Are we still talking about supporting open source maintainers? I hope so, because I wrote about a more holistic solution than giving everyone a patreon or whatever.https://jenniferplusplus.com/the-free-software-commons/
-
Stephen Weberreplied to Jenniferplusplus on last edited by
@jenniferplusplus @luis_in_brief I think licenses is a great example of how an individual can borrow governance.
Many times the kind of governance we're talking about is embodied in tooling: how contributors are onboarded, how issues are tracked, how contributions are vetted, how patches get back-ported.
Tools are not everything, and they're highly susceptible to the kind of vendor-takeover that Jennifer talks about. And they don't have to be complex, they can be like license files.
-
Marco 🌳 Zoccareplied to Jenniferplusplus on last edited by
@jenniferplusplus @luis_in_brief I think that as soon as a "solo" OSS project is depended upon by at least another project, that's a commons. And this can be measured and socialized in turn.
-
Jenniferplusplusreplied to Marco 🌳 Zocca on last edited by
@ocramz @luis_in_brief I wouldn't suggest trying to draw bright lines around what project is it isn't a commons in its own right. Luis described things up thread as a multilayered polycentric commons. I think that's much more useful. Projects are components of a big poly-commons. That's plenty to guide large scale action. Local scale action definitionally must be locally managed
-
corbeaucryptoreplied to Jenniferplusplus on last edited by
@jenniferplusplus Hey - that's a great article. Thanks for writing it and sharing it! Couple of observations and questions. When I consider non-digital commons, I imagine fish or trees for example. Usually there's licensure and quotas associated. Hard to put a quota on usage without changing the game considerably. So the idea of contributing back seems like a good place to start. Am I missing a larger perspective here?
Do you see that integrating with SBOM practices? Do you think there should be some governance around deployments? For example - I am thinking of that famous ticket MS put in for VLC support for, what I believe, was videos in Teams? I'm afraid I've (collectively we've) paid more out in supporting open source developers than many vendors who amass great wealth without contributing back. Not mad at that. Just not really sustainable without something feeding back into the system.
-
Jenniferplusplusreplied to corbeaucrypto on last edited by
@corbeaucrypto The limited resource in the foss commons is maintainer's time and attention. If a large corporation takes a dependency on a package and never has another interaction, that really hasn't depleted anything, and that's not really what needs to be monitored and managed.
OTOH, if that same corp comes back 6 months later and starts demanding an SBOM, *that* is extractive, and should likely be seen as violating the rules of the commons.
-
@jenniferplusplus Open Source is not a commons, because increased use doesn't diminish it, in fact, it makes it even better. And no, we don't need more bureaucracy, thank you very much.
-
@deshipu read the post
-
@jenniferplusplus I have read it, I wouldn't be commenting otherwise. You are suggesting that introducing bureaucracy would help, and alleging to how it helps solve the "tragedy of the commons" problem. But open source communities don't have such a problem, they are not competing, and they are not limited by a physical resource that can be depleted and that would require maintenance by a governing body to protect it from devastation. And it would be useless for the problems you mention.
-
@deshipu now you're just putting words in my mouth. I very explicitly did not say any of that.
This is now a reading comprehension test. If you fail, I will block you. What did I say depletes the resources of the open source commons?
Feel free to just not reply.