en
German
Contact
ownCloud on GitHub
Blog
Search
Close

Blog | opensource

What two forks and a Lessons Learned document can teach you about trust

Most open source projects bury their history. Ours is published. What two forks can teach you about how trust actually works.

Most open source projects bury their history. Ours is published.

It acknowledges both forks — 2016 and 2025. Not as history to minimize, but as lessons to internalize. It says: “When part of our community left to follow a different calling, we learned that earning trust alone is not enough. Transparency must be paired with inclusive governance, active listening, and shared ownership.”

Here’s what I take from that:

Trust is not a state. It’s a practice. You don’t “have” the community’s trust like a certification on the wall. You maintain it through consistent behavior. Every release (and we’ve shipped twelve production releases of oCIS since the acquisition), every PR review, every public decision reinforces or erodes it.

Trust is asymmetric. Years to build. One incident to break. Some people will never trust ownCloud again. That’s their right. The OSPO is designed for the people who are watching and willing to engage.

Trust requires admitting what you control and what you don’t. Kiteworks steers the roadmap. Open source is the social contract. These aren’t contradictions. They’re honest boundaries.

Governance is how trust scales. With five contributors, trust is personal. For five hundred contributors, you need written rules, defined roles, and transparent processes. The governance charter, the contribution guide, the code of conduct — these are infrastructure for trust at scale.

Tomorrow: digital sovereignty is not a label.

This is part 10 of this blog post series.
See the earlier posts:

  1. A (re)-introduction to the ownCloud community
  2. What happens when you fork twice, get acquired, and keep shipping anyway
  3. We killed our own CLA. Here’s why that’s a good thing
  4. PHP 8.3. Yes, for Classic. Yes, we heard you
  5. What 108 repositories taught us about open source hygiene
  6. I’m a script kid running an OSPO. That’s the point
  7. Your PR was written by an AI. We don’t care. (But we do have rules.)
  8. Stewardship is not the same as control: A governance charter for people who’ve been burned before.
  9. Twelve documents, zero marketing slop: anatomy of an open source manifesto
Go to news overview

David Walter

April 30, 2026

Read now: