• make your company sponsor projects they depend on

I feel some companies do not know all their end dependencies at times... left-pad, anyone?

(Maybe slightly controversial)

... and if all those options are too complicated in a corporate setting - at least use a Linux distro where you can pay for support. This mimics what corporations are set up to understand, and if (for example) money gets sent to Red Hat this way that in turn will sponsor a lot of different open source projects.

but unfortunately these are also the same steps you need to do to infiltrate an open source project as a bad actor.

Maybe the open source community needs to create a network of trust which can at least offer a “This is a known person” qualification to contributors.

also
- do not ask maintainers to add new features unless they are explicitly asking/looking for it.

Opensource maintainers deserve better. It is not like one should randomly come and ask for adding new features like it was some commercial product.

Advanced ways to help #OpenSource

- Have corporate policies allowing devs to contribute upstream; heck, encourage it!

- Support your OSPO. Give them budget for a FOSS Fund. Listen when they speak.

- Subscribe to Tidelift, thanks.dev, kudos.community, and programs that auto-distribute donations to all your dependencies.

- Get listed on https://fossfunders.com/ and promote it to other CEOs/CTOs.

@bagder

FOSS Funders

^{fossfunders.com}

One thing I do not really understand ...
"Free" is fine. But I see "Companies" mentioned pretty often. Companies have one master goal: Make money. Taking something for free and selling it for money does not contradict that goal.

So why not adjust the licences to something like "If used by a legal entity generating at least a turnover of 240 times the average monthly income of the country their headquarters are located at, at least 3% of the total turnover has to be spread equally across the products used that are covered by this license."

Problem solved.