HI version is available. Content is displayed in original English for accuracy.
Advertisement
Advertisement
⚡ Community Insights
Discussion Sentiment
50% Positive
Analyzed from 2227 words in the discussion.
Trending Topics
#open#source#software#more#code#social#free#don#project#should
Discussion (23 Comments)Read Original on HackerNews
An open source developer had disabled pull requests and other operations on their repository because they were fed up with harassment. They gained a reputation for being extremely disagreeable at that time. I was unaware of this and simply assumed that was how the project worked. I had to do some minor investigative work to find their email address and I sent them a polite, low pressure email with my unsolicited patch and made it clear it was fine to use it or ignore it. They thanked me, explained the situation, even apologized for the difficulty, and said locking things down was the only way they knew to cope with the situation, and of course applied the fix.
If you want to dump code onto the public with a permissive license but not develop that software collaboratively, then sure, you can do that, and the code will be open source code. Opening the code is a good thing and there’s no obligation for you to do anything more. But it isn’t doing what open source was designed to do; it’s ignoring a key part of it.
The people that see open source code and assume that it is being developed collaboratively are not being unreasonable – that’s the purpose of the open source movement. If that’s an inaccurate assumption for your software, then that’s fine – but it’s you that is breaking social norms, not them.
Better faith CoC people talk about freedom of association vs freedom of speech - if a platform doesn't like their oppponents, isn't it fine to ban them? Or say it should just be treated as a more utilitarian "be nice" convention for the mailing list (obviously it depends who is calling the shots, but that is true in any project).
Sure, but the problem here is far more insidious. By latching into delicate and, at times, controversial issues, CoC may hold a project hostage and threaten character assassination.
Imagine that for some bizarre reason, CoC establishes that issues are only to be talked about on Mondays. People can comply, or they can leave, no biggie. Strange but clear cut.
Now, say it instead establishes whatever politically motivated consideration. The choice now becomes one of positioning oneself into the current political climate. This makes sense at times, but also leaves a door open for abuse akin to rules lawyering, gotchas and crybullying. Sometimes creates a phantom HR that has no interest beyond exerting its power and which does d with no accountability.
Problem is anyone raising this as an issue or rejecting such proposal is going to look bad while doing so. It's easier to keep your head low.
Do you think open source projects just had to put up with anything and everything before they came along? No, if someone was being an active detriment to the project, they'd get naturally pushed away by the project leader, who was usually also the top contributor, in a clear and transparent manner. If the rest of the contributors agreed, that was that. If not, they could always fork. No drama needed, everyone was free to judge for themselves.
CoCs were introduced not only to to take that power from the leader or top contributors and hand it over to cliques of political activists, who often do not contribute to the project at all in terms of actually writing code, but also to allow them to invoke it in vague and secretive ways, for reasons that most actual contributors likely wouldn't agree with. Obviously, this leads to drama. You'll notice that CoC drama almost always boils down not to "this person is generally agreed to be a detriment to the project" but to "this person said or did something that offended me and thus violated the CoC".
It is not a political thing in my view. I get more tired by the metadrama. Things did change when open source became a business. It is impossible to compare a voluntary based project with a big one. I think the issue is that most people have no experience in doing large scale self organization.
> The author is making it "for people, for society, for everyone around them, interested in developing the project, adding new features (especially those I need), and improving it in every way for the benefit of all users. After all, if that's not the case, why even publish it?"
This, however, is just a most common social expectation of FOSS, but far from the only case. Lack of mention of this distinction between technical and social open source is the main cause of disagreements, disputes, and, ultimately, burnout due to misaligned social expectations.
I used to have to explain the problem and the difference to an outraged public, but recently I came across an article by Jeffrey Paul https://sneak.berlin/20250720/the-agpl-is-nonfree/ comparing open-source code to a gift! My explanation boiled down to:
"Don't like the gift, it doesn't suit you? Throw it out and forget it!"
I wonder if this always used to be the case, or is all this harassment the product of the past ~decade or so high exposure of open source software? As in no more sketchy websites or weird build pipelines to access them, they're basically slapped on github with an executable for anyone to use.
https://www.debian.org/social_contract
>I wonder if this always used to be the case
As written in the article of discussion, it used to be, well, quite a mess. There wasn't an established social expectation that you can ask author to do something, and they will do that. The whole software ecosystem was 100x smaller, and most of the users were tech-savvy. The author released the software somehow, this v1.0 got updated my "many" people (back than many meant 3-4-5), and then, after quite a while, it made a roundtrip back to the author, for which they "officially" released v1.1.
That's it, more or less. If no more bugs found, the software was considered as finished.
You don't need to put up a marketing page that tries to convince people to use your software. Instead (or as well), consider explaining all the reasons why someone should not use your software. More users, more problems.
To be more specific, Open Source only promises the four fundamental freedoms (https://en.wikipedia.org/wiki/The_Free_Software_Definition).
It promises literally NOTHING else, including zero cost. Free and open source software can and should cost money! (The "free" in "free and open source" is not about money, people!)
I'm actually very enthusiastic about these OSS "supply chain" attacks that have been happening in various communities. Because optimistically I hope it'll help people realize that OSS _is not a supply chain_ (more details here: https://lobste.rs/s/cxwidw/no_one_owes_you_supply_chain_secu...). Unless you're paying your vendor AND/OR have a contract in place with them with certain guarantees, you do not have a supply chain.
One term thats in almost every FOSS license is "this software is provided with no warranty." A supply chain implies a warranty. Therefore, FOSS is not a supply chain.
no, that is FSF's free software.
I'm sick of coming here and see "open source" as something with "moral values" - stealing it from the free software with "the magic" of conflating the two concepts.
Open source is just big software companies stealing from innumerable volunteers
But my point is... the active dev group was, at any time, very small. Mostly I'm talking about small utilities like make, Sendmail, sed, awk, sed. Perl seemed like it was just Larry Wall and tchrist for most of the time before 1990. gcc was an insane counter-example with a cast of thousands who submitted patches and you had to socialize your patch w/ RMS if you wanted it upstream.
oh wait... I forgot to make my point... My point is... the new tools support larger teams of people constantly interacting. I think there are great benefits to having a small team and effectively giving the middle finger to internet randos who don't submit their patches on one of their kidneys (i.e. - they'll think long and hard and sure as he'll won't submit two.) But getting people interested in your work output isn't one of those benefits. So... absolutely... go old school... But keep in mind the size of your team will be small and it may be hard to attract users.
But... screw users... I write software to support my own use cases. I open source it on the off chance someone else may find it useful.
The problem here is "open source" is seen as free support and working for "the community" for free and since the code is out there, no-one needs to pay the maintainers. (which is false)
Some mention GitHub sponsors as the solution, however it is a power-law system and benefits the very early participants or already famous developers to make a meaningful amount of income. But it is now at its late stage for everyone else. In some cases, some maintainers on sponsors get attacked / cancelled over a disagreement and that is the end.
It is completely thankless and unsustainable. $5 donations do not work either.
Now with AI, unless you are at a company that can afford it, there is little reason for human developer(s) to be working in open source and relying on $5 "sponsors" since AI agents are used to replace the need of paying for support for the developer.
What worked 20 years ago for paying for human support, now does not work today unless you do not mind about willing to work for free and spend some tokens. If you don't someone else will with an agent.
Not even Richard Stallman or the FSF makes money on this, nor do they have a solution in 2026 as it is unenforceable. But one thing that Stallman, Torvalds and other famous developers have is influence and that is what pays their bills.
The "support" is not only the maintenance burden which (sometimes) could be solved for money. It's also the features that the original author just don't find useful at all, but others may want to have.
If I don't have Mac, never used it and don't plan to buy it, why would I want to accept contribution to support this platform? It's useless for me, I won't be able to test it (and it will break sooner or later), and once the code is accepted, it's usually assumed that it would be maintained by the application author, not the code contributor (unless additional CLA is signed, etc).
What's clear is they mediating all selection choice and interest through pressure points of a single fixed trust board is of limited use going forward. I don't think the vouches and other web of trusts tackle the actual root need to disaggregate, decentralize.
You can anti-social open source, reject, flee to nihil and going away, solo-ing. I think that's mad bad and dumb; just my judgement call. I agree strongly with v-it, open source is social. It's interesting and fascinating to open your mind. These other signals are fascinating. The glut of goodness is something we should firehose better, not shy from. https://v-it.org/
This is not antisocial.
You didn't talk about being interested in what maintainers were up to. You talked about what your friends are interested in! That's the thing! We need to decentralize the decision making. If your friend is juggling some patches, some feature branches atop code you use, that is interesting. We seem to both agree that we do want to have interest & awareness.
We've only had one model for social ness ever and it's created enormous pinch-points, enormous thin-waist problems for getting stuff done. The maintainers themselves keep saying they can't handle the loads, don't enjoy it, don't want to. I think the submission is kind of a bad spirited loser but I'm sympathetic! I just think it's worth exploring pro social options before we all default to shutting down turning off all the exterior signals and going dark, like suggested. That sounds a lot like being a loser to me. Fine, do you! It sucks though, it really does. Everyone should hope aspire to & work for better. Let's discuss what that might look like.