[lorinab]

Ludovic Dubost (XWiki CEO, 20 years building open source in Europe without VC funding) submitted a response to the EU's consultation on their European Open Digital Ecosystem Strategy. The core tension: the EU's framing of open source as sovereignty infrastructure is actually correct. The incentive structure underneath it is not. Public procurement still optimizes for lowest bid today, not long-term sustainability. Maintenance, security patches, and reliability work get treated as "community effort" — right up until something breaks and suddenly it's critical infrastructure again. Meanwhile, regulatory compliance costs hit small European maintainers disproportionately hard compared to large vendors who can absorb them. The article makes a few concrete proposals: procurement criteria that reward contribution and sustainability, multi-year funding that reflects how maintenance actually works, and addressing the bundling/lock-in economics that make switching away from proprietary stacks artificially expensive. No ideology here, just 20 years of operational reality about what happens when you try to build and sustain open-source infrastructure in Europe without external investors covering the gap. Curious whether others building in this space see the procurement angle as the main lever, or whether the regulatory burden piece is the bigger friction.