Open Source

30349 readers

2070 users here now

All about open source! Feel free to ask questions, and share news, and interesting stuff!

Useful Links

Rules

Posts must be relevant to the open source ideology
No NSFW content
No hate speech, bigotry, etc

Related Communities

Community icon from opensource.org, but we are not affiliated with them.

founded 5 years ago

MODERATORS

Cloak@lemmy.ml

kevincox@lemmy.ml

CrypticCoffee@lemmy.ml

Lettuceeatlettuce@lemmy.ml

178

Bullying in Open Source Software Is a Massive Security Vulnerability (www.404media.co)

submitted 5 months ago by toaster@slrpnk.net to c/opensource@lemmy.ml

38 comments fedilink hide all child comments

you are viewing a single comment's thread
view the rest of the comments

[–] Danterious@lemmy.dbzer0.com 6 points 5 months ago (4 children)

So what is the the solution then? What kind of culture would be more operationally secure?

[–] harfee@lemmygrad.ml 19 points 5 months ago (2 children)

I think the article was pretty clear that (1) companies that use open source projects to make money should be contributing financially to them, and (2) users and contributors need to stop feeling entitled to maintainers' unpaid labor and time. Mostly 2 because it's a security risk AND a shitty way to treat people who are making something free for you.

[–] livus@kbin.social 3 points 5 months ago

users and contributors need to stop feeling entitled to maintainers’ unpaid labor and time

And the rest of us need to stand up for maintainers against bullies.

[–] pop@lemmy.ml 3 points 5 months ago

Honestly, in medium to big projects, 2 seems like mostly astroturfing from companies who really want to hide the fact that they benefit financially but use alt accounts to push toxic bullying like "you're not following opensource principle, not foss this, not foss that, you do this or we're going to make a scene" when maintainers try to get any semblance of authority over their own projects.

[–] pmk@lemmy.sdf.org 9 points 5 months ago

Maybe some inspiration from how OpenBSD handles users requesting features.
"No one deserves anything from us. /../ The developers in this project do the best they can"
or
"If you expected any of us to reply as if we are contractors or your employees, you came to the wrong place."

[–] toaster@slrpnk.net 4 points 5 months ago (1 children)

Community guidelines in a readme would be a good start. Also, educating those opening new git issues since I often see entitled and vitriolic demands from non-devs who do not understand what FOSS is (although I understand that this isn't the only bully archetype).

[–] delirious_owl@discuss.online 0 points 5 months ago (1 children)

Submitig bug reports is a contribution, not bullying. Some devs see reporting a bug as a bad thing. Thats toxic.

[–] Star@sh.itjust.works 2 points 5 months ago (1 children)

Of course, but you missed part of the point. Open source devs are providing code for free, the least the user can do is provide bug reports without rude language/demands.

[–] delirious_owl@discuss.online 1 points 5 months ago* (last edited 5 months ago)

I agree. But that goes both ways. Devs shouldn't be rude to contributors of bug reports. And the Lemmy devs have been real assholes to most of their contributos.

Theres a reason they have this reputation.

[–] Dymonika@beehaw.org 2 points 5 months ago

Probably some sort of mix, like federated or crowd-sourcing, but either simply means more maintainers/supervisors.