en
German
Contact
ownCloud on GitHub
Blog
Search
Close

Blog | opensource

What two forks and a Lessons Learned document can teach you about trust

Most open source projects bury their history. Ours is published. What two forks can teach you about how trust actually works.

Most open source projects bury their history. Ours is published.

It acknowledges both forks — 2016 and 2025. Not as history to minimize, but as lessons to internalize. It says: “When part of our community left to follow a different calling, we learned that earning trust alone is not enough. Transparency must be paired with inclusive governance, active listening, and shared ownership.”

Here’s what I take from that:

Trust is not a state. It’s a practice. You don’t “have” the community’s trust like a certification on the wall. You maintain it through consistent behavior. Every release (and we’ve shipped twelve production releases of oCIS since the acquisition), every PR review, every public decision reinforces or erodes it.

Trust is asymmetric. Years to build. One incident to break. Some people will never trust ownCloud again. That’s their right. The OSPO is designed for the people who are watching and willing to engage.

Trust requires admitting what you control and what you don’t. Kiteworks steers the roadmap. Open source is the social contract. These aren’t contradictions. They’re honest boundaries.

Governance is how trust scales. With five contributors, trust is personal. For five hundred contributors, you need written rules, defined roles, and transparent processes. The governance charter, the contribution guide, the code of conduct — these are infrastructure for trust at scale.

Tomorrow: digital sovereignty is not a label.

This is part 10 of this blog post series.
See the earlier posts:

  1. A (re)-introduction to the ownCloud community
  2. What happens when you fork twice, get acquired, and keep shipping anyway
  3. We killed our own CLA. Here’s why that’s a good thing
  4. PHP 8.3. Yes, for Classic. Yes, we heard you
  5. What 108 repositories taught us about open source hygiene
  6. I’m a script kid running an OSPO. That’s the point
  7. Your PR was written by an AI. We don’t care. (But we do have rules.)
  8. Stewardship is not the same as control: A governance charter for people who’ve been burned before.
  9. Twelve documents, zero marketing slop: anatomy of an open source manifesto

About the Author

David Walter is Vice President, Open Source Program Office & Special Projects at Kiteworks, where he stewards the open source projects and drives digital sovereignty strategy globally. He’s been part of the ownCloud ecosystem since 2014, holding roles from community contributor to Chief eXperience Officer before taking on large-scale government deployments and open source governance. At heart, he’s still a script kid who happens to translate between business, community, and engineering. He holds an B.A and an LL.M., is based in Berlin, and volunteers with Germany’s Federal Agency for Technical Relief (THW).

Go to news overview

David Walter

April 30, 2026

Read now:

Kiteworks Launches the ownCloud Open Source Program Office — Formalizing Governance, Retiring the CLA, and Committing to Sovereign, Open, Federated File Sharing for the Enterprise

Kiteworks Launches the ownCloud Open Source Program Office — Formalizing Governance, Retiring the CLA, and Committing to Sovereign, Open, Federated File Sharing for the Enterprise

May 6, 2026

The relaunch of the original open-source, self-hosted File Sync and Share platform brings a published governance charter, relicensing to Apache 2.0, a DCO-based contribution model, and an AI-assisted contribution policy—together with new releases of ownCloud Infinite Scale, ownCloud Classic on PHP 8.3, and a new MCP Server.

read more