Skip to main content

What does Microsoft’s acquisition of GitHub mean for the future of open source?

(Image credit: Image Credit: StockStudio / Shutterstock)

Microsoft’s acquisition of beloved repository service GitHub, which was announced recently for a reported $7.5 billion (opens in new tab) price tag in stocks, marks the latest stage of the transition of open source software into mainstream enterprise development.

For anyone who has followed Microsoft’s long and storied relationship with open source and the open source community under past CEOs, this buyout might leave their heads spinning. However, for those who have been paying attention since Satya Nadella became CEO, this is a move that makes perfect sense for Microsoft.

Microsoft has been in the process of transitioning from a software company to a cloud company, and from a closed system to an open one. To this end, they have made significant strides towards embracing open source and creating an environment where software development can truly thrive.

They have grown quickly over the past few years, rapidly becoming one of the top contributors to open source projects, which is no small feat considering that their previous stance on the issue was strongly averse to anything open source. On a practical level, they have gone to the lengths of open sourcing their Net development framework, allowing the use of Java and NPM on Visual Studio, and even making up with Linux, bringing it to their Azure cloud, just to name a few examples.

The shift has also been a cultural one, as Microsoft is working to show that even a corporation of their massive size can be relevant in the agile development space. Microsoft clearly wants to be the go-to spot for developers, providing development teams with all of the infrastructure and tools that they need in order to to build their products. Bringing GitHub into their ecosystem is just the next step on Microsoft’s journey towards becoming a one-stop-shop for developers, especially in the enterprise space.

GitHub’s business is in the private repositories that they host for their users. While anyone can open a publicly viewable repository, the company has built itself as the go-to for enterprises and others looking to manage their code.

But the value of GitHub is much more than just the sum of its repositories business. It is a beloved home for developers, quite often the first place they go when they are looking for a component or feature for their product, as well as a lively hub for collaborating with others. There is an emotional connection to the service that has been built up over time for the more than 28 million GitHub users (opens in new tab), many of which can be identified by the popular Octocat stickers placed proudly and prominently on their laptops.

Riding the open source wave

The acquisition of GitHub comes in what has already been a big year for companies in the open source space and sparking quite a few trends in the industry.

Late last year it was announced that Black Duck Software had been bought by competitor Synopsys for a reported $565 million (opens in new tab). This marked the first major buyout for a company in the Software Composition Analysis (SCA (opens in new tab)) space; the tool for tracking and managing the security, license, and quality of open source components.

Since then, other companies in this increasingly thriving sector have received additional funding or have been bought by competitors. This reflects a degree of consolidation that we normally see as a market begins to mature, as well as the appetite for entering into an industry that is about to witness increased growth.

The development of applications has come to be a common practice across all industries and sectors, with companies who never thought of themselves as creators of software, coming out with products both for consumers and for internal use. The developers at these companies rely heavily on open source components, which contain between 60-80 per cent of the code base in modern applications, to help them write the best code they can within increasingly aggressive timeframes. 

As it is becoming more and more difficult for these companies to overlook or ignore the fact that they are using substantial amounts of open source code in their applications, they have come to understand that they are in need of tools that will help them to track and manage their open source usage. So while the code may be free to use, the companies providing the ecosystem of solutions for managing free and open source components are most likely going to continue to attract a lot of attention.

The driving force behind this move to adopt SCA solutions is the growing awareness of the need for security. News of hacks enabled by the exploitation of known open source security vulnerabilities, has been on the rise for a number of years, as names like Heartbleed and Equifax have entered the parlance of the non-cyber folk. Consumers do not care whether their data was compromised because of a bug in the proprietary code or because of a risky and outdated version of an open source library. What they most certainly do care about is that their data is exposed, so if a company is relying on the use of open source components, then they need to make sure that they use them responsibly, and make open source security management a priority.

Perhaps at its core, this acquisition tells us that open source components are at the centre of how enterprises are now planning their developmental strategies. They are increasingly adopting open source components, for both the practical purposes of producing innovative high quality products faster, and also to gain recognition as good citizens of the ever growing and respected open source community. Enterprises have come to understand that open source has gone mainstream, and this acquisition of GitHub by Microsoft has served to speed up that process.

Redmond understands that open source is ubiquitous and that it is the crucial element for enterprise development, so this is where they have to be as well, to stay in position as an enterprise market leader. They know that open source is bigger than them, so instead of going against the tide, they have decided to ride the wave of the future.

Rami Sass, CEO and co-Founder, WhiteSource (opens in new tab)
Image Credit: StockStudio / Shutterstock

Rami Sass is CEO and Co-Founder of WhiteSource , the leading open source security and compliance management platform. Rami is an experienced entrepreneur and executive with vast experience in defining innovative products, leading technology groups and growing companies from seed level to business maturity.