Comment by adeebshihadeh
19 days ago
"Open source has always worked on a system of trust and verify"
Not sure about the trust part. Ideally, you can evaluate the change on its own.
In my experience, I immediately know whether I want to close or merge a PR within a few seconds, and the hard part is writing the response to close it such that they don't come back again with the same stuff.
(I review a lot of PRs for openpilot - https://github.com/commaai/openpilot)
Cool to see you here on HN! I just discovered the openpilot repository a few days ago and am having a great time digging through the codebase to learn how it all works. Msgq/cereal, Params, visionipc, the whole log message system in general. Some very interesting stuff in there.
When there's time, you review, when there isn't you trust...
That's the issue here.
Even if I trust you, I still need to review your work before merging it.
Good people still make mistakes.
What is the definition of trust if you still have to verify? How does "trust" differ from "untrust" in that scenario?
1 reply →
What's the rush? Building good things takes time.
deadlines, money, attention. The usual things in industry.
[flagged]
Why? I don't appreciate comments that cast doubt on decent technical contributors without any substance to back it up. It's a cheap shot from anonymity.
I'm not the parent but if you know you want to merge a PR "within a few seconds" then you're likely to be merging in bad changes.
If you had left it at know you want to reject a PR within a few seconds, that'd be fine.
Although with safety critical systems I'd probably want each contributor to have some experience in the field too.
5 replies →
What kind of things would you like to hear? The default is you hear nothing. Most black boxes work this way. And you similarly have no say in the matter.