Firstly, just to say thanks to everyone who responded to my request for suggestions and tip-offs for commercial open source startups that are worth spotlighting for an upcoming profile series I will publish exclusively in Forkable each week.

I got way more suggestions than I had anticipated, which is a good problem to have (and I guess I shouldn’t really be surprised), but it means I’ll have to spend a bit of time sifting through everything and draw up a list of priorities for the coming weeks.

In issue #11 of Forkable this week, it seems fitting to shine a light on a report I covered a couple of weeks back, looking at 20 of the hottest commercial open source startups to emerge through 2024.

Elsewhere in the world of open source, those of you out there with a soft spot for email client Thunderbird will be pleased to learn that Mozilla has something big cooking on that front in terms of a web client and services.

Elsewhere, OpenAI has started teasing an all-new “open” AI model that it isn’t claiming to be open source, but which many headlines this week referred as open source for some reason, highlighting the ongoing confusion about what is and isn’t “open source AI.”

Have a good weekend when it comes, and as usual feel free to reach out to me with any questions, tips, or suggestions: forkable[at]pm.me.

Paul

Open issue

20 of the hottest open source startups from 2024

There are numerous ways of tracking the hottest open source projects. GitHub, for instance, offers a top-trending project list. And VC firm Two Sigma Ventures operates the Open Source Index, which showcases the top 100 projects that can be filtered by various metrics including stars, watchers, and its own proprietary “TSV” score.

However, European VC firm Runa Capital has operated the Runa Open Source Startup (ROSS) Index since 2020, with a specific focus on commercial open source startups. The Index serves quarterly and annual updates on the fastest-growing projects in terms of GitHub “stars” — which is basically akin to a Facebook “like.”

Number one on the 2024 list is Ollama, a Y Combinator alum that’s built an open source tool for running large language models (LLMs) locally. Ollama’s GitHub star count surged by 76,000 through 2024, growing 261% to more than 105,000. Since the start of the year, that number has jumped to 136,000.

The full top 20 list is as follows, but how did Runa actually arrive at this?

Rather than using accumulated stars since a project’s inception (which naturally favours older projects), the ROSS Index focuses on the relative growth of repositories over a 90-day period for its quarterly reports, and on the absolute number of new stars gained during the year for its annual report.

This effectively filters out all the long-established open source projects we all know and love, and highlights those that have enjoyed a sudden surge in popularity — which usually means newer projects.

The ROSS Index is also heavily curated. Qualifying projects must be closely aligned to a commercial company (i.e., vendor-led), meaning no side projects or Foundation-funded projects. Additionally, these companies must be younger than 10 years old, have raised less than $100 million in funding, and be independent — so not a subsidiary or publicly-listed.

It’s also worth noting that while many — if not most — of the projects in the Index are available under a recognized open source license, Runa has taken a more liberal interpretation of “open source", one that adheres to the “commercial perception” of open source rather than the official definition.

Star-count is an imperfect metric for tracking actual popularity, as it doesn’t necessarily mean that everyone who has “liked” it is actively using it. However, the Index is still a useful tool for keeping tabs on all the top-trending commercial open source projects.

Read more: The 20 hottest open source startups of 2024

The rundown

Thunderbird is go

Mozilla has announced big plans to monetize Thunderbird, its cross-platform, open source email client.

While Thunderbird has been available in some form for more than 20 years, the not-for-profit Mozilla Foundation transitioned Thunderbird to a new for-profit subsidiary called MZLA Technologies Corp. back in 2020. Fast-forward five years, and we now have a clearer idea as to how Mozilla plans to cash-in on whatever people there are out there still using Thunderbird.

The problem for Thunderbird, really, is the competitive landscape. The Googles and Microsofts of the world offer email clients, sure, but they also bake convenience directly into them as part of a much wider gamut of web services and software. Big Tech has mastered the art of vendor lock-in, to put it bluntly, leaving plucky upstarts out in the cold (yeah, I know other companies are making something of a success of taking on the big guys).

Ryan Sipes, who heads up product development for Thunderbird at Mozilla, says they’re looking to switch things up by taking the incumbents head-on with open source.

“It is our goal to eventually have a similar offering, so that a 100% open source, freedom-respecting alternative ecosystem is available for those who want it,” Sipes wrote in an online post last week.

This means that they will be developing Thundermail, an email service built atop self-hostable email server Stalwart, which Sipes says Mozilla has been collaborating with to add complementary tools to the mix, such as calendar and contacts.

The email domain will either be “Thundermail.com” or “tb.pro,” and there is a waitlist to signup for the service now.

On top of this, the folks at Mozilla will also be developing “Thunderbird Pro” web services, such as a meeting scheduling tool dubbed “Thunderbird Appointment”; a file-sharing service called “Thunderbird Send” (loosely based on a long-demised product called Firefox Send); and an AI assistant called — you guessed it — Thunderbird Assist, which doesn’t yet have a public repository (but will soon, apparently).

My initial thoughts on all this is that it sounds like a fantastic endeavor, something I’d consider paying for (subject to the bang-for-buck details). However, it all feels like way too long in the making, 22 years after Mozilla birthed Thunderbird.

“This has been a long time coming — it is my conviction that all of this should have been a part of the Thunderbird universe a decade ago,” Sipes conceded. “But it is better late than never. Thunderbird is unique in the world. Our focus on open source, open standards, privacy and respect for our users is something that should be expressed in multiple forms. The absence of web services from us means that our users must make compromises that are often uncomfortable ones. This is how we correct that.”

OpenAI plans its first open AI language model in 6 years — but how “open” will it be?

OpenAI is something of a misnomer, owing to the fact that the ChatGPT hit-maker released the last of its open source AI models back in 2019. But with China’s DeepSeek moving the goalposts, showing what can be achieved with fewer resources and a foundation that’s more open than its U.S. counterpart(s), OpenAI is having to reassess things.

Aside from raising $40 billion at a $300 billion valuation this week, OpenAI also confirmed that it plans to release its first “open” LLM since GPT‑2, some time in the next few months. However, the language around the announcement is very specific. OpenAI chief Sam Altman calls the upcoming model “open weight,” which means that the model’s parameters (which determine how it processes input data and makes predictions) are publicly accessible. This means it can be freely downloaded, fine-tuned (to a degree) and run by anyone on their own hardware. But without access to the underlying code or training data, this limits what you can do in terms of retraining, fine-tuning, and altering the model’s architecture and training process.

Plenty of news headlines this week called OpenAI’s new model “open source,” even though the company itself didn’t even call it that. And this is why terminology is so important — “open weight” and “open source” aren’t synonyms.

Meta has played a big part in muddying the waters around the terminology, too, continuing to call its Llama-branded AI models “open source” even though it doesn’t reveal much in the way of code or training data. Moreover, Meta enforces commercial restrictions, such as requiring products with more than 700 million monthly active users to apply for a license. That’s shorthand for: our big-name rivals can jog on.

In a thinly-veiled dig at Meta, Sam Altman said that it won’t include any such commercial restrictions. “We will not do anything silly like saying that you can’t use our open model if your service has more than 700 million monthly active users,” Altman wrote. “We want everyone to use it!”

Fixin’ configuration hell

A trio of cloud and open source veterans launched a new company out of stealth last week with the mission of modernizing software configuration data management.

ConfigHub, as the company is called, is the handiwork of Brian Grant, a former Google software engineer and original lead architect of Kubernetes; Alexis Richardson, founder of cloud-native container management platform Weaveworks; and Jesper Joergensen, who led in various product roles at Salesforce and Twilio.

The (mis)configuration problem can be highlighted via several recent examples: A faulty update to CrowdStrike’s Falcon Sensor security software last year caused widespread havoc and more than $5 billion in losses for Fortune 500 companies. Elsewhere, Aussie superannuation fund UniSuper was hit with an outage that impacted half-a-million members after a misconfiguration deployed by Google. And just a few months back, a configuration error on GitHub’s cloud forced Git operations offline for two hours.

These events highlight that software is now critical infrastructure, built from an interdependent web of components and APIs that, if compromised, can cause big problems. Configuration data ensures that all these disparate parts play nicely with each other, and understand how they’re supposed to behave. But this data can be scattered far and wide across countless files and lines of code, creating an unwieldy mess.

This is where ConfigHub enters the fray, serving to “unify and centralize software infrastructure configuration” via a single interface that serves a live view into what’s going on system-wide

“The problem is that configuration data is scattered all over the place — it’s become a total sprawl,” Richardson told TechCrunch in an interview last week.

ConfigHub itself isn’t open source — but its inaugural product, which is set to launch in the coming months, will be focused initially on Kubernetes developer tooling such as Helm, Argo, Flux, Terraform, and its open source fork OpenTofu.

In addition to its formal unveiling last week, ConfigHub also announced $4 million in funding from notable VC and angel investors, including Poolside CEO Jason Warner.

Patch notes

• Prowler, the company behind an open source cloud security tool, announced a $6.5 million round of funding this week, closing its seed round off at $12.5 million.

• The Linux Foundation Europe this week launched the NeoNephos Foundation, which will be focused on developing and promoting open source technologies for “secure, scalable, and transparent” cloud solutions that aid Europe’s ambitions for digital sovereignty.

  Also: the schedule for the Linux Foundation’s Open Source Summit: North America is now live.

• A bunch of apps are springing up on Bluesky’s open source, open standards-based AT Protocol — TechCrunch has compiled a list of some of the most notable ones.