Good governance of Open Source projects is really important:
But rather than having clear governance, I see most projects (including my own) default to an unfulfilled mix of maintainers, community and owners.
Here is the diagram, I'll discuss it a bit, but you can also stop reading here and use it in your own way before reading what I had in mind.
Ownership, maintenance and community are fluent categories, vulnerable to different definitions. You can make up your own, too. Here, we understand community loosely as someone who uses the software and would care to raise an issue in a repository or participate in support questions. Let's say that the owner of the project posts all the issues themselves and answers all the support questions: Then the project doesn't have a community.
A project has maintenance as long as the owner or someone else is around to keep it alive.
Finally, ownership is about who does all the executive calls: Adds new maintainers, sets a direction for the project.
We can use such a diagram to understand and discuss governance of Open Source projects, but we can also stop to think:
Does it have a LICENSE file that says it's legally speaking Open Source? Okay, nice, but there are so many examples of unused/unusable "code dumps" with LICENSE files. Clearly there are other issues at stake:
I asked the other question to show that in some conceptual understanding of a sliding scale of less<=>more Open Source, then a democratic governance model would - in my opinion - make a project more Open Source.
You can also ask this in a framing of sustainability and health. Asking questions about the governance of a project unlocks the same areas of concern as asking about its general health and whether it's gonna be alive next year.
Here we have the first of several classics: This case happens often when the large company or NGO have created an Open Source project and simply published it. They might even have documentation. But because of factors that should be understood better, they don't have a community.
Have you ever seen a project where there's lots of community and someone owns the project but isn't maintaining it? It's that project where hundreds of PRs are stale, and people are talking about which fork to switch to.
How did we get here? Well actually, there's a bit of success here: Despite the lack of maintenance, the community is still around waiting for something to happen.
Is it a problem that there is no owner around? Well, yes it will eventually be a problem. You need an owner to onboard new maintainers, and you need them to do other owner things. Changing settings in a GitHub organization, CI, package publications etc. The absence of an owner might not seem problematic at first, but problems will usually start appearing and slowly suffocate the energy of community and maintainers.
I know many examples where this has happened. They are both related to having a single owner, or a company that hasn't take responsibility for the community and maintainers they have made dependent.
The owner clearly should have given away the keys instead of disappearing with them. But why haven't they?
Here is the sweet spot where good, democratic governance can thrive: There's an active community, maintainers and present owners. This is where things can get started.
How do we get from having all the components to an actual governance model? Well, that's a whole other topic. But having all the ingredients seem necessary... ?
While we can think about many ways of understanding how Open Source projects are failing or succeeding, good people are already hard at work. I recommend checking out the new Django Commons project, which is building on the lessons from Jazzband.