[HN Gopher] You use more open source software than you think ___________________________________________________________________ You use more open source software than you think Author : mooreds Score : 93 points Date : 2021-06-09 19:38 UTC (3 hours ago) (HTM) web link (github.com) (TXT) w3m dump (github.com) | quanticle wrote: | "Even if you have funding, there's always more work than you can | possibly do," Van Slyck says. "And the bar is always being | raised. It used to be enough to just put some code online. Now | you're expected to foster a community. You have a lot more hats | to wear." | | I found this statement perplexing. Why is it no longer "just | enough" to put some code online, in a take-it-or-leave-it | fashion? If anything, given how easy git has made it to fork | projects, it's more acceptable to do that today than it is is the | old days of centralized version control. If you have the time and | effort to maintain it, then great. If not, that's fine too; | having some code out there to serve as the basis for future work | is better than no code at all. | dkdbejwi383 wrote: | This is a perfectly reasonable position to take, however a lot | of people are very needy, wanting to be handheld through | support beyond a reasonable limit, or demanding that you | implement x or y because they need it, and want you to do it | for them for free. | quanticle wrote: | Well, sure, but you can say, "I'm sorry, I just don't have | the time to do that right now." They can then either fork the | project and implement the changes themselves or better yet, | step forward and ask if they can help with the maintenance of | the project. | | EDIT: I glossed over this part when I was reading the | article, but indeed there are many open source developers who | do hold this attitude: | | _Halliday--better known by his handle substack--takes an | uncommonly hands-off approach to his work. "I have all my | GitHub notification emails turned off," he says. If someone | finds a problem with his code or wants a feature added to a | module he's no longer working on, they're free to fork his | code. That is, after all, the open source way. But he doesn't | put effort into issues or pull requests for packages he | considers finished. "It's not my job to keep tabs on every | little thing I wrote years or decades ago very often," he | says. "I am always busy with new projects and if I was always | looking back at old projects I wouldn't have enough time to | move forward."_ | | I fully agree with this viewpoint and I think it's good for | the overall software ecosystem if engineers did more due | diligence on the packages that they use. | calvinmorrison wrote: | Which is why I always say "show me the code" or "we accept | patches". | quanticle wrote: | I thought about writing "patches are welcome" as an | example response, and I deliberately chose, "I'm sorry, | but I just don't have time for that," instead. Reviewing | a patch, in many cases, takes somewhere between 50% and | 75% of the time it takes to write the code in the first | place. It's not a given that someone who open sourced a | random project will have time to review patches. | kop316 wrote: | Personally, I much prefer "patches are welcome". It puts | the ownership back on that person who asked for XYZ | feature to do it. | | If that person is actually motivated enough to write a | patch (which I have had!), I welcome reviewing it, | because it empowers that person to feel like they can | contribute to my project (and hopefully other projects | too!), and makes others feel like they can contribute to | my project as well. | lupire wrote: | Patches are always welcome on your fork. Upstream can | merge whenever they want. | meetups323 wrote: | Hah. I regularly see patches whose review takes well over | 100% the time it would have taken me to create the patch | myself. | | But then I'm employed by $MEGA_CORP and part of the job | description is "helping to build and maintain the OSS | community", so helping novices create their first patches | is a big part of that. | pvorb wrote: | But are those bad actors really that common? Typically, what | I see is that developers really know what to expect from an | open source project. If you can't offer them support they | could walk away looking for alternative options instead of | funding your project. That's because devs usually don't have | a budget to spend. They even could fork and solve their own | problems without caring to support the problems of others. | But I guess all of this is okay and perfectly acceptable use | of open source software. | pvorb wrote: | I agree with you. At least I've never been offended by anyone | for not replying to issues raised in my repositories. And a few | of my libraries are downloaded millions of times per week from | NPM (which is not that uncommon on NPM, but still). | | That really bad support didn't lead to any actively maintained | fork, though. So I guess it's all stable enough for people to | still depend on it in their new projects. | amelius wrote: | > It's time to stop taking open source infrastructure for | granted. | | It's time our governments start taking OSS seriously. | | Like academia, OSS deserves state sponsoring. | | Most of the research papers I read were made possible by OSS one | way or another. | FridayoLeary wrote: | I know. I'm always amazed to see how many open source licenses | there are on every device. | simonw wrote: | I got a bit of a shock when I visited | https://github.com/readme/unseen-oss and it wasn't a GitHub | repository, it was a custom designed page! | | Not a lot of URLs on GitHub sit outside of their regular | /owner/repo pattern - the only other section I can think of that | does that is https://github.com/about - things like documentation | tend to live on separate subdomains, like | https://docs.github.com/ | pvorb wrote: | I also was a bit confused, because I mistook this for coming | from Readme.io, which is on GitHub at | https://github.com/readmeio, and I thought about how the heck | they convinced GitHub to add a custom design for their | repository. | sneak wrote: | I expect Microsoft marketing to continue to do splashy, | unexpected things like this as they milk the still-as-yet- | trusted GitHub brand for all it's worth to expand Microsoft's | control over the open source ecosystem. | pvorb wrote: | The GitHub.com namespace is quite limited, though. I wonder | if they had to delete or rename anyone's GitHub account or | org for creating this page or if it was preserved for a long | time. | sombremesa wrote: | According to wayback machine Sandy McMurray [0] used to own | it [1], but it has been commandeered for quite some time as | well [2]. | | [0] https://readme.tumblr.com/ | | [1] https://web.archive.org/web/20090709114358/github.com/r | eadme | | [2] https://web.archive.org/web/20160218095949/github.com/r | eadme | epigen wrote: | Exactly, what's the catch? | | How does Microsoft come to own all of open-source? That's the | plan, right? | sneak wrote: | VS Code becoming standard tools, alongside GitHub and NPM | which they own now. This affords a tremendous amount of | steering control and opportunities for lock-in. Some of the | existing ones are the proprietary plugins for VSC, and | GitHub Actions. | | I wouldn't be surprised if they end up picking up Docker | for a song now that Docker has utterly failed to find a | workable revenue model. (Microsoft sponsored Docker's | surprisingly-complete Windows support, IIRC.) The | extremely-widely-used Docker Desktop products are already | nonfree, as well as the dockerd that runs on Windows. | kzrdude wrote: | Ouch. What's a good docker alternative? Something with | similar dockerfile semantics but can be linux only for | sure. | Multicomp wrote: | IIRC RedHat offers podman | pbhjpbhj wrote: | Presumably it's like I'm assuming Win10 is, a slow burn. | | Coax people slowly over time to give up other options until | there's nothing else to choose, then flick the switch and | fleece them harder than hardness itself. | | Based on past performance I just assume we're in an | elaborate version of the 'fleece tourists with inordinate | drinks bills' con trick. | | #GetOffMyLawn | ghuntley wrote: | Authored two blog posts on this recently: | | "Did you know there are less than 2100 people in the inner GitHub | open-source maintainer community? I often wonder what the future | would look like if these high achievers that our digital society | is built upon were empowered to become independent artists." | | https://www.gitpod.io/blog/devxconf-wrap and | https://www.gitpod.io/blog/gitpod-open-source-sustainability... | torstenvl wrote: | Surprised there's no mention of Gecko or WebKit, now that every | major browser is based on one of the two. | jasonhansel wrote: | This is the inevitable result of the widespread use of | permissive, non-copyleft licenses. Instead of developing an | alternative to proprietary software that protects users' freedom, | OSS work becomes just a source of free labor for large tech | companies. | [deleted] | parafactual wrote: | This isn't snark, but a genuine question. What makes open | source developers prefer permissive licenses to GPL and other | copyleft licenses? What is the benefit in letting corporations | use your work in proprietary software? | SteveMoody73 wrote: | I don't release much open source code, most of the code I | work on can't be released publically. | | The code I do release is probably not that useful to many and | in most cases is something i've written for personal use | primaraly. | | I always use a permissive license for anything I release. | It's usually served it's initial purpose to me and if it can | be of benefit to another, then they should be able to use it | in any way they want | golergka wrote: | So I can use it at my job, and justify spending my employer- | paid time working on open source. | mechEpleb wrote: | Getting it out there. If your goal is just to ensure that a | well supported open source solution exists and people can use | it instead of having nothing at all or only paid proprietary | garbage, a permissive license makes far more sense. | | If your goal is sticking it to the man and demolishing | capitalism or whatever then it's different of course. | logbiscuitswave wrote: | I've worked several jobs in the past where using reciprocal | OSS (such as GPL) was expressly forbidden. This would leave | us in the position of reinventing the wheel, buying | something, or using something (possibly inferior) that's | more permissive. | | (I guess in many ways this is a data point to support the | "OSS work becomes just a source of free labor for large | tech companies" thesis up thread.) | SQueeeeeL wrote: | Open source software is bizarrely sticking it to | capitalism. RMS and his ilk developed these licenses pretty | much because they wanted free shit out there with no | stipulations. It's insane that anyone with skills would | care enough to work on GNU instead of making 6 figures to | write the same code for IBM. OSS kinda proves that humans | are deep down pretty alright | throw0101a wrote: | > _RMS and his ilk developed these licenses pretty much | because they wanted free shit out there with no | stipulations._ | | Copyleft, _having_ to release code diffs, is a | stipulation / restriction. | | MIT/BSD is the one without any stipulations / | restrictions: | | * https://en.wikipedia.org/wiki/MIT_License | | Depending on one's goals one may be better than the | other. | zxzax wrote: | Just a small correction -- The GPL does not require you | to release code diffs. | lupire wrote: | IBM pays some people to write GPL code. | nemothekid wrote: | I don't think open source developers prefer permissive | licenses - I think permissive licenses are better suited to | become popular. | MereInterest wrote: | I think permissive licenses lack any pushback against | proprietary network effects, and therefore are subsumed by | them. One of the goals of the GPL is to cultivate a network | effect of its own, to counter that of proprietary software. | It's not that permissive licenses are better suited to | become popular, but that they represent support of the | proprietary status quo. | _def wrote: | You can base your business model around that. Support, | certificates, Trainings, etc. | | Of course that is not the case for the majority of projects | like curl for example. | chowells wrote: | Writing software sucks. I release code with a permissive | license because I want to make it suck a bit less for those | who come after me. My only goal is to relieve developer pain | by providing reliable chunks of code. | | Maybe I'd feel differently if I made an entire service | instead of small focused libraries. But that's an entirely | different world. | caramelcream wrote: | Wider adoption results in a healthier ecosystem. Also, don't | forget that most of FOSS developers are employed somewhere | and surely they want to use FOSS at their jobs. | nicoburns wrote: | As soon as someone else contributes, copyleft licenses also | prevent you from using your own work in anything proprietary. | So if you have side project that may potentially grow into a | business if it takes off then permissive makes sense. | lupire wrote: | Why do you think you need proprietary software to run your | business? | | Especially if it's a hosted web app business? | dkarras wrote: | I don't think many people are lamenting the fact that their | project is popular and being used. | | Because they can just... stop maintaining it if they wanted. | They are completely free to do so. | | Many developers like to feel useful, feel like they are solving | an important problem in a suitable way. Some even want the fame | associated with it, or the doors having such (a) project(s) | opens (you use X? I wrote it, and maintain it - or people | hunting you specifically because you are known to have created | X). | | The point is, the tradeoff between the feeling of being taken | advantage of and feeling useful and fulfilled because of | solving an important problem in a suitable way is controlled | _directly by the author / developer_! If they feel it is not | worth the effort, they can just stop! | | Having a permissive license helps you gain popularity. Many | people won't touch GPL derivatives for their business / side- | project-that-might-turn-into-a-business so such a license can | have an inhibiting effect in adoption. Developers generally | aren't stupid, they know that and they choose more permissive | licenses, because they want to be seen, they want their | solution to be used. They maybe want the fame and open doors | associated with having such a project take off. It is a trade- | off under their control. They can stop with maintenance any | time. Hell they can even change the license of future versions | (if they have not started with a GPL-like license) if they | want. So I don't see the problem here. Everything is under the | developer's control. You can't have it both ways: The boost to | popularity by having a no-strings-attached license, but reaping | proportional profits from such an endeavor as if you had a | restrictive license protected by a business entity. | | If you give money (value) away for free, you'll be pretty | popular. "I want to be easily popular as if I'm giving money | (value) away for free, without actually giving money (value) | away for free" does not make much sense. | 3pt14159 wrote: | I love OSS. I just think it should come with a cap. If a | single stakeholder (shareholder, employee, bondholder, etc) | is worth $1B USD or more, the license is $1m[0] a year. That | way we all get to have fun, but the megagiants like Amazon | actually have to pay something back to projects like | Postgres. We'll get better security and a naturally | progressive, opt-in tax on the largest of companies and | investors. | | [0] Or whatever, if it's a small library maybe $50k or maybe | something that scales with market cap, etc. Throw lawyers at | it. | version_five wrote: | You can make a license like that if you want to. | jasonhansel wrote: | Since widely-publicized OSS work can be a prerequisite for | top jobs, it often isn't really a "free choice." | | But if it is a choice, then it's a choice that undermines | fellow workers. By working for free, you're taking away jobs | from people who might genuinely need them and be unable to | work for free. | | In this way, OSS work can serve to entrench inequality by | giving a hiring advantage to those with more time and | resources, while reducing the salaried jobs available for | others in the industry. | lupire wrote: | Lucky for you, top jobs hire by standard whiteboard | quizzes. | golergka wrote: | You don't have any obligation to pursue a top job, nor it | is necessary for your survival. | abnry wrote: | Is there really a shortage of tech jobs caused by open | source projects? | senko wrote: | > Since widely-publicized OSS work can be a prerequisite | for top jobs, it often isn't really a "free choice." | | Which top jobs require you to be a widely-publicized OSS | author? | | I've only ever heard this to be a plus (which I believe is | fair), not a requirement. | [deleted] | smarterclayton wrote: | It's not a requirement at Red Hat, because anyone can be | converted to the open source religion. This surprised me | when I started - I thought I would need to be | indoctrinated, but then it just became normal to see open | source as the only way to work. | | That said, RH hires key contributors all the time (as do | many companies), so being the maintainer of a project is | definitely a plus. | zxzax wrote: | >OSS work becomes just a source of free labor for large tech | companies. | | I really don't understand why there are always comments of this | nature every time this is brought up. Why is the size of the | company relevant? Do people here not have jobs in the IT field? | When people contribute to open source, anyone is able to use | that code, including you. That means when you go get a job at a | new company, you can keep using that code. It doesn't matter if | you go to a small company or a large company. | guhcampos wrote: | On the bright side, this whole story displays the immense power | of composition (in more than one meaning for composition) in | software. | | If you stop and think about just how much stuff humankind built | around stuff like the mentioned curl, or linux, or gcc, or numpy, | or netscape. | | We all stand on the shoulders of giants. | Avery3R wrote: | That gigantic sticky header that serves no real purpose is so | ugly. | nick_g wrote: | I wasn't a fan of it as well. While I find sticky headers | common enough to not be too surprised at their presence, the | strange link symbols next to repositories on GitHub especially | bothered me during my reading of the (otherwise solid) article | kzrdude wrote: | It's not rational, I guess, but it really feels like it is in | the way, and it distracts from actually reading the text of the | article. | teddyh wrote: | https://xkcd.com/2347/ | mooreds wrote: | There's an xkcd for everything! | INTPenis wrote: | More like 1993. ___________________________________________________________________ (page generated 2021-06-09 23:00 UTC)