In Barcelona last week, WSO2 held its annual user conference, WSO2Con. While the main announcements centred on its use of AI, it also assured customers of its open-source credentials. Like other open-source vendors, it generates revenue from support contracts. Unlike other vendors, it doesn’t have an enterprise and non-supported version of its code base. It is all the same thing.
Staying true to its open-source roots is important for the company and includes how it interacts with its developer community. To gain a deeper understanding of that interaction, Enterprise Times editor Ian Murphy spoke with Isabelle Mauny, Chief Developer Advocate at WSO2.
Mauny was previously Vice President of Product Strategy at WSO2. She left to work with another organisation, and now she is back, she wants to build out the company’s relationship with its developer community.
What is Mauny planning for developers?
One of the challenges for open-source vendors is how to match rewarding their community developers who add value to the product. In the 1980s and 90s, that meant sending them t-shirts, baseball caps and other swag. Some vendors went as far as giving them access to events for free or giving them a Most Valuable Person (MVP) title in the community.
But developer expectations have changed. They want to be seen as more than just a free workforce who get the occasional freebie.
Mauny wants to build a comprehensive developer portal. She describes this as “one place where people can go to access all the information, including developer documentation, APIs, articles, tutorials, and more, syndicated in a single location, where you can filter by the product you’re interested in.”
Access to that level of information will certainly please developers. At the same time, the company is working on its plans for utilising AI. That work is being led by Rania Khalaf, Chief AI Officer at WSO2. Khalaf is looking at AI and how it will enable developers to make better use of the tools and data that Mauny is delivering.
Recognition through a new Ambassador Program
Mauny recognises the need to reward developers. To address that, she is creating an Ambassador Program. It will be by invitation and will recognise those whom WSO2 sees as either contributing to the products or helping spread the word about the products in meetups and conferences.
So far, the company has already identified 15-20 individuals around the world who will be part of the program. Interestingly, Mauny gave an unexpected insight into the level of people who will become ambassadors. saying, they will be an “extension of the company across the world.”
Some of those chosen are individuals who are actively involved in the community, and others work for WSO2 partners. That latter group is important, as they will bring significant commercial knowledge to the role. The challenge will be separating their community role from their commercial role. Also, will their employers give them room to focus on being ambassadors?
What about developing a marketplace?
Many open-source vendors offer a marketplace where developers, customers and even partners can offer utilities that they have written. For partners, this is a quick way to gain visibility in the community and showcase their skills in key verticals. The same is true for individual developers who use it to gain recognition and then leverage that when changing jobs.
Mauny is cautious about building a full marketplace and prefers a more gradual approach. The company already uses GitHub, and developers can contribute code samples there. She commented, “Right now, our marketplace is GitHub. If someone contributes something to the product and wants people to reuse it, that’s probably the first place they would go.”
Another reason Mauny is cautious is that she has only been in the role for a few months. Her priority is to build the developer portal and then see what comes next. It will be interesting to see if developers and partners ask for a marketplace. If they do, I suspect there will be pressure to build it.
However, marketplaces come with challenges. A few years back, Jenkins had a major overhaul of its marketplace. It discovered there were a lot of old, unmaintained utilities. In removing them, it had to find someone who would take them on, especially where they were used by numerous customers. Mauny wants to make sure that doesn’t happen here.
That said, she does agree that there is potential in creating a platform where developers can share components, especially for API management.
A need for better code verification
There are several challenges associated with any community that contributes code. Quality and security are the main two. Old code, mass posting for attention, and AI-generated code are also issues.
To deal with this, Mauny outlined five steps that WSO2 has in place:
- Rigorous Review Process: We have a minimum of four reviewers for every pull request (PR). We have a huge pipeline in terms of build checks that look at security, code complexity, and code quality.
- Validation and Feedback: WSO2 has an automated feedback loop. The key is to ensure that this is all automated. The feedback loop will help developers understand why their contributions are being rejected. It will also help them do better next time.
- Handling AI-Generated Code: While this does pose a challenge, Mauny believes that WSO2s existing processes can handle it. “Whatever code is being contributed, we have to make sure it aligns with the principles of WSO2 and how it’s done.”
- Community Engagement Rules: WSO2 is developing clear engagement rules, similar to those used in the Ballerina project. Developers wanting to contribute will know exactly how it is done, what will happen and how WSO2 will validate their contribution.
- Preventing Low-Quality Contributions: To address automated or low-quality PRs, Mauny said, “We have to put barriers in place to protect ourselves from fake and spammy PRs. We have to very thoroughly validate it before it makes it into the product.” The overall approach is systematic, focusing on thorough review, clear communication, and maintaining high standards for code contributions.
This is a very clear statement of intent from Mauny. Helping developers get it right will ensure that customers can trust the code that they choose to download and use.
Training and certification
WSO2 offers training and certification on its core products. All of this is free and ranges from self-training through to more focused, instructor-led training. All course outlines are available on the WSO2 website. Mauny commented that most of those chosen to be ambassadors have multiple certifications. One has 23 separate certifications.
That need for certification is also part of the partner program. They are required to have employees certified on WSO2 products, and there is discussion on what number and at what level will be part of new partner guidelines. Mauny went on to say that when employers evaluate WSO2, they often ask: “If I’m going to take that partner, how many of their employees are certified?”
When asked about creating a directory where people could be listed to make it easier for employers to attract staff, Mauny said no. She believes that there are other ways that people can show their certifications, for example, on LinkedIn pages.
The challenge of AI
AI is bringing challenges from security to operations and software development. Organisations need to be prepared for this, and that is why WSO2 has made AI a first-class component in its environment. It plans to make more announcements this year in that space.
When it comes to software development, Mauny recognises the risks it brings. The most commonly discussed risk is using it for code generation and assuming the results are correct. This is not a new problem, as Mauny commented. “Before AI, we had something called Stack Overflow, and I’ve seen people copying and pasting code without really doing any critical thinking.”
The lack of critical thinking needs to change. As already mentioned, WSO2 is already looking at how it will deal with contributed AI-generated code. The first step of that process is internal AI education. Mauny said, “We are conducting internal education for our developers on how to maximize the benefits of AI.” We have a research department looking at this stuff in advance of everyone else.”
That education will then be extended to customers. Mauny accepts that the company has a responsibility to educate its own customers. However, it won’t be a quick fix and will take time to ensure customers understand the risks and how to manage them.
None of this means WSO2 is retreating from AI. It is already developing its own AI solutions and making greater use of AI agents. It is looking at patterns in customer usage and how it can better advise those customers outside of just developer education.
Enterprise Times: What does this mean
WSO2 is very focused on its developer community and what it means to the company. To date, however, that focus has been on its Ballerina language and some engagement in GitHub. That is now changing, which is why Mauny is back at the company.
She brings a long history of engaging in the open-source space and working with developer communities. Importantly, she also has extensive experience in security around APIs. That will be essential for WSO2 and its customers going forward.
This is a good time to be a WSO2 developer, and it will be interesting to see how the ambassador program develops.
