Life at Eclipse

Musings on the Eclipse Foundation, the community and the ecosystem

Archive for the ‘Open Source’ Category

AWS invests in strengthening open source infrastructure at the Eclipse Foundation

In our recent open letter and blog post on sustainable stewardship of open source infrastructure, we called on the industry to take a more active role in supporting the systems and services that drive today’s software innovation. Today, we’re excited to share a powerful example of what that kind of leadership looks like in action.

The Eclipse Foundation is pleased to announce that Amazon Web Services (AWS) has made a significant investment to strengthen the reliability, performance, and security of the open infrastructure that supports millions of developers around the world. This commitment will benefit multiple core services, including Open VSX Registry, the open source registry for Visual Studio Code extensions that powers AI-enabled development environments such as Kiro and other leading tools.

Sustaining the backbone of open source innovation

For more than two decades, the Eclipse Foundation has quietly maintained open infrastructure that forms the foundation of modern software creation for millions of software developers worldwide. Its privately hosted systems deliver more than 500 million downloads each month across services such as download.eclipse.org, the Eclipse Marketplace, and Open VSX. These platforms serve as the backbone for individuals, organisations, and communities that rely on open collaboration to build the technologies of the future.

AWS’s investment will help improve performance, reliability, and security across this infrastructure. The collaboration reflects a shared commitment to keeping open source systems resilient, transparent, and sustainable at global scale.

Open VSX: a model for sustainable open infrastructure

Open VSX is a vendor-neutral, open source (EPL-2.0) registry for Visual Studio Code extensions. It serves as the default registry for Kiro, Amazon’s AI IDE platform, and is relied upon by a growing global community of developers. The registry now hosts over 7,000 extensions from nearly 5,000 publishers and delivers in excess of 110 million downloads per month. As a leading registry serving developer communities worldwide, including JavaScript and AI development communities, Open VSX has become a vital piece of open source infrastructure that supports thousands of development teams worldwide.

By supporting Open VSX, AWS is helping to strengthen the foundations of this essential service and reinforcing the Eclipse Foundation’s ability to provide secure, reliable, and globally accessible infrastructure. Their contribution reflects the importance of collective investment in maintaining the resilience, openness, and security of the tools developers use every day.

This sponsorship highlights the shared responsibility that all organisations have in sustaining the technologies they depend on. It also sets a strong example of how industry leaders can contribute to ensuring that the services we all rely on remain trustworthy, scalable, and sustainable for the future.

Improving reliability, security, and trust

The AWS investment is helping strengthen security, ensuring fair access, and improving long-term service reliability. Ongoing work focuses on enhancing malware detection, improving traffic management, and expanding operational monitoring to ensure a stable and trusted experience for developers around the world.

As part of this collaboration, AWS is providing infrastructure and services that will improve availability, performance, and scalability across these systems. This support will accelerate key roadmap initiatives and help ensure that the platforms developers rely on remain secure, scalable, and trustworthy well into the future.

A shared commitment to open source sustainability

AWS’s contribution demonstrates how industry leaders can make strategic investments in sustaining the shared infrastructure their businesses depend on every day. By investing in the services that support open source development, AWS is helping to ensure that critical technologies remain open, reliable, and accessible to everyone.

The Eclipse Foundation continues to serve as an independent steward of open source infrastructure, maintaining the tools and systems that enable software innovation across industries. Together with supporters like AWS, we are building a stronger foundation for the future of open collaboration.

But this is only the beginning. The long-term health of open source infrastructure depends on collective action and shared responsibility. We encourage other organisations to follow AWS’s example and take an active role in sustaining the technologies that make modern development possible.

Learn how your organisation can make a difference through Eclipse Foundation membership or direct sponsorship opportunities. The future of open innovation depends on all of us; and together, we can keep it strong, secure, and sustainable.

Written by Mike Milinkovich

November 5, 2025 at 9:29 am

Posted in Foundation, Open Source

Tagged with , , , , ,

Bringing Open Source Hardware and Software Together: The Eclipse Foundation’s Vision for Embedded and Safety-Critical Innovation

The Eclipse Foundation has long been a leader in driving open source innovation across IoT, edge computing, and embedded ecosystems. For over 20 years the Eclipse C/C++ Development Tools (CDT) platform has seen broad adoption in the embedded market. For over a decade the Eclipse IoT and Edge community has been delivering great technology components, runtimes, and platforms. And more recently, the Eclipse Software Defined Vehicle working group and community have started to extend our footprint into the security and safety-conscious automotive industry. Now, the recent additions of Eclipse ThreadX and the OpenHW Group are cementing our position as the go-to destination for developers building embedded systems, particularly in safety-critical domains. These milestones, combined with the Foundation’s robust ecosystem, highlight our role as a hub for collaborative innovation in embedded technologies, especially at the intersection of software and hardware.

Expanding the Ecosystem: ThreadX and the OpenHW Foundation

The ThreadX journey at the Eclipse Foundation began in November  2023 when Microsoft contributed this trusted Real-Time Operating System (RTOS) to the Eclipse community. Originally developed by Express Logic and later acquired by Microsoft, ThreadX has been a cornerstone of safety-critical applications across industries like home appliances, medical devices, automotive, aerospace, and industrial automation. Renowned for its reliability and adherence to stringent functional safety standards, ThreadX continues to empower developers worldwide. Earlier this year the Eclipse ThreadX project was re-certified under functional safety standards IEC 61508, IEC 62304, ISO 26262, and EN50128, making ThreadX the world’s first community-driven, open source RTOS with functional safety certifications. 

Building on this strong foundation, we recently launched the ThreadX Alliance. This initiative unites key industry stakeholders to maintain a healthy ecosystem and advance ThreadX development and adoption, particularly in safety-critical applications. 

Adding to this momentum, the OpenHW Group has now joined the Eclipse ecosystem as the OpenHW Foundation, bringing its expertise in implementing RISC-V architectures to complement our software initiatives. OpenHW provides developers with permissively licensed, high-quality hardware IP, enabling the creation of advanced embedded real-time systems. In short, OpenHW takes the RISC-V instruction set architecture and makes it real by delivering verified open source-licensed processor designs written in industry standard System Verilog. 

Together, ThreadX and OpenHW deliver a powerful combination of proven RTOS capabilities and cutting-edge hardware innovation, providing a solid foundation for embedded and IoT applications.

By combining the proven safety-critical and real-time capabilities of ThreadX, the cutting-edge processor core designs of  OpenHW and other Eclipse initiatives—such as Eclipse Zenoh, Sparkplug, and the Software-Defined Vehicle (SDV) Working Group —we are building an unmatched environment for embedded developers. These advancements position the Eclipse Foundation as the premier destination for open source innovation in safety-critical and high-performance embedded systems.

A Strategy Built on Collaboration

Our vision is to create a cohesive ecosystem where projects across software and hardware domains can collaborate to accelerate embedded systems innovation. The Eclipse Foundation’s collaborative infrastructure ensures that projects like ThreadX and OpenHW are not siloed but rather integrated into a broader strategy that benefits developers and organisations alike:

  • IoT and Connectivity: Fundamental protocols like MQTT, Sparkplug, Eclipse Zenoh and Eclipse uProtocol provide robust real-time data sharing and control for industrial IoT and automotive applications. Zenoh’s recent 1.0.0 release sets a new standard for connectivity, particularly in robotics and edge systems.
  • Developer Tools: In addition to the widely adopted Eclipse CDT, Eclipse Theia, our modern, extensible IDE, supports safety-critical workflows and can be easily integrated with ThreadX-based projects, simplifying the development of complex embedded solutions.
  • Software-Defined Vehicle (SDV): The SDV Working Group is shaping tomorrow’s automotive software landscape. Its intersection with ThreadX and Zenoh, as manifested in uProtocol, enables more robust functional safety and advanced vehicle connectivity, ensuring that developers can confidently build next-generation automotive and mobility systems.
  • Multiplatform Integration: The Oniro Working Group develops a distributed operating system for smart devices, collaborating with projects like Theia or Kanto. This cross-project integration fosters an environment where developers can easily combine diverse technologies into coherent, scalable solutions.
  • Eclipse Functional Safety Process: The emergence of ThreadX and Eclipse SDV as critical technologies for safety-critical applications will not be possible without a robust development process enabling requirements traceability and comprehensive testing. The evolving Eclipse Foundation functional safety process will guide project teams in the embedded realm and beyond towards code and product certifiability in a uniform, predictable way.

As the home for these initiatives and technologies, the Eclipse Foundation offers an unparalleled ecosystem for developing sophisticated, safety-critical, and connected embedded systems.

The Road Ahead

The additions of Eclipse ThreadX and the OpenHW Foundation mark the start of an exciting new chapter in embedded systems innovation. By uniting cutting-edge hardware, trusted RTOS software, and advanced connectivity solutions, the Eclipse Foundation is poised to become the leading destination for developers working on safety-critical and high performance embedded systems.

We invite developers, organizations, and contributors to join us in shaping the future of embedded technology. Whether you engage through the ThreadX Alliance, the OpenHW Foundation, Eclipse SDV, or other projects within our vibrant ecosystem, you’ll find endless opportunities for collaboration and innovation.

Together, let’s build the future of embedded systems.

Learn More About the Eclipse Foundation and our Projects

Written by Mike Milinkovich

December 16, 2024 at 8:00 am

Posted in Foundation, Open Source, Strategy

Tagged with , , , , ,

Securing the Future of Open Source: Launching the Open Regulatory Compliance Working Group

Today marks an important milestone for the open source community. As open source software continues to drive innovation across industries, ensuring its relevance and compliance with emerging regulations has never been more critical. 

To address these challenges, the Eclipse Foundation is proud to announce the formal launch of the Open Regulatory Compliance (ORC) Working Group. This initiative is designed to ensure that open source remains a powerful force for innovation while meeting the increasingly complex regulatory requirements that commercial organisations face globally. 

As previously announced, this initiative has garnered the support of the world’s open source foundations, including Apache Software Foundation, Blender Foundation, FreeBSD Foundation, Matrix.org Foundation, NLnet Labs, OpenInfra Foundation, OWASP, PHP Foundation, Python Software Foundation, Ruby Central, and Rust Foundation. We also have the support of numerous civil society organisations, industry organisations, and SMEs including CodeDay, iJUG, Obeo, Open Elements, OpenForum Europe, Open Source Initiative, Payara Services, Scanoss, and Software Heritage. Today we are also announcing that we have the support of European industry heavyweights Bosch, Mercedes-Benz, Nokia, and Siemens.

This diverse collaboration highlights the industry’s shared commitment to navigating regulatory changes together and ensuring that open source continues to thrive as a pillar of modern technology.

Securing the Future of Open Source Innovation

In an era where businesses rely on open source for mission-critical applications, the ORC Working Group is essential to maintaining the competitive advantage that comes from using and contributing to open source software. As regulations evolve, commercial organisations need a clear path to stay compliant while continuing to innovate. The ORC Working Group addresses this need by helping to formalise industry-aligned best practices, helping companies leverage the full potential of open source without the risk of falling behind on new regulations.

Immediate Focus: The European Cyber Resilience Act

Open source is a cornerstone of global digital innovation, and Europe’s regulatory landscape is playing a pivotal role in shaping its future. The ORC Working Group is committed to ensuring that open source remains a vital part of the world economy, and complying with the EU’s Cyber Resilience Act (CRA) is a critical part of this. Through collaboration with European institutions, the working group is working to facilitate compliance with the CRA and similar regulations, helping businesses and developers alike stay ahead of the curve.

Keeping Innovation Compliant and Secure

With the Cyber Resilience Act as a primary focus, the ORC Working Group is looking to make progress in developing cybersecurity process specifications and best practices to support compliance. Liaison status with the European Committee for Standardization (CEN) and the European Committee for Electrotechnical Standardization (CENELEC) further strengthens the working group.

Get Involved: Shaping the Future of Open Source Compliance

As the open source ecosystem faces unprecedented regulatory challenges, now is the time for all stakeholders — developers, companies, foundations, and regulatory bodies — to come together and ensure that open source innovation remains sustainable and compliant. The Open Regulatory Compliance (ORC) Working Group offers a unique opportunity to actively shape the future of open source by helping define the standards and best practices that will keep it relevant and competitive in the face of evolving global regulations.

We invite anyone involved in the open source community — whether you’re a developer, legal expert, corporate leader, or part of a standards organisation — to join this critical effort. Your participation will not only help safeguard the future of open source, but also ensure that your organisation stays ahead of the regulatory curve.Join the ORC Working Group and the ORC mailing list today to help define the future of open source compliance.

Written by Mike Milinkovich

September 24, 2024 at 7:00 am

Posted in Foundation, Open Source

Tagged with , , , ,

The Open Source Community is Building Cybersecurity Processes for CRA Compliance

tl;dr – Apache Software Foundation, Blender Foundation, OpenSSL Software Foundation, PHP Foundation, Python Software Foundation, Rust Foundation, and Eclipse Foundation are jointly announcing our intention to collaborate on the establishment of common specifications for secure software development based on existing open source best practices.

In an effort to meet the real challenges of cybersecurity in the open source ecosystem, and to demonstrate full cooperation with, and to support the implementation of, the European Union’s Cyber Resilience Act (CRA), Apache Software Foundation, Blender Foundation, OpenSSL Software Foundation, PHP Foundation, Python Software Foundation, Rust Foundation, and Eclipse Foundation are announcing an initiative to establish common specifications for secure software development based on open source best practices.

This collaborative effort will be hosted at the Brussels-based Eclipse Foundation AISBL under the auspices of the Eclipse Foundation Specification Process and a new working group. As Europe’s largest open source foundation, which also supports a robust open specification process, the Eclipse Foundation is a natural home for this effort. Other code-hosting open source foundations, SMEs, industry players, and researchers are invited to join in as well. The starting point for this highly technical standardisation effort will be today’s existing security policies and procedures of the respective open source foundations, and similar documents describing best practices. The governance of the working group will follow the Eclipse Foundation’s usual member-led model but will be augmented by explicit representation from the open source community to ensure diversity and balance in decision-making. The deliverables will consist of one or more process specifications made available under a liberal specification copyright licence and a royalty-free patent licence. 

The reasons for this collaboration extend beyond compliance. In an era where software, particularly open source software, plays an increasingly vital role in modern society, the need for reliability, safety, and security has steadily increased. New regulations, exemplified by the impending CRA, underscore the urgency for secure by design and robust supply chain security standards well before the new regulation comes into force in 2027.

While open source communities and foundations generally adhere to and have historically established industry best practices around security, their approaches often lack alignment and comprehensive documentation. The open source community and the broader software industry now share a common challenge: legislation has introduced an urgent need for cybersecurity process standards.

The CRA will lead to numerous standards requests from the Commission to the European Standards Organisations. And these are only the European requirements – additional demands from the US and other regions can be anticipated.

The CRA also creates a new type of economic actor – the “Open Source Software Steward”. It is in this context that we, as open source foundations, want to respond to the challenge of establishing common specifications for secure software development.

This challenge is compounded by the following:

  • Today’s global software infrastructure is over 80% open source. The software stack that underpins any product with digital elements is typically built using open source software. As a result, it is fair to say that when we discuss the “software supply chain,” we are primarily, but not exclusively, referring to open source. 
  • Traditional standards organisations have had limited interactions with open source communities and the broader software/IT industry. To make matters more complicated, their governance models currently do not provide opportunities for open source communities to engage. 
  • Open source communities have a limited history of dealing with traditional standards organisations. To make matters more complicated, their resource constraints make it difficult for them to engage.
  • Standards setting is typically a long process, and time is of the essence. 

So while these new cybersecurity standards must be developed with the requirements of open source development processes and communities in mind, there is no clear path on how to do so in the time available. It is also important to note that it is similarly necessary that these standards be developed in a manner that also includes the requirements of proprietary software development, large enterprises, vertical industries, and small and medium enterprises.

Despite these challenges, a foundation for progress exists. The leading open source communities and foundations have for years developed and practised secure software development processes. These are processes that have often defined or set industry best practices around things such as coordinated disclosure, peer review, and release processes. These processes have been documented by each of these communities, albeit sometimes using different terminology and approaches. We hypothesise that the cybersecurity process technical documentation that already exists amongst the open source communities can provide a useful starting point for developing the cybersecurity processes required for regulatory compliance.

We hope that our specifications could inform the formal standardisation processes of at least one of the European Standards Organisations. Given the tight time horizon for implementation of the CRA, we believe that this immediate start will provide a constructive environment to host the technical discussions necessary for the stewards, contributors, and adopters of open source to meet the requirements set forth in these new regulations. 

We invite you to join our collaborative effort to create specifications for secure open source development: Contribute your ideas and participate in the magic that unfolds when open source foundations, SMEs, industry leaders, and researchers combine forces to tackle big challenges. To stay updated on this initiative, sign up for our mailing list.

Written by Mike Milinkovich

April 2, 2024 at 3:00 am

Posted in Foundation, Open Source, Strategy

Tagged with , , , ,

Celebrating Eclipse Theia’s Milestone: Full Compatibility with VS Code Extension API

We are thrilled to announce a landmark achievement in the evolution of Theia: full compatibility with the Visual Studio Code (VS Code) extension API, marking a significant milestone in the journey of Theia towards becoming a universally adaptable development environment.

Unleashing a World of Features with VS Code Extensions

Theia has supported hosting VS Code extensions for many years. The integration of the VS Code extension API unlocked an unprecedented array of features for Theia-based applications. This compatibility means that users can leverage the extensive ecosystem of VS Code extensions, bringing thousands of new capabilities to Theia. With the completion of a recent initiative, Theia now is fully compatible with the VS Code API allowing the vast majority of VS Code extensions to be used in any Theia-based application. Of particular note is the recent addition of support for notebook editors, a game-changer that opens Theia to new audiences, such as data scientists, who rely heavily on notebook interfaces for languages like Python.

A Symphony of Collaboration

This achievement is not just a technical milestone; it is a testament to the power of collaborative open-source development. The original VS Code API compatibility implementation was contributed by Red Hat. The journey to full compatibility, initiated by STMicroelectronics and crafted through the concerted efforts of EclipseSource, Ericsson, Typefox, and other contributors, has been one of shared vision and united effort. STMicroelectronics and EclipseSource played a pivotal role in establishing an open, structured process for regular API comparison and issue tracking. This approach facilitated a broad-based contribution, allowing various organizations to contribute effectively to the project.

Empowering the Developer Community

The compatibility with the VS Code API multiplies Theia’s effectiveness as a development platform. For developers, this means access to the latest and most advanced tools available in the VS Code ecosystem, significantly enhancing both the adopter and user experience with Theia.

Overcoming Challenges through Open Source Collaboration

The journey to this point wasn’t without challenges. Initially, contributions were focused only on specific missing API features needed for particular extensions used by contributors. However, the structured process initiated by STMicroelectronics set a new direction – aiming for complete compatibility. This approach significantly simplified the distribution and parallelization of work. As a result, this process galvanized the open-source community, leading to a surge in contributions and exemplifying the true spirit of collaborative innovation.

Maintaining the Pace: The Future Roadmap

For nearly half a year, Theia has maintained full compatibility with the VS Code extension API. The commitment to this standard is unwavering. With regular scans of new VS Code API updates, contributors that Theia stays in lockstep with the latest advancements, continually integrating new features and capabilities.

Join Us in this Continual Journey

As we celebrate this milestone, we also look to the future. Theia’s journey is ongoing, and the path ahead is as exciting as the accomplishments behind us. We invite the developer community, contributors, and enthusiasts to join us in this vibrant and continually evolving project. Together, we will keep pushing the boundaries of what’s possible in open-source development environments.

Let’s continue to shape the future of software development tools with Theia. Your contributions, feedback, and engagement are not just welcome – they are essential to our shared success.

Here are a couple of links to get you started in your journey with Eclipse Theia:

Written by Mike Milinkovich

December 18, 2023 at 7:09 am

Posted in Foundation, Open Source

Tagged with , ,

« Older Entries