What does the Rust Foundation do? – Rust Foundation Team Panel Discussion @ Rust Nation UK

all right hello everyone how you all doing good you’re having a great time
good good I am really privileged to have the Russ the foundation here with me today we’re going to have a special AMA
session with them uh we are going to focus on allowing you folks to ask them
questions about the foundation what it does and we’re going to really get into the
future of rust governance and how they’re trying to make the language sustainable
the Russ Foundation has been a very important part in just a year and has done so much and it’s been great to see
what you folks have been trying to do so I will first allow each of you folks to introduce yourselves really quickly and
then we’ll get into our first questions starting right at the end hi I’m Paul I’m the Director of Finance uh
fundraising Grant making and just general things
hi everyone again I’m back um I’m the executive director and CEO
hi everybody I’m Joel Marcy director of Technology at the rest Foundation and my name’s Stephen Chen I run the
developer relations team at jfrog and I I think am I the newest member of the
rust Foundation thank you all yeah yeah okay so I I win points on being the the Newbie both on the panel and also the
rust Foundation but I think also it’s it’s good to bring kind of a an outsider perspective on the rust Foundation
because we’ve been long-time rust contributors working on a big security project we came in with with a focus to
help to secure the rust ecosystem and I think that both the rust community and also the rust Foundation have been very
welcoming so yeah that’s great that’s really great to hear um I think we’ll start with some
Milestones from the year I’ve got the annual report in front of me here and it would be great to ask you folks to share
some of the big Milestones from the year of the rust Foundation being in existence fully and
um what sort of things have been achieved for the ecosystem through the foundation so I think we’ll start with
the money and it’ll be great to hear um from from you Paul sure so I mean
this sounds like a silly thing to say uh we’re still here we haven’t gone bust that’s a great thing at any not-for-profit making sure you’re
getting enough money in which we have we brought in if you include grants to be
spent this year getting on for 2.8 million dollars last year and that’s hugely important it comes
from our members who pay membership fees great organizations like Stevens and also for grants for specific programs
like the money we have from the alpha omega project what that means in Practical terms is that we’ve been able to build and grow
our staff team they were just three of us a year ago very soon we’ll be a team
of 10 uh and Joel I’m sure we’ll be speaking more about the people in the technical team who are doing direct work
to support the project we’ve been able to award over 600 000 worth of Grants to
support the volunteers the contributors the people who are most important to the
rust project overall and also we’ve been able to do things like pay for the on-call service
support the infrastructure directly both with financial costs and also acting as
a channel for donated hosting services so so that wasn’t very succinct but yeah
I would say main points we’ve been able to make a lot of Grants which we think are really really important we’ve been able to hire
people that the project have said will be useful and we’ve been able to sustain the infrastructure yeah that’s that’s
really important we’re going to get a lot more into the grants program in a minute so I think that’s all really positive stuff and it’s shown in the
growth of the language as a whole it’d be great to hear from Beck um okay well I will leave the technical
and other stuff so uh for Joel to touch on but I think for me you know you asked for milestones
yeah having an annual report that’s that’s actually I mean it seems like such a small thing but last year it was
our first full calendar year of operation um and yeah at the end of it we’d actually you know we’d done a lot of
stuff um we we actually had things to to show people and say like this is this is the worst this is what we’re contributing
um and yeah it’s it’s this great Baseline now for us to kind of build on and go
forward I’m I’m really really excited there are so many things that we want to do as a foundation there are so many
good potential support programs that I think we can develop um and yeah we the the Milestone of just
having this first year behind us we’re we’re a functional organization you know I started on you know about nearly 18
months ago January the 1st 2022 it was just me on my own with my laptop and a
very supportive board but like you know that was it um you know trying to figure out okay
where do we need to prioritize where do we need to kind of get stuff and what do those staff need to know uh in order to
be able to provide the good Support Services um so yeah like just you know creating
this amazing staff team um being able to bring on new amazing Partners like Jay frog onto the board
which you know broaden our expertise and broadened uh our resources um I think yeah we’re just we’re just
getting started and yeah I’m really excited for to where we go from here
right yes job you like me yeah um so I think I’m coming up on my one year anniversary at the foundation and
at the time I was the only technical member of the team like a part of the technical team of is
one person since then uh we’ve done a few things one like one big initiative that we’ve
done we provide Cloud compute services for developers at the of the rust project to access so that they can have
better experience in actually developing the project at specific requests of the project
particularly the infrastructure team which is was an all-volunteer team did awesome
work but they you know wanted more resources than help we were able to hire
a full-time infrastructure infrastructure engineer to help manage the rust project infrastructure he’s
been doing amazing work and I think Paul mentioned that we got funding from Alpha Omega to support our
security initiative and as a result of that we’re able to hire three more
people as part of that process one full-time security engineer to help
guide us through what might be the security problems in the not just the project and
the language but the ecosystem as a whole and two other software Engineers focusing on key aspects around what we
feel might have security implications like crates.io and General Security
initiatives throughout the project so we’ve gone from one member of One which is me to now a technical team of five
people in the last year which is really awesome amazing yeah amazing and I think for Steve it would be more so poignant
to ask from the outside looking in what sort of Milestones did you see that led jfrook to want to be a part of the
foundation question and also I think it’s something
everybody here cares about right so why um as part of the rust Community why do
we care about the foundation what benefits is it bringing and and why should companies like jfrog or others
join the rest foundation so um we we had the discussions with Beck really early on and
um I think in a lot of those conversations it was it was about you know what what can we do to help the
rest Community to grow and we want to be part of the growing rust Community we want to help to add things from our
company which can be of value so we do package management of rust crates for private repositories we do security of
rest breast packages and these are things
which as a company we can contribute our expertise to help with by being on the
board to help advise on the strategy by supplying resources so we actually have
dedicated resources on our security research team which work on finding vulnerabilities working with the rust
security team to make sure that we’re are addressing them and disclosing them in a responsible way and um and then to
to be giving back to the community and I think I’m involved in a in a lot of
different foundations um and in different capacities either as a board member or as chair and I think
also one of the things for a relatively new Foundation the the rest Foundation
it’s it’s very well run it’s very mature like it has a clear focus on supporting
the rust project and that’s what you’re looking for in a good foundation if you can’t make the project successful if the
rust project is not thriving then it it doesn’t work for anybody yeah absolutely
so no pressure with the growing cargo registry then right you know the cargo crate downloads have been growing
exponentially as well so yeah we’re expecting a lot from jfrog right
before I move to the next question I think I want to acknowledge uh Shane Miller who is our outgoing chairperson
and our incoming chairperson who is Lars so that’s really exciting hopefully
they’re both watching the live stream it’s great to have Lars now coming in as the new chairperson and Shane
such great work being done to kind of hold things down as the inaugural
chairperson of the rust Foundation yeah let’s give Shane a big hand
and I was gonna I was gonna answer that don’t forget Nell who was just like I said absolutely yeah yes that’s really
exciting okay great so I think the next question uh can be we’re going to have
um Mike ready we’ll go out to the crowd in a moment but I think it’s also
important that we talk about the future and what we want to see from the Russ
Foundation what expectations have you have been placed on the Russ foundation in terms of scaling because we want to
see that this is viable and this is growing and what sort of things have you found that people are asking you for to
see rust hit the next big level we can start with uh Stephen then go
around the other way um yeah so I think when you look at the growth of the rust Foundation
um one of the topics which which we’ve discussed and I think that this is something which which a lot of folks
want to see in the future is how can the rust foundation not only support the
rust project but also support related projects and the ecosystem
and I think right now the rust Foundation is making a really wise choice to focus on the rust project and
make sure that that’s successful and that gets the resources it needs um but in the future I think there’s a
there’s a great opportunity for the rust Foundation to be a larger tent to support the ecosystem and to make
different efforts um around the Russ project to also be successful and to have the same sort of
great um sponsorship and infrastructure and guidance which the um
is happening for the rust project I think that’s a very great Point uh Joe
from a technical perspective what sort of expectations have been placed on the foundation in terms of scaling and
helping things grow and be more manageable yeah um
it’s interesting because the growth of rust is like a double-edged sword in many ways right uh
it’s we want that to happen and we love that it’s happening but it puts a lot of
burden on the kind of the infrastructure resources that we currently have so one of the big initiatives that we’re
working on is figuring out how and I don’t know if many people know this like a lot of the infrastructure that we have
is you know either donated or you know given to us by board members and in kind
resources we want to not utilize those resources um you know in a bad way we want to make
sure that we’re using them efficiently more cost effectively and so one of the big initiatives that we’re looking at now is how we can actually do that how
can we stop I was talking today about this it’s like almost in between linear and exponential growth of of resources
that is being utilized within the within the project by you know developers that
CI that we have a lot of the users that kind of download releases and and those sorts of things how can we actually
manage that so that we’re not you know begging for more credits all the time and all these types of things so I think
over the next year that’s a big goal for us to make sure that we’re utilizing infrastructure efficiently wisely but
also allowing for continued growth in the ecosystem that’s really important I’m sure Beck
has seen a lot of expectations please stop the foundation so it’ll be great to hear from your perspective as well my
shopping list out of my back pocket
from other people that would be useful um you know obviously Joel can talk about the the technical stuff of the
other thing that you didn’t talk about security because that’s huge
um one of the things that we have to balance expectations and and our priorities is
actually quite a lot of the stuff that’s going on in like big world outside of just our little you know rust bubble
almost um as I said earlier you know governments in the last couple of years
governments have actually woken up and realized that security is a thing that needs to happen and it needs to happen
properly you know you can’t just like buy Norton Antivirus or whatever and expect security to be fixed right that’s
not how the world works anymore um so yeah there’s an awfully big kind of policy community that has no real
understanding of of what anyone here does um but they know there’s a problem
because you know all going all the way back to Hartley Vlog for Shell I think
was the straw that broke the camels back a little bit I think people really started to think oh my God we really need to do something so we’ve got like
actually quite powerful actors that are strangers to to this to this kind of
community um all of a sudden coming along and saying right yeah we’re going to secure open source like this or we’re going to
regulate um to to do acts um and they’re very well-meaning
um but I think there’s you know there has been a lack of understanding there’s no I suppose popping up in you know lots
of places in America and lots of different companies and and in the EU now as well that’s a great start uh but
yeah there’s expectations coming from those from those people so you know one
thing that we’re having to do is push back on that a little bit and say yeah I know we totally you know security good
yes we want to be secure but we need to do it in a way that doesn’t Place
ridiculous obligations on maintainers you know we we need to ensure that that
our communities are protected from any kind of like liability um these are kind of big big things that
yeah there are expectations but there are also things that we need to kind of educate and manage people that that are outside of our kind of our little bubble
um so yeah you know there’s a lot of expectations around rust being a Magic Bullet for instance you know as I’ve
said that there’s lots of people just saying oh yeah just use just use rust and and everything will be fine
um there’s a bit of a confusion between memory Safety and Security so yeah we’re trying to we’re trying to live up to the
promises that we’re making um we’re trying to make sure that everything all those good things that Russ does it can continue to do
um and we’re delivering on all those great promises and great features but we’re making sure that people understand
that it’s not a Magic Bullet but you know please don’t over promise on the restaurant right right absolutely uh
Paul would be great to hear more about the expectations around funding that have been placed on the foundation and
how that’s going to be addressed the challenge I I think they’re kind of in
terms of actually how we spend the money I think they’re in addition to things that people already mentioned three things one is we desperately want to
provide more support for the project we want to be giving more funding to the people working so hard on the project because that is what creates us and we
know how much is done for so little uh in terms of recompense and so that’s
something we desperately want to invest more in second thing is if we can get the funding in we’re keen
to see how we can develop education training materials for us we know you know there’s fantastic things out there
but we want to understand how we can better support the creation of those materials and their dissemination and
the final thing it touches on what Joe’s been talking about in terms of infrastructure and the extent to which
anything keeps me awake at night it’s not thinking about you know are we going to be able to pay the bills for next year because yeah
we’re certain that we can pay the bills for the next year what I worry about is that that line of
growth whether it’s linear or exponential even if it’s linear it’s a pretty steep line and so even with
efficiencies in terms of infrastructure where are we going to be at in five years or ten years because rust is going
to be here in five years and around 10 years time and we’re going to be looking at materially higher costs and I think
the Big Challenge to the foundation is starting the work now to bring in the funding so that rust will be well
supported in five years time 10 years time hopefully 25 years time it’s really great to hear I want to
double back to the grants program in uh really hone in on that so let’s start with what is it what is the grants
program sure so we launched the grants program in only 10 months ago it feels like much
longer and we have two main types of Grants we have fellowships which provide
a one thousand dollar a month stipend for people to work on Rust and the rust
ecosystem and there’s an Associated training budget and travel budget for them those people to attend events like
this one and those fellowships last for a year and we had 20 people in the initial cohort some of whom are here
today and we’re looking to replicate that program again
probably opening for applications in May of this year to start in July of this
year and then we ran two rounds of project grants so this work these were packages uh so these were packages of
funding to do specific pieces of work or to support specific areas of work and
that’s much more closely aligned to things directly supporting the rust project that we have had some fantastic
projects in other areas of the ecosystem and again that’s something we’re looking to replicate in again this year probably
with applications opening in May for glance to be starting at the start of July and then separately from that we
have a hardship grant program this is for people who are contributed to the
master ecosystem who find themselves in short-term Financial rates they can
reach out to us and we will endeavor to give them some financial support to help them and finally we have events support
grants these are relatively small up to five hundred dollars but they’re there for people who want to run you know
meetups or they want to run events or they want to get some swag for something we’re super super Keen for people to go
onto the website they want to do that I’m speaking to someone who wants to run something in Copenhagen earlier today and we we’re really really Keen to
support that to help support those the Grassroots roster Community all around the world
that’s really great thank you for the answer oh and I should say if there are any corporations in the room we are
always happy to receive more funding for the grants program so if you haven’t already please come down and talk to us
after this because the money that you give and put in directly into the grants program it goes straight out to the
grantees and it’s a fantastic way to support the Russ Community right hint right nice subtle hint yeah I think but
it’s really important I think doubling back on to the next question
what does each of you do on a regular basis uh we’ll start with Stephen and then we’ll go around from there
um actually I want to add something yes please do grounds quickly and I I think this is just a little context on like
the larger the larger set of Foundations in communities so um I what what what what
um we just described for the grand program is a really really great way of supporting the rust project and the
folks who are working on the rust project and if you if you think about what’s happened just in the past few
months for the software industry in terms of companies like pulling back budget and layoffs and things in the
tech industry this is exactly why we need to support open source projects and
open source developers so we have a sustainable ecosystem so I think this is a really commendable work that we should
all be supporting and long term this is also critical because I’m in part of
other foundations like cncf and one of the challenges is when it’s no longer
fashionable when companies stop paying developers to work on open source projects what happens where do you get
the maintainers where do you get folks to to manage the test Suites the CI CD do all the not very fun work and this is
again like really important role that the the rust Foundation is doing now to answer the the day-to-day question
again being I’m going to speak from the member of being a board member it’s a lot of reading documents and like
sometimes very legal documents about copyrights and trademarks a lot of analysis on on budgets and
finances and trying to project and make good decisions on financial matters it’s
it’s all the stuff which I wish I didn’t have to do in my day job
put together but it’s it’s important work that we we do for the foundation I’m I’m exaggerating a little bit like
we have really interesting topics about like what we should be doing we have a bunch of members of the rust project
represented on the board who bring in a really good Viewpoint we have great discussions about where we should
strategically been taking things but also like a lot of the the
kind of I think a way of putting it is the rust foundation and the rust board does a lot of the not very sexy work
that allows developers to have fun and code and build great stuff so I I think that the day-to-day work is is hard and
it’s something which needs to be done and it enables the great development happening on the project
and I think again it’s the important stuff that nobody wants to do right so somebody’s going to do it yeah uh Joe it
would be great for you to expound upon what you do as well as well and talk a little bit about the security initiative yeah sure is your day-to-day yeah just
to preface that for a second as a small entity I mean we’ve grown a lot over the year but we’re still only going to be
about 10 people we all have our hands and everything right um so I help with the community
grants program and review applications and see which things might we want to accept and I even get involved with like
reviewing you know policies and all that sort of stuff so as a startup anyone
knows this and that’s been in the startup you know and co-presenting with random and co-presenting with random
people on stage on random things yeah um so uh yeah anyone who’s been in a
startup nose you might have like a title but you’re actually doing everything um but
I would say my day-to-day is to support the technology initiatives that both the
project find important the the members and outside entities that want to fund
us find important and determine which of those are sustainable and growable and
useful and then kind of create programs around those to hopefully satisfy the
the you know satisfy everyone’s ideas of what those should be so around the
security initiative specifically um we were funded by like
um Paul said Alpha Omega AWS to figure out and as Beck said rust is seen
sometimes as a Panacea it it’s really great and it’s like the best language out there to do you know
be secure and with all of its features but there’s things around it that can cause
um potential security harm and we’ve seen Pacific specific examples with
simple things like typo squatting and those sorts of things um so with the security initiatives
particularly we want to find out what are those high impact pain points that we can go and Target and do useful
things around to so that when someone comes up to us that may want to use Russ in their Enterprise in the government
anywhere else and we can say we’ve done everything we could to show that rust is
the most secure language the most secure ecosystem on the planet and you should actually consider rust as your first
choice in any development project that you’re considering working on whether that’s figuring out how we can prove
that specific crates are safe or how we can create tooling to
um you know audit code better and those sorts of things these are the kinds of things we want to figure out over the next six to 12 months and present to the
project in the community and show that we’re actually focusing on the right right things around that that’s that’s
great that’s great I bet I’m sure you wear loads of different hats be great to know what those hats are
building things I love that kind of positivity and bringing different new people into to kind of get plurality of
voices and create something that that’s bigger and better and stronger than it was before um so yeah my typical day I I don’t
think I have much of a typical day I signed up at 10 A.M we have in the UK we have stand up at 10 A.M and then we have
another stand up at like 5 5 30 sometimes because we cross the globe
um but Wheels you know I will be having calls with potential sponsors or potential members
um I’ll be having calls with people that work in and around the ecosystem either just catching up to see what’s going on
but also specifically saying okay there’s potential for us to do an initiative over here can you help can
you leverage resources um an awful lot of my time is spent asking people for money
um because you know money makes the world go round um and you know I want people to write us huge checks so as Paul said we can
spend it on making the rest ecosystem a good strong safe sustainable place for
everyone um and you know I’m thinking about years
in the future as well it’s not just okay what what do I need what fire do I need to put out today is what’s going to
catch fire in three years time and could sink us um so it’s really kind of trying to
strategize as well about okay how do we make sure that we’re well established and that we are well funded
um and that we kind of minimize all of the risks as an organization both to us and to to the project and the ecosystem
so that might just be kind of bouncing ideas off people coming to conferences like this and meeting other people who
have different interests um and yeah it’s it’s I could be talking to government people one day people in
the project two hours later and then at an event with completely random people who all of a sudden say oh my God I love
rust yeah well my company has some money um so yeah it’s very very varied um
there are a lot of spreadsheets I speak to lawyers more than I’d like um
no one told me quite how much time I’d have to spend talking to lawyers
um but you know that’s what we’re here for we’re here to talk to the lawyers we’re here to look at the spreadsheets so that other people don’t have to and
that they can do what they really love and they’re really good at so it’s it’s a great job and I’m I’m truly fortunate
to to be here amazing and last not least Paul um so yeah I think Joe makes a pretty
good point it has a very startupy feel in that we’d I wouldn’t say that we interfere with everything that everybody
else does but just because we’re a small team it’s really important for us to know what everyone else is doing and to
talk about it and to share so there’s a certain amount of time that’s just me learning about things I honestly don’t
understand from a technical perspective but helps inform my understanding of how my colleagues are working and how
they’re feeling there’s obviously Finance quite a lot of spreadsheety stuff lots of fun things
like 990 submissions and 1024 submissions the IRS which I kind of find
deadly interesting the grants program is kind of it’s a bit
Peaks and troughs when we have the window open we’re getting applications in and there’s a vast amount of time
spent on that and then following up with the grantees when we make the awards and recently arranging training for them uh
going on calls with Beck with lawyers sometimes attending events with Beck and even in the case of midnight last night
ironing the tablecloth for our standard that’s um oh in the room downstairs yeah yeah
I’m setting the karaoke playlist yes yes that’s great that’s great so I think
we’ll take some questions from the audience now please keep your questions Salient and
respectful otherwise you’ll have your plushie taken away from you all right so we haven’t had our plushies yet
so uh thank you Charles hello
um one of the favorite things for me about rust is how efficient it is and the idea of the use case is putting it
into platforms really reshaping managed services for some of the world’s biggest companies can save them millions and
millions of pounds um what more can we do to really say you know if that’s the benefit you get kind
of bring that into the foundation and hold them to accountant in some ways like that
the point you’re racing is actually part of a broader issue that is something
we’ve been talking about a lot and we’ve also been talking about to our members which is not just true of Russ but it’s
true of all of Open Source which is there’s a load of companies that make
their revenue in millions or billions of dollars that fundamentally depend on open source primarily supported by
volunteers and they don’t put anything like as much money back into the ecosystem that has generated such vast
revenue and such vast profits for them I think the specific case in point with rust is even more true because you can
see actually demonstrable Savings in terms of energy uses usage and hence spending and I think the answer is that
we need to be better evangelists as a foundation team we need to spend more
time on it we need to find a nice way of guilt training some of these organizations into supporting not just
rust but all kinds of Open Source but I also think that actually the members who have very generously
already stepped up and started to support us can be potentially our best Advocates because they can speak to
these organizations much more like peers and hopefully they will be hugely instrumental in supporting us in getting
their semesters across yeah so I mean I’d say funding funding
open source is an open source problem it’s not a it’s not just a exclusive to the rest Community
um I think not just we shouldn’t just be talking about corporations open source software is in government as well and I
actually think you know I so I was for the people here in the UK I was actually down in Whitehall yesterday speaking to
the UK government who have got a consultation out on how they can support
um this supply chain software um and they’re they’re not you know
they’re not thinking that far ahead at the moment they’re not thinking that creatively and I could you know one of the first things I said to to this
person from dcms was well what are you doing it’s the government to to set an example you know
obviously yes lots of companies are benefiting from OSS and we definitely need them to to be contributing but you
know you should actually be leading the way you should actually say okay well we’re gonna this is how we’re gonna support open source security this is how
we’re gonna make sure that maintainer communities aren’t unfairly burdened certainly by any additional kind of
security requirements that we want to implement um and there wasn’t really an answer to
that um but I’m hoping that if we keep asking that question that there will be an
answer because I know certainly there are people that want to do this I think there’s a lack of imagination as to how to tackle this
um I don’t think until recently there’s been a big like a coherent will to do it I feel
like it’s far more on the agenda now though I feel like because security is such an issue now
people are thinking okay we need to be more serious about this we need to be more coherent and I think there’s a far
greater understanding and like a lot of the big Tech organizations have helped with this there is a far greater
understanding that maintainer compensation and well-being is absolutely vital in terms of having a
healthy and secure ecosystem so we we know that this is we know that this is there
um getting people to then contribute I think we may be as as a foundation
should be working with other foundations to to maybe innovate a little bit in terms of saying this is the calculation
this is how you you figure out how much you should be paying open source
foundations or whatever so that they can continue to support the ecosystem that you are financially benefiting of that I
think there is a way um it’s not going to happen tomorrow and it requires an awful lot of people to
to act in good faith um but I think we’re actually closer to
moving forward on it than we have been ever before
yeah um so I look at it I think from a similar perspective
um I want to see the foundation and the project be Exemplar models of how to run
a foundation on a project but the members that donate their money and
their in-kind resources um you know it’s very generous and you
know I don’t I don’t poo poo any of that at all um
but they also have a stake in the game now right so given those donations they
are now involved in how things are managed how things are run they get to see from the inside what things are
going on and as they do that I think I’m hoping they find more you know some of these
other companies find more empathy and how how hard it is to actually run an
open source project and how hard it is to manage an open source ecosystem and the difficulties that some people go
through and um trying to do good for a lot of people you know rusts rust
affects a lot of people around the world and if we can be an example for that and
continue to get these companies to continue to Believe in Us and do the work that we are doing I think it’ll
help not just the foundation and the project but also I believe in open source as a whole so those same
companies will then also then start funding other open source projects within which will then be get funding
for more open source projects and I guess this is some sort of Pie in the Sky dream but like in the end
um all the all these all these players decide that yeah open source is why we
are who we are today and why we are able to make the products and make the money
we are making right now so that’s yeah yeah I mean probably the best way for me
to describe I think um like why companies support open source is to talk about why jfrug
supports open source and has joined the rest Foundation and I think it’s also it’s a little more
grounded so I personally I’ve been an open source developer in my whole career I love open source and I I contribute a
lot of my personal time but doing good for the community is not a great argument for my CEO
now that that’s in there now that said
um there is real business value I think for if you if you look hard at what our
companies do at kind of what the Investments we all have in the rust language and the rust ecosystem in our
case the decision was around like what we’re doing for rust security so we have a strong focus on securing
packages across all languages and ecosystems we have big investments in Rust security with a dedicated research
team and it makes a lot of sense for us to support the foundation to advance
that security work in a in a publicly visible way to to kind of show that we
care about and we engage the community and there’s a there’s a leap of faith on the business side that when you do good
work for the community when you help the ecosystem then people are going to appreciate that and then it turns into
future business value and I think that like those sort of arguments are the best way of convincing your boss to fund
the foundation it’s hey we’re we’re doing this work this work would be so much better or
more Amplified or more impactful if we donate to or we support a foundation and
then you know a couple years from now it’ll it’ll make our company grow and and you know achieve better things and I
think that companies which have made these investments in the past and open source have benefited and you can name a
lot of big companies which they built their reputation and their brand on
supporting open source and they’ve been very successful but more companies need to kind of find that Niche where this
value for the open source ecosystem and value for the company and then like continue to support open source
foundations like the rust Foundation yeah and it’s a compounding effect because in the past the big kind of
benefit was speed with rust but now we’re talking about different benefits that you get from rust which
reinforce business cases and make the case easier to be involved in the
ecosystem and support open source in a real way so I think it’s starting to be a no-brainer at some point where you
just want to just help just to help as well so that’s really great to hear any more questions next question
right oh okay uh Nixon will come after you next
hello yeah I wanted to ask about Community moderation now I know that’s something the rust project
I think wants to keep control of the governance of but it’s always something that’s very
hard work and I wonder if there’s anything that the foundation could do
um you know do you think that the the community moderation is uh well enough supported in the
project and is there anything that you would be able to do to help out the moderators should I take that one
um so in the most recent round of project grants we did make Grant Awards to both members of the moderation team
because you absolutely right the moderation team definitely needs more support we’ve also been funding some contractor
support for the moderation team as well and we’re looking at how we can turn
that into a longer term uh more formal piece of funding support for the moderation team but to the point that
you made at the start absolutely that doesn’t mean that the rust Foundation wants to control moderation have any
influence over the decision the moderation team will absolutely have autonomy we just want to make sure that
they are well supported but also that we can offer them any legal support and
protection as well because as you know it’s you know a potentially risky area to be working in for people who are
volunteers uh Nixon so yeah you’re obviously not
the first software Foundation there’s been like the python software Foundation Linux Foundation cncf what inspiration
in like your organization have you take it from the foundations that have come before you and where have you decided to do something different and new
great question that is a good question um so I think it was really
for us you know where We’re Young [Music] not to necessarily reinvent the wheel
um but not just take something off the shelf just because it was easy
um I think the the rust Foundation has a really I think good split between having
Project Director representation on our governing board as well as Platinum member of representation
um because that means the the community voice the project voice is always very strong it’s always heard and it’s heard
at the highest level where a lot of the decisions are made certainly about finances and about priorities
um and any kind of really big decisions that materially affect the direction of the foundation or what we decided to do
those will require a super majority vote so you know even if all of all of our
corporate directors voted One Way um if our project vectors representing
the rest project voted a different way the Platinum members couldn’t force it through regardless of how much money
they donated um so I feel like we’re in this kind of really good strong position where like
there’s a balance um and I’d like to you know obviously you don’t come to our board meetings but
I’d like to emphasize just how kind of civilized rational um consensus building those meetings are
you know we we actually don’t have to have votes very often because it never really gets to the point where there are
massive disagreements you know we we work in a very kind of collaborative way um but yeah the that is a different
model to other foundations obviously as well with other foundations you might have the the governing board and then a
technical advisory committee and everything is kind of rolled into one whereas with the russ Foundation it was
it was considered very very important early on uh when the foundation was being developed to keep the rust project
kind of separate you know not completely under the the thumb of the foundation so
you know we are kind of separate and sees the foundation is the legal entity um but we have you know we cannot and we
will not dictate um to to the project they are free to to choose their own models of governance
and ways of working and and priorities for the language and the road maps
um I I feel that’s a good balance now um and it is slightly different from other foundations but not a Million
Miles Away we’ve still borrowed you know from other foundations okay well they do this this way oh that’s interesting
their trademark policy says act I don’t think we should go that way um but it’s interesting to see so yeah
there’s lots of lessons that we’ve learned and we have we have cherry-picked things from elsewhere but
I think at the moment we’re we’re in a good we’re in a good position and we’re going the right way
um hopefully we will still be going in that positive direction in the years to come great Steve what DNA of other
foundations that you may have been a part of before have you seen in the Russ Foundation since you’ve joined
yeah no I I mean I mentioned that I think the Russ foundation’s really well run um I think Beck highlighted a lot of the
differences right so so having all the project members having more representation and um I think one of
their big differences the the level of discussion at the board meetings is a lot more like deep and technical than
other boards which I’m involved in so the board meetings are are two hours usually that’s not enough time for us to
complete the full agenda and um even though Beck said that we’re mostly in
agreement it it requires a lot of discussion and
consensus building even in those meetings for us to all feel comfortable with the decisions so I don’t think
anybody takes lightly like the sort of decisions which we’re making which impact the foundation and also the
project and we we all have experience working for other foundations like I’m
involved in a bunch of the Linux Foundation projects some other folks have come from like Apache or eclipse or
other foundations as well and I think that we the kind of the tools the
processes the the ways of governing there’s a lot of best practices to make
sure that it’s it’s done fairly I think that the election process that we did this year for choosing the new chair was
also done like with a proper formal process and using a voting tool which
which allowed for like getting rid of contested elections like it’s it’s all
stuff which as the foundation years then it gives that extra level of reliability
so that we’re following and adhering to things which can be verified in our good
breast practices
would be my biggest inspiration from the Linux Foundation is its 100 million dollar year
but in all serious note the fact that they have over a thousand members now clearly Linux has been around a long
time it is widely used but I think that is aspirational for us in terms of we’ve got 30 or so at the members at the
moment we know that rust is used far more widely we know new organizations are you starting to use it every single
day that should help inform our ambition in terms of how we can grow the membership hence how we can grow the
funding hence how can we then further support the project yeah we’re coming to find you all right
we’ll take one more question from the audience and then we’ll start to wrap up
um if you go through the popular crates um there are some that are single owner
crates and this isn’t very sustainable or good for code of conduct or security
or bus Factor so I wondered is there any merits in having like a rust Foundation
org and then being able to adopt those crates under the foundation or something as you
sometimes see with like the genome or KDE they tend to have their packages under their own control
I think that’s wonderful evening director of Technology
so I think we talked about a little bit over the course of the AMA about
figuring out a way how we can expand and grow yeah turn the mic up please
it’s not working sure can help I think we think we’ve talked about over
the course of the AMA how we can how the foundation can work to maybe expand and
grow its reach not just from within the rust project but into the ecosystem
that you know the rust project kind of depends on many ways and one of those
ways is to figure out whether it would be good to have the foundation support
popular crates um like you said single owner crates but there has to be a way to determine
and we haven’t come up with the full process yet what the what the criteria would be
um for those crates that would fall under that umbrella I mean there’s obviously some single owner crates that
um you know may may not be as used or as valuable or
um maybe some potentially trying to be semi-malicious you never know but you have to have some sort of criteria to
determine which of those crates we would want the foundation support since there’s what over you know 105 000 yeah
yeah a lot of them um so I don’t think we could support every single owner crate but something
on my mind to figure out how we can figure out to determine which of of those that we can’t support
last question how can my organization become a rust Foundation member
start with Beck and then we’ll go to Paul um probably say the same thing yeah if
there’s only one way you just get in touch you know DM masteron Discord zulip or just email
using an email address on the website um we have a postal address believe it or not
it would never occur to us that anyone would send us anything in the post but yeah contact us anyway
um it’s really easy there’s a there’s a deck membership deck on the website um it’s pretty easy to sign up if you
say we would love to join we will say right okay which uh which level
um we’ll send you a DocuSign or is it like a further conversation just to chat about it to learn more then just drop it
I’d love to have a chat um and yeah away we go uh we really do not want to make it difficult at all for
people to to come join the foundation and help support everything yeah I can say for experience the process is very
easy yeah and the membership deck has been updated and it’s on live on the site with a
great analogy about orchestras and venues and to figure out yeah you should take a read so yeah we we think it’s
really simple um if you want to bring lawyers that’s going to make things that’s going to take longer but we will still we will
still welcome your lawyers and work through the process and and there are non-membership donations that come
through as well uh so if we can just mention that process a little bit as well so you may not necessarily want to
be a member but you still want to contribute um how can you do that just simply get
in touch with us from the address for the website a number of organizations and individuals have made specific
donations to support the grants program and that’s money that’s Ring fenced to be directly spent on grants to people so
we will you know we will welcome donations of any size directly into the grass program to support that great so
you’ve heard it here make a donation make a donation you think you want thank you all very much
please give them a massive hand
and uh please still feel free to have a chat with them at their stand also Beck
is going to be at the post conference brunch uh tomorrow as well where we’re going to really uh hone in on Rustin
Enterprise uh we’re gonna have a chat with a very special guest who will be also having a fireside chat with me
tomorrow as well I’m not going to say who but it’s great to have you folks here um it’s really showing the growth
of the language it’s really showing how rust is becoming more grown up now so it’s great to have you folks doing the
slog work doing the boring stuff so give them a big hand again please