My path to becoming a maintainer in the Backstage project wasn’t paved with years of prior open source experience. As a student interning at Red Hat, I started with a relatively fresh perspective. This is the story of that journey – how I navigated the complexities of Backstage, with the support of its community, allowing me to grow and learn, and how open source can empower anyone to do the same. Whether you’re new to open source or a seasoned developer, I believe you’ll find something valuable here. For those just starting out, I hope this inspires you to take that first step. And for experienced developers, I hope this offers a fresh perspective – a look at how a new contributor navigates a complex project, and perhaps, a reminder of our own beginnings. This journey wasn’t made in a single leap, but through a series of progressive stages. I’ll walk you through these stages, highlighting the key learnings and contributions along the way.

Wow, London sure didn't hold back! Five years after the open source framework was released, Backstage was clearly on people's minds — from those new to internal developer portals to those who have been contributing since the earliest days. Conversations about Backstage spanned from BackstageCon to the rest of KubeCon + CloudNativeCon Europe, which had a record-setting attendance of nearly 13,000 people. But if you couldn't make it, then settle in, prepare a spot of tea, and read on for highlights. Then head over to the Backstage Community's YouTube channel to catch up on all the great Backstage talks you missed.

It was another banner year for everyone's favorite platform for improving developer experience — and we're closing 2024 out with a bang🧨🎆. To give you a snapshot of how the Backstage community is doing, we're counting down our Top 5 milestones for the year (plus a few other highlights sprinkled in). To start things off, let's see what you and your 1,616 fellow contributors were up to last year…

TL;DR Backstage’s security posture remains strong! Today, we’re releasing the report from the second independent security audit of the Backstage project.

As an Incubating project within the Cloud Native Computing Foundation (CNCF), Backstage is fortunate enough to take advantage of sponsored continuous security audits. The Open Source Technology Improvement Fund (OSTIF) sponsors the audits as part of its ongoing efforts to secure the open source software ecosystem, and the audit itself was performed by X41 D-Sec, who also performed the first audit. Our goal with the audit was to re-evaluate and further improve Backstage’s security posture, focusing on the core Backstage framework and plugins.

tl;dr: Salt Lake City did not disappoint! Backstage continues to be at the forefront of many conversations being had at BackstageCon and across KubeCon + CloudNativeCon. If you weren't able to join us, all the BackstageCon talks are available for replay on YouTube. Read on for the highlights — plus, photos of super cute pups — as a treat! 🐕

TL;DR To enhance the developer experience, Dynatrace adopted Backstage as its central developer portal and enhances Backstage entities with real-time data. This decision, along with the symbiosis between the Dynatrace platform and Backstage, has unlocked two significant opportunities.

• First, centralizing all development-related artifacts and democratizing ownership have reduced onboarding time for our teams.
• Second, we enhanced the developer experience by integrating observability and security data into Backstage, offering seamless entry points to Dynatrace for in-depth analysis.

TL;DR There is no shortage of content that discusses the benefits that Backstage brings to organizations (and if you want to read more on that, you can just click here, here, or here). But I want to share what it did for me, a developer here at Spotify. And not just what it did, but how I’ve used Backstage to help me achieve goals at each stage of my journey at Spotify — from my first day as a brand new employee to today, my 1,186th day as a contributor.

tl;dr: We've set up the new community plugins repository, and have migrated most of the packages in the plugins directory of the main Backstage repository to their new home!

For those who depended on these plugins, migrating is as simple as yarn backstage-cli versions:bump then yarn backstage-cli versions:migrate. If you're already on 1.26.1, then be sure to run yarn backstage-cli versions:bump --skip-migrate then yarn backstage-cli versions:migrate to take advantage of the code reference replacement helpers.

tl;dr: And with that the first BackstageCon Europe comes to an end! The City of Light was good to Backstage with many great conversations at both BackstageCon and KubeCon + CloudNativeCon Europe 2024. If you weren't able to join, the CNCF has a great playlist of all the BackstageCon talks ready to go on YouTube. Check out some of the highlights below — then grab your popcorn and settle in!

TL;DR: For the Backstage maintainers, ensuring that the project is secure for every adopter and end user is one of our top priorities. With the recent discovery of CVE-2024-26150, we've shipped fixes for versions > v1.15.0. Please update your Backstage instance.