Comment by mrtksn
1 year ago
Ha, maybe there should be a tool that calculates your "bill" based on the OS stuff you are using and help you make a single payment that distributes it to the rightful owners. That bill thingy can be calculated as how much you actually used this stuff and how much donation they currently receive and then you pick how much you feel like paying thing month.
Distribution can favor projects that need funding to be sustained. Maybe you are using niche library than only 20 other people are using it but you are getting great value out of it, then maybe it can be reasonable to be billed $100(or not a strict sum but high coefficient to make your donation go mostly to this particular library).
I still think it's much more efficient to let your teams vote for 8 or 10 libraries, once or twice a year, send N dollars for every vote over <enough to make it worthwhile to track down donation information and cut a check> and carry over remainders from one vote to the next, so that everything below the cutoff gets some love every couple of intervals.
A lot of people will vote for the obvious ones, a few people will vote for the underdogs and it'll come out in the wash.
That also fights the common complaint here of people gaming the system by splitting up their libraries too much. Sindre, for instance, would get some money for p-limit, p-retry, and maybe p-queue, but not much else for his astounding menagerie of micro-libraries.
One thing is a bit frustrating for me personally is that I have a few packages that get tons of downloads yet very little stars. This is because I solve a niche well. Im usually deep in the dependency tree, rarely as a direct dependency. I would definitely be ignored by this scheme.
I don’t know what the solution to that is. I think you’d still get a few votes. I think it’s unlikely for library authors to pass some of their donations down to the libraries they depend on.
Foundations should probably be doing some of this work. Maybe government as well. National Science Foundation did it for a bit, partly because of Al Gore, but that is also how we ended up with the current model of everything being free either until it isn’t, or until you become the produce (advertising, user tracking).
There are some relevant tools for this, such as https://thanks.dev. While it doesn't work as a usage-based billing, at least it provides a way to fund all dependencies.
However, the issue is that most organizations relying on OSS are not tech companies. They mainly have no clue about OSS sustainability (e.g., airports and hospitals) and are unlikely to ever fund their own software supply chains, unfortunately. That's why there should be a data-driven index to address the global OSS supply chain, not only any particular ones.