There's a reason I point out the longevity of OpenStack. As a project, it has significant corporate sponsorship and policies to ensure that one entity can't take over control of it. For instance; the OpenStack Technical Committee is never permitted to have a majority membership made up of a single entity's employees. This means that even though Red Hat, at this stage in it's development, has a majority of contribution, the project itself can never be taken over by a single entity.
People find project governance, and particularly "corporate" involvement in open source to be distasteful -- but in my experience, and OpenStack is a winning example of this -- setting up good boundaries to let companies work together has proven to be sustainable.
> This means that even though Red Hat, at this stage in it's development, has a majority of contribution, the project itself can never be taken over by a single entity.
If it's one company with the majority of contributions then they can just stop contributing (or put their efforts into a proprietary fork) and all that you're left with is the code and the name. Which is maybe better than "just the code", but not by much.
There are over 600 different people contributing to OpenStack in a given six-month release cycle. Approximately 60% of total code by commit count is from Red Hat employees. I'm one of the 600 that don't work at Red Hat, and there are a lot of us.
You should get a sense of the scale of a project before summarily declaring that it has a single point of failure.
You just said majority without any numbers in the original post. I think you'll agree that the calculus would be quite different for 60% vs 85% of effort being from a single company.
People find project governance, and particularly "corporate" involvement in open source to be distasteful -- but in my experience, and OpenStack is a winning example of this -- setting up good boundaries to let companies work together has proven to be sustainable.