Software Stewardship Lab

A new non-profit applied research lab
We ensure the stability of the Open Source ecosystem we all rely on.

Mission

We safeguard global tech infrastructure by caring for the Open Source technology it relies upon. We develop ways to make the Open Source ecosystem more secure, sustainably funded, and responsibly governed.

We do this to benefit the public and protect critical services that depend on Open Source, like transportation, healthcare and the internet.

Strategy

We identify threats to the Open Source ecosystem and mitigate them by producing software, APIs, research reports, and peer-reviewed papers.

Our work on supply chain security enables developers to identify and support vulnerable projects.

And our work on sustainable funding and governance has helped maintainers avoid burnout, so they can continue their critical work.

Vlad presenting in front of an audience
Vlad speaking at AltCtrlOrg in Basel, Switzerland · Photo by Kostas Fryganiotis

Our Team

Vlad-Stefan Harbuz
Executive Director, Researcher

Director of the Open Source Pledge, which has raised $7,156,281 for maintainers. thanks.dev core developer. Helped build software used by the Gates Foundation to allocate $1B in healthcare funding.

Andrew Nesbitt
Non-Executive Director, Researcher

Creator of leading Open Source intelligence providers ecosyste.ms and libraries.io. Organiser of the FOSDEM Package Management devroom. Previously an engineer at GitHub and Tidelift.

Miranda Heath
Non-Executive Director, Researcher

BPS award-winning psychologist and author of the to-date most comprehensive report on burnout in Open Source. PhD researcher in moral psychology and philosophy at the University of Edinburgh.

Daniel Roe
Non-Executive Director

Leader of globally-used web framework Nuxt. Steward of package manager frontend npmx. Regular keynote speaker. Microsoft MVP, Google GDE, and GitHub Star.

Dawn Foster
Non-Executive Director

Board member of CHAOSS and OpenUK. Previous open source leadership positions at Intel, VMware, and Puppet. PhD using metrics to study the Linux kernel.

Matias Capeletto
Non-Executive Director

Steward of npmx. Core developer of foundational web development tools used by millions, such as Vite, Vitest and e18e. Previously at StackBlitz.

Mike McQuaid
Adviser

CTPO at Administrate. Project Leader of Homebrew. Former GitHub Principal Engineer (#232). Author of Git in Practice.

Our Experience

In leadership roles
As contributors

Featured Posts

Weekend at Bernie's

A portrait of Andrew NesbittAndrew Nesbitt
8 May 2026

Binary Dependencies: Identifying the Hidden Packages We All Depend On

A portrait of Vlad-Stefan HarbuzVlad-Stefan Harbuz
31 Jan 2026

Burnout in Open Source: A Structural Problem We Can Fix Together

A portrait of Miranda HeathMiranda Heath
18 Nov 2025

Values

Public good

Our work must provide a clear benefit to the public; and not put them at disproportionate risk of harm, eg via drastic environmental consequences or monopolies.

Public access

All our research outputs are accessible and usable by all. This means Open Source code, open data, and open access research papers.

Systemic improvements

We aim for widely-applicable systemic solutions, not just fixes for particular technologies, so developers don't have to shape themselves to fit a bad system.

Interdisciplinarity

Our work addresses the social, ethical and policy dimensions of Open Source, like responsible governance, good working conditions and respect.

Decentralisation

We promote sharing and distributing power over technology. We want users to be able to shape the tech they use so that it works in their best interests.

Interdependence

We aim to advance public knowledge about how the tech we have today is made possible by webs of interdependence where developers collaborate openly.

Want to work together?

Say hi