Jerry πŸ¦™πŸ’πŸ¦™Mar 30, 2024

I can’t tell you how angry this makes me feel for this maintainer.

I don’t know who Jigar Kumar is, or what the motivation was behind the emails that the author is referencing, but I can tell you if I was trying to get a bad actor in as a trusted developer, this is how I would approach it.

Good post.

https://robmensching.com/blog/posts/2024/03/30/a-microcosm-of-the-interactions-in-open-source-projects/

A Microcosm of the interactions in Open Source projects | RobMensching.com

Originally a thread on Twitter about the xz/liblzma vulnerability, when I finished typing it, I realized I had a real world slice of Open Source interaction that deserved more attention.

Show threadπŸ…±πŸ…»πŸ†„πŸ…΄πŸ…±οΈMar 30, 2024

@jerry

We need a system that pays people based on adoption of their project. A system that moves us towards an honest to God meritocracy.

This getting paid to sell other people's stuff, pollute, and steal others effort thing sucks.

If only it was so simple.

Show threadTrent WaddingtonMar 31, 2024
@BlueBee @jerry well, we have a system - you go get a job at a corporate entity that pays you to maintain open source - and provides professional services, like HR and an engineering structure, healthcare, and an environment where you get to talk to other human beings who share the same pain points, etc. Solo devs and maintainers hate it, resist it, disparage it, and produce phenomenal work without it - until the passion becomes drudgery. Maybe they could work together?
Show threadπŸ…±πŸ…»πŸ†„πŸ…΄πŸ…±οΈ

@quantumg @jerry

From someone who has been trying to climb that crap.

It ain't working.

Maybe it is where your are, but over here, making stuff worthwhile just means that someone else gets the credit.

And I've been ready to work for a minute and instead I'm wasting months on a job search.

Look, I literally can't think of an analogue for how 'not working' this system is.

Mar 31, 2024 at 4:23amWeb