In May 2022 I left my job as the lead of the Go Security team at Google to become an independent, professional open-source maintainer. I am still a maintainer of the Go cryptography standard library (as well as of age, mkcert, yubikey-agent, and other projects), and I signed retainer and sponsorship agreements with companies like Protocol Labs, Smallstep, and Tailscale that wish to support my work, and get access to the roadmap and my expertise.
I am not selling consulting by the hour and I'm still reserving most of my time for maintenance work. Nonetheless, I now have enough clients to earn competitively with what I used to earn as a Senior Software Engineer. This is what I hope will make the model more sustainable, and align incentives with those of open-source projects, avoiding maintainer burnout or churn.
The model is new, and the barrier to entry is still very high. The next step in making it more accessible is popularizing it, so that both companies and maintainers are familiar with it. Eventually, I hope as a community we'll build the tools - social and technical - needed to make of open-source maintenance a profession and career path.
I will talk about my day job as a Go maintainer, about the model of professional maintainership, and about my progress with it.