Estimated reading time: 5 minutes

In the latest edition of our DirectorPlus newsletter, Manik Surtani, head of open source in the CTO office at Block, shares how open source benefits talent and the business at large.

Block, the financial technology company behind brands like Square, Cash App, Afterpay, TIDAL, and others, is a big open-source consumer. “We’ve always consumed open source really well,” says Manik Surtani, head of open source in the CTO office at Block. “Most of Block is built on open source software.”

This is nothing out of the ordinary – the Linux Foundation estimates that the average modern software is made of 70-90% open-source software (OSS). Although most companies use open-source heavily, fewer realize the economic benefits of contributing to open-source or open-sourcing their own projects. 

For Surtani, supporting open source is part of being a good digital citizen. But it’s more than altruism – their strategic approach to open source acts as a talent acquisition magnet. “You punch well above your weight to get good talent,” says Surtani.

Beyond hiring, investing in open source is vital to maintaining the organization’s health, increasing the engineering brand and reputation, and guiding internal best practices for open-source use. From this perspective, open source becomes more than a technical offshoot or social good – it’s a comprehensive policy initiative with clear business returns.

Investing in open source gains the best talent 

Beyond keeping the open-source ecosystem healthy, there is a sound leadership rationale for making bold commitments around open source. First and foremost, working in open source helps visibility, which helps attract better talent, says Surtani. “They know their work is visible to the world, so they don’t take shortcuts.”

In terms of metrics to follow, Surtani recommends looking at the number of engineers recruited with a background in open source, how retention rates are doing, and whether the organization’s approach to open source (or lack thereof) plays a role in poor retention. 

He even recommends engineering leaders incentivize open source championing, such as baking open-source contributions into promotion ladders. 

Sharing successful tools with the world

To get visibility with open-source, you really need to externalize successful internal software. Here, Block has an edge, says Surtani. Since Block has ties to physical hardware beyond the cloud, they can arguably open source more than a strictly software-only business could, without cannibalizing their core business.

A recent success story has been Goose, an open-source, extensible AI agent from Block that’s LLM-agnostic and helps automate software development tasks. “It’s got a lot farther than we imagined,” says Surtani. 

Goose, which has 20k stars on GitHub at the time of writing, is now getting “arms and legs” by connecting with MCP servers, which can talk to various external applications and automate business-user tasks, he adds.

Another example is Bitkey, a Bitcoin wallet that Block published the code for, largely for security and auditing purposes.

Beyond attracting engineering talent, an added benefit is that with more eyes on a project, you can fix bugs and address security vulnerabilities more quickly, which, in the end, reduces maintenance hurdles and malicious threats.

So far, Block’s approach to determining whether a project should be open-source versus kept proprietary has been largely ad hoc. However, a “default to open” mindset is taking shape across the organization.

Contributing to core projects

Another strategy is to directly contribute code back to the open source projects you use. Not only does this help the ecosystem, but it also helps fix bugs or make performance improvements.

For instance, since Block’s point-of-sale devices use Android heavily, they contribute to the upstream Android codebase regularly. “We’ve always been believers in giving back by contributing to open-source projects we already use,” says Surtani.

Another project Block has played an active role in is gRPC, a highly performant RPC framework often used for connecting internal microservices that was open-sourced by Google in 2015, to which Square (now Block) contributed early on. Co-creating on low-level open-source development might not directly correlate to revenue growth, but it supports the long-term continuity and stability of their product lines. 

By supporting the open source you depend on, you have a greater role in steering the project, which can benefit compatibility and extensibility. Plus, having more eyes on a project helps reduce the chances of bugs or security risks, which ideally improves end-customer satisfaction.

Guiding internal open-source use 

To guide internal open-source usage across departments, Block has created an open source program office (OSPO). 

Traditionally, an OSPO handles things like compliance and legal license checks when using open-source software, but “our OSPO is more than that,” says Surtani. The internal group provides individual contributors with more hands-on guidance and mentorship on open-source fundamentals, general mentorship, and supporting new maintainers. The OSPO helps teams decide whether or not to open-source their own works, guiding the decision process and providing a framework for open-sourcing their creations.

Their OSPO also helps promote innersourcing, a practice that applies the open-source principles of shared collaboration to internal codebases. Doing so reaps the benefits of open source without literally open-sourcing projects. Projects that are good candidates for innersourcing are ones being consumed by two or more teams, says Surtani, like their internal developer dashboard.

Especially for a company culture new to open source, delineating internal policies with an OSPO is a good first step to reduce friction and remove any uncertainty developers might have around using open source, says Surtani.

The importance of foundations

Block also financially supports open-source foundations and community initiatives. Specifically, Block has become a member of the Kotlin Foundation, which supports the development of the Kotlin language, and the Linux Foundation’s TODO Group, a community that shares knowledge around OSPOs and other open-source initiatives. It also recently became a sponsor of the Open Source Initiative (OSI), which defines and advocates for quality open-source practices. 

“We’re going to do our part to contribute,” says Surtani, noting how it’s hard to retain governance over critical projects at scale without these types of foundations. 

Foundations can offer neutral governance for competing stakeholders in an open source project and provide a means to steward the project for the long term. Without this support, imbalances in the open source ecosystem can lead to maintainer burnout, vulnerabilities in key OSS projects, and an increased rate of project end-of-lives – all of which could have negative downstream effects on organizations that depend upon them.

Open source: strategic if done right

Investing in open source can benefit recruitment, open up partnership opportunities, encourage a culture of innersourcing, and reduce risks in critical code. 

Since approaching it strategically can deliver tangible benefits to the business as a whole, open source should come with an action plan that spans corporate investment down to individual contributors.

“Open source can be very strategic if done right,” says Surtani. “Every organization should make it part of their strategy, since most organizations are already using open source in some shape or form.”

Get articles like this in your inbox

Choose your LeadDev newsletters to subscribe to.