Communities aren’t an accidental collection of strangers with a common interest
The 2024 Tidelift State of the Open Source Maintainer Report is full of interesting survey results and analysis, but one paragraph stood out to me in particular. One unidentified maintainer, speaking about the impact of the xz social engineering attack said this:
This incident really highlighted for me that technology is not the problem—culture is. Without authentic, trustworthy support from a real community (not merely an accidental collection of strangers who have a single common interest) this kind of thing will only continue. Security is a wetware problem first and foremost—we need to care about actual, living humans, not just certs and hashes and chains of custody.
Too often, we assume a community will naturally form around a useful thing that people care about. If we build it, they will come. That’s not true. It is true that useful and interesting projects can spontaneously collect a group of users and maybe even contributors, that doesn’t make it a community.
A community is more than a collection of individuals with a common interest; a community is a collection of individuals with a common interest and a shared sense of ownership. A community is a collection of friends (or at least acquaintances), not strangers. Not everyone who participates in a project is a part of the community.
My local baseball team is a good example. On any given night, you can expect to see 1,500–2,000 people in the stands. Some show up, root for the home team, and go home. Others show up, greet the staff by name, and make sure all of their trash gets picked up because “this is our stadium.” Neither is better; they’re just different.
To bring it back to open source projects: if you’re moderately successful, you’ll have both a community and a collection of strangers. They both help your projects, whether it’s by feedback/bug reports, code contribution, telling others about your project, or whatever else. But it’s the community that will be sustainable. Not only does community imply some degree of commitment to stick around for a while, but the bonds of friendship can make the project a more enjoyable place to be.
