Issue #6: funding rounds, foundation homes, and AI pressure on public code

This week in Open Source Funded, the strongest pattern was pressure: pressure to fund infrastructure, pressure to formalize governance, pressure to draw clearer boundaries around AI tooling, and pressure on public code repositories as security concerns rise.

The money side was active. Cloudsmith, JuliaHub, Expo, ComfyUI, Orkes, and OpenObserve all raised new funding around commercial layers built near open source ecosystems. Foundation activity was also busy, with O-RAN moving under LF Networking, Symposium joining the Rust Innovation Lab, and the Tokenized Assets Standard becoming a new LF Decentralized Trust lab.

On the harder side, Cal.com and MinIO kept the open-core and proprietary-turn debates alive, while NHS England’s reported plan to make public code private by default showed how AI-assisted vulnerability discovery is starting to influence government open source policy.

These are different kinds of moves, but the signal is similar: shared infrastructure, standards work, and ecosystem projects continue to look for neutral homes when they need more durable stewardship.

Cloudsmith raised a $72 million Series C to expand artifact management and software supply-chain governance. That fits the current market: package repositories, dependency controls, and provenance systems are becoming more valuable as organizations try to manage larger and faster-moving software supply chains.

JuliaHub raised a $65 million Series B and launched Dyad 3.0, tying fresh capital to engineering tools around the open-source Julia ecosystem. Expo raised a $45 million Series B around its open-source React Native development platform and new AI-assisted app-delivery work. Orkes raised a $60 million Series B around its durable workflow orchestration platform, built on the open-source Conductor technology originally created at Netflix.

ComfyUI raised $30 million at a reported $500 million valuation for its open-source AI media workflow software, and OpenObserve raised a $10 million Series A for its open-source observability platform.

The common thread is not just “open source got funding.” It is that investors continue to back companies that package open source-adjacent workflows into hosted, governed, or enterprise-ready products.

Sources: Cloudsmith raises $72M Series C to secure the AI-era software supply chain, JuliaHub raises $65M Series B and launches Dyad 3.0, bringing Agentic AI to Industrial Digital Twins, Expo Raises $45M Series B and Launches Expo Agent to Close the Gap From Idea to Production-Ready Mobile Apps, Orkes Raises $60M as Developers Increasingly Use Its Platform to Deploy AI Confidently in Production, ComfyUI hits $500M valuation as creators seek more control over AI-generated media, OpenObserve Raises $10M in Series A Funding

Several links this week were about funding mechanisms that are not venture rounds.

Germany’s Sovereign Tech Agency opened a paid standards program that can support maintainers working in standards bodies such as the IETF, W3C, and ISO. The Eclipse Foundation said Data In Motion has been commissioned by the Sovereign Tech Fund to modernize the OSGi ecosystem over the next year. Eclipse also launched the Open VSX Managed Registry and an Open VSX Security Researcher Recognition Program, pairing a foundation-governed extension registry offering with a structured incentive layer around vulnerability disclosure.

Elsewhere, the Ethereum Foundation published its Q1 allocation update, MARA launched a foundation to fund Bitcoin research and open source work, Anthropic joined the Blender Development Fund as a Corporate Patron through a donation, and Google Summer of Code continued to distribute stipends across a large set of open source projects. Even a smaller story around the Lomiri Tech Meeting pointed to a bounty program aimed at attracting student contributors to the Ubuntu Touch ecosystem.

This is the quieter funding layer: grants, stipends, standards support, foundation allocations, bounties, and directed modernization work. It often matters as much as startup funding because it pays for coordination, maintenance, and security work that does not always become a standalone company.

Sources: Sovereign Tech Agency Opens Paid Standards Program for Open Source Maintainers, Data In Motion to spearhead OSGi modernization, Eclipse Foundation Launches Open VSX Managed Registry, The Eclipse Foundation Launches Open VSX Security Researcher Recognition Program to Strengthen Supply Chain Security, Allocation Update - Q1 2026, MARA launches foundation to fund Bitcoin research, education, and open source work, Anthropic joins the Blender Development Fund as Corporate Patron, Many Exciting Google Summer of Code 2026 Projects & A Lot Of AI, A Free Open Source Mobile Dev Hackathon Is Coming to the Netherlands on May 16

Cal.com remained the most visible proprietary-turn story. Coverage from The New Stack and ZDNET framed the company’s decision to move its core scheduling product private as a security response to AI-assisted attack tooling. Cal.com’s own v6.4 changelog described related licensing changes, including Cal.diy under MIT.

MinIO continued to be treated as a project moving away from open source, with coverage pointing to repository archiving and licensing direction as signs that users should consider alternatives.

Warp moved in the opposite direction, opening most of its client under AGPLv3 and MIT licenses after years of pressure, while keeping parts tied to its proprietary Oz agent orchestration platform closed.

Taken together, these stories show that “open” is not a single business posture. Some companies are narrowing what they publish, some are opening client-side code while keeping managed-service control points closed, and users are left judging how much governance risk they can accept.

Sources: Cal.com goes private: A security reckoning for open source, ‘Like handing out the blueprint to a bank vault’: Why AI led one company to abandon open source, Cal.com v6.4 Changelog: Open Source License Changes, 20x Performance Boost & New Features, MinIO Is Done With Open Source, What Are Your Options?, After Years of Teasing, Warp Finally Goes Open Source

The licensing fight around OnlyOffice, Nextcloud, and AGPLv3 additional terms continued. LWN reported that the FSF considers the extra restrictions at issue incompatible with the AGPLv3. The Software Freedom Conservancy then argued that AGPLv3 gives recipients a path to strip incompatible “badgeware” restrictions.

That matters beyond this one conflict. It is a reminder that companies cannot safely treat copyleft licenses as a base layer onto which arbitrary additional restrictions can be bolted. When monetization pressure meets license boundaries, the details matter.

Sources: FSF clarifies its stance on AGPLv3 additional terms, AGPLv3§7¶4 Empowers Users to Thwart Badgeware

AMD is preparing HDMI 2.1 FRL support patches for the open source Linux amdgpu driver after earlier delays tied to the HDMI Forum rejecting an open source implementation as proprietary technology.

That is a reminder that open source enablement can be constrained by standards bodies and patent-heavy technology regimes, not just by the preferences of the companies writing the code.

Source: Expanded AMD HDMI 2.1 Support Is Coming To Linux

Several communities tightened or clarified their AI positions. The Linux kernel documentation now puts responsibility on humans for AI-assisted patches. SDL adopted a policy forbidding LLM-generated code contributions. The Zig project drew attention for a strict anti-AI contribution policy covering issues, pull requests, translations, and bug-tracker comments. A later Linux prepatch note also pointed to unusually high patch volume, probably influenced by AI tooling.

On the user side, Ubuntu clarified that forthcoming AI features will be opt-in and removable through snaps. On the web platform side, Mozilla criticized Google’s proposed Prompt API in Chrome, warning that browser-level AI plumbing could concentrate control. Microsoft also reversed a VS Code Git extension change that added Copilot co-author attribution by default after developers objected to an AI tool being credited for human-authored commits.

The highest-stakes version of the same debate showed up around NHS England. Terence Eden reported that NHS England was preparing to make most public code repositories private by default, citing concerns about AI-assisted vulnerability scanning. The FSFE urged NHS England not to hide public code, arguing that public-sector software needs scrutiny and accountability.

These are all governance decisions under AI pressure. The common question is where projects place responsibility: on contributors, on maintainers, on users, on platform vendors, or on public institutions.

Sources: New Linux Kernel Rules Put The Onus On Humans For AI Tool Usage, SDL Adds Policy To Forbid LLM/AI Generated Code Contributions, The Zig project’s rationale for their firm anti-AI contribution policy, Kernel prepatch 7.1-rc2, Ubuntu’s “AI Kill Switch” Is Achieved By Removing Snaps, Initially Opt-In, Firefox maker torches Google for building Prompt API into browser, Microsoft fixes VS Code after app gives Copilot credit for human’s work, NHS Goes To War Against Open Source, FSFE: NHS England should not hide public code behind closed doors

GitHub described its response to a critical remote-code-execution vulnerability in the git push pipeline and separately published an availability update after reliability complaints. Alpine Linux also briefly lost key infrastructure when Linode-hosted systems, including GitLab, were suspended over a billing issue before returning online.

Meanwhile, Sonatype’s Q1 malware index described adaptive attacks against package ecosystems, and The Register reported that malicious ClawHub skills turned OpenClaw agents into a crypto-mining swarm. Open Source For You also argued that newer AI vulnerability-discovery capabilities are increasing pressure on public codebases and widely used libraries.

Security work, reliability work, billing continuity, and abuse prevention all sound operational. But they are sustainability work too: open source infrastructure cannot be trusted if nobody can keep it online, patched, and defended.

Sources: Securing the git push pipeline: Responding to a critical remote code execution vulnerability, An update on GitHub availability, Alpine Linux systems currently offline, Q1 2026 Open Source Malware Index: Adaptive Attacks, Familiar Weaknesses, 30 ClawHub skills secretly turn AI agents into a crypto swarm, Anthropic’s Silent AI Shift Deepens Open Source Security Fears

ClearlyDefined published a three-year sustainability roadmap, with AboutCode taking on day-to-day operations under an OSI collaboration. OpenSearch recapped its Long-Term Support launch and foundation momentum, including CERN joining the OpenSearch Software Foundation. TD Bank Group joined FINOS as a Platinum Member. SUSE emphasized European digital sovereignty while reports suggested its owner was exploring a sale of the Linux vendor.

On the company-building side, Stacklok drew attention for its effort to secure AI workflows and agents using a hybrid open source business model. GitHub Copilot moved toward usage-based billing for some AI coding features, while Vercel released Open Agents as an open-source app for background AI coding workflows.

The shape is familiar: foundations provide neutrality and coordination, companies provide product and support, and the line between open code and paid service keeps moving.

Sources: ClearlyDefined: A Three-Year Roadmap for Sustainability and Growth, Bridging the gap: Recapping the launch of OpenSearch Long-Term Support (LTS), TD Joins FINOS as Platinum Member to Accelerate Open Orchestration and AI Governance in Financial Services, SUSE’s sovereignty pitch meets an inconvenient $6 billion question, Beda and McLuckie Reunited and Securing AI at Stacklok, GitHub Copilot is moving to usage-based billing, Vercel Releases Open Agents to Support Background AI Coding Workflows

A few opinion pieces said the quiet part out loud. One argued that maintainers should stop assuming adoption automatically becomes revenue. Another said open source sustainability is moving from generic sponsorship toward companies hiring maintainers directly. Two pieces used pgBackRest’s archival as a warning that important open source software can become fragile when maintenance, governance, and commercial backing are not aligned.

The shared point is simple: popularity is not a funding model. Durable open source needs some combination of paid maintainers, institutional support, commercial demand, foundation governance, or contributor capacity that survives beyond one heroic maintainer.

Sources: Nobody Wants Your Open Source Project. Build Something People Pay For., How Open Source Developers Monetize at Scale, Why the cycle of open-source sustainability needs to be virtuous, Open source doesn’t die. It gets unfunded.

A separate essay raised concerns about Bun now that Anthropic owns the MIT-licensed JavaScript runtime’s creator. The argument was not that Bun changed licenses this week. It was that surrounding controversy over Claude Code billing, quality, and third-party harnesses makes stewardship of a major permissively licensed runtime feel more uncertain.

That is a different kind of open source risk: not license text, but trust in the owner, roadmap, and ecosystem incentives around a fast-growing project.

Source: I am worried about Bun