Tidelift, a startup trying to solve some of the open-source software industry’s problems around compensation and security, said it wrapped up a $25 million investment to gather more publicly maintained software projects under its umbrella.
The Boston-based company, founded in 2017 by four Red Hat vets, said it is trying to recreate what Red Hat (NYSE: RHT) did with the Linux open-source computer operating system—but with as large a swath of the open-source realm as possible.
Tidelift sells subscriptions of its repository of open-source software tools whose creators agree to keep their code maintained. Tidelift then pays the developers who maintain the open-source projects to guarantee subscribers operability, security, and intellectual property standards. Subscriptions start at $1,500 a month, for “starters” with up to 25 developers, increasing to $2,500 for larger teams, and higher for enterprise plans.
Open-source software “is absolutely everywhere,” Tidelift co-founder and chief executive Donald Fischer told Xconomy. He estimates open-source components are baked into more than 90 percent of the software out in the world.
“On the other hand, a lot of the open-source software is not very well looked after because it’s being created as a side effect of other businesses or people are doing it in their spare time for a variety of great reasons,” he added.
Tidelift today announced a $25 million Series B funding round, just seven months after its $15 million Series A round. The startup said it will use the new cash to add more open-source projects to its subscription library and partner with more open-source developer communities. The round announced today was led by General Catalyst Partners, Foundry Group, and former Red Hat chief executive Matthew Szulik.
Szulik invested in Tidelift when it raised the Series A, and his involvement shouldn’t be a surprise. Tidelift’s idea for a new open-source business model is not unlike what Red Hat does for the free Linux operating system. Red Hat—which agreed in October to sell itself to IBM (NYSE: IBM) in a $34 billion mega-deal—charges support fees for customers who rely on Red Hat for installation, maintenance, and support of Linux software, and the company also sells subscriptions to software it develops. Also, Fischer and his co-founders—Jeremy Katz, Luis Villa, and Havoc Pennington—all worked together at Red Hat.
“We are improving the open-source business model that’s already been illustrated,” Fischer said. “Instead of just doing it for Linux like Red Hat does or doing it for Hadoop, like Cloudera, we do it for a much broader set of projects.”
Tidelift’s model has elements in common with two-sided marketplaces established by popular consumer tech companies such as Netflix (NASDAQ: NFLX), Airbnb, Lyft, and Uber. Fischer said he approves of the “Netflix for open source” comparison, though it’s not a perfect match.
Tidelift’s rise comes as the promise of open-source software development starts to show its limits, with hackers exploiting the ecosystem to open back doors to supposedly secure applications.
The recent hack of the open-source code library managed by NPM was aimed at giving the bad actor(s) the ability to gain access to some Bitcoin digital wallets. The developer who had given up maintaining a part of the code involved with the hack said the critical problem lies in the open-source business model.
“We are in a weird valley where you have a bunch of dependencies that are ‘maintained’ by someone who’s lost interest, or is even starting to burnout, and that they no longer use themselves,” Dominic Tarr, a developer apparently based in New Zealand, wrote in a post on GitHub. “You can easily share the code, but no one wants to share the responsibility for maintaining that code.”
Those cracks in the open-source model are showing just as technology behemoths are spending billions of dollars to snatch up open-source tech companies. Last year, Microsoft (NASDAQ: MSFT) paid $7.5 billion to buy open-source code repository GitHub, and marketing software company Salesforce (NYSE: CRM) paid $6.5 billion for open-source company Mulesoft.
Fischer said there’s a simple reason for the deepening interest in open source—even by companies like Microsoft, whose then-CEO Steve Ballmer declared Linux a “cancer” in 2001.
“The software industry has basically become the open-source software industry,” Fischer said. “Now Microsoft is an open-source shop because they have to be. … Some of the existing big players in the industry are waking up and coming to terms with the fact that the way this works now is it’s open source first.”