2024COSR

@2024COSR

2024 China Open Source Report

Public team

Joined on Dec 1, 2024

  • Translator: Ted Liu, Reviewer: Ted Liu Preface OSS Questionnaire 1. Background of the Report 2. Preview of Questionnaire Results 3. Questionnaire Analysis 3.1 Characteristics of the Respondents 3.1.1 Distribution of Age, Gender, Education, Region
     Like  Bookmark
  • 卷首语 问卷篇 一. 报告背景 二. 问卷结果预览 三. 问卷分析 3.1. 受访者特征 3.1.1 年龄、性别、学历、城市 3.1.2 所处行业、职业 3.2 开源参与情况
     Like  Bookmark
  • Translator: Rollroll Yuan, Reviewer: Ted Liu Overview The commercialization of open-source software refers to the process of transforming open-source technology, services, and related components into profitable business models through various strategies. This enables economic value creation and sustainable development. The commercialization capability of open-source software is a crucial driving force for the sustainable development of software and its ecosystem. At the same time, it represents one of the most challenging aspects for open-source software enterprises in their growth journey. In previous editions of the Open Source Annual Report, the commercialization section was presented as a comprehensive research report, authored by Mr. Xu Zhixing, who was then an investor at Yunqi Capital. The report was detailed, objective, and insightful, providing valuable research material for China's open-source industry. This year, the commercialization section is organized in an interview format, featuring conversations with four investment and financing experts specializing in open-source technology, infrastructure software, and cloud services. They are Xu Zhixing (Guofang Innovation), Liu Jingyuan (Delian Capital), Ding Ning (INP), and Liu Chao (Atypical Ventures). Through these interviews, the report summarizes and analyzes the development of the open-source software sector over the past few years and provides insights into the future of the capital market. The experts also openly share their personal perspectives and understanding of this field based on their career experiences, as well as their views on the commercialization and growth of open-source enterprises. 1. Capital spotlight hits AI Infra again, is open source still a good card?
     Like  Bookmark
  • 概述 开源软件的商业化是指在开源软件的基础上,通过各种策略和模式,将其技术、服务等转化为可盈利的业务,从而实现经济价值和可持续发展。开源软件的商业化能力是软件及其生态可持续发展的重要动力,也是开源软件企业在发展过程中面临的最艰巨的挑战。 往期开源年报,商业化篇以综合研究报告形式呈现,由时任云启资本的投资人徐至行先生主笔撰写,内容翔实、客观全面、洞察深入,为中国开源产业的研究提供了重要的内容资料。 今年则以访谈的形式组织商业化篇的内容,内容访谈了四位专注于开源技术、基础软件、云服务的投融资专家,他们分别是徐至行(国方创新)、刘景媛(德联资本)、丁宁(INP)和刘超(时任 Atypical Ventures 合伙人)。在于他们的访谈中,总结和分析过去几年技术设施领域内开源技术的发展和对未来资本市场的展望。同时他们也坦诚地分享了个人职业发展中对于该领域的认识与理解,以及对于开源技术企业商业化与增长的经验与看法。 一.《资本聚光灯再次打向 AI Infra,开源还是一张好牌么?》 访谈嘉宾: 徐至行(国方创新) 在与徐至行的本次采访中,内容涵盖了基础设施、云服务、开源技术多个关键方面,包括投资趋势、软件开发的未来以及人工智能技术的应用与发展。还涉及了他理解的资本热度与经济周期的关系,以及当前商业环境对初创公司和风险投资带来的挑战。
     Like  Bookmark
  • 概述 2024 中国开源年度报告以全面、深入的数据洞察为核心,通过九大篇章全方位展现中国开源生态的蓬勃发展。第一部分宏观洞察篇,从基础事件、活跃仓库、活跃用户和编程语言等维度,揭示中国在全球开源生态中的独特地位与影响力。第二部分 OpenRank 排行榜篇,通过全球与中国各领域的开源项目、企业、基金会、开发者及协作机器人排名,为业界提供权威、系统的 OpenRank 指标信息服务,成为衡量开源贡献的重要标尺。第三、四部分企业洞察篇与基金会洞察篇,通过动态演变图和趋势分析,深度解析全球与中国企业、基金会在开源领域的战略布局与演化路径。第五部分技术领域洞察篇,聚焦各领域 Top10 榜单与项目变化,精准捕捉前沿技术的发展方向与创新趋势。第六部分开源项目洞察篇,深入探讨项目类型、领域与主题的多样性,展现开源生态的活力与创新潜力。第七部分开发者洞察篇,通过开发者类型、工作时间分布、地区分布及机器人使用情况的分析,描绘开发者群体的多元化特征与工作模式。第八部分商业开源洞察篇,聚焦中国及全球商业开源企业与项目的发展现状,剖析其成长路径与成功经验。第九部分高校开源洞察篇,结合开源之夏 OSPP 活动与 OpenRank 社区算法,展现高校学生参与开源活动的活跃度与贡献度,揭示开源人才培养的新趋势。整体而言,数据篇以丰富的数据维度与深度的分析视角,勾勒出 2024 年中国开源生态的全景图,为行业提供宝贵的洞察与参考。 指标介绍 影响力/贡献度(OpenRank) OpenRank 指标由 X-lab 开放实验室研发,基于开发者-项目协作关系网络构建,具备多维度的评价能力。在评估项目时,OpenRank 以影响力为核心,全面衡量项目的整体发展状态与社区参与度;在评估开发者时,则以贡献度为关键指标,精准反映其在开源生态中的协作价值与活跃程度。此外,OpenRank 还可将评价对象聚合至企业、组织、基金会等更高层级,揭示其在开源生态中的战略地位与协作网络中的核心作用。目前,OpenRank 已获得工业界与学术界的广泛认可,并被纳入多项权威标准与实践,包括中国标准化研究院的开源治理标准、信通院的开源治理白皮书、开放原子开源基金会的全球开源大屏,以及企业开源办公室的治理工具箱,成为衡量开源生态健康度与协作价值的权威工具。 OpenRank 参考文献:
     Like  Bookmark
  • Translator: Fei Teng; Reviewer: Ted Liu 6.3 Database Project Analysis This section analyzes the growth trend of the database field in terms of OpenRank, Activity and other indicators in the past five years, as well as the concentration trend of the top 10 projects. It also quotes the open source database information disclosed in Database of Databases and DB-Engines Ranking. The focus area is divided into 18 categories according to the database structure and purpose of the database, namely Relational, Key-Value, Document, Wide Column, Search Engine, Time Series, Vector, Graph, Object Oriented, Hierarchical, RDF, Array, Event, Spatial, Columnar, Native XML, and Content. The collaboration log data of the corresponding open source projects on GitHub are collected and analyzed. 6.3.1 Growth Trends in the Database Domain Over the Past Five Years and the Changing Trends in the Concentration of Top 10 Leading Projects image Figure 6.6 Trends in OpenRank Changes in the Database Domain from 2020 to 2024
     Like  Bookmark
  • 4. Foundation Insights As a non-profit open source organization, the Foundation plays an indispensable role in promoting the organization, development and collaborative innovation of open source projects and communities. It not only provides a full range of services such as technical support, operation and management, and legal protection for the incubation of open source software, but also provides governance guidance for the construction and operation of the community, becoming a combination of incubator and accelerator, and injecting the power of continuous development into the open source ecology. As an important organizer of the open source ecosystem, foundations play the role of a bridge between developers, enterprises and the community due to their standardized operation mode and resource integration ability. This section analyzes the development of the open source ecology from the dimension of foundations, aiming to reveal the core position and actual contribution of foundations in the open source ecology through data insights. 4.1 OpenRank Trend Analysis of Global Foundations image Figure 4.1 OpenRank Trend of Global Foundations *Note: The Linux Foundation mentioned here does not include its sub-foundations.
     Like  Bookmark
  • Translator & Reviewer: Ted Liu Overview The 2024 China Open-Source Annual Report is centered on comprehensive and in-depth data insights, presenting the flourishing development of China’s open-source ecosystem across nine key chapters. Chapter 1: Macro Insights – Examines China’s unique position and influence in the global open-source ecosystem through key metrics such as major events, active repositories, active users, and programming languages. Chapter 2: OpenRank Rankings – Provides authoritative and systematic OpenRank metrics, ranking open-source projects, enterprises, foundations, developers, and collaboration bots across China and globally, establishing a key benchmark for measuring open-source contributions. Chapters 3 & 4: Enterprise & Foundation Insights – Leverages dynamic evolution charts and trend analysis to offer a deep dive into the strategic layout and development trajectories of enterprises and foundations in the open-source domain, both in China and worldwide. Chapter 5: Technology Insights – Focuses on Top 10 rankings and project trends in various fields, capturing cutting-edge technological advancements and innovation trends. Chapter 6: Open-Source Project Insights – Explores the diversity of project types, domains, and topics, showcasing the vibrancy and innovative potential of the open-source ecosystem.
     Like  Bookmark
  • 报告主页的内容,可点击主页对应查看。 2024 中国开源年度报告 简介 开源社联合多家单位,纵横近十年对中国开源行业的综合性报告,每年发布一次 feature logo 开源社
     Like  Bookmark
  • Chinese version 2024 China Open Source Annual Report Overview KAIYUANSHE, in collaboration with multiple communities and organizations, has been releasing an annual comprehensive report on China's open-source industry for nearly a decade, providing longitudinal insights into the ecosystem. Kaiyuanshe logo KAIYUANSHE KAIYUANSHE (founded in 2014) is an open source community formed by individual volunteers committed to the open source cause, operating under the principles of "Contribution, Consensus, and Co-governance". As a steadfastly vendor-neutral, non-profit, and public-benefit organization, KAIYUANSHE upholds its vision of: "Rooted in China, Contributing Globally, Making Open Source a Lifestyle for the New Era". With core missions focused on: "Open Source Governance, Global Partnerships, Community Development and Project Incubation", KAIYUANSHE is dedicated to building a healthy and sustainable open source ecosystem.
     Like  Bookmark
  • 6. Open Source Education Translator: Mingkang (Bright) Li, Reviewer: Mingkang (Bright) Li 6.1 Open Source Educational Practices In 2024, several significant and influential open-source educational practices took place nationwide: Open Source Promotion Plan (OSPP) Open Source Promotion Plan is a summer program organized by the Institute of Software Chinese Academy of Sciences and long-term supported by the Open Source Software Supply Chain Promotion Plan. It aims to encourage college students to actively participate in the maintenance and development of open source software, promote the vigorous development of open source software communities, and build the open source software supply chain together. The 2024 OSPP concluded on November 9th, with a total of 168 open-source communities participating. These communities released 561 project tasks, attracting over 2,500 students from nearly 500 universities to sign up. Among them, 518 students were selected for participation. After three months of project development and one month of code integration, ultimately, 455 students successfully passed evaluations by mentors, communities, and the organizing committee and completed their projects GitLink "Indeed Open Source" Programming Summer Camp (GLCC)
     Like  Bookmark
  • Preface Translator: Biaowei Zhuang, Reviewer: Ted Liu In compiling this year’s Open Source Chronicle, we are profoundly reminded that open source and AI, as dual engines of innovation in the digital era, are reshaping the global technological landscape at an unprecedented pace. The 2024 Chronicle not only documents the rise of China’s open source influence but also highlights seismic shifts in the global open source ecosystem—where every breakthrough in technology, every paradigm shift in governance, and every geopolitical maneuver are inextricably linked to the future of open source communities worldwide. Due to the restructuring of chapters, our open-source chronicle for this year primarily focuses on significant events outside the development of artificial intelligence technology. Beyond AI, the open-source world in 2024 is equally fascinating, and we have summarized the following characteristics: Open Source Technology Leaps Forward The proliferation of domestic programming languages, groundbreaking progress in homegrown AI and big data ecosystems, and the large-scale adoption of RISC-V chips underscore how open source continues to define the cutting edge of technology. Security Risks Reach Grave Proportions
     Like 1 Bookmark
  • 2. Open Source Software Security Translator: Feng (Jason) Wang, Reviewer: Feng (Jason) Wang In 2024, open-source software security faces unprecedented challenges and opportunities. With the widespread adoption of open-source technologies, threats such as supply chain attacks, malicious code injections, and state-sponsored APT attacks are on the rise. Global security incidents, such as PyPI signature key tampering and NPM hash value tampering, highlight the vulnerabilities of the open-source ecosystem. At the same time, the open-source community and security organizations are actively responding, with initiatives like OpenSSF's Siren threat intelligence platform, the Rust Foundation's Safety-Critical Rust Consortium, and CISA's supply chain risk assessment tools. These efforts mark a shift from passive defense to proactive governance in open-source security, laying the foundation for a safer open-source ecosystem. 2.1 Malicious Code and Backdoor Implants XZ Utils BackdoorThe open-source compression tool XZ Utils was found to contain backdoored code, lurking for three years, allowing attackers to gain unauthorized system access via SSH. The backdoor injection was traced back to late 2021, executed through sophisticated social engineering tactics. Recent security incidents in the XZ Utils open-source ecosystem have raised concerns. The intruder spent 2-3 years infiltrating the project to gain advanced privileges and execute complex operations. These events highlight the need for open-source communities and maintainers to strengthen project management and security practices. Vant and Rspack AttacksPopular open-source projects like Youzan's Vant and ByteDance's Rspack had multiple versions injected with malicious scripts. Attackers stole npm tokens of project team members to upload compromised versions. These malicious versions spread through widely used npm packages, infecting developer and end-user code, posing risks like data leaks and remote code execution. This incident exposed security vulnerabilities in npm repositories. SQLite BackdoorUnauthorized backdoor code was discovered in SQLite, successfully embedded in multiple versions. Google researchers detected this backdoor using AI models, which could trigger memory leaks and code execution vulnerabilities. Exploiting this flaw allows attackers to execute malicious code, potentially leading to full system compromise. After patching, the SQLite team conducted rigorous code reviews to enhance security. OpenSSH Vulnerability (CVE-2024-6387)A critical vulnerability caused by a signal handling race condition in OpenSSH allows remote attackers to execute arbitrary code with root privileges. Exploitation involves injecting malicious signals into SSH sessions, forcing unauthenticated code execution. Attackers could gain full control of target machines, risking data breaches and system crashes.
     Like  Bookmark
  • Author: Biaowei Zhuang & Ted Liu, Translator & Reviewer: Ted Liu 1. Overview Since the groundbreaking emergence of ChatGPT at the end of 2022, 2023 has been a pivotal year for the development of artificial intelligence. By 2024, the explosive growth of open-source AI has completely rewritten industry rules—shifting from technological monopolies to collective innovation, from lab-driven research to real-world industrial applications. An AI paradigm shift, led by open source, has officially arrived. As a result, the 2024 China Open Source Annual Report has decided to dedicate a separate section, 'Open Source AI', to provide readers with a more comprehensive perspective on this transformative movement. On July 27, 2024, Meta CEO Mark Zuckerberg published a groundbreaking article titled "AI is approaching an open-source inflection point." He emphasized the profound impact of open-source AI on the entire industry, stating that as AI technology advances and community collaboration strengthens, open source will be the key driver of innovation and the widespread adoption of AI. The key points in his article provide a strong summary of the current state and development trends of open-source AI: The Rise of Open-Source AIAn increasing number of companies and research institutions are releasing open-source AI models and tools, a trend that is transforming the industry's competitive landscape. Open source is driving technological democratization, allowing more developers and enterprises to access and utilize cutting-edge AI technology. Balancing Business and TechnologyEnterprises leverage open-source AI to attract developer ecosystems while integrating proprietary and open-source technologies to build unique competitive advantages. This dual-track strategy allows companies to benefit from open source while maintaining the competitiveness of their core technologies. The Importance of Community and CollaborationThe key to the success of open-source AI lies in an active developer community and a culture of collaboration. These communities provide strong support for model improvements, bug fixes, and new feature development, significantly accelerating the pace of AI innovation.
     Like  Bookmark
  • Translator: Sijia Zhao, Reviewer: Ted Liu 1. Background of the Report Since the release of the "2015 China Open Source Community Participation Survey Report" at the beginning of 2016, kaiyuanshe has continuously published annual open source developer survey reports, aiming to present the current status and trends of China's open source development from multiple dimensions. In 2024, we continue this tradition, and with the help of data analysis methods and survey tools, further map out the landscape of China's open source world, assisting the open source community, developers, and industry professionals in understanding the changes in the domestic open source ecosystem. This survey will continue to focus on the participation of various levels within the open source community, aiming to gain an in-depth understanding of the respondents' personal information, work status, participation in open source communities, and developers' technical backgrounds through multidimensional questions. The survey is designed with multiple role levels based on the depth of participation in the open source community, including users, participants, contributors, maintainers, and ecosystem operators, to comprehensively reflect the participation and influence of users at different levels within the open source community. The specific definitions are as follows: User: A user who has used one or more open source products. Participant: A user who interacts with the open source community (for example, engaging in communication with the open source community, participating in community-organized activities, etc.). Contributor: A user who has made substantial contributions to the open source community (including code and non-code contributions).
     Like 1 Bookmark
  • Author: Nadia Jiang, Translator & Reviewer: Ted Liu Since 2015, when Kaiyuanshe first released the "China Open-Source Ecosystem Report," the "China Open-Source Annual Report" has now reached its 10th year. Except for a brief pause in 2017, Kaiyuanshe has consistently followed an open collaboration approach, inviting partners from academia, industry, and the open-source community to contribute. Each year, as the new chapter of open source unfolds, the report provides insights into the past year’s trends, offering a comprehensive panorama of China’s open-source ecosystem. As China's only open source annual report initiated by a completely neutral nonprofit organization, its significance goes far beyond simple data analysis or trend forecasting. The report documents the growth and flourishing of open source technologies, culture, and communities in China, highlighting the vital role open source plays in driving technological innovation, industrial upgrades, and social collaboration. Additionally, with the release of English and Japanese versions supported by the community, it provides the global open source community with a window to engage with and understand open source in China, building a bridge between China and the global community. Turning back to the 2024 China Open Source Annual Report, open source AI remains a key highlight. Since ChatGPT’s groundbreaking debut at the end of 2022, 2023 became a pivotal year for the development of artificial intelligence. By 2024, the explosive growth of open source AI has completely reshaped industry norms—shifting from technological monopolies to collective creation, from lab innovations to real-world applications. A paradigm shift in AI, driven by open source, is now fully underway. As a result, the 2024 China Open Source Annual Report has decided to dedicate a standalone section, "Open Source AI," to present this topic to readers in a more comprehensive way. At the same time, the explosive growth of open source artificial intelligence is reflected across multiple chapters in this report, such as:
     Like  Bookmark
  • 编辑:刘天栋,概述修订及审核:庄表伟 一. 概述 @刘天栋 @庄表伟 2022 年底 ChapGPT 横空出世之后,2023 年堪称是人工智能发展最关键的一年,而在 2024 年,开源 AI 的井喷式爆发彻底改写了行业规则——从技术垄断到全民共创,从实验室创新到产业落地,一场由开源主导的 AI 范式革命已然到来。因此 2024 年中国开源年度报告的大事记篇决定将《开源人工智能篇》单列出来,以更为全面的方式,向读者呈现。 2024 年 7 月 27 日,Meta 首席执行官扎克伯格发表了【人工智能即将迎来开源的拐点】的重磅文章。他强调了开源 AI 发展对整个行业的巨大影响,表示随着 AI 技术的进步和社区合作的增强,开源将成为推动创新和普及 AI 的关键。文章里的几个要点,很好地总结了开源人工智能的现状与发展趋势: 开源 AI 的崛起 越来越多的公司和研究机构开始发布开源的 AI 模型和工具,这种趋势正改变着行业竞争格局。开源推动了技术民主化,使更多开发者和企业能够利用顶尖的 AI 技术。 商业与技术的平衡 企业通过开源 AI 吸引开发者生态系统,同时将闭源技术与开源技术相结合,构建独特的商业优势。这种双轨策略使企业既能从开源中获益,又能保持核心技术的竞争力。 社区与协作的重要性 开源 AI 成功的关键在于活跃的开发者社区和协作文化。这些社区为模型改进、问题修复以及新功能开发提供了强大支持,显著加速了 AI 技术的创新速度。
     Like  Bookmark
  • 前言 - @庄表伟 在编写今年的开源大事记的过程中,我们不断深切的感受到:开源 & AI,作为数字时代的创新引擎,正以前所未有的速度重塑全球技术格局。 2024 年的开源大事记,既记录了中国开源力量的崛起,也聚焦国际开源生态的剧变——因为每一个全球性技术突破、每一次开源治理的范式转移,都与中国开源社区的未来息息相关。 由于章节重构的原因,我们今年的开源大事记,主要是梳理人工智能技术发展之外的大事,在 AI 之外,2024 年的开源世界也同样精彩,我们总结出以下特点: 开源技术突飞猛进:国产编程语言层出不穷、国产 AI 与大数据领域的进展令人惊喜、RISC-V 芯片规模化落地,开源定义技术前沿。 安全风险触目惊心:XZ 后门潜伏三年、国家级供应链攻击频发,开源防线面临终极考验。 社区生态风波不断:Linux 内核驱逐俄籍贡献者、Redis 许可证变更引分叉,信任危机撕裂协作根基。 地缘博弈愈演愈烈:美国 AI 芯片出口管制、欧盟开源合规立法,技术主权争夺战白热化。 开源治理范式升级:中国最高法首判 GPL 效力、Redis 分叉 Valkey 崛起,规则重构决定生态未来。
     Like  Bookmark
  • 一. 报告背景 自2016年初发布的《2015年中国开源社区参与调查报告》起,开源社持续发布年度开源开发者调查报告,致力于多维度呈现中国开源发展的现状与趋势。2024年,我们继续沿用这一传统,并借助数据分析手段和调查报告工具,进一步绘制中国开源世界的地图,帮助开源社区、开发者和业界人士深入了解国内开源生态的变迁。 本问卷篇将继续关注开源社区中各个层级的参与情况,旨在通过多维度问题,深入了解受访者的个人信息、工作状况、开源社区参与情况以及开发者的技术背景等。本问卷根据开源社区的参与深度,设定了多个角色层级,包括使用者、参与者、贡献者、维护者和生态运营等,旨在全面反映开源社区内不同层级用户的参与情况与影响力。具体定义如下: 使用者:使用过某一款或某几款开源产品的用户 参与者:与开源社区有互动行为的用户(例如与开源社区交流沟通、参与开源社区组织的活动等) 贡献者:对开源社区有实质性的贡献的用户(包括代码贡献和非代码贡献) 维护者:主要负责对开源社区日常运营的用户(包含项目 maintainer、PMC 成员等)
     Like  Bookmark
  • 自 2015 年开源社首次发布「中国开源生态系统报告」至今,「中国开源年度报告」已迈入第 10 个年头。除了 2017 年因故断更外,开源社每年都通过开放式协作的方式,邀请活跃在学界、业界和社区中的伙伴们一起,在下一年度的展卷之际,为大家奉上上一年度开源发展趋势的报告与洞察,共同描绘中国开源生态的全景图。 作为中国唯一由完全中立的非营利性开源组织发起的开源年度报告,它的意义早已超越了一份单纯的数据分析或趋势展望。报告记录了开源技术、文化与社区在中国的生根发芽与蓬勃发展,见证了开源在推动技术创新、产业升级和社会协作中的重要作用。同时,借助于社区力量陆续发布的英文 & 日文版本,也为想要参与和了解中国开源的全球开源力量打开了一扇窗,搭建起了连接中国与全球社区的桥梁。 回到「2024 中国开源年度报告」,开源 AI 依旧是本份报告的一个重要看点。2022 年底 ChapGPT 横空出世之后,2023 年堪称是人工智能发展最关键的一年,而在 2024 年,开源 AI 的井喷式爆发彻底改写了行业规则 —— 从技术垄断到全民共创,从实验室创新到产业落地,一场由开源主导的 AI 范式革命已然到来。因此 2024 年中国开源年度报告决定将《开源人工智能篇》单列出来,以更为全面的方式,向读者呈现。 同时,开源人工智能的井喷式发展也在本份报告的其他多个篇章中皆有所体现,比如: 在问卷篇中,我们看到结合开放问题「开源关键词」的调研结果制作的词云图中,最明显的几个关键词便是 AI、人工智能与大模型; 在数据篇中,GitHub 活跃开发者数量在历经 2022 至 2023 年的增长放缓后,增长率得以回升,这可能与新技术浪潮(如 AI、Web3 等)带来的新增开发者有关。同时,生成式 AI 开源项目的发展也逐渐进入了存量市场的竞争;
     Like  Bookmark