-   Interviews (
-   -   Interview with Roberto Galoppini of SourceForge (

jeremy 07-06-2015 08:52 AM

Interview with Roberto Galoppini of SourceForge First, let me say thank you for agreeing to an interview. Tell us a little about yourself and how you first got involved with Open Source in general and SourceForge specifically.

Roberto Galoppini) I’ve been involved with open source software since 1994. At that time I was working for a solution provider, and a customer asked us to implement a seamless authentication system for mobile users. Neither RADIUS or TACACS met our needs, and we had to build a custom solution. Luckily enough, we didn’t need to start from scratch, as we were able to borrow some open source code.

Later in my career I founded (and ultimately sold) an open source startup company, launched an open source consortium, designed and implemented a methodology for assessing open source software and consulted to a number of small and large companies in helping them design and deploy their open source strategies.

I joined SourceForge in 2011, where I now manage the Community and Support Teams and support Business Development. My time is dedicated primarily to helping our open source communities grow - by helping them to recruit developers, reach a broader audience or find ways to monetize their products and services. I also work to ensure our editorial efforts benefit our communities and that end-users receive support responses in a timely manner.

LQ) Can you tell us a bit about the general health of SourceForge as an organization?

RG) SourceForge was established in 1999 as a home for Open Source software development. Our service offering and policies have evolved over the years in response to community guidance, but we have remained committed to ensuring availability of Open Source software to our community and providing tools and services that support the success of Open Source software developers.

SourceForge now hosts more than 450,000 projects, of which more than 250,000 have registered with us in the past five years. In the twelve month-period ending in January 2015, we delivered more than 1.5 billion file downloads.

Since 1999, the SourceForge site has run on two code bases. The first was the alexandria code base, written in PHP and backed by MySQL and PostgreSQL, which was released under Open Source license. In 2013, we completed the migration of all projects to run on our new Python and MongoDB-based platform, which was released under Open Source license and has been run through Apache’s incubation process to become Apache Allura. Today, half of our SourceForge Engineering team is focused on the Apache Allura platform.

Our teams include a mix of both relatively new and more seasoned staff, and a mix of seasoned Open Source developers and folks experienced with proprietary platforms. Our infrastructure and development platforms are Open Source-based. We run a fairly lean and agile shop, with both remote and office-based staff, and our team members care deeply about the communities we serve.

LQ) In a recent blog post, you said "With that in mind, SourceForge pledges to present third-party offers only with the projects that explicitly opted-in to that program." A 2013 blog post ( contains the following: "This is a 100% opt-in program for the developer, and we want to reassure you that we will NEVER bundle offers with any project without the developers consent." Can you give us any insight on why SourceForge went ahead with the recent "short-run test" despite the promise made in 2013? How can we be sure it won't happen again in the future?

RG) Let me start by apologizing to our community members at large; we made a big mistake in recently running a short-run test of third-part offers on five of our mirrored projects that we considered to be abandoned, which has clearly and understandably sparked a tremendous amount of concern and backlash. This test was promptly discontinued on May 27th based on community feedback, which we appreciate and take very seriously, and with that we also performed an extensive review of our mirroring program and temporarily removed SourceForge-maintained mirrored projects. We understand the importance of our community and have begun work to establish a Community Panel to help guide our products and services. We feel soliciting outside guidance on best-practices and working to incorporate some of the recommendations we receive will be instrumental in helping us make the best decisions for our community.

LQ) Can you offer any insight into why the decision to proceed with the test was made?

RG) Since at least 2010, we were maintaining custom content and information on our site to help promote externally-hosted OSS projects (at peak, 295 projects) within the community, and this year made the decision to opt-in five of these projects to our monetization program on a test basis. There is a difference between what licenses permit and what our community considers acceptable, and when that became clear, we took immediate action to shut down the test.

LQ) Were you, and more broadly SourceForge as an organization, surprised by just how quick and severe the backlash to this was?

RG) The Open Source community is diverse, encompassing Free, Libre and Open Source software aficionados -- from seasoned development luminaries who are recognized name brands to end-users who sometimes aren’t even aware they are using Open Source. There’s often a difference between what software licenses permit and what our community feels is acceptable. We expect parts of our community to be very passionate -- Open Source is our passion too. With all of that said, we always operate with the collective well-being of our community in mind and unintentionally upset our community to a members to a level that was somewhat surprising. However, we genuinely care very deeply about our community, which is why we acted so quickly when concerns surfaced.

LQ) Do you think SourceForge will be able to regain the trust of the community?

RG) We certainly hope so and are working hard to that end. We're committed to our community, and hopefully our community understands that what we've done in response to their feedback is a sign of this commitment. With their guidance, we discontinued a monetization test and have suspended our long-standing project mirroring program pending further review. We are also establishing a Community Panel to help ensure we field solutions that best meet the community's needs and expectations.

LQ) How has the response been to the opt-in third-party bundle program, both from the developer and end user perspective?

RG) The developers who have been participating in our program are excited to partner with us since we act as a sort of "union" for them. Issues raised to us command our attention, and we work closely with our advertising network providers to ensure the program is run to our standards -- that confusing offers are removed, that uninstall procedures are easily available and well-documented, and that offers are opt-in.

LQ) Do you think SF being part of Dice Holdings has any impact on the direction of the site?

RG) Apache Allura, has been the primary way in which we have engaged the community for feedback. We’ve recognized that it’s important to accept diverse feedback from a broad range of people in our community, not all of which will approach us through Open Source development channels, to produce the best products. We’ve established a new Community Voice forum and are well along in the process of establishing a Community Panel to help ensure product decisions receive guidance from our community. While SourceForges is a service of DHI, today we continue to run our business with a fair amount of autonomy and certainly with the best interests of our community members in mind.

LQ) Can you tell us more about the proposed Community Panel?

RG) As I mentioned earlier, our recent test of third-party offers on projects that we considered to be abandoned has sparked a tremendous amount of concern and backlash from the community, and we’ve seen the need to more directly and effectively engage our community for feedback. SourceForge has a very diverse audience ? in terms of location, license theology, use cases and development platforms -- and we want to make sure our decision-making process considers not just business needs and technical value, but also guidance from our community members.

Our new Community Panel is being formed to include folks with whom we haven’t recently consulted and to discuss a broad range of topics and solicit feedback on best-practice products and services from a group of like-minded individuals. We hope to host an in-person event for our panel members at the end of this summer.

LQ) There seems to be a perception among some that the functionality and interface at SF has been stagnant recently. Would you agree with this and are there any plans to put additional resources into updating Allura or the SF experience?

RG) We completed our migration to the Allura platform in 2013, and have been investing our efforts into improving the platform throughout its lifecycle to-date. Allura graduated from Apache incubation to become Apache Allura in the first half of 2014, and we’ve kept up a steady pace of development. Here’s a few of the important enhancements we’ve made:
  • 2014H1: Video integration on project summary pages
  • 2014H1: Project and user activity streams
  • 2014H1: Ticket filtering
  • 2014H2: Editorial reviews
  • 2014H2: Wiki subscriptions
  • 2014H2: Migration to new infrastructure platforms
  • 2015H1: GitHub release importer + autosync
  • 2015H1: Webhooks
  • 2015H1: One-click merge
  • 2015H1: UX improvements across our forms handling and email notifications

Our development around SourceForge entails dedicated teams supporting the developer experience with Apache Allura, the SourceForge end-user experienc, and the infrastructure backing the site and its services. We’ve made sizable gains on scaling over the past year, and are now able to refocus on things like pervasive use of SSL (TLS) for delivery, UX refinements and project promotion.

LQ) Right now it appears SourceForge is run as a media property, with ad revenue and bundling being the primary revenue sources. Have any alternative revenue streams been considered recently? Charging for private repositories, similar to GitHub, seems to be one suggestion I've seen quite a bit.

RG) Since we started in 1999, SourceForge has been committed to providing tools and services to the open source community to help accelerate project development and growth throughout the software development lifecycle. We leverage our brand to showcase and put weight behind projects, promoting them through our newsletters, Project of the Month awards program, project recommendation and general advocacy.

Over the years we have experimented with different business models, including a subscription-based model for some services. Our existing ad-supported model has proven sound and, at this point, we continue to view this as a key and low-impact way of funding the tools and services we provide for free to the community. And our advertising offering is quite robust, including opportunities for lead generation, promotion through newsletters and mailing list email footers, display advertising, video and custom campaigns. We actively seek campaigns that provide dual value -- providing opportunities for advertisers to succeed in delivering products that our audience finds compelling.

For those OSS projects that also have a commercial product, we offer for-pay solutions for promotion, not only through our advertising offerings but also through sponsorship in our Enterprise directory -- we know some users seeking an OSS-based solution want to pay for commercial support and fund ongoing development by buying these solutions.

We’ve seen that many of our best opportunities to grow SourceForge are through project growth. When Open Source succeeds, when Open Source projects succeed, we succeed.

To drive this success, we help users find the software solutions they need through a robust OSS catalog. From the early ideation stage of a new project, we help developers effectively engage with their peers using their choice of collaborative and social development tools -- be it Git, Subversion, or another SCM platform, ticketing, wikis, forums, mailing lists, statistics, global download delivery and self-deployed web apps. And our offering includes a range of services, at-scale, that help preserve access to Open Source software and foster a community of end-users who contribute back to the success of the project through feedback, bug reports, reviews and rapid engagement.

Ultimately, we’re committed to Open Source and feel that providing our offering to OSS developers for free is a key way to show that commitment, but we’re certainly not opposed to exploring new revenue streams. We’ll continue to explore this topic with our Community Panel and broader community in an effort to identify monetization approaches that will allow us to provide the greatest value to the community.

LQ) Ublock Origin, among some others, have started wholesale blocking the SourceForge domain and Google has marked some specific project pages as malicious. Do you anticipate this trend continuing and what impact do you think it will have on SourceForge?

RG) SourceForge has been working to strengthen controls around malware and PUA's (potentially-unwanted applications). Some providers are opaque about their specific test results, making it more difficult to identify problem content for rapid takedown. Many providers identify security tools and bitcoin miners as PUA, so it's important to weed out false-positives. We're working aggressively to ensure that our site content is tested and clearly marked.

LQ) ArchiveTeam team has a plan ( to download both the web content and source code from SourceForge and donate it to the Internet Archive. Does SourceForge have an official stance or opinion on that?

RG) The ArchiveTeam is welcome to mirror all content that is distributed under an Open Source license. We’ve offered to engage with them on ways to ensure they have access to data while ensuring their mirroring efforts don’t place undue burden on our resources.

LQ) Where does SourceForge go from here?

RG) Forward.

We continue to provide tools and services for free, throughout the lifecycle of Open Source software -- tools that enable development and also allow projects to publish, promote, market and support funding of further development.

We continue to support the end-users of the projects we host, ensuring a clear path of communication exists between developers and users, be it through mailing lists, wiki, ticketing, reviews, feedback and support.

We continue to build the most comprehensive directory of Open Source Software to help both developers and end-users find the solutions they need today, and to preserve the availability of this software for the future benefit of all mankind.

Our roadmap includes a wealth of improvements for the developer and the end-user experience, and with guidance from our Community Panel and the broader community, we’re confident that we will be putting our best foot forward.

smallpond 07-06-2015 01:03 PM

Although The Gimp windows project may have been abandoned, I'm pretty sure that The Gimp logo has never been abandoned. Can you justify why you are using the logo on pages such as this one without the permission of the copyright holders? I once had a SourceForge project and unless things have changed I never assigned any copyrights. In fact the terms page says:



TobiSGD 07-06-2015 01:36 PM


Originally Posted by smallpond (Post 5387986)
Can you justify why you are using the logo on pages such as this one without the permission of the copyright holders?

Linking to or copying our images

Some images from this web site can be copied freely and used in other pages. This includes the buttons shown above and the images of Wilber shown below.
The logo you mention is part of the images shown on that page, so neither asking the copyright holder nor a justification for using that image is necessary.

smallpond 07-06-2015 02:32 PM

That page is entitled "Linking to Us" and clearly is about using the images to promote or link to Gimp, not to promote an unrelated money-making scheme. There may be no legal issue but there is certainly an ethical issue.

TobiSGD 07-07-2015 03:56 AM


Originally Posted by smallpond (Post 5388028)
That page is entitled "Linking to Us" and clearly is about using the images to promote or link to Gimp, not to promote an unrelated money-making scheme. There may be no legal issue but there is certainly an ethical issue.

Sorry, but I fail to see how a GPL licensed derivative of the GPL licensed GIMP is a money-making scheme or unethical. Maybe you mean the forked project with the same name and added adware and spyware that is hosted at and caused the original developer to abandon his project on SourceForge.

All times are GMT -5. The time now is 03:09 PM.