Will Wilson

Announcing the Antithesis Open Source Giveaway Program

Open source bug

It’s been a wild couple of weeks since we came out of stealth. There’s always a moment of terror when you show the world what you’ve been up to. Obviously, we thought it was pretty cool, otherwise we wouldn’t have spent five years working on it. But until you put yourself out there, you never really know whether you’re just getting high on your own supply. But the response was great! Other people think it’s cool too! People also have a ton of questions, which we’re going to try to answer here over the next few months.

There’s just been one 🪰 fly in the ointment, one 🪱 worm in the apple, one 🪲 boll weevil in the pastry: we were not expecting to hear sounds of anguish and upset from maintainers of open source projects who would dearly love to use this thing, but have no way of making our pricing work for them.

Look: we knew our pricing would be tough for small teams – it was always part of the Master Plan that we would start out with an offering that’s great for enterprises, and gradually work our way down to something that’s great for startups and even for individual developers. To be clear, that’s still the plan, but something has changed… something is tugging at our heartstrings… oh right, it’s this legendary xkcd comic:

Dependency comic from xkcd

We, along with roughly everybody else on earth, have benefited from the unpaid, underappreciated, thankless labor of a small army of maintainers of open- source projects.

Some of these projects are cool toys, but others are critical infrastructure that now underpin a big chunk of industrial civilization. Some of those projects benefit from deep-pocketed corporate sponsorship, but others are still labors of love, supported only by a “random person in Nebraska”, and his or her long-suffering family. That’s not right.

Antithesis is designed to make it easier to write software and easier to keep it bug-free, and there are some things literally everybody depends on that could use the help. So we’re gonna start giving it away to those people.

But we can’t do it for everybody all at once, because we’re already drowning in interest, so we need some rules.

Rules of the Program

  1. Over the next month, please submit your nominations for the program using this Google Form. We’ll take the top-four nominations and create a TwitterX poll for them with our account. At the end of the voting period, we will start doing some free work for the project that wins.

  2. We’re reluctant to do a ton of free work for a project that has well-funded institutional sponsors who could be paying us. Please submit things that are actual volunteer/charitable efforts.

  3. If we find any critical security vulnerabilities in the project we test or in its dependencies, we will follow the Antithesis Responsible Disclosure Policy. (The policy isn’t posted on our website yet, but tl;dr we’ll give the maintainers of the software in question a big head-start on fixing issues before we tell the world. Reliability or correctness bugs that don’t have security implications will be public the moment we find them.)

  4. While Antithesis can be used to test many kinds of software, our wheelhouse today is highly concurrent and stateful programs – especially client-server or distributed programs. Yes, we would love to test your parser or HTML rendering engine, but you can already test those with Google’s OSSFuzz. Let’s focus instead on the other 99% of software that conventional fuzzers can’t handle!

That’s it! Those are the rules! Please submit your nominations here (ballot-box stuffing is actively encouraged), and let’s get this rolling.

Happy Testing.