meanwhile Linus hounding down the google devs for making stupid pull requests
Do you have some context for this? I’m out of the loop.
Years ago, Linus Torvalds, creator of Linux, was notoriously mean to people who submitted bad code.
Like he would straight up call it absolute dogshit and say they should feel ashamed, he’d call them fucking morons, on one occasion I believe he even told someone to kill themselves.
In the years since, though, he’s said that he’s found the abrasive authority figure schtick doesn’t really work and has the unfortunate side effect of making others involved adversarial too, and he has changed to a much warmer and friendlier way of working.
Oh he’s still perfectly blunt about code, and even about people if need be but he makes sure he has a good night’s worth of sleep before he does that to not do it in anger. Which means dress-downs are now of the “I’m not angry, I’m disappointed” type. I’m not aware of him ever telling people to kill themselves, just erm “wondering”:
Of course, I’d also suggest that whoever was the genius who thought it was a good idea to read things ONE F*CKING BYTE AT A TIME with system calls for each byte should be retroactively aborted. Who the f*ck does idiotic things like that? How did they noty die as babies, considering that they were likely too stupid to find a tit to suck on?
(And to be fair, yes, reading things one byte at a time is fucking stupid. Not something you’d ever expect in a kernel)
I’ll allow it.
The trick is to stop giving af about demands from random assholes. Using software doesn’t entitle anyone to updates. Part of the point of open source is if you want it to be different, the source code is available for you to do that.
Yup. I’ve contributed to a number of FOSS projects (including lemmy) and try to always observe the proper etiquette. That means (IMO):
- read through the contribution guidelines and follow them to a T
- check for feedback at least once/day
- allow at least two days for initial feedback, and gradually back off (so bump after 2 days, bump again after another 3-4 days)
- if there’s no feedback after a week, bring it up on another channel (IRC, Matrix, email, etc)
- never demand anything, always ask how to help
None of that is written down anywhere, but to me it’s common sense. If you don’t want to do that, fork the project and maintain it yourself. Maybe they’ll pull your changes in if they’re good.
Well, it’s fun that they mention F-Droid, because the maintainers are bullies who bully their contributors and generally act very unpleasant. They like to make new rules on the spot.
I abandoned using the project altogether, not someone I want to support.
What rules?
That apps published there can’t be wrappers around a web application.
Good rule, those should be web addresses, not apps. Or even better, native applications rather than web apps, but it does depend on the context.
Eh… why? More to the point, it’s not mentioned anywhere in their guidelines, it was made up on the spot by the fella doing the code review.
They are inefficient and bloated.
And personally, I prefer good reasoning over good rules. If something comes up that is a bad idea but there’s no existing rule against it, the rules should be changed to address it. As long as the reasoning is sound, I think it’s a good thing, especially when we’re talking about something like a software distribution platform as opposed to say laws that determine freedom or imprisonment.
Also if you’ve made a web app, let it be installed as a web app. Both FF and Chrome let you install web apps in one click.
Inefficient and bloated describes 90% of all apps I’ve ever seen, regardless of technology used, so I fail to see your point.
What’s a wrapper in this context?
An app that’s just WebView?
Not WebView, but a so-called TWA, aka Trusted Web Activity, a features specifically designed to wrap PWAs and give them full-blown app capabilities.
Seems to me like they’ve done a pretty good job keeping their store free of malicious apps, I’ve never heard of any breaches like I have of every other store including Snap and Flatpak.
Maybe they’re pissing some people off in the process, but maybe it’s the right people to piss off. They’ve been able to hold it together in the FOSS app space better than most.
I would simply deal with these bullies by telling them to fuck off and fork their own thing instead of bugging me to push an update on the main. This feels nore like it should be happening to closed source things where the only way to get a thing in it is to beg the dev.
Unfortunately, that’s the social element of social engineering. Not all developers feel that way and it’s possible to trick them.
Luckily, most developers are on the spectrum and aren’t affected as much by that type of social engineering.
deleted by creator
I think most people who are “on the spectrum” are undiagnosed, this survey asked about diagnosed autism.
Completely a meme answer. IT workers including software devs in the past were seen as nerdy loner types
deleted by creator
This comment said:
Naturally closed source for profit software is so much better and would never contain anything malicious.
We know this for certain because the PR department affirmed us that there is nothing malicious or illegal within their code. There internal investigations found no proof of hacking from external sources, All code changes where done with the full legal permission of our Ceo and Overlord Marz Kucherberg ™
I mistook the post and didn’t know it was about bullying specifically so my comment was unwarranted
There have been other posts of late where my sentiment is more ontopic but here it only muddies the actual discussion.
Yeah but reading that shit was good. Especially the quote’s origin.
No need to be so defensive… unless you you the F-Droid team they are writing about. Are you?
Either way it is just whataboutism aimed at a strawman. No one is saying proprietary software is better.
Not sure why its still showing for you but i removed my comment seconds after posting as i misread and didnt know this was about bulling. I firmly stand against bullies of any kind.
Ever since the xz thing i have noticed a general increase in articles and clickbait titles spreading fear about open source software in general, its started to feel like intentional propaganda, for this post it was unwarranted.
Ps: please do confirm if my comments is removed by now on your end, i suspect comments may not always continue to sync between lemmy servers after the first initial postings.
No, I still see it. Not sure why, maybe because I commented on it.
I’ve had several comments behave the same way, unable to actually delete them, even after waiting a while for the delete to propagate.
The best thing to do is edit it to be just a period then delete. I can still sew deleted comments by hitting copy text
Your original comment is not showing for me.
It’s probably far more common than most people realize. Open source software doesn’t automatically make it secure, and in many cases can be less secure than closed source as it’s just one or two people doing it for free.
Much easier to be tempted to do something wrong or to get others to help in and take the weight off.
in many cases can be less secure than closed source as it’s just one or two people doing it for free.
Absurd take. How could having the source closed possibly enhance the security?
I think they mean that a lot of proprietary software (supposedly) has a large (or at least well-founded) team working on it
Hahahahahahahahaahaha
(I work for a software company.)
Weird that they would say something totally different from what they mean…
I mean, they didn’t though Theoretically, well-funded teams would be able to create more secure software and fix vulnerabilities faster than some random guy who works a full-time job and codes in his free time
You say they didn’t, and then go on to make a point they didn’t make…
They didn’t comment on funding whatsoever. Plenty of open-source software gets funding, and not all closed source software gets funding.
The issue is with bullying and burnout. Nothing to do with being closed or open source.
I’m sorry that I’m apparently not getting my point across to you
Proprietary software is often made by a corporation, who pays full-time developers. Those full-time developers are given a salary to work on that software. That salary is normally more than what open-source devs make off their software. The team who is paid to work full-time on the software will patch issues faster (theoretically)
I bet you’ll find something wrong with this, but I don’t care
There’s nothing wrong with what you’re saying, I’m not challenging the point you’re making here.
I’m challenging your ability to mind-read and ascribe that point to a different commenter.
Closed source software has the exact same bullying issue, the difference is instead of the bullies being random people on the internet, they are managers with power over you. They are at least as likely to make you do something dangerous as the randoms, but they don’t have to try as hard to hide it.
I mean you can see the source code. You’ll know if anyone does something weird if you have two braincells.Edit: Clown here move along.
You’re manually reviewing the entire code of every open source product you use? Manually reviewing the code at every commit of every open source software you use?
Nope, I’m just a clown who doesn’t actually work in tech.
I can’t tell if you’re joking but if you are that’s hilarious
Oh shit I must’ve said something really dumb now.
(I wasn’t joking).
It’s not a dumb point so much as just naive – and its the lesson we learned from the xz backdoor.
Sure the source code is out there for anyone to see, but are the right people actually looking?
How do you qualify the security of a closed source code when you can’t verify it?
