Why I choose not to go for open source at this moment.

TL;DR: At this early stage, open-source will impose potential threats and unnecessary management overhead while introducing slim to no value.

At the out front:

Despite the statement I made above, I am a fanatic open source supporter. Nowadays cornucopia of innovations is not possible without those open source projects handling all the grunt work. Just name a few, Docker revolutionizes containerization, Kubernetes abstract away container orchestrations, Sentry democratizes service monitoring, and Next.js bring production-level frontend development to everyone. Many times, I feel like I am standing on the shoulders of many giants, and it is those open source projects that protect the current internet from being dominated by monopolies who have first-grade engineering teams and countless resources. Everyone with a passion can start their own business and make this world a better place.

Moreover, there're tons of successful open source startups like Sentry, Vercel, Mastodon, Hashicorp, etc. I pay my greatest respect to their work and contributions and I wish them all the best.

That's said, in this blog post, I will mainly talk about how I make this conclusion as a solo founder running a community business. Please read this blog post with your thoughts as our context might be different.

Pros and Cons

Here's what I jot down when I first think about it:

What're the benefits of open-sourcing a project?

• A healthier codebase as many are watching it.

• Users can also contribute if they need new features. Ease the labor pressure.

• Advanced users can help me spot bugs or security flaws, which makes this platform even better.

• Earn trust by showing users we're not doing shitty things. Transparency is our core. How can we be truly transparent if we don't open-source our code?

• GitHub itself is also a community. Being trending on GitHub can attract more users to the platform.

What're the risks of open sourcing a project?

• Expose to the competitor.

• Expose the vulnerability directly to attackers.

• People are contributing based on their free time and under their free will. If managing a full-time software engineer is hard, managing an open-source contributor is exponentially harder.

• Community support overhead is nontrivial.

Ideally

Once a project is open source and has a steady flow of contributors, the maintainer wants to keep the codebase as healthy as possible to ease the burden of future contributors. This external force pushes the maintainer and every contributor to write clean code and good design. Besides, people can study the open-sourced code for their own needs and contribute by pointing out shitty code, bad design, security flaws, or any other deficits. When users need something new, they can also develop it on their own. The project is contributing to the community while the community is contributing back. It literally looks invincible if this positive feedback loop keeps spinning. Sounds fantastic, right?

In reality

"A healthier codebase as many are watching it."

Relying on external force to write clean code is an unhealthy path to follow. Besides, open-source doesn't imply good code quality. If people want to write shitty code, people will write shitty code no matter whether it's open-source or not. Based on my experience, the quality of an open-source codebase heavily depends on the maintainer rather than the community. A maintainer with high standards tends to yield a better quality open source project. This imposes lots of pressure over maintainers' shoulders as they have to go back and forth several times in a pull request to get the code into the right state. However, unlike within small teams, open-source contributors spend their free time writing code for you, and their time might be limited and scattered. Therefore, many communications that can be done instantly within a small team will generally take longer in an open-source community, which makes everything a bit harder.

"Users can also contribute if they need new features. Ease the labor pressure."

The group of people who want to contribute to an open-source project is extremely small. Way smaller than most people think. According to GitHub, Next.js has been used by more than 739k public repositories (not including private repos) and have only 2183 contributors, despite their world-class documentation and codebase. That is, only 0.295% of 739k developers make contributions. Yes, it is a small group but it's powerful. It's those people who power all those 739k projects and I fully respect them. However, unlike Next.js, we're running a community business. Developers are only a small subset of our user group, and people willing to contribute are another small subset of that. The thing I want to highlight here is the number of people contributing to a project might be smaller than you think, and so does the benefits associated with it.

Managing an open-source project is extremely hard and stressful. Open source maintainers not only need to respond to every GitHub issue ticket but also need to decide how to prioritize those issues for better goods. This single point stresses most people out. Moreover, public contributors are spending their free time contributing to the project. They're not get paid to do so and their time is scattered. To mitigate this management difficulty, maintainers generally assign some low-priority tasks to public contributors and do the hard work by themselves. Therefore, at this early stage, open-sourcing a project might not drastically improve development efficiency. For now, moving fast and quick delivery is more important to us, and everything can be more manageable and effective if it is a small team rather than an open-source community.

"Advanced users can help me spot bugs or security flaws, which makes this platform even better."

There're only two kinds of people who thoroughly study my codebase and try to identify security flaws: people who truly want this platform better, and attackers or competitors. People in the first group are the people you want to hire no matter how much it costs because they show they care about this product and they have the skill to make it better, which is exactly what interviews are for. However, as you might anticipate, this group of people is extremely rare. Most people will fall into the second category.

Don't worry. We will open-source this platform, when it makes sense.

Don't worry! We'll open source when our product is solid and our community is big enough. After all, it's our mission to improve the transparency of information. Just like you, I am counting down the day we open-source everything. However, right now, it's just not the right time to do it.

In the meantime, I will keep writing more blogs reflecting on building this platform. Building this platform is extremely challenging both physically and mentally. Luckily, I learned a ton by doing it and I am more than happy to share what I did wrong and what I learned through this channel.