SourceCred vision

The open-source movement is amazing. It’s inspiring that some of our best technology is developed in the open and available to everyone.

Despite all the value provided by open-source projects, many are chronically underfunded. For example, NumPy received no funding at all until 2017, and a world where OpenSSL was funded might have been a world without Heartbleed.

These projects also impose a heavy burden on maintainers. Popular projects have hundreds or thousands of open issues, with many new ones being created every day, and only a few overworked volunteers trying to triage and respond to them. Burnout is inevitable.

SourceCred is our attempt to help.

Mission

SourceCred aims to empower open-source developers and communities by creating a project-specific reputation metric called cred.

A project’s contributors earn cred for helping out. For example, a project might reward:

  • Triaging issues
  • Maintaining the build
  • Fixing bugs
  • Writing documentation
  • Refactoring code
  • Adding features

SourceCred will build social capital within communities, recognize their hardworking contributors, and encourage more people to help maintain and develop open-source projects.

We’re designing SourceCred around the following four principles:

Transparency
It should be easy to see why cred is attributed as it is, and link a person’s cred directly to contributions they’ve made.
Extensibility
SourceCred is designed around a plugin architecture, so you can add support for new data sources, new algorithms, or even entirely new kinds of work.
Community control
Each community has the final say on that community’s cred. When the algorithm and the community disagree, the community wins.
Decentralization
Projects own their own data, and control their own cred. The SourceCred project provides tools, but has no control.

How cred works

Cred is computed by first creating a contribution graph, which contains every contribution to the project and the relations among them. For example, GitHub issues, Git commits, and individual files and functions can be included in the graph. Then, SourceCred runs a modified version of PageRank on that graph to produce a cred attribution. The attribution is highly configurable; project maintainers can add new heuristics and adjust weights.

This approach satisfies our four principles. It’s transparent: you can always see how a node’s weight dervies from its neighbors. It’s extensible: plugins can embed new types of nodes and edges into the graph. It’s community-controlled: the weights, heuristics, and algorithms are all configured by the project. Finally, it’s decentralized: every project can run its own instance.

Naturally, there will be attempts to game the system. We’ll provide tools that make it obvious when people are gaming their cred, and empower maintainers to moderate and correct the attribution when needed. In case of deeply contentious disagreements, cred can be forked alongside the project.

Roadmap

SourceCred is under active development. We have a prototype that ingests data from Git and GitHub, computes cred, and allows the user to explore and experiment on the results. We have a long way to go to realize SourceCred’s full vision, but the prototype can already surface some interesting insights!

In the near term, we want to help with issue triage and prioritization. Open-source projects are drowning in issues; many people file them, but few are motivated to triage them. We want to recognize the people who show up to do that work, and reward them by giving them more influence over issue prioritization.

In the longer term, we will continue to add signal to cred attribution. For example, we plan to parse the AST of a project’s code so that we can attribute cred at the level of individual functions, and create a “spotlight” mechanic that will let contributors flow more cred to their peers’ important contributions. As SourceCred improves, we have plans for how to use it to help open-source projects become financially sustainable.

About

SourceCred is an open-source project, and is committed to being decentralized. We don’t think communities should have to give their data to us, or entrust us with control over their cred. The lead developers are grateful to be supported by Protocol Labs.

If you think this vision is exciting, we’d love for you to get involved! You can join our Discord and check out our GitHub—many of our issues are marked contributions welcome. If you want to try running SourceCred on open-source projects you care about, check out our README.