Open Source Rookies of the Year

The sixth annual Black Duck Open Source Rookies of the Year awards recognize the top new open source Open Source Rookies 2013projects initiated in 2013. This year's Open Source Rookies honorees span cloud and software virtualization, privacy, social media and Internet of Things projects addressing needs in the enterprise, government, gaming and consumer applications, among others, and reflect important trends in the open source community.

  • Cloud and Software Virtualization – As the use of virtualization and cloud becomes commonplace for today’s IT infrastructure, new deployment and management challenges arise. Chef, Puppet, Salt (2011 Rookie) and Ansible (2012 Rookie) provided cloud deployment and configuration management solutions, helping with core configuration and management of large-scale cloud deployments. Docker provides a virtual container that packages an app and its dependencies so it can run on any Linux server, creating a new level of application portability using a lightweight virtualization approach. But while virtualization makes it fast and easy to deploy and scale, it creates new challenges for networking, spawning the need for Software-Defined Networks (SDNs) and the creation of the OpenDaylight project, garnering serious contributions from some of the world’s leading network providers. And through the use of Serverspec, developers can now run automated test scripts for server configuration across large-scale server deployments.
  • Privacy – The security and privacy of our personal information continues to be a major focus, from those wishing to communicate under restrictive governments to the need to protect the personal information stored on our smartphones. Two of this year’s Rookies will help -- locking down private data on Android mobile devices with XPrivacy and providing secure instant messaging using Tox.
  • Social Media – As social media continues to grow and mature, new, more flexible solutions are emerging for blogging and messaging. Ghost provides a new open source blogging alternative, while the rapid expansion of timeline-based data produced in social media creates the need for new kinds of data storage and access, spawning projects like InfluxDB. We also discovered a gem of a social learning tool for coding called Exercism, started by a software development instructor who wanted her students to learn in a more social way. 
  • Internet of Things – As the Internet of Things continues to gain momentum, connecting the world’s devices, projects like OpenIoT are defining important communications standards that will enable billions of devices to interact seamlessly.


2013 Recipients

Appium – a test automation framework for mobile applications.
Docker – enables developers to pack, ship, and run any application as a lightweight container.
Exercism – crowd-sourced code reviews on daily practice problems.
Ghost – is a publishing platform that is beautifully designed, easy to use, and free for everyone.
InfluxDB – is a distributed, time series, events, and metrics database with no external dependencies.
Open DayLight – a collaborative open source project that accelerates adoption of Software-Defined Networking (SDN) and creates a solid foundation for Network Functions Virtualization (NFV).
OpenIoT – enables a new range of open, large-scale intelligent Internet of Things (IoT) applications using a utility cloud computing delivery model.
Serverspec – RSpec tests for your servers configured by Puppet, Chef, or anything else.
Tox – offers secure instant messaging, video conferencing, and more.
X-Privacy – prevents Android-based applications from leaking privacy sensitive data and can restrict the categories of data an application can access.

Honorable mention

Twitter Flight – a lightweight, component-based JavaScript framework that maps behavior to DOM nodes.

2013 Recipients


Appium is an open source test automation framework for use with native and hybrid mobile apps. It drives iOS and Android apps using the WebDriver JSON wire protocol.

As mobile apps become core to our operating infrastructure, agile development methodologies require automated testing to deliver. Appium provides a broad platform for testing both native and hybrid mobile apps on iOS and Android, enabling organizations to utilize a single testing tool to support their growing needs. 

While initially started as a tool for SauceLabs to help customers build a scalable, automated test environment, Appium has quickly taken on a life of its own with a rapidly expanding, diverse developer community.   


Docker is an open source project that automates the deployment of lightweight, portable, self-sufficient containers from any application. The same container that a developer builds and tests on a laptop can run at scale, in production, on VMs, bare metal, OpenStack clusters, public clouds and more.

Docker really got our attention. Few projects outside the highly corporate-sponsored arena garner this level of excitement and attention. While Docker was started by a small, commercial firm previously known as dotCloud, this project has quickly grown roots and turned the heads of the big guys, including RedHat and Google.  But more importantly, Docker provides developers with an important advancement in the way they build scalable applications for the cloud – the ability to create lightweight, portable, self-sufficient containers from any application. This level of portability offers companies plenty of options for where their apps will run, while allowing developers to have freedom of choice in the languages and tools used to build them.


Exercism is a collaborative learning tool for people learning programming languages. It was started by Katrina Owen, an instructor working at a small technical school in Colorado, in an effort to help her students learn more collaboratively. And it worked. She realized an immediate, positive improvement in how quickly her students were able understand programming languages. While Katrina started Exercism to support her own classroom, other students and educators quickly took notice and began contributing and using the project. Exercism now supports 13 languages with more on the way, including Go, CoffeeScript, JavaScript, Java, Rust, and Erlang, and continuing to grow rapidly in contributors and users.


Ghost is dedicated to one thing: publishing. It's beautifully designed, completely customizable and completely open source. It allows you to write and publish your own blog, giving you the tools to make it easy and even (gasp) fun to do. It's simple, elegant, and designed so that you can spend less time messing with making your blog work - and more time blogging.   

John O’Nolan worked on the WordPress team for several years. He loved it, but the project turned in a direction away from its original vision. In early 2013, John blogged “If I could build WordPress all over again, what would I do differently?”  The post got picked up on the front page of Hacker News. He pulled together a prototype using JavaScript and NodeJS, and set out to raise a small amount of money using Kickstarter in April. In 29 days, he raised 10x the amount he wanted. Set up as a non-profit, John hired a team of three, got significant help from the open source community, and created a first version that was released in Oct. It got 4m views and 100k downloads! While the current version (as of this writing) is limited to single-user blogging, it is stable and growing rapidly. And WordPress is now implementing many of the things Ghost is doing.


InfluxDB is a time series, events, and metrics database. It's written in Go and has no external dependencies. Once you install it there's nothing else to manage (like Redis, HBase, or whatever). It's designed to be distributed and scale horizontially, but is useful even if you're only running it on a single box.

Paul Dix started a project called ErrPlane, focusing on monitoring and metrics. As he traveled around trying to get traction with ErrPlane, he began to realize that other competing projects were all writing their own time-series database to handle the type and volume of data needed. So he and his partner made a big decision to stop working on ErrPlane and shift their focus to building a specialized, time-series database.  Paul and team worked quietly for one month, and then decided they needed some feedback to continue, so they did a talk at a NY Ruby Meet-up. One of the attendees posted it up on Hacker News. O’Reilly Radar picked it up and the story went to the top. When Paul saw people talking about InfluxDB at a DevOps conference in Australia and another in Japan, they knew they were onto something solid. As of this writing, the project is only 3 months old, with the first commit Sept 23rd.  

Open DayLight

OpenDaylight's objective is to provide a fully functional SDN platform that can be deployed directly, without requiring other components. It is focused on building an open, standards-based SDN controller platform that is suitable for deploying in a variety of production network environments. In addition to a modular controller framework, OpenDaylight is expected to include support for a number of standard and emerging SDN protocols, network services such as virtualization and service insertion, well-defined application APIs, and data plane elements including physical device interfaces and virtual switch enhancements.


OpenIoT began as a research project partially funded by the European Commission with a goal of enabling a new range of open large scale, intelligent IoT (Internet of Things) applications according to a utility cloud computing delivery model. The project focuses on mobility aspects of internet-connected objects (sensor Networks) for energy-efficient orchestration of sensor data harvesting and data transmission into the cloud. OpenIoT integrates ontologies and semantic structures, in order to enable semantic interactions and interoperability between the various objects, which means a significant advancement over the existing syntactic interactions offered by GSN and AspireRFID projects. 


Serverspec provides a simple approach to testing your server configurations, independent of any configuration management tools. Using serverspec, you can write RSpec tests for checking your servers’ configuration. It tests your servers' actual state through SSH access, so you don't need to install any agent software on your servers and can use any of the leading configuration management tools including PuppetChef, CFEngine and more. 


Project Toxalso known as Tox, is an instant messaging application aimed to replace Skype. It’s no surprise that this project got some big traction this year given all the privacy and security related events that have taken place. With the rise of governmental monitoring programs, Tox aims to be an easy to use, all-in-one communication platform (including audio and videochats in the future) that ensures their users full privacy and secure message delivery. 


XPrivacy can prevent applications from leaking privacy sensitive data and can restrict the categories of data an application can access. This is done by feeding an application with no or fake data. There are several data categories which can be restricted, including contacts and locations. For example, if you restrict access to contacts for an application, an empty contact list will be sent. Similarly, restricting an application's access to your location will result in a fake location being sent.

Honorable mention

Twitter Flight

Flight is distinct from existing frameworks in that it doesn't prescribe or provide any particular approach to rendering or providing data to a web application. It's agnostic to how requests are routed, which templating language you use or even if you render your HTML on the client or the server. While some web frameworks encourage developers to arrange their code around a prescribed model layer, Flight is organized around the existing DOM model with functionality mapped directly to DOM nodes. Flight likely isn’t as easy to learn and use compared to some of the other, more popular, JavaScript frameworks like Angular or Ember, but it provides enormous flexibility architecturally, showing real promise for building more complex applications.

View the Press Release

Latest Tweets

Black Duck Software (10 hours ago)
HP leapfrogs Red Hat to become top contributor to OpenStack | Network World
Black Duck Software (11 hours ago)
Don't miss tomorrow's webinar w/ @JFrog on how to speed development & manage risk through seamless build integration
Black Duck Software (12 hours ago)
Twitter engineer joins Mesosphere to push the open-source project he helped make | VentureBeat by Jordan Novet
Black Duck Software (13 hours ago)
#Hadoop gets more versatile, but data is still king | @gigaom #bigdata
Black Duck Software (14 hours ago)
RT @pcworld: Wow: @oculus has open-sourced its 1st-gen DK1 VR headset to kick off the #OculusConnect conference. by …

Black Duck Software
8 New England Executive Park
Burlington, MA 01803

Contact Us

Legal Notices | Privacy Policy | Site map
Open Source Delivers | Open HUB
Open Source Think Tank