Comment by bananamerica
7 years ago
As someone not in the know, Rich's post seems like an extremely aggressive and arrogant piece. When you put it in context, it does make more sense.
7 years ago
As someone not in the know, Rich's post seems like an extremely aggressive and arrogant piece. When you put it in context, it does make more sense.
> As someone not in the know, Rich's post seems like an extremely aggressive and arrogant piece.
It seems that way? To me, it seems like a reasonable response to how many people treat any kind of volunteer-led effort.
For example, I help mod a fairly popular subreddit, r/cscareerquestions. Now, we don't have a problem with people suggesting changes to sub rules or have meta discussions and even complaints. No community is perfect, the mods certainly aren't, etc.
However, the vast majority of complaints are of the completely useless variety. They're the vague one-liners -- "this sub used to be good, and is now bad for generic reasons I will not elaborate on" -- that usually have no clear basis in reality, nor any practical solutions even to the extent they're true.
And when I try to earnestly engage with people who have the most upvoted complaints, 95%+ of the time, there's nothing there. Probably half the time they just don't respond, half the remaining time they just loose another snipe or parting shot before disappearing, and most of the rest is something in the set of {doesn't actually happen/no evidence; assumes everyone agrees with them; problem is actually well-diagnosed but the proposed solutions are laughably naive}. The number of complaints or suggestions that are meaningfully actionable is very, very low.
What I've found looking at other subs and ours, is that generic complaints about sub quality and mod team actions are a quick and easy way to upvotes, but it's rare for someone to actually be well-informed on the topic and have actually thought through the problem and solutions they suggest.
So when Rich says, "Did you know that most patches/issues have poor problem statements, no description of the plan (read my code!), no consideration of alternatives, no tests, no designs, and are ill-conceived and/or broken in some way?" that doesn't surprise me in the least. Even when people nominally want to contribute, they usually don't seem to try very hard. For me, it's gotten to the point where I'm writing a guide for subreddit criticism and suggestions to try and improve the quality of the complaining.
tl;dr - even when something is reasonably well run by volunteers, people love their low-effort gripes and snipes
I don't have any reason to doubt the truth and logic consistency of either Rich's post or your reply. The problem is not the logic, it's the rhetoric. For anyone out of the loop, he sounds like an interstellar douchebag. And, because the article is public, this can become a problem.
In my experience there are two kinds of people. Those who focus on tone and delivery, and those who focus on content and consistency.
The former will remain exceedingly polite, up to and including the part where they tell you to go f yourself.
The latter are the ones you can actually depend on in a crisis, because they won't be busy playing social games to cover their own behind.
I'd argue that if someone is seen as a giant douche because they won't automatically cater to someone's sensibilities, that's a sign of a real douche, who is so used to being marketed to and "handled", that fair, reciprocal treatment is experienced as rudeness.
That is the gap between the kind of culture open source used to have, and what some want to turn it into today, and which is often incorrectly dismissed as a lack of civility.
Civility is that which allowed civilization to form, not what passes for it once others have already done the work. If that is a problem, it's because it's been manufactured into one on purpose.
1 reply →
> For anyone out of the loop, he sounds like an interstellar douchebag. And, because the article is public, this can become a problem.
I'm out of the loop and didn't get this sense at all. His points seemed fair enough to me. There's way too much entitlement evident amongst people who use, and sometimes even contribute, to OSS[1]. It gets frustrating, and Rich has explained why.
[1] I've never been an maintainer of a popular OSS project, and don't want to be, but a few years ago I was a custodian for a relatively popular free (as in beer, not as in speech) tool, and we'd often get emails from users acting like we owed them something.
I’m not in any loop and nothing about the post came across as douchey. In fact, it seems many people need to be reminded about who is responsible for putting open source code in any project especially after reading the disgustingly entitled comment thread on the recent nodejs security issue.
6 replies →
The person in question isn't some random dude who just makes demands, but a visible volunteer. Otherwise the tweet would have no voice, and Rich Hickey wouldn't feel like spending the time to tell someone how they weren't worth the time.
It could easily have applied to dominic and the earlier npm fiasco, though.
People are getting a bit entitled as to what an open source maintainer has to do for them.
It's exactly how video game audiences are.
But honestly the stakes are higher than video games. If you go around advertising your package, get people to depend on it, then compromise them later, that's malpractice on your part. That isn't how society runs so it's rather obvious when people get mad that there's a landscape full of anarchy when it should look more like modern civilization.
Like it or not, npm and the node community has not prioritized its reputation. And the mechanisms that keeps bad operators out of npm open source rely on a relatively small company considering the actual business livelihood that relies on npm integrity. It means the community is okay with continuing to use npm, and that means that the community doesn't have a healthy way to maintain itself and build trust. It's going to rot, I think (and hope). It's just going to be a bunch of tribal nomads moving from project to project until someone social engineers a compromise and they're off to find another huge dependency graph again.
At the very least, Clojure is telling people what it's about upfront.
Other package managers are not immune to this, btw. npm is just often the whipping boy.
> If you go around advertising your package, get people to depend on it, then compromise them later, that's malpractice on your part.
I tend to agree with this. I've always had a great deal of sympathy with OSS devs and maintainers, but if you've gone out of your way to evangelise people onto your platform (OSS or otherwise), then leave them high and dry, resulting in a load of complaints/bitterness, you have to bear at least some of the responsibility for that outcome.
> If you go around advertising your package, get people to depend on it, then compromise them later, that's malpractice on your part.
I'm not sure how much he advertised it.
This is part of the problem I have with things like npm, cargo, etc.
They defaults are set to try to suck up your work and get you to make it public.
Consequently, semi-useful things get loose probably long before people intended them to and probably long before people realize how much work they just signed up for.
That was a different issue IMO. I've stopped maintaining open source projects that others rely on, and I owe them nothing. They can fork my code if they like.
And yes, it's users' responsibility to decide what code they trust. But "I trust developer/organization X" is a reasonable way to decide that, and auditing every single release is far, far more expensive. I'd be betraying their trust if I let a complete stranger release an update in my name.
I can sympathize with that. But I think Rich made a very bad choice of rhetoric, and this is probably going to bite him in the ass.
"Bite him in the ass" how?
1 reply →
you mean the guy who gave his project, including namespace, over to a hacker?