers — we never handle any funds.

+
-

Governance and Structure

+
+

How does Open Source Pledge promote members?

+ +

We want to promote companies that support a healthy Open Source ecosystem, which is why we're launching a + major promotional campaign on October 8, including outdoor advertising in prime San Francisco and NYC + locations. As part of this campaign, we will celebrate Open Source Pledge Innovators who who join us by + September 24.

+
+ +
+

Who has already joined?

+ +

Here are some of our members:

+ +
+
+ + +
+ See all {members.length} members +
+
+
+
+ +
+

How can I join?

+ +

To join our {members.length} members and help promote a healthy Open Source ecosystem, see our + instructions:

+ +
+ +
+
+ +
+

Who maintains Open Source Pledge?

Open Source Pledge is brought to you by @@ -69,7 +202,8 @@ import Layout from "../layouts/Layout.astro";

-

Want to help?

+

How can I help?

+

To help us build Open Source Pledge, read

+ + diff --git a/src/pages/join.astro b/src/pages/join.astro index 328af182..235e63c5 100644 --- a/src/pages/join.astro +++ b/src/pages/join.astro @@ -42,7 +42,7 @@ import Layout from "../layouts/Layout.astro"; of your choice, and commit to doing so in future years. The projects you're donating to should meet the Open Source Definition. Of course, this includes any existing donations you've made this year. If you need help figuring out which - projects you depend on, you can use a tool like Thanks.dev. + projects you depend on, you can use a tool like thanks.dev.
@@ -66,7 +66,7 @@ import Layout from "../layouts/Layout.astro"; itemized list, consider using the Open Source Pledge GitHub Reporter, or - Thanks.dev. + thanks.dev.