What Aspects of Open Source Projects Do You Avoid?

paulproteus writes "I'm a Debian developer and a part-time contributor to a few smaller projects. I do a lot of free software-y and open source-y things. Sometimes, though, I don't do them. I figure some other Slashdotters might have similar hang-ups — we contribute to a project, but there are parts that we really dread thinking about. So I wrote a post about having these hang-ups, and I made a place on the web to share how others can help your project. What are the parts that, in your projects, you would be relieved if someone else looked at for you?"

Ego

Especially when someone full of themselves buys the domain name.

Re:Ego

All I know is that Kellogg's didn't get eggo.com

Re:Ego

[WrongSizeGlass]

I try to avoid the rabid advocates who seem to think (or at least they project) that using anything that isn't open source is some kind of affront to the entire open source movement.

Sorry guys 'n gals, but sometimes I need something now and can't wait for it to be included, supported or fixed in an open source solution. My clients aren't patient and don't really care about the necessity for creating an equal playing field for all software developers.

Re:Ego

[dvice_null]

> A lot of open source coders seem to avoid UI aspects and usability like a plague

- Programmers write code.
- UI designers design UI
- Technical writers write user documentation
- Graphical designers draw buttons and icons

The problem is that majority of open source developers are programmers and UI designing is a completely different profession.
Two possible solutions:
- Programmers must learn UI designing also
- We need more UI designers to join us

Re:Ego

[Securityemo]

My CS undergrad program has UI design as an obligatory second year course.

Re:Ego

[cmtonkinson]

I'd have liked my school to do the same.

Re:Ego

[nine-times]

I think the problem is not just finding UI designers to join you, but also getting the programmers to accept the UI designers that you find.

Re:Ego

[roman_mir]

You are probably right, but I think open source programmers need more of one more thing , which they maybe not getting enough of. Blow jobs. I think free and open source programmers need more blow jobs. From hot women. We should get the hot women to join in on this idea somehow.

Re:Ego

That were five words, retard.

Re:Ego

Yes, because every girl dreams of giving a blowjob to guy that 1) works for free 2) sits on computer all day long 3) just goes on and on about the wonders of open source 4) doesn't make any money

I think there will be a huge line of girls waiting!

Re:Ego

[roman_mir]

Well you see, now you got it. The odds of that happening are about the same as what parent post suggested:

- Programmers must learn UI designing also
- We need more UI designers to join us

Re:Ego

[acidrainx]

Exactly. I'm a professional UI developer and I used to contribute to open source software quite a bit back in the day. I don't contribute much these days mostly because of lack of free time to do so, but this was a major point of contention for me.

The biggest problem is that the programmers have trouble accepting advice for changes to the product they've poured their blood, sweat, and tears into. I've found for the most part that many open source projects are over complicated. One of the best ways to improve the usability of a product is to simplify it. You need to remove or conceal the features that are rarely used. Unfortunately, those features tend to be the hardest to implement, so the person who implemented it wants to make sure people know about it. It's not unexpected that they wouldn't be happy if you suggest that it be removed.

Re:Ego

[digitig]

Human-Computer interaction was an option (which I took) on my postgrad CS course. What I think we're showing is that some programmers do know a bit about UI -- although what I think I know is "enough to talk intelligently to a human-factors expert", not to do it myself.

Re:Ego

[digitig]

You need to remove or conceal the features that are rarely used.

Goodness, where have you been? If you conceal features then you get pestered with tech support calls and requests to implement stuff that's already there! What you should do is dump everything on the UI all the time in a ribbon across the top (remembering to license it from MS). The user sucks bigtime, but users can't complain about not being able to find anything because it's all there in plain view, so they know they'll be made to feel stupid if they query your design.

Re:Ego

[Anrego]

I think that's part of it.. but not all of it..

Implementing a graphical interface is often a chore.. and I think a lot of coders (myself included) are looking for functionality over usability when they write something.

If you're developing software to sell.. then there is an incentive to put in the work and put a graphical front-end on the thing.. but if you are working on something for fun.. what incentive is there to make it more accessible to others? (besides bragging rights of being the author of a widely used piece of software).

Re:Ego

That were five words, retard.

You mean "that was", retard.

Re:Ego

[ScaryMonkey]

Your ideas intrigue me and I wish to subscribe to your newsletter.

Re:Ego

[Jurily]

You need to remove or conceal the features that are rarely used.

Sometimes simply reorganizing them makes all the difference.

Case study: the Pitbull3 and Pitbull4 unit frame addons for WoW. 3 was notorius for scaring away new users with the sheer magnitude of options you can configure: it was all presented ad-hoc, mostly glued on to the menu as new features were added I believe.

Pitbull4 introduced the concept of layouts, cleaned up the options menu, and the initial setup time went down from an all-nighter to 15 minutes to get the same result from scratch. And the fun part: it actually became more configurable.

Re:Ego

[D+Ninja]

- Programmers must learn UI designing also
- We need more UI designers to join us

I am a software engineer who specifically did a focus in user-interface design.

When I first started the focus, I thought to myself, "Self, I know this stuff. How hard can it be to make an application look good?" And, unfortunately, there are many developers who think the same thing. However, after going through five courses on HCI and spending the next 10 years doing UI design, testing, etc, it is FAR more than that. The unfortunate (or fortunate, depending on who you are) part is UI design is a mix of art, psychology, and programming. It seems that very few people enjoy all three of those topics (or at least, working in all three of those areas). Heck, simple question - how many people actually test their user-interfaces to determine problem areas in usability? I know I didn't on my first job where I designed a new interface system into a company's payroll system. Holy cow - that was a good lesson learned.

The other problem is that FOSS projects are very particular about their UI, even if they don't know what they're doing with it. UI's start some of the biggest holy wars. I tried to get into FOSS doing UI work one time. I quickly left when I spent a good long while in IRC trying to understand why an option on a menu (that is used fairly frequently) was buried four levels deep. I have had similar experiences in two other projects. I would love to help a project, but, as it is volunteer effort, I won't go through hell to do it.

Personal experience, of course. YMMV

Re:Ego

[Ihmhi]

Has open source like, ever campaigned to UI designers? I mean, seriously.

Imagine you're a graphics designer looking to go into UI design in a recession. What better way to fill out your portfolio than have stuff you can show to a future employer that's actually being used in the real world?

What's the worst that can happen by taking on a newbie? They colossally fuck up, well, that's why SVNs have the ability to revert.

Re:Ego

[Ihmhi]

You can always go back to school, even for one course. Don't think because you have your sheepskin that it isn't worth it to go back to college. Expand your mind, man!

Re:Ego

[Ihmhi]

So were those! Pattern, perhaps?

Re:Ego

Not so much ego, but people knowing what they have to do. I don't write music because I don't know how to write music. I may know how to put sounds together, but it does not make me capable of producing acceptable music.

Replace music with UI, images, etc.

This is not a computer programming problem but one of knowing when to do something. Chefs do not design their menus. Car engineers do not also design the chassis. And this is probably the way things ought to be.

Re:Ego

Or, taking Gimp as an example: Programmers must come to appreciate UI contributors as useful rather than dismiss them as not doing real work.

There are lots of people willing to contribute UI ideas, perhaps even more than people willing to contribute code. Usability is no less important than an extra algorithm or two. It makes a Huge difference if the UI determines if you can do the same task in 2 seconds or 2 minutes, especially if you have to do it many times per session. Some developers seem to think that as long as it's Possible to do, it doesn't need fixing.

I've contributed UI ideas to both Gimp and Inkscape. The difference is night and day. When the Gimp developers criticize, it's basically 1. "Code it yourself" or 2. "Get lost and leave us to do the Real work". In Inkscape though, while people would still point out flaws, they welcome the effort you've put in. You're encouraged to work on the issue and come back with a better solution. If it passes, it then gets implemented, or marked for implementation.

I've found that coming up with UI ideas is much like coding: having a hundred people contributing just a few lines is a lot less productive than having one person truly work on a problem for a necessary amount of time. Some projects just do a Much better job of encouraging people to contribute those few extra hours to truly solve an UI issue. It's not surprising that Inkscape is a model of open-source UI.

Re:Ego

[ClosedSource]

Yes, and there are photographers on craigslist that are willing to give their models a head shot in exchange for free modeling. More often than not, it's a bad deal for the model.

If you are a good model or a good graphic designer you aren't likely to increase your chances for paid work by establishing that you are willing to work for free.

Software developers may be willing to do it out of some cultish sense of ethics, but graphic designers aren't part of the cult, so they don't get it.

Re:Ego

Not being fat and ugly like you does a lot for a man. My wife may eventually kick me out of her basement, but I am enjoying my time here.

Re:Ego

[AndrewFenn]

I've experienced this myself with submitting patches to projects such as bzr-upload. Even though I have fixed a particular issue and proposed my changes for merging it just sits there because the upstream author disagrees with the particular feature that users have been requesting. This case in particular is the ability to allow an upload to continue even though it errors trying to delete files or folders on the server that don't exist. This feature can be useful when your online revision becomes out of sync because someone deleted the file online and then deleted it locally in the repo.

The upstream author disagrees with this "--force" option I added because (as he explains in the bug report) the online copy should always mirror your local copy and if it becomes out of sync you should be required to upload everything again. Many others and I disagree with this line of thinking because it is silly to upload over 1 Gig simply because you deleted a folder or file online.

My point with this little story is that it doesn't just happen to just UI designers in open source projects. It happens to everyone including programmers. If the upstream author disagrees with your changes there's nothing you can do, even though there's a large backing of people who want your UI design in.

I'm leading a project to remake an old game called Hardwar and I'd love to have some professional UI developers to help flesh out the details of my editor UI and Main Menu screen. Right now the editor menu looks horrible however it's not my area of experience.

Re:Ego

Fork

Re:Ego

[weicco]

Separate UI from logic by well defined interface and the UI will come. Or not, but at least you learned probably something about MVC :)

Re:Ego

I think so. Yes. definitely.

Re:Ego

[__aaxwdb6741]

This is the kind of thinking that creates unbearable to use UI's.
"You're a user, you annoy me with your presence, so you must be punished and ridiculed!"

Don't forget that you're making a UI for the user to like. Not so they'll leave you the fuck alone.

Re:Ego

[digitig]

Whoosh!

Re:Ego

can't we all at least get hand jobs from this girl?

Re:Ego

[YourExperiment]

I'm not seeing it myself.

Re:Ego

[__aaxwdb6741]

My bad. Your message did seem authentic, though.

Re:Ego

[digitig]

I have been utterly scathing of the ribbon interface here in the past, but I appreciate that most of us don't get our names recognised so you weren't to know that.

Re:Ego

[b4dc0d3r]

There are FIVE words!

Re:Ego

I wish there were more people like you. At work we have a PR group that has to approve all interface, but it seems like they just makes thing pretty and don't dig into how to simplify things.

For my personal projects, I really wish I had some one who could make suggestions. I may not always agree and implement, but it would be nice to hear a differing opinion.

Re:Ego

[Hognoxious]

The biggest problem is that the programmers have trouble accepting advice for changes to the product they've poured their blood, sweat, and tears into.

Have you come across "Usability? But it's skinnable!" yet? Or "If you're so brilliant, YOU code it!"?

Re:Ego

[smi.james.th]

I disagree, I shouldn't think it would be too difficult for programmers to do a bit of learning... The majorest open-source projects, kde, mozilla, etc. all have fairly professional developers and I'd be willing to bet there'd be some UI designers in there. The smaller projects would be the ones that would suffer the most in this regard, I think.

Re:Ego

[gestalt_n_pepper]

A lot of *closed* source coders seem to avoid UI aspects and usability like a plague. In summary: "Almost all coders seem to avoid UI aspects and usability like a plague"

Re:Ego

Fuck you.

Re:Ego

[DragonWriter]

- Programmers write code.
- UI designers design UI
- Technical writers write user documentation
- Graphical designers draw buttons and icons

The problem is that majority of open source developers are programmers and UI designing is a completely different profession.
Two possible solutions:
- Programmers must learn UI designing also
- We need more UI designers to join us

The big barrier to getting more UI designers (and this also includes System Analysts, Tech Writers, Graphic Designers and, well, anything other than programmers) to join open source projects is that lots of open source projects use processes and collaborations tools that are are designed principally to support programmer-to-programmer collaboration.

If you're UI changes are implemented by someone checking in changes directly to the code, and not by someone changing a UI design artifact and then someone changing the code to implement that change, there's not a lot a UI designer can do on the project without first becoming a programmer, as well. The same absence of design documentation outside of the code itself is a barrier to most non-programmers participating effectively in many open source projects.

irc.freenode.net

[nloop]

The obligatory annoying irc channel of people asking questions already answered via a web search.

Re:irc.freenode.net

[MessedRocker]

Freenode in general is annoying. They take running an IRC network way too seriously.

Re:irc.freenode.net

[betterunixthanunix]

Hey now, we cannot have it both ways. If we want to push community support, that means that we have to be ready to answer the same novice questions over and over again, especially since a lot of concepts are lost on Windows and Mac OS users -- like the idea of a package manager. Yes, it may seem like the most obvious question in the entire world, but I frequently get asked things like, "How do I install ," and if we are unwilling to answer such basic question, people will just get scared (and subconsciously assume that "Linux is not ready for the desktop").

We may find it annoying, but we absolutely should not avoid it. In fact, we should being doing it more often.

Re:irc.freenode.net

[mikael_j]

Don't forget the obligatory #projectname-help channel where any questions are answered with some variation on "RTFM" even though the project documentation is a standard README file, a CHANGELOG file, some GPL info and an uncommented listing of the various classes and functions that's seemingly intended for those actually developing the software (and which is practically useless to the end user even when the end user is another developer since knowing there a Foo class, a Bar class and Frongle class doesn't really help when you're trying to figure out how to use the library/app in a safe and sane way).

Re:irc.freenode.net

[aflag]

I avoid it for the trolls that want to tell you what you should or shouldn't ask.

Re:irc.freenode.net

Your argument assumes that one is a Linux-on-the-desktop evangelist as opposed to someone who is quite content with how it is and doesn't care if the computer illiterate masses can't figure it out, and most certainly is not going to provide free tech support for them when they can't even read the fucking manual.

Re:irc.freenode.net

[ZackSchil]

The "app store" concept might help a lot in this regard.

Re:irc.freenode.net

[betterunixthanunix]

Perhaps, but the way Apple envisions the "apps store," I cannot support the concept. The different between repositories in Linux distros, and the "apps store" that Apple is pushing, is clear as day: you can only even have one "apps store," whereas nothing stops you from using third party repos for a given Linux distro.

In any case, we will see how that goes over the next few years. The overwhelming majority of novice users are coming from a Windows background, and so "apps store" is still a concept that is lost on them.

Re:irc.freenode.net

[Planesdragon]

if we are unwilling to answer such basic question, people will just get scared (and subconsciously assume that "Linux is not ready for the desktop").

That's not an assumption, that's a conclusion.

Re:irc.freenode.net

[HungryHobo]

It surprises me a little in a way.
i find installing things using a package manager in linux far simpler than installing something in windows but they need to capitalise on that more.

Re:irc.freenode.net

[Draek]

Not necessarily "we", though, slightly more knowledgeable newbies work just as well. In fact that's how large communities tend to operate in the long run, CmdrTaco doesn't go on spreading Slashdot's standards of netiquette to the ~1.5m UID newbies, it's the ~1m UIDs who do so who were in turn trained by us 900k'ers, which we learnt from the 700k'ers and so on.

Re:irc.freenode.net

[Hurricane78]

You might not know it, but there are things that can’t be searched with a web search. For example if you don’t know the words other people use to describe it in the first place. If it can’t be put in words that simply. There are things only a human can recognize as something. Things that defy being put in query form.
So while you might be able to find them, that doesn’t mean someone else can.
It’s like answering the questions of Family Feud. Harder than it looks.

I only go to IRC if a web search doesn’t turn up anything useful. Or if I have looked trough results for hours. Or in above case.
There is one problem with the answers on IRC: Nobody notes them and puts them in a FAQ or knowledge base (perhaps in wiki form).
I think that would make the whole thing much easier.

And I always end up answering tons of questions myself. For example when I enter #Gentoo, I often single-handedly juggle and answer all the questions. And they are honest and legitimate questions.

But maybe you just frequent different channels. Or avoid them with prejudice... which will then of course never change.

Re:irc.freenode.net

[benjamindees]

You're right that most OSS developers don't want to deal with nagging simple questions, and frankly they shouldn't have to. In a large enough project or distro channel, plenty of other people will be happy to answer the annoying repetitive questions for you.

But it's wrong to suggest that developers should avoid IRC entirely. Unless you want your project to remain just a hobby, useful to no one but yourself and a few others, it's a good idea to listen to actual users every once in a while.

Re:irc.freenode.net

[clang_jangle]

people asking questions already answered via a web search.

Oh, it's much worse than that -- this one's actually dim enough to be using Palin-speak!

free software-y and open source-y things

Re:irc.freenode.net

[nine-times]

I don't think you could do that sort of lock-in in Linux even if you wanted to. Apple can only do it because the iPhone/iPod Touch/iPad are themselves locked down. Even that doesn't really stop people.

Anyway, if there were to be a Linux "App store", I would think it would just be a different front-end for the same package managers we already have. I'm on Ubuntu right now, and when I go to "Synaptic Package Manager" (which itself might not be completely obvious to novices as "the way to install software"), it immediately asks me for a password, which is scary. The first two options:

• 2vcard: perl script to convert an addressbook...
• 3270-common: Common files for IBM 3270 emulators...

Those aren't exactly the first things a novice user would be looking for. The first two catagories are "Amateur Radio" and "Base system"-- again, probably not what most novice users are looking for. Then, looking at the toolbar at the top, the buttons are "Reload", "Mark All Upgrades" and "Apply". I can easily imagine someone having no idea what any of these things do.

So I think what you'd need to do for a novice "app store" would be first to hide all of the libraries and junk. General users are only going to get confused by libraries and "common files". Basically you want to pare down the selection to things that most users will care about. No packages for debugging, for example, and don't show 50 different OpenOffice packages. 1 listing for OpenOffice-- either you want it or you don't.

Next, pull out some of the gems. Assume your a user who knows *nothing* and you want a chat application. Don't give me every option that's supported, but instead give me a selection of some of the better ones, or maybe just the two that I'm most likely to want. I'm not saying that access to the other options should be blocked, but if there's an obscure word processor that most users won't like, then don't give it equal billing with OpenOffice. Leave it out entirely and assume that if someone really wants it, they'll be able to find it in the package manager.

Finally, make the whole thing pretty and simple. Give people 2 buttons: "install" and "uninstall". Make it a 1-click install, and don't ask for a password until the user tries to install or uninstall something. Give it a front page with a list of new applications and the most popular applications.

</rant>Sorry.... I didn't mean to go on for so long there. But to get back on topic, I think this is the sort of thing that many developers could use, but that they don't like to get: basic user feedback. Often, when you work on a big project, you get too close to it and you stop seeing certain problems. Sometimes you need a fresh set of eyes to move forward. Unfortunately, it's hard to separate "useful user feedback" from "pointless bitching of know-nothing users." They're not necessarily even different things.

Re:irc.freenode.net

[Snaller]

You could make documentation....

One of the reasons I avoid all this open source stuff is that most of it is badly documented, and quite often there is an almost hostile tone towards people "Just learn unix you scrubs" - no thank you.
If you want your stuff to be used by a lot make simple instructions and a userfriendly interface - if you just make it for your self feel free to ignore this.

Re:irc.freenode.net

We may find it annoying, but we absolutely should not avoid it. In fact, we should being doing it more often.

This is why I pine for the days when USENET newsgroups were the place to ask questions and receive solid answers. The plethora of forum software and the rapid growth of SPAM on USENET really killed the single best means of communication.

Re:irc.freenode.net

[godrik]

That's weird. Each time I joined a dev/support channel to ask a question I got a reasonable answer. I guess it depends on the project.

Re:irc.freenode.net

[icebraining]

I'm on Ubuntu right now, and when I go to "Synaptic Package Manager"

That's why they're building the Ubuntu Software Center.

Re:irc.freenode.net

[nine-times]

Ooo... thanks. I don't really need this sort of thing (I often use command line instead of Synaptic anyway) but it still makes me happy.

Re:irc.freenode.net

[Dorsai65]

One of the reasons I avoid all this open source stuff is that most of it is badly documented

THIS

IRC channels, wikis, blogs, mailing lists (and their archives), a set of web pages... none of these is a valid substitute for actual documentation that a user can actually find an answer in. Fine, if you feel the need to be high-tech, edgy, l33t, or whatever, make it a pdf or downloadable html pages. Do not force users to have to jump through any 'extra' hoops to try and get help with a problem they may be having. I'd also add:

• If you get some variation of the same question over and over again, you need to (better) explain it in the docs.
• If a user finds an actual bug, don't make them have to sign up for some service or other that they'll (hopefully) only need once (i.e. Bugzilla) to report it. Maybe have a bugs@myproject.org to triage.
• CLEARLY provide SOME way to contact SOMEBODY actively involved with the project. Keep this updated if you don't want to be getting annoyed emails five years from now.
• If it's a Linux app, it would be kinda nice if it worked/looked good under ANY desktop, not just your personal favorite.

Re:irc.freenode.net

[JeremyGNJ]

Yea, those Windows and MAC users are so dumb. They expect installing an application should be a standard part of the OS and easy!

Instead, they will have to learn that you are better off if you choose between several different package managers with various subtle differences.

Re:irc.freenode.net

[Virak]

It is a standard, easy part of the OS. You don't have to choose between rpm or dpkg or portage or whatever when you choose a distro. You get the distro-standard package manager and that's that. You, however, seem to have some strange idea that Linux is a single, monolithic OS. It's not. It's a label for a variety of operating systems ("Linux distros") which happen to share significant parts (mainly the Linux kernel and the GNU userland). Complaining about Linux not having only one package management system makes about as much sense as making the same argument against all the BSDs because they're all "BSD". And it makes only marginally more sense than making the same complaint about Linux, BSD, and OS X as a whole because they're "all *nix".

Also, Windows is a rather terrible example of installation being "standard" and "easy". It is the single major platform that is farthest from either of those, by a wide margin.

Re:irc.freenode.net

[Philip_the_physicist]

I am part of several minor channels on Freenode, an op on some and the founder of two, and have never had a problem with freenode being over-serious, even on largely social channels.

Re:irc.freenode.net

[betterunixthanunix]

"I don't think you could do that sort of lock-in in Linux even if you wanted to."

Of course not -- even if you tried, it would be trivial for someone to remove it and produce a new distro that is compatible in every other way.

As for package management, it is my feeling that Pirut does a good job of taking some of the "scary stuff" away, since displaying all packages is not the default (last I checked, displaying no packages at all is the default). Also, Fedora's packaging policies and package grouping policies really help a lot -- dependencies are marked in a sensible way, at least sensible for most users (or most that I have met).

Really though, the broader problem is that most people really have no idea what they need in their system, or what is even there to begin with. I doubt there is any solution to this problem, except to hope that the users have some friend or family member who can help them. Luckily, that is a common scenario, and hopefully it will scale well (right now, it may just be an artifact of the way people are introduced to libre software -- I certainly hope there is more to it than that).

Re:irc.freenode.net

[ajlisows]

That and there are two factors involved in finding answers on the web. The first, obviously, is using the right search terms. I am usually pretty skilled at getting the information that I need rather quickly on the internet, but when confronted with a new piece of software/operating system where I don't even know what the thing is called that I am having problems with, it is hard to start. I can't think of any concrete examples offhand because it has been awhile, but it is not unheard of.

Also, there are times when a search HAS been tried and extremely confusing or outright false information is provided. In the world where long command line strings or large text configuration files exist, missing a / or replacing it with a \ can render your search-results impotent. When you are just learning something and the top ten search results show answers that you are more confused by than your original question, more help may be needed.

I would THINK that logging into an IRC channel for help is more work than doing an actual search....so before automatically lambasting them for not UTFSE consider that there may be extraneous factors.

I think this may be a good time to mention determining WHY you are involved in the FOSS community. Do you think Linux/FOSS are an awesome set of tools that you just like to explore, use, and help write....or do you gain satisfaction from knowing that you wrote/helped write a tool that a lot of users find helpful? There isn't a correct answer to this question other than how you personally feel. If you don't give a damn about plebes and their idiot questions, don't drag yourself into a forum/channel just to give new users a lot of grief and make them feel afraid to ask questions.

Re:irc.freenode.net

[gd2shoe]

and don't show 50 different OpenOffice packages. 1 listing for OpenOffice-- either you want it or you don't.

Very true. Granted, they're only doing it because the come from Sun that way. (the blame should be shared) Besides, don't most systems have a virtual package for that? (The others should be hidden in your proposed easy-mode.)

Re:irc.freenode.net

[lena_10326]

I had a 300k and a 500k UID. I don't use them because I forgot the logins a long time ago. Maybe you men should cut the crap with this obsession with UID size--among other sizes. Having a high UID does not mean you're new to slashdot or I.T. nor does it invalidate your opinions and comments.

Re:irc.freenode.net

[Waccoon]

"How do I install (something not included with my distro)"

Compiling software is not for the faint of heart.

What the open source community needs to understand is that distributing source code, because binaries are EVIL, isn't the ideal way to appeal to the casual market. Distros can't include and support everything.

Re:irc.freenode.net

[xouumalperxe]

If you want to explain the concept of package managers and repos, the app store is a great place to start, though. Once you have the idea that the official distribution repos are like the app store, then ask "What if I like to shop around? I want to buy music from Amazon as well as Apple", and proceed to explain that you can add "shops" to your package manager. Just because you don't like the way apple implemented it doesn't mean the concept isn't a great stepping stone towards making a newbie understand apt or whatever.

Re:irc.freenode.net

[GigaplexNZ]

It is easier to distribute an application as source and hope that more advanced users add it to the community section (assuming there is one) of the particular distro than it is to build a separate package for every distro out there. It's also far easier to turn a source distribution into a binary distribution than it is to turn a binary distribution into a source distribution. These developers just want to work on their app, not support a bunch of distros.

Re:irc.freenode.net

[nine-times]

Oh, I have no problem with there being a bunch of different packages in the package manager. It's entirely possible that a user wants some of the packages and not others, and a power user should have the choice. I just think normal users shouldn't have to look at all those choices in order to get OpenOffice installed.

And yes, there's a virtual package for it, but it's not even the first thing that comes up when you search for OpenOffice. So I'm just suggesting that distros aimed at the desktop market should provide an additional UI for their package manager that's more target toward basic users.

Re:irc.freenode.net

[nine-times]

Oh, I think there's a solution. It just requires that someone with a good sense of UI puts together something clear and simple.

For example, if you're running GNOME and you want a word processor, there are two obvious choices: Abiword and OpenOffice. The difference is Abiword is a little lighter and not quite as feature rich, whereas OpenOffice is a full office suite. Big difference, not too hard to understand.

The problem is in expecting a new Linux user to know that those are the two obvious choices. If my distro only comes with Abiword installed by default, and I want a full MS Office replacement, where do I go? Where do I look? If you give me a search box, what am I going to type in? When I get my search results, what's going to show up first?

Those are some questions people should be thinking about. I know some distros are already dealing with this stuff, and I think Ubuntu is actually doing a pretty good job of moving towards a friendly desktop experience.

Re:irc.freenode.net

Linux isn't ready for the desktop. It's just almost ready. (ps. I'm a Linux user)

Why you might ask?

Well for starters, on the desktop you need a nice competitive GUI.
GNOME is stable and functional... but it's still stuck in 2004... it's a formidable opponent to Windows XP, but no match for Windows 7 or the current incarnation of OS X.
KDE is just awesome... but it's still a lot more buggy and a lot more unstable than GNOME, Windows and OS X.

Then come the incompatibility issues:

* Package management:
Yes multiple package managers and multiple repositories almost as many as distros mean freedom of choice... but couldn't we settle to a standard package format and directory structure so that developers that don't get their apps included in whatever distro's repo can just package for Linux rather than for Ubuntu 8.04, Ubuntu 9.10, Debian Lenny, OpenSuse 11.3, Fedora 12, Arch, Mandriva 2009 and still miss more obscure distros?

* Gui toolkit:
Why isn't there a single toolkit for building GUI Apps? Why do GNOME apps look ugly in KDE? At least KDE/Qt emulates the look of GNOME/Gtk quite well but it's not true vice-versa... But just as java uses native widgets when available why can't either toolkit use the other's widgets when the other is the dominating one on the platform?

Re:irc.freenode.net

[gestalt_n_pepper]

I think you just proved JeremyGNJ's point without even meaning to.

Re:irc.freenode.net

[Draek]

Never in my post did I suggest that having a high UID means your opinions and comments are invalid, particularily because mine isn't what one would consider 'low' to begin with. All I said is that it's best if it's yesterday's newcomers who take the responsability to educate today's new users instead of always demanding the creators to do it while the rest of us sit back and watch.

Perhaps it's just you women who need to stop being so paranoid and see discrimination everywhere they look.

Re:irc.freenode.net

[betterunixthanunix]

You completely missed my point, put words in my mouth (where did I say they were "dumb?"), and you are mischaracterizing libre operating systems. Nobody has to choose between different package managers, except if they want to try out different distros -- each distro is, really, a different operating system, albeit one that is very similar to the other distros. If you install Fedora, as an example, you only ever use rpm as the package manager, and you get friendly tools like PackageKit to help you manage your software with rpm as the back end.

The problem that I was pointing out was that most Windows and Mac OS users simply have no concept of a package manager. The closest Windows gets is MSI, which is only really used by a handful of vendors, and which most users are not really aware of (yes, hidden in the "control panel," at least back in the days of XP, there is a program that allows you to uninstall the programs on your system -- roughly half of what a package manager does in Linux distros). Mac OS has fink, which is only used by a minority of particularly technical users. The fact of the matter is, most Windows and Mac OS users have been conditioned to think that software installation involves either obtaining a disc of some sort, or going to a website to download an installer program. Looking at a repository is not even a concept for them, and no matter how friendly package managers become, that initial hurdle is a serious problem when it comes to the adoption of libre operating systems.

Re:irc.freenode.net

[betterunixthanunix]

"If you get some variation of the same question over and over again, you need to (better) explain it in the docs."

The problem is that people simply do not take the time to read the docs, and can you really blame them? The closest thing to a "Fedora manual" that I have seen is a 900+ page book in the computer section of my local bookstore -- and that really skims over a lot of details. It would be ludicrous to expect end users to read through that, just as it would be ludicrous to expect them to read through the equivalent Windows book(s).

Of course, many Windows users have a number they can call for help, whether it is through the company that built their computer, their employer or school, or some other source. They ask the same questions over and over again too, but nobody is saying "document Windows better," they are content to just rely on these helpdesks. For open source OSes, the burden of providing helpdesk-like support often falls on the community.

"If a user finds an actual bug, don't make them have to sign up for some service or other that they'll (hopefully) only need once (i.e. Bugzilla) to report it. Maybe have a bugs@myproject.org to triage."

If only that were still feasible; I would love such a solution, but the volume has grown too large in recent years. Look at how heavily trafficked the LKML is, or the Fedora development list -- many thousands of messages in a given week, just from the discussion about how to fix bugs. If bug reporting were done on these mailing lists, it would be completely unmanageable, especially given the way novices often report their bugs, which could defy the best attempts at filtering (e.g. "Everything froze when I tried to click my mouse" -- is this a kernel panic? Xorg crash? Perhaps a window is stealing focus? There are a dozen places where such a problem could originate).

Again, the burden of support falls on the community. I deal with a lot of novice users, and usually I just wind up reporting the bugs on my own.

"CLEARLY provide SOME way to contact SOMEBODY actively involved with the project. Keep this updated if you don't want to be getting annoyed emails five years from now."

We almost always do, and certainly when something is packaged in a major distro there are people who can be contacted (the package maintainers). Open source is a community effort, so the only time where that becomes a problem is when nobody is actively involved (an abandoned project). In such cases, there is little anyone can do, except to pick up the responsibility for the project. This is just a fact of life; at least there is still the option of someone picking up the package later, if they want to (as opposed to a proprietary vendor ending support for some software, and leaving the remaining users high and dry!).

"If it's a Linux app, it would be kinda nice if it worked/looked good under ANY desktop, not just your personal favorite."

Why restrict this to Linux? The problem of different toolkits that do not integrate well with the OS is pretty universal. I have seen Windows applications using GTK, Qt, Wx, Win32, Swing, etc. -- all looking totally different, all having different configuration back ends, and they often fail to play well with each other. It is true, you more commonly see different toolkits in Unix-like OSes, as a result of the history of X11, but again, this is by no means restricted to Linux or open source development; I still see proprietary packages using Motif and even Xt.

Re:irc.freenode.net

[Dorsai65]

The closest thing to a "Fedora manual" that I have seen is a 900+ page book

True. But A) the user doesn't need to read the whole book to use the index to find references to X, and B) that doesn't apply to a half-dozen people working on SuperHandyUtility in their spare time.

If only that were still feasible; I would love such a solution, but the volume has grown too large in recent years.

Again, much of what you write is most appropriate for large projects, like an entire OS. My comments are directed toward those that are simply writing a single application. As for users reporting bugs, anything of the "my mouse stopped" without amplifying information goes to the bitbucket. Be nice and tell them that without more info (application, what they were doing, the usual suspects), nothing you can do. But don't make them register with Bugzilla and go through all the rigmarole to report (for example) that a dialog button is mostly covered by the label next to it.

We almost always do,

Again, true enough for a distro. But I recently had some questions about an active application; when I emailed the author, what I got back was "Oh, somebody else has taken that over; I don't have anything to do with it any more", with no mention of who had picked it up or how they could be reached. Website was as old as the negligible documentation (i.e. about 3 major revs behind, which is ANOTHER peeve...).

Why restrict this to Linux? The problem of different toolkits that do not integrate well with the OS is pretty universal.

I'm sorry to say that I was a Windows user from 2.0 until shortly after XP released, and while there were indeed some butt-ugly apps written with other toolkits, they still ran. I've had several cases where source code wouldn't compile because of hard-coded dependencies on a specific (obscure!) Gnome library (I use KDE). The author? "Oh, well, I don't use KDE, so I didn't bother testing it. Maybe someone else has ported it over...".

It doesn't take but one or two of the above experiences with an application for someone to say it isn't worth the bother, or that open source isn't any good.

Re:irc.freenode.net

[gd2shoe]

Sorry. What I'm really complaining about, I guess, is that the last time I installed the .deb files from openoffice.org it was a real pain to install due to a circular dependency. The common recommendation? Install from the distro repository and then upgrade to the downloaded .deb file. That's just ridiculous. They should have no more than N+1 packages, and no circular dependencies.

Re:irc.freenode.net

[jakykong]

Generally, Synaptic is easier than most windows installers (IMO, although it appears IYO as well), as long as you know what package it is that you're looking for (or at least have some good idea).

Synaptic presents a list of 27,712 packages to me (Deb Squeeze), a large percentage of those are software which I don't know anything about -- and the descriptions in Synaptic are very frequently not enough to tell me something about them. (Although a quick Google usually does) Some of them -- like kernels and libraries -- are utterly cryptic unless you already know something about them.

Windows solves that problem through advertising. Microsoft, Adobe, Nero, Roxio -- names that are recognizable quickly, because they're advertised so much. The result is that users of windows, even when they themselves don't know what they want, often know the piece of software that does it.

KDE has an interesting package manager available, which is highly simplified and shows only what users might classify as "applications", in categories end users would easily comprehend. If I were a user of the "end user" variety, I would find that helpful, because knowing to install the package called "kopete" or "pidgin" to get instant messaging is not as easy as seeing "Instant Messaging" in the categories and then picking one (or even having a default picked). This certainly goes a long way to solving the problem as well (if such a tactic is widely adopted, that is).

So, I guess it depends on what you're looking at when you consider installation easy. The actual act of installation, or the act of finding which packages it is that you want to install -- because the first is generally the roadblock for users, not as often the second. And the open source tendency to use acronyms and puns doesn't help that matter, fun though they may be.

(For the record, I did install Ubuntu on my mother's computer; and it's worked out fine. In fact, finding packages seems to be the only difficulty she has on a daily basis.)

Re:irc.freenode.net

[nine-times]

Well in general, if you want to make things easy, I'd recommend sticking with your distro's repository. For better or worse, it doesn't seem as though Linux is quite heading for stand-alone downloads of installers that work across distributions. I think the assumption has become that you'll stick with the default repositories unless you really know what you're doing.

It sounds bad, but I think in a lot of ways, it's easier to keep your system up-to-date and spyware free than how it's handled in OSX or Windows. I wish I had a package manager for Windows and OSX that would update *all* of my software with a single command.

Re:irc.freenode.net

[mr_mischief]

So that's why InstallShield, Wise Installation Studio, and so many other installation systems are all over pretty much every Windows system! Thanks! I was starting to think that when a developer paid hundreds or thousands of dollars per seat for an installer system that meant it wasn't a standard part of the OS, but you've cleared that up for me.

Re:irc.freenode.net

[gd2shoe]

I think this was back when OOo 3 came out, and it wasn't in the Debian repository yet (not even in sid). Using the repository wasn't an option, and I was looking forward to exploring the new features.

I'm given to understand that Debian and Ubuntu historically maintained package parity. I don't know about currently, but I hope the compatibility will last. I think it's healthy.

I wish I could merely stick with the default repository. It just doesn't seem to work out that way for me (but then, I'm not most people).

Re:irc.freenode.net

[Unequivocal]

This is really true and not just for computer newbs. I've got a lot of years of computer experience but it's still a lot of googling to figure out what the "definitive" packages are for various solutions on Linux. When I can a Linux expert, he'll say "oh, use this one." But without that expertise, they all look the same and figuring out which projects are relatively dead or not very usable is not trivial for someone like me who isn't in the know.

Re:irc.freenode.net

[nine-times]

Oh, yeah, I know what you mean. The worst thing is googling for something and finding a lot of conflicting advice. Like one guy saying, "Oh, you want to do X? Well then install package Y. Some people will tell you to use package Z, but for reasons I won't go into here, that's a very bad move." Then another site will say, "DO NOT USE package Y. It's terrible and has lots of security problems. Use package Z." No further explanation.

So then you have to try to figure out, which of these guys knows what he's talking about? Was one of these pages written more recently than the other, and maybe the situation changed in between when they were written? Do either of these vague objections actually apply to my situation?

But... that's kind of hard to address. Opinions will differ.

Re:irc.freenode.net

[dsavage]

We may find it annoying, but we absolutely should not avoid it. In fact, we should being doing it more often.

While your point is valid... as a sometimes "asker of novice questions," I can tell you that the only thing worse than not getting the answers you need, is being made to feel like crap for asking the question in the first place. And if someone doesn't want to answer questions, that's usually what comes across, whether it's intended or not.

Here's a real-life example that happened to a buddy of mine... (noob) "I'm on system (x) running (y) and I've tried (a), (b), and (c)... What do you think I should do?" (a-hole guru) "Learn to troubleshoot."

Now, I'm not saying that people shouldn't help, I'm just saying that if they don't want to help, they shouldn't... sometimes it helps the open source movement more if some people just stick to whatever it is they do best, and leave the human interaction to those that actually like people. That's just my $.02, feel free to disregard. -D

Re:irc.freenode.net

[calibre-not-output]

The computer-illiterate masses won't care about, or even know, that distinction. And the iPhone is popular among Windows users too. They'll just associate the idea of a centralised collection of software that they can use, and be more familiar with it.

Re:irc.freenode.net

[calibre-not-output]

Even before that, there was the newbie-friendly "Add and Remove Applications" option. The Ubuntu Software Center is really just a way to expand that front-end so that it can be as useful as Synaptic without losing the apparent simplicity.

Re:irc.freenode.net

[calibre-not-output]

This is actually a great idea. A simplified package manager frontend that displays only metapackages for the most commonly used bundles would greatly help new users. Why does gamer Joe need to know the difference between "wesnoth-client" and "wesnoth-data"? If he just wants to play a TBS game, just "wesnoth" should do.

Re:irc.freenode.net

Well, you gendered people really need to cut that crap out. You never see us hermaphrodites bickering like old crones...

Re:irc.freenode.net

[calibre-not-output]

Question: Is there a friendly, readily available GUI application for browsing and reading man pages? Remember, newbies are afraid of the terminal. telling them to type "man packagename" will already scare some of them off.

Re:irc.freenode.net

[segin]

If I can't tell a netop to "fuck off, suck my dick, eat shit and die", and NOT get the shit kicked out of me for it, then the network is too draconian for my tastes.

Re:irc.freenode.net

[segin]

I think we should just eliminate the users entirely. In the 80s, if you owned a computer, you also had a good understanding about you machine, and probably at least a basic understanding of computer programming. Now, too many idiots who don't care about any of that have computers. I say, you should learn about your machine before you can even purchase it, with penalties starting with five years in prison (or, "Stupidity is now a crime, you are no longer free to go.")

Re:irc.freenode.net

[Philip_the_physicist]

In the channels I use (at least, those which are large enough to have people who aren't friends IRL), all have a policy that a chanop involved in an argument can't use his ops in any matter relating to that argument (although another op may decide that the argument is annoying or off-topic and kick everyone involved). Netops are another matter entirely, but I've never seen a freenode one do anything worth swearing at him over.

Re:irc.freenode.net

[segin]

Freenode's policy is like... uhh... bland? Booze, sex, and rock and roll is what they need.

public relations

[Runaway1956]

As long as I don't have to make freindly with the natives, the headhunters, and the unwashed masses, I'm happy.

Re:public relations

[oldhack]

But I'd be happy to take any money they throw my way. Yeah, money I said. Man, I kill myself.

Adding comments

[kickme_hax0r]

I've picked up an open source project that doesn't have comments. There's major chunks of it that the code is such a mess that I have no idea what it does, yet I'm supposed to be fixing it.

Re:Adding comments

[RAMMS+EIN]

There's the Commentator for that.

Anybody have an implementation of that for *nix?

Re:Adding comments

Mod parent funny!

Re:Adding comments

[mjwalshe]

having some at least some decently written documentation would help

Re:Adding comments

[einhverfr]

I've picked up an open source project that doesn't have comments. There's major chunks of it that the code is such a mess that I have no idea what it does, yet I'm supposed to be fixing it.

If the code is a real mess, it is unlikely that comments telling you what it does will be of help. I HATE seeing comments like:
# now we save the user

or

# Checking roles....

It's much better, if you think a comment is required to explain WHY a certain choice was made. For example:

# I am making the assumption here that the user is always an employee. I think this is safe. If not, we might need to revisit....

Of course, good API docs (what every function does, etc) is a different matter. These can be in comments, POD, or the like. These are often helpful for test case construction as well.

Re:Adding comments

[nschubach]

/**
* This is a post
* @param inputStr post content
* @return nothing
*/
Sometimes commenting is worthless if you ask me. If the code is well written, I get a better sense of what the hell is going on opposed to sifting through garbage comments. Adding more verbose comments usually doesn't help as much as naming the method properly.

Re:Adding comments

[GooberToo]

In this day and age, where searching is so easy, you certainly would not want to make it easier. *rolling eyes*

The mark of a poor developer is one who says comments are not needed. Furthermore, comments make for good content to improve searchability and often allows coders to think something through before they actually code it up.

The all too common position that well written code is its own best documentation also poorly assumes all developers have at least the original author's skill set. Additionally, many coders seem to believe they write excellent code when in fact they don't. Even worse, some coders come up with truly bazaar coding styles which makes it down right painful to read and comprehend. This combination of factors often takes finding and/or maintaining relevant code long and tedious.

Never underestimate the stupidity of a smart person. I can't stress this enough.

At the end of the day, its extremely difficult for comments to ever pose a problem so long as they are properly maintained. About the only time I've seen comments that were horrible is when they insist on constantly intermixing comments and code on the same line (example: code comment code comment code comment), especially when it spans many, many lines. Aside from that, comments can provide incite into why a direction was taken, or a road left untraveled, what the developer was thinking, why code may have been duplicated or other code wasn't re-used, explain a general approach, etc. Some of this may seem obvious once you visit the code, but I can't tell you how many times developers go to "optimize" or simply change "obvious" code only to find out the "obvious" reasons for the code were not obvious at all and they had far reaching implementation implications.

The primary problem I find with comments are they are not properly maintained. For developers which do provide comments, comments should be viewed as on equal footing with code. If the comments are wrong, they should be marked as a bug and fixed, or deleted. If accurate comments prove troublesome for you, you likely need to be using a different editor.

Remember, at the end of the day, most developers are still human and comments can serve an important function outside of terse, useless grave stones within code, for other humans.

The vast majority of coders who I've seen which hate comments have been lazy and simply don't want to write comments, or worse, have an over inflated since of their skills. Just write the comments you believe others will find helpful and properly maintain them. Those who come after will thank you. And if they are confused by accurate comments, then they are likely very poor coders anyways - so code alone isn't going to help them.

# Checking roles....

# now we save the user

You forget that the above may have started out as:

void foo() {
# Checking roles....
# now we save the user
}

Many coders like to stub things in and develop in an iterative fashion. So at some point, the comments you find useless may have actually been more important than the code you're now sneering at. ;)

Re:Adding comments

[einhverfr]

The mark of a poor developer is one who says comments are not needed. Furthermore, comments make for good content to improve searchability and often allows coders to think something through before they actually code it up.

I never said comments were not needed. I said comments were not needed to say what the code was doing. There is a tremendous difference. Comments are not to explain code. They are to explain thought processes to other programmers.

Basically there are two kinds of legitimate comments IMO. The first is essentially inline documentation. Using a POD example:

=item exec_mapped_procedure({procname => $procedure_name, args => {$key1 => $value1, ...}, order_by => $field_name})

This method maps the calling argument to stored procedure argument names according to the following convention: all named arguments starting with obj_ are mapped to object properties with the same name (minus the obj_ prefix). This is then passed to exec_raw_procedure which actually does the main work (see below). The procname argument defines the name of the procedure called, order_by sets the column ordering, and args provides named arguments mapped according to a similar convention for mapping object properties, except that arg_ is the prefix.

The return type is a list of hashrefs of the returned database results.

=cut

Such is clearly legitimate. It allows test cases to be written, gives folks an idea of when to call the function and what it is supposed to do etc. As far as the code is concerned it is a comment but it is really part of inline documentation.

As for the other type of comments, I think that comments should be addressed to the programmer and say something useful which isn't necessarily immediately apparent from the code. "# Creating the user" isn't helpful. "# This is bad, raising error" can be pretty good.

I also think programmers should initial their comments. If you see two comments:
# This is bad, raising error --DS
# Not necessarily. Should we really raise an error here? --JR

That can be incredibly helpful. Reading over it quickly you can note there is some disagreement over what this is supposed to do.

Even:

# I wish I could find a better way to write this

or

# Bah, this is hopelessly broken

tell the programmer something which is USEFUL in evaluating what the code does. They are hence good comments.

In short I think comments should be addressed to other programmers, telling them something beyond what the code does. "Here's how to use this API" is one such thing: It provides a common point of expectation and makes it less likely that a change will break lots of things because folks are depending on corner-case behavior (or even bugs in the API).

As for your point about starting the function as a set of comments, that's fine. The comments that are addressed to oneself rather than other programmers should be deleted after. The comments actually telling something to other programmers should definitely be left there.

In short, I am firmly in the camp which says "comments should tell you why, not how" with the exception of inline documentation.

Re:Adding comments

[GooberToo]

I never said comments were not needed.

To be fair, I should have announced I was speaking from a soap box rather than directly to you. Sorry about that.

Comments are not to explain code. They are to explain thought processes to other programmers.

I hope you'll later understand the ambiguity of that line - which is something I directly addressed in my original reply. And so long as they are not used intrusively, what does it hurt?

"# Creating the user" isn't helpful.

Again, I addressed this. On the surface, that may be true - for you. When the code was being written, it likely was helpful. Additionally, comments like that may appear to be completely useless but occasionally I've seen code where the next thing it does is call a function which isn't really obvious what all it does. So one of the side effects may be to "create the user". And without that comment, it may not have been completely obvious that was the result of the call - because the call actually achieves far more than simply creating the user.

I used to subscribe to your terse comment ideas. They are, after all, very popular notions. But because of lots of experience, I can authoritatively say, the notion is wrong. Feedback on my use of comments tends to be two polar opposites. From experienced developers who are familiar with the code, they sometimes say the extra comments are distracting - but soon find they don't even notice - and don't even realize they've been reading the comments to locate bugs or to enhance comprehension during refactoring. From inexperienced coders, or simply developers not familiar with the code, the feedback is the comments are excellent and very helpful.

As another respondent proved, there can be too much of a good thing, and I agree with that. I even laid out an example of when comments can be far too distracting to provide value. Just the same, there is nothing wrong with liberal comments. Just because they may not be of value to you doesn't mean they are not of value to other developers, or especially the original author. And once you get your mindset in the right place, you really don't even notice them. Even better, the extra comments now improve search-ability and context without requiring to read lots of potentially complex code to locate the end target. This in turn improves efficiency.

Re:Adding comments

[calibre-not-output]

But it's easy to just remove all the commented lines. A properly commented file will cater to both tastes, since it doesn't impede you from looking at a clean version if you want to.

Getting slashdotted...

[kevin_j_morse]

... I try to avoid it.

Re:Getting slashdotted...

[PetiePooo]

The blog was cross-posted to asheesh.org. Lets slashdot them too!

Writing tests, user-level docs, and finding bugs

[multipartmixed]

Please, for the love of God, somebody come along and write a test suite for my project. I'm sick of breaking code by accident! ;)

Responding to zealots

This isn't a troll, I'm serious.

Have a GPL license? Respond to corporate zealots who want license exceptions and the rare BSD or MIT zealot who screams about how it isn't free.

MIT license? Respond to the GPL zealots who scream about how you aren't free.

So yeah, basically I'd like a PR team :D.

One thing I don't do is troublesome licenses

[carlhaagen]

In developing (I work with a company doing _mostly_ web-based applications; perl, php, asp, all that gibberish) I steer clear of projects and software with a troublesome license. I am very pro-open source, I am very pro-freedom, and I am very pro-FREE FOR NON-COMMERCIAL USE, so don't get the wrong idea, but I mainly steer clear of anything GPL when it comes to the point of including GPLd software in the projects I work with. Simply: it spells nothing but trouble to me. Please do discuss, debate, don't just f***ing go all nazi gpl/linux/grandma on this by modding it "troll".

Re:One thing I don't do is troublesome licenses

[maxume]

You could say "I choose to respect the GPL in situations where I am not prepared or legally able to do the work necessary for compliance."

Re:One thing I don't do is troublesome licenses

[correnos]

Thank you, finally someone else that views GPL as troublesome. BSD liscense is the way to go.

Re:One thing I don't do is troublesome licenses

[MessedRocker]

I find that the effectiveness of a software license is directly proportional to the amount of money the coder has to spend on legal fees. Maybe I don't have enough experience here, but free-software coders don't strike me as particularly wealthy.

(This statement is not an endorsement of software license violation, which is considered copyright infringement and not just contract violation.)

Re:One thing I don't do is troublesome licenses

Have you ever read Slashdot before? There are tons of people who don't like the GPL on here, some with reasonable opinions, some frothing lunatics.

Re:One thing I don't do is troublesome licenses

[maxume]

UC Berkeley and MIT both have plenty of funds for lawyers. The FSF and Apache foundations (among others) also have significant funds to expend on legal advice.

Or are you talking about the people employing the licenses, rather than the people creating them?

Re:One thing I don't do is troublesome licenses

[vadim_t]

I steer clear of the BSD licenses when contributing.

For precisely the same reason you like it: there are no strings attached. Which means you can have my stuff without having to give anything back. I consider that such an arrangement effectively makes me an unpaid employee of your company, so I won't contribute anything significant under such terms.

I contribute under the GPL/AGPL because in such a case I do get something back: either somebody else's code, or money, if somebody wants a different license.

For the same reason, I preferentially use GPL licensed code. I might want to send a patch some day, but contributing something takes effort. I need to cleanup my code, figure out where to send it, perhaps discuss it on the mailing list with the project, and so on. That's quite a lot of boring work, so I expect to get something out of it.

Re:One thing I don't do is troublesome licenses

[MessedRocker]

I'm referring to the people who are using the licenses, yes.

Re:One thing I don't do is troublesome licenses

[Jeff+DeMaagd]

Going off on not wanting to be called a troll without explaining why GPL is so troublesome to you doesn't help the discussion that you're supposedly trying to have here.

Re:One thing I don't do is troublesome licenses

[drinkypoo]

What does "pro-freedom" mean in this context? I'm pro-freedom, too. Freedom to wear polka-dot pants to church. The GPL protects the freedom of users, where you want a license that protects the freedom of the developer. Unless you're just trolling (hard to tell) then you're still offtopic; we're talking about what programming tasks do you avoid, not what programming projects.

Re:One thing I don't do is troublesome licenses

[maxume]

People can use GPL code without giving anything back. They just can't modify it and hide those modifications from their users.

Re:One thing I don't do is troublesome licenses

[vadim_t]

For very limited uses only, and it can be quite impractical to keep up.

If it's code you only use internally, then nobody knows of your modifications and the codebase can evolve in ways that make it difficult to keep patching. And the moment you distribute it you have to give the code to anybody you distributed to who asks.

You may be able to play tricks like Tivo if you release a physical product, but that doesn't mean you can omit giving the source, and there's the GPL3 for that case. The AGPL covers the web usage case.

Re:One thing I don't do is troublesome licenses

[maxume]

Yeah, people make 'limited' use of the linux kernel.

(and then there are the interesting counter examples; if you measure how fast they have progressed, Webkit has progressed a lot more since Apple and Google started sharing some of their work than Gecko has progressed in the same interval of time; so commercial companies sharing based on their own self interest are (at least arguably) throwing off more benefit than a semi-commercial open effort)

Re:One thing I don't do is troublesome licenses

The solution is simple. All you have to do is also license your code under the GPL. Problem Solved. Also, the more GPL code there is, the better.

(The BSD License is okay, but I wouldn't put anything I made under it.)

Re:One thing I don't do is troublesome licenses

So what you are saying is that you object to people stealing your imaginary property?

How does them stealing it diminish your enjoyment of it?

If 1000 people steal your code, do you have 1000 less code?

etc.

Re:One thing I don't do is troublesome licenses

[vadim_t]

Oh, misunderstood what you said.

Use without modification is something that's mostly neutral from my point of view. My interest is in development.

Re:One thing I don't do is troublesome licenses

[vadim_t]

So what you are saying is that you object to people stealing your imaginary property?
How does them stealing it diminish your enjoyment of it?
If 1000 people steal your code, do you have 1000 less code?

Wow, what a way to miss the point.

It's GPL licensed. People are free to use it all they want. If 1000 people use it, all the better, it makes more likely somebody will contribute or want to pay me.

It seems a very fair exchange to me -- you can have my code if I can have your.

Re:One thing I don't do is troublesome licenses

[TheRaven64]

And the moment you distribute it you have to give the code to anybody you distributed to who asks

No you don't. You just have to give it to the people that you give binaries to. The GPL explicitly does not require you to give anything back, it requires you to give freedoms forward. In practice, this often means community-driven development with people contributing their changes upstream. They do this because it's cheaper than maintaining a fork though, not because the license compels them to. And, guess what? That economic incentive applies to permissive licenses too.

Compare, for example, Yahoo! contributing changes to FreeBSD back and Google keeping their internal version of Linux private. The GPL did absolutely nothing to protect Linux. The BSDL did nothing to protect FreeBSD. Yahoo! gave code back because they determined it that the cost of maintaining a fork was greater than the competitive advantage gained by keeping the code private. Google kept their filesystem (among other things) private because they made the opposite decision.

90% of software that is developed is never distributed. It is written in house to solve a particular problem. Whether you see any code back from these people depends entirely on whether they think it's cheaper. They can use GPL or BSDL code internally without any legal issues.

Re:One thing I don't do is troublesome licenses

[micheas]

Yeah, people make 'limited' use of the linux kernel.

(and then there are the interesting counter examples; if you measure how fast they have progressed, Webkit has progressed a lot more since Apple and Google started sharing some of their work than Gecko has progressed in the same interval of time; so commercial companies sharing based on their own self interest are (at least arguably) throwing off more benefit than a semi-commercial open effort)

Although that could have something to do with number of paid programmers working on each project, and the fact that khtml was a much nicer rendering engine than gecko, from a programmers perspective. IE5 and Netscape 4 compatibility never entered the khtml discussion that I am aware.

Re:One thing I don't do is troublesome licenses

[maxume]

Of course it has something to do with the number of paid programmers working on the projects, but for the business mindset, being able to keep your changes is considered a good thing, so part of the point of the example was that the 'bad' that comes from the companies keeping things private can still be outweighed by the amount of good they do by sharing.

Re:One thing I don't do is troublesome licenses

[vadim_t]

No you don't. You just have to give it to the people that you give binaries to

Exact same thing I said. You have to give the code to anybody you gave the binaries to who asks for it.

Compare, for example, Yahoo! contributing changes to FreeBSD back and Google keeping their internal version of Linux private. The GPL did absolutely nothing to protect Linux. The BSDL did nothing to protect FreeBSD.

Yes, but Google had to necessarily give the source for their changes for Android, while just try and get the source from Apple. Darwin OSS development was pretty much inexistent last time I looked, and what little there is seems to be unusable.

Yahoo! gave code back because they determined it that the cost of maintaining a fork was greater than the competitive advantage gained by keeping the code private. Google kept their filesystem (among other things) private because they made the opposite decision.

Sure. But that means Google can't ever sell that. The moment Google sells something with GFS in it, somebody will be able to ask for the code.

I find this overall to be an acceptable compromise. I can't just walk into Google's office and check out if they're using any of my source there and if they changed anything. Enforcing anything on internal usage would be very difficult, impractical, and involve tactics and methods I disapprove of. The moment Google releases anything to the public however, it doesn't matter whether they want to give it or not, they're legally obligated to give the code.

If you find the GPL to be insufficient, there's the AGPL, which Google seems to really hate as it makes the keeping changes internally much harder.

So resuming what was said so far:

When changes are made only internally, with BSD they get contributed when convenient, and with the GPL as well, with AGPL any user over the network can have them.
When changes are released externally, with BSD they get contributed when convenient, with GPL any user can have them, with AGPL any user can have them.

In light of that and my own preferences I therefore prefer the AGPL to the GPL where possible, and heavily prefer GPL to BSD.

Re:One thing I don't do is troublesome licenses

[icebraining]

You're right that the GPL intent was not to make users "share back" but to preserve the freedoms to others.

But as a note, the Google FS, even if distributed, would never collide with the GPL:

As opposed to many filesystems, GFS is not implemented in the kernel of an operating system, but is instead provided as a userspace library.

Re:One thing I don't do is troublesome licenses

[sourcerror]

Don't confuse GPL with LGPL. What you described is considered a loophole in GPL (and only if you used shardel libraries), maybe in recent revisions of GPL it have been fixed.

http://www.advogato.org/article/148.html

Re:One thing I don't do is troublesome licenses

[mindstrm]

And the moment you distribute it you have to give the code to anybody you distributed to who asks

No you don't. You just have to give it to the people that you give binaries to.

Those two statements are the same... and you can eliminate the need for waiting for people to "ask" by simply offering equivalent access at the same time. eg: A src tarball available over HTTP in the same location as hte binaries. Even if the use chooses not to download, it was available. You only have to give hte "written offer" and then maintain those copies under certain circumstances.

But again - the GPL has nothing to do with forcing people to contribute back to projects - it only requires that if you want to redistribute code, modified or not, you must also distribute the source to those changes in a reasonably useful format. You owe no allegiance whatsoever to the "project" that started it.

Re:One thing I don't do is troublesome licenses

[LingNoi]

Why exactly steer clear? The GPL enforcements don't kick in unless you attempt to redistribute your work. That doesn't include private changes between you and/or a client.

Your GPL responsibilities only kick in when you are allowing others to download your web based application scripts. It's the very reason the FSF came up with a new license the AGPL which forces someone that makes private changes to their copy of a project to release them if they're publically online.

This I could understand why you would avoid, however the standard GPL, that doesn't make much sense if you're only using GPL'd software between you and the client hiring you.

The only thing I could possibly think of is that you might somehow be required to give your client the same rights under the GPL that you had however it's pretty much a complete non-issue since php, perl, etc all come with the source included. Also since the goal is working on the client's website and it's one off stuff I doubt you or they care about that. It's never a situation i've ever heard about or run into.

Simply: it spells nothing but trouble to me. Please do discuss, debate, don't just f***ing go all nazi gpl/linux/grandma on this by modding it "troll".

Would you happen to be more clear about what trouble the GPL causes you because at the moment you haven't said anything to support your claims. I don't really understand what you expect us to debate on when you haven't said anything.

Re:One thing I don't do is troublesome licenses

[LingNoi]

The GPL terms don't kick in until those 1000 users attempt to re-distribute the code themselves.

So lets assume by "steal" you mean 1000 users take the code, make modifications and then try to sell their copy without source. Now doing so doesn't diminish my enjoyment of said project however it does have negative consequences for the project which will eventually diminish my enjoyment of the project.

Firstly, those 1000 users who distributed their closed source versions haven't given the source to their users. That means the upstream project is loosing potential bug reports, contributors, etc. It also means they might get bombarded by complaints from users who downloaded the stolen version.

Also there is the issue that the BSD doesn't deal with patents in the slightest. Someone could contribute patented code to your project then sue you for violating the patents. That's something the GPL 3, Microsoft's open source license, and many other's cover. That fact that BSD doesn't do this makes it a stupid license to use.

I'm sure there are many other examples, however I'm done wasting time on yet another uninformed BSD user posting as AC.

Re:One thing I don't do is troublesome licenses

[evilviper]

You just have to give it to the people that you give binaries to.

Which is exactly what he said... Swap "distributed" with "give" and it's nearly the same sentence.

In practice, this often means community-driven development with people contributing their changes upstream. They do this because it's cheaper than maintaining a fork though, not because the license compels them to.

This is just misleading enough to be untrue... While the GPL doesn't force you to contribute "back" (only "forward", as you've called it), you then can't stop anyone from, themselves, giving it "back", and contributing all changes upstream.

90% of software that is developed is never distributed.

Yes, but the word "distribute" is peppered all over his post. He's clearly talking about distributing it.

Re:One thing I don't do is troublesome licenses

Why should a distribution license force all patent holders to ever use the software to lose their rights? Sure it shows that the FSF and Microsoft are cut with the same cookie cutter.

If you don't want patents to contaminate the software, which is a noble will, make contributors to your version guarantee that they or their employers don't own any patent regarding technology used in the software and that they personally shall become responsible for any cost incurred in case of any lawsuit.

Honest contributors may still unknowingly contribute patent code, and go rightfully unpunished, but the GPL doesn't protect you against that. You give up your freedom for nothing.

Five GPL rings for the freetards in GNUland, two MSL rings for the nerds in Redmond, three CDDL rings for the fallen kings of the BSD, one ring for the Dark Lord with his rodent ears. One Ring to rule them all, One Ring to find them, One Ring to bring them all and in the darkness bind them
In the Land of Disney where the Copyrights lie.

The BSD license

[AuMatar]

I refuse to allow my work to be turned into a proprietary codebase which won't allow me to copy it freely in turn. Fight fir with fire. I'll use BSD code, but I will never submit a line of code to such a project.

Re:The BSD license

Fight fir with fire

Do you understand that that saying is implying that someone who proverbially fights fire with fire (eg, fight restrictive licensing with restrictive licensing) is as foolish as someone who literally fights fire with fire (eg, putting out a fire with a flamethrower)? Whoever originally coined that saying was thinking to themselves "How can I best explain how bad of an idea it is to mimic your opponents?".

Re:The BSD license

[carlhaagen]

Morals differ. It's a bit like the discussion regarding free speech, where lots of people say "oh I'm all for free speech, alright, AS LONG AS IT'S ABOUT SOMETHING NICE". That's what free speech is for; to allow even the uncomfortable topics to get their breath of air in the public debate in order to illuminate, understand and handle them. Either you accept this, and thus being for free speech, or you don't, and then you're simply not for free speech AT ALL. I have the same perspective of free, and freedom; either you're for freedom, or you're not for freedom at all as is the case with the GPL license ("oh I'm for freedom, alright, AS LONG AS ONLY THOSE I WANT WILL BENEFIT FROM IT"). GPL doesn't extend full freedom to the developers of the software, only to the end-users, and by that definition GPL is not freedom at all. PERIOD.

Re:The BSD license

[xenoterracide]

One way of stopping a wildfire is to use a controlled burn to burn off the area before the wildfire can reach it. Fighting fire with fire works.

Re:The BSD license

[mrclisdue]

Not to mention that the op is suggesting that one fights fir with fire, which would normally result in the fir being summarily consumed, immolated, if you will.

Unless the original fire is extremely small AND the fir is extremely green.

hth,

Re:The BSD license

[istartedi]

If somebody took your BSD code, added nothing to it, and resold it, they didn't steal from you. At least, that's what a BSD opponent would have to agree, in order to avoid being a hypocrit. In general, Free Software advocates don't believe information can be "stolen", so surely you can't be suggesting that your BSD code was stolen in this case.

What if they took your BSD code, added "something" to it, and resold it? Are you suggesting that you have a right to "something"? On what basis do you lay claim to "something" since it's their work, not yours?

Finally, even though I strongly prefer BSD to GPL, I've contributed to GPL. I don't believe in allowing ideology to become a brick wall between me and other programmers.

Re:The BSD license

[mindstrm]

I've thought about that angle... and there is one thing that sticks out as a potential legal puddle.

When I write some code from scratch, I can license it however I want, to whoever I want, in as many ways as I want. It's *MINE*. If I make it an "OSS PROJECT" but require the submitters to assign copyright to me if they want me to keep things in my main project.... I retain that privilege. I can't take away what I've already licensed.. but I still *OWN* the code, and can re-license it.

Now - with BSD licensed stuff - I can still basically own it... modify it however I want, take back any changes anyone publicly gives, and even though I must retain copyright for them, and can still own MY tree, including contributions others CHOOSE to make

With GPL... If I release it under GPL, and someone else releases a patch somewhere, but doesn't assign copyright to me,I no longer own the code.. and should I also be implmenting the same feature, and be dual-licensing it, a nasty battle could ensue.

Re:The BSD license

[mr_mischief]

They could just as easily release a proprietary binary-only patch to your BSD code, a proprietary-licensed patch with available source code, or a GPL patch to your BSD project. In any of those cases, you'd lose ownership of thbeir improvments. With the GPL, you'd not own their improvements (and legally you wouldn't "own" it under BSD anyway, although you'd have broader control of it). With the GPL, however, you'd always have the right to use and improve on the imrpovements to your work, but only under the GPL. It's a tradeoff of one set of freedoms for another.

Lots of GPL projects require that copyrights be assigned to the project team in order for code to be released in the mainstream project. That doesn't keep people form maintaining patch sets or making forks, but it does mean the project team can do lots of things with the code. Some offer a contract stating that the copyrights are held jointly with the team, and some require a full transfer. Some maintain a requirement that the project team always keep a GPL license, but there's no legal reason you'd have to offer that. Once you own the copyrights, you'd be free to relicense the project from that point however you want. Old releases would still carry the old license, just like with BSD.

At no point do you legally "own" the code some other person releases updating your codebase under the BSD. You get a license to do with it what you will just as much as any other BSD-licensed code, but the copyright holder still owns it. They can release it under as many licenses as they wish.

With the GPL, you can also release a program under two or more licenses as long as you hold the copyrights. Perl is dual-licensed under the GPL and the Artistic License. MySQL for years has been both commercially proprietary and GPL.

Many people find the LGPL more palatable than the GPL. It's less restrictive on those who want to improve your project, but protects the future openness a particular portion of the combinled project more than the BSD license does. It is basically the GPL for an identifiable separate module of a program, whether that's a library, the main code, the interface module, or whatever. It requires that updates to that protected portion are released under the LGPL, but it allows that portion to be used in a program which also contains code under other licenses. There is a lot of talk about "libraries" in the text of the license, but that's just because it was originally designed for libraries. "Library" is defined much more liberally in the license than you'd normally talk about as a library with other developers (including, in version 2,1, "or other program which contains a notice placed by the copyright holder or other authorized party saying it may be distributed under the terms of this Lesser General Public License"). LGPL 3 is an addendum of additonal, relaxed terms for the GPL3. The FSF discourages the LGPL in favor of the GPL, but they still promote the LGPL as a choice for people who have ruled out the GPL.

Re:The GPL.

[carlhaagen]

Seems my own post was a bit late. I, too, steer well clear of GPL, in favor of f.e. BSD and zlib.

Trivia

[fm6]

I'm struck by two small things that make me wonder. First, you seem to be using HTTPS for pages that don't need it; not an optimal config. Second, the first project you discuss is a text mode email client!

Re:Trivia

[sopssa]

Nothing wrong with using HTTPS for normal sites too. It's actually quite stupid that web traffic by default is all in plain-text, even login boxes on most sites.

Re:Trivia

[nicc777]

If you paid for it, you might as well use it...

Re:Trivia

[bipbop]

What exactly is it about a text mode email client that "makes you wonder"? What do you wonder?

Re:Trivia

[paulproteus]

HTTPS is a nicety for our users. End-to-end cryptography is a great thing; let's have more of it!

I happen to like alpine and text-mode email reading in general.

When you say this makes you wonder, do you just mean I'm clearly some sort of bizarro nutjob? (Nothing to wonder -- that one's probably true.) Or is there something specific you wonder? If so, say what it is, and I can possibly answer. (-:

Re:Trivia

[fm6]

I don't think you're a bizarro nutjob. I do think you need to start planning your projects in terms of what people want and need in the real world.

Now take that HTTPS thing. Why encrypt data when you don't care who reads it? Is that really a "nicety" or did you just find it too difficult to switch back and forth between HTTPS and HTTP as needed?

HTTPS adds extra overhead. It's not a big deal on a small hobby website, but modern web sites should be designed to scale up. If you ever start server a non-trivial number of users, you won't want the extra cost of encrypting pages that don't contain sensitive information.

As for text mode email clients: the only people who use them are hackers who don't like to deal with the complexities of rich text and software internationalization. If that's you, then I have no criticism of you — as a user. But as a developer, you're devoting time to a project that will only ever be used by a few people who share your prejudices, and ignoring 90% of the hacker community and almost 100% of everybody else.

Too many hackers assume the typical user is somebody who is exactly like them. That's a big reason the Linux community wastes so much effort on evangelizing to people who don't want what they have to sell.

Of course, I could be reading you wrong, and the reality is that you really only care about your own tiny community of fellow hackers. So you don't need web applications that scale and mail clients that interoperate with the ones most people use. If so, that's certainly your prerogative. But I think it's much more satisfying to create products that actually make a difference in people's lives.

Re:Trivia

[paulproteus]

Thanks for these comments. I agree with your general tone -- that it's great when hackers help people *unlike* themselves.

With regard to HTTP vs. HTTPS, you write that HTTPS adds "extra overhead." That's true in two ways -- TCP round-trips and CPU load. For CPU load, our server really can afford it. It's disk I/O that hurts us. As for the round-trips and their effect on latency, if the client does pipelining and stays on the site for a little while, that mostly goes away. So I think the worst thing HTTPS can do is drive away users who can't handle the extra round-trips for the first few page loads. That's a possible problem.

I don't want OpenHatch users' web traffic to be snoopable by their ISP or people using the same coffee-shop wifi connection. By keeping HTTPS on, I'm making life easier for those who value privacy. It's not as if it's really harder to use a HTTPS connection than HTTP one, so it's no burden (except the round-trips) on those who don't care about privacy. I'm heartened by big developer-oriented websites like Launchpad and Ohloh using HTTPS by default.

As for text-mode email clients, well, I use what I love. (-: I don't spend all that much time taking care of the Alpine source; mostly I fix Debian-related bugs for Debian/Ubuntu users who want to use it.

You can see from https://openhatch.org/people/paulproteus/ that I've hacked on projects with more visibility than that, like http://search.creativecommons.org/.

I try to keep OpenHatch responsive to user feedback. So do check out the site and send us email, or file a bug, or chat with us on #openhatch on irc.freenode.net!

Re:Trivia

[fm6]

Your comments about HTTPS overhead apply to your current config. As I've already pointed out, this will be more of an issue as you scale up. You really want to have a design that deals with this before it's an issue, so you don't end up coding in a lot of dependencies on the current design. Also, if your application ever moves into the cloud (and I'm convinced that this is going to be the standard practice for web applications very soon, if it isn't already) you can buy as much or as little CPU time as you need — and extra cycles mean extra cost.

I just don't see how HTTPS protects your users privacy. A snoop may not be able see the specific pages your user is looking at, but they can see they're on your site. A user that needs that level of privacy/security really needs to deal with it at the client level. It's certainly a good idea to use VPN connections for WiFi traffic, more to protect yourself from the malicious hacker sitting at the next table than from snoopers. (Though I have to admit I rarely bother.) As for snooping by ISPs, a user who's that paranoid really needs to invest in some major privacy infrastructure — HTTPS just doesn't cut it.

I'm still bemused by your personal attachment to text mode email, but I'm in no position to sneer. I still use vi/vim 30 years after I first discovered it and 20 years after I decided that modal user interface models were obsolete. Alas, migrating my aging brain to a modeless editor has always been more of a challenge than I was able to face. Even so, I'm ahead of a certain Bell Labs alumnus I know who still uses ed!

Re:Trivia

[mr_mischief]

If you only encrypt the important things, then anything encrypted is known to be important. It's also easier to miss encrypting something that really is important if you only encrypt things part of the time.

The overhead of HTTPS is a drawback. That's especially true of the dedicated IPv4 address which is really an outdated security measure anyway. It's been possible to have multiple IPs on the same shared hosting server for a very long time now. Dedicating an IP to a site that's under the same file system and server instance isn't real security at all. Maybe guaranteeing that a site stays on the same IP is helpful (although there's some room to debate that) but saying that site A is on IP X and has to staty there for the certificate to be valid isn't the same as saying that site B must then be on some IP other than X. That's a problem of HTTPS and the current certificate systems, though. It's something to consider when your chosen protocols are HTTP or HTTPS, but if the dedicated address issue was cleared up many more people would consider HTTPS for more traffic than uses it today. The loss of third-party caching (which losing is as often or more often a feature than a problem), the encryption overhead, and such just aren't enough to deter many people from using HTTPS.

The horrible situation the browsers are in of such a stark contrast between totally trusting certain CAs (more often than not including the government of the PR of China) and completely disrespecting private CAs doesn't help. A simple and straightforward "this is encrypted and publicly trusted" vs. "this is encrypted and is signed by someone we don't know to be trusted" vs. "this is not encrypted" three-state interface makes more sense to me than "trust this" and "you are almost certainly the victim of a scam if you use this certificate".

Re:Trivia

[fm6]

So, I should encrypt every single access to my website, just so a snoop doesn't know when a user is entering a password on credit card number? That's absurd. What's the risk of somebody knowing that the sensitive data is being transmitted? So they can focus their decryption resources? If the encryption algorithm is vulnerable in that way, it's useless anyway.

Re:Trivia

[mr_mischief]

Encryption is used for more than credit card numbers. In many parts of the world, it is used to secure one's communications from a corrupt and autocratic government. If only people who have something to hide hide it, then it's easy to tell who's got something to hide. People who wear jackboots and carry clubs don't decrypt your data. They beat you until you tell them what you sent.

If you have no problem using only clear channels until you need to avoid ID theft or wire fraud, then nobody's suggesting you, personally, must use encryption for anything else. Others place a different level of value on their privacy, and it's okay if they want to encrypt everything they do.

Re:Trivia

[fm6]

I agree, there are situations where the user needs to secure all his communications. But we're talking about HTTPS, which is a web server security feature. hat's not a very effective means to that end.

Here's a very real example: the Iranian thought police are very interested in the internet traffic of their dissidents, who often communicate via social networking sites. Should these sites stop using plain HTTP in order to protect these users? That would add a tremendous amount of overhead, and would only provide the dissidents with a limited amount of protection. As you point out, these people really need to encrypt all their traffic. The obvious solution is a VPN connection, which doesn't just hide what pages you're looking at, it hides every single packet, totally hiding your online activity. (If I were an Iranian dissident, I wouldn't want the authorities to know I was even accessing certain web sites — masking which pages I accessed just wouldn't be enough.) And as an added bonus, VPN bypasses ISP content filters.

try this

[Colin+Smith]

Don't bother with IRC. Insist on email instead.

Then train a bayesian classifier (bogofilter) to answer the questions for you.

You just have to remember Bayesian classifiers are good at yes/no classifications (e.g. spam/notspam), so I have several corpuses and test incoming emails serially against them, tagging with the ones which match. Then process the email according to the tag. FAQ should be fairly easy. Use a procmail rule to answer, "thanks for your question, please have a look here".
 

real hackers don't dread

[10am-bedtime]

Ahhh, can't resist...

Real hackers don't dread unpleasant tasks. They write code that (perhaps write code that) does the unpleasant task for them.

Re:real hackers don't dread

How do you write code to do PR/create docs? Please, be my hero.

Re:real hackers don't dread

[quantaman]

How do you write code to do PR/create docs? Please, be my hero.

Simple, you obviously just need to write a program capable of passing the Turing Test.

Of course when you finish you probably want to give it some interesting tasks besides just PR/documentation, last thing you want is for it to get pissed off and go all Skynet.

Re:real hackers don't dread

[rockNme2349]

Sorry, but I tried that already. It was an incredible AI, so I assigned it the process of documenting my latest project. Unfortunately that was too unpleasant of a task for it, so now it's working on code to create PR docs. I guess I'll just see what it comes up with.

Re:real hackers don't dread

[CODiNE]

Beautiful Code - Chapter 28 "Automated Debugging"

Why aren't we all using that eh? Incredible stuff, data-mining CVS commits and nailing the exact line that causes the bugs.

Beautiful Code indeed.

Re:real hackers don't dread

[maxwell+demon]

You forgot the most important part of designing an AI: Whatever you want it to do has to be what it likes doing most.

Re:real hackers don't dread

[icebraining]

See? If you had licensed your code as OSS he wouldn't be obliged to re-invent the wheel! You're a bad parent*.

*If the AI is Turing-test passable, is it considered a being?

Re:real hackers don't dread

[IICV]

The point of the Turing test is that if it passes, we can't tell the difference.

Unfortunately that's a really low bar to clear nowadays. It's kind of sad, but judging from MySpace and Facebook the majority of teenagers could profitably be replaced with a small shell script.

Re:real hackers don't dread

[nadaou]

How do you write code to do PR/create docs? Please, be my hero.

Docs:
Doxygen

PR: /. etc

Re:real hackers don't dread

[s1lverl0rd]

I made an incredible AI once too. It said writing docs would take seven and a half million years, so I gave up.

-- Vroomfondel

Re:real hackers don't dread

[silverglade00]

It's kind of sad, but judging from MySpace and Facebook the majority of teenagers could profitably be replaced with a single small shell script.

/* Added a word to reduce ambiguity and enhance accuracy. */

Re:real hackers don't dread

[marcosdumay]

Well, if it has access to guns, and can replicate itself, I'm quite sure it'll have all the rights it wants. If not, and if it still wants some rights, people will probably simply turn the anoyance off.

Re:The GPL.

[stinerman]

Better, but still not perfect. Even in a 2-clause BSD, I'm still not allowed to strip the copyrights or the license notice. That's controlling what I can do with the code.

I really wish the GPL zealots and the BSD zealots could realize that the world is big enough for two FOSS licenses. They each have their strengths and weaknesses. Which is better is only a matter of opinion and goals for one's project. There is no One True License.

Re:The GPL.

[nloop]

The only thing it restricts is your ability to fork a open project and close the source. I don't know if I'd call changing that an improvement...

And don't give me the "viral" lie. Boxee closed the code it wrote and left the GPL XBMC guts open just fine. You just can't close already open code.

Someone avoided performance optimizations

[paziek]

Someone avoided performance optimizations on openhatch.org
If you have tough time deciding if you should do those, ask slashdot - that will clear up things!

Re:Someone avoided performance optimizations

Premature optimization is the root of all evil.

GPL is not troublesome

[betterunixthanunix]

The GPL is not troublesome when it comes to developing web based applications, unless you really want to charge royalties or forbid your users from modifying the source code (legally, that is); it does not sound like either is the case for you. On the other hand, the GPL prevents others from engaging in those same activities with your code -- if that is an issue for you, I would be very interested in knowing why (why would you want to leave open the option of others collecting royalties on your code if you yourself do not seek them?).

Why do you feel that the GPL spells trouble?

From a user perspective

[93+Escort+Wagon]

I think the answer is obvious - what most developers avoid like the plague is documentation.

Re:From a user perspective

[grcumb]

I think the answer is obvious - what most developers avoid like the plague is documentation.

I don't think it's obvious that developers avoid documenting FOSS more than anything else. In my experience, FOSS developers are -statistically speaking- better at it than coders of proprietary software.

Documentation is almost universally ignored by users of many projects and products because it's worse than useless... except in the server space, where having good technical documentation makes the difference between having a usable product or not. In many of these cases, FOSS positively shines compared to the competition. Take a look at most Apache projects, for example, or Postgres. Heck, even MySQL's documentation is comprehensive and of fairly decent quality.

So, no. It's not obvious that FOSS is somehow worse than other software where documentation is concerned. I think it's better. And until I can find something as useful as man pages for Windows, I will continue to think so.

Re:From a user perspective

[Big+Jojo]

I think the answer is obvious - what most developers avoid like the plague is documentation.

For the developers who can't write well, that's a Good Thing. On the other hand ... the best developers *can* write well, and *do* spend time on that part of the system. Since they realize well that a system which isn't (or can't be) explained effectively isn't very useful.

I'm not talking about user documentation so much as big picture stuff and reference material. The skills and processes used to write and improve user documentation, like the skills to develop and tune good user interfaces, are somewhat distinct from the ones involved in system design and architecture. Npt completely ... but enough so that the folk who are good at any of those tend to be very aware of their personal deficiencies in the other areas. Sometimes it's just a lack of sympathy (or empathy) with the different audiences. We've all known folk (or been folk!) who just want to write code. When that's your mind-set, any user-facing feedback loop will be full of conflict, since the users rarely prioritize code like that.

Re:From a user perspective

[martin-boundary]

The value of documentation depends largely on the stage of the project. Documenting too early is counterproductive and shouldn't be done.

What's too early? If the internals are very sketchy and fluid, and if the interface (ie command line switches, menus, buttons and widgets) is highly variable. Basically, while the programmers don't have a clear idea of the right way to construct the project.

At some point, the interface stabilitizes, and the internal architecture stabilizes, and the programmers know that they'll keep things like that for a long time. It's at that point that documentation becomes valuable, and should start to get done.

Re:From a user perspective

[fm6]

Too true.

Hey! Unemployed tech writer here! Anybody got something juicy for me to work on? I particularly enjoy API references and programming guides.

An advantage of Closed Source

[jellomizer]

This is a real problem with Open Source Software... There is some parts about creating a program that just isn't fun. When you are in a corporate environment you kinda have to go threw the drudge work to get your job done. Now for large open source projects with a good corporate backing this isn't much of an issue as say the IBM Drone will be forced to get the job done in time. However most open source projects don't have the corporate backing and is based only on the joy of the project. When fun stuff is over the project doesn't get completed.

Re:An advantage of Closed Source

[nxtw]

However most open source projects don't have the corporate backing and is based only on the joy of the project

Non-toy open source projects have significant corporate backing.

Re:An advantage of Closed Source

[RAMMS+EIN]

%s/open source/volunteer-developed/ig

Also, paid developers do the tasks they are assigned, but that doesn't mean the tasks get done well. And if they are not assigned a task, paid developers will often not do it (if they did, they would be wasting money, after all).

So what you see in practice is that, for commercial development, when things get tight, everything besides coding gets dropped, and the code gets sloppy.

But you are right. Volunteer efforts usually end when the volunteers lose interest. That's usually before a complete solution has been implemented.

Thanks for Slashdotting me

[paulproteus]

Working on fixing the site...

Re:Thanks for Slashdotting me

[paulproteus]

The blog post can also be read at http://www.asheesh.org.nyud.net/note/debian/avoiding-working-on.html

Re:Thanks for Slashdotting me

[multipartmixed]

When you make your stew without beef, do not complain that it is not filling.

Re:Thanks for Slashdotting me

[c0d3g33k]

Thanks for visiting my blog as I requested when I submitted my Ask Slashdot question

There, fixed that for you.

Re:Thanks for Slashdotting me

[paulproteus]

I'm not saying I *mind* the attention. I agree that I was unprepared. (-:

avoiding reality altogether

as in avoiding the source code of life.

never a better time to consult with/trust in your creators, providing more than enough of everything for everybody since/until forever, without any distracting personal gain motives, using an unlimited supply of way user friendly newclear power. the 'code' of which is freely (as in total freedom forever) available to all.

Freedom is not binary

[betterunixthanunix]

Actually, the GPL extends plenty of freedom to developers; the only restriction is that those developers cannot impose any further restrictions than those imposed by the GPL (at least that is the spirit of the license). Not to push another GPL-vs.-BSDL flamewar, but history shows that this level of restriction is prudent and protects the freedom of developers at later levels of redistribution; both Microsoft and Apple have taken BSD licensed code and turned it into proprietary software, which restricts the freedom of developers who receive copies of the BSD licensed code from Microsoft or Apple. The only people who really see more freedom from BSD licensing are people who want the freedom to restrict the freedom of others; how exactly does the BSD license benefit freedom in that case?

Re:Freedom is not binary

[betterunixthanunix]

Except, of course, that the overwhelming majority of users and developers who deal with the BSD network stack are shackled by Microsoft's proprietary license (the Windows EULA). This is only possible because of the BSD license. Now, if you do not believe that it is a problem for your users to lose their freedom, as long as a handful of programmers at Microsoft have the freedom to use your code in their proprietary operating system, then I suppose you do not view that as a problem. Freedom is not black and white; sometimes, restricting freedom very slightly (such as not granting the freedom to take freedom from others) will ultimately extend freedom to more people.

Again, why is it a good thing to protect the freedom to restrict the freedoms of others? I do not want the users of my code to suffer under a proprietary license, and therefore I will not grant the freedom to release my code as proprietary software to anyone. If someone wants to restrict the freedom of others, then I really do not see why I should help them in that effort.

Re:Freedom is not binary

[rattaroaz]

I agree completely, but I think you and the GP may be confusing choice with freedom, which is a common mistake. Freedom by its very nature is limiting, because although there choice, there is also responsibility. Without the responsibility part, you have choice, but not freedom. BSD permits choice, but lacks protection of freedom. (not arguing the merits. Some people prefer this). I can choose to kill someone, but I cannot pretend that that is freedom.

Re:Freedom is not binary

[man_of_mr_e]

Of course you are basing your argument on false information. Microsoft did not, and has not used open source BSD licensed code in anything I am aware of.

They did *LICENSE* a network stack from Spider Software, who in turn had *LICENSED* the stack from UCB Berkely. This code predates the first open source version of BSD as witnessed by the copyrights present in the code.

In other words, the author of the code (UCB Berkely) gave Spider software explicit permission to use the code in their product, even relicensing it other users most likely for a fee.

It's easy. Look at the copyrights of the BSD based apps in Windows, then look at the copyrights of the versions of BSD released.

Re:Freedom is not binary

[man_of_mr_e]

Really?

Suppose a BSD developer writes some code, and a GPL developer includes that code in his work. Now, unless the GPL developer explicitly also relicenses it under the BSD, the BSD developer is unable to make use of the changes the GPL developer has made.

Yes, I know, if the BSD developer were so concerned about that, he'd have licensed it under the GPL. Well, possibly. Sometimes your hands are tied. You have to use a given license because the parent project you are contributing to has that license (unless you want to start your own fork, which most people don't want to do). Also, the BSD developer may feel that even though the license doesn't require that you release changes, the spirit of the BSD community says you morally should if you're a free software project (and BSD is considered free software by the FSF).

The fact of the matter is, the GPL is restrictive not only against proprietary code, but also against virtually every other free software project out there. This is one reason that BSD developers coined the term "viral license" (No, it wasn't Microsoft that did it). And, this is a reason that many BSD license advocates feel that GPL advocates are hypocrites regarding free software. They talk the talk, but unless you are willing to accept their restrictions (which is more than just "don't add more restrictions"), they won't let you walk the walk.

Re:Freedom is not binary

[micheas]

Of course you are basing your argument on false information. Microsoft did not, and has not used open source BSD licensed code in anything I am aware of.

They did *LICENSE* a network stack from Spider Software, who in turn had *LICENSED* the stack from UCB Berkely. This code predates the first open source version of BSD as witnessed by the copyrights present in the code.

In other words, the author of the code (UCB Berkely) gave Spider software explicit permission to use the code in their product, even relicensing it other users most likely for a fee.

It's easy. Look at the copyrights of the BSD based apps in Windows, then look at the copyrights of the versions of BSD released.

The ftp client.

Runs strings on ftp.exe

I have not tried this on vista or windows 7 so I don't know if the license is gone, although, I suspect that in a corporate environment the UC license would have been left in as an abundance of caution even if the BSD code is long gone.

Really, using the FreeBSD network stack code as a basis for version one of the windows networking stack would have been a good business and coding decision.

The question is, do you want TCP propagated, or tcp libraries propagated? The answer to that question is BSD style license vs GPL.

Re:Freedom is not binary

[colinrichardday]

Really, using the FreeBSD network stack code as a basis for version one of the windows networking stack would have been a good business and coding decision.

Was FreeBSD extant when Microsoft first used TCP/IP?

Re:Freedom is not binary

[sourcerror]

Personally I prefer LGPL. It gives you the right to ask for a fee for higher level layers, but if you improve on the base you have to share it. It's win-win.

Re:Freedom is not binary

[man_of_mr_e]

Yes, precisely. Did you actually *do* it?

You’ll get back the following:

@(#) Copyright (c) 1983 The Regents of the University of California.Incidentally, on my FreeBSD server at home it shows a bit more up to date code:

strings /usr/bin/ftp | grep California

@(#) Copyright (c) 1985, 1989, 1993, 1994
The Regents of the University of California. All rights reserved.

Notice how the ftp in Windows predates the first copyright in FreeBSD. That copyright, 1985 also pre-dates the first open source version. The first open source version of BSD was Networking Release 1, which was released in 1989, and did in fact contain a 1989 copyright.

Re:Freedom is not binary

[mindstrm]

"Also, the BSD developer may feel that even though the license doesn't require that you release changes, the spirit of the BSD community says you morally should if you're a free software project (and BSD is considered free software by the FSF)."

I've never heard this before - in fact the BSD license crowd are quite fond of the fact that they are choosing to release their code pretty much restriction free, and don't care what people do with it, and there may be the implication that they would also respect others who do the same.. but they don't expect anything back.

Re:Freedom is not binary

[bill_mcgonigle]

If you want true freedom of code, you need to accept using code in a way you don't accept with. Otherwise it's not really freedom, is it?

There's an interplay between economics and various freedoms here. In the BSD case, individual freedom is maximized. The developer can take the code, make proprietary incompatible changes to, say, a network protocol, and then put the product on the market.

The community will then likely need to reverse-engineer that change, and make special case enhancements to the code, get them wrong, test them, etc., especially if the developer is a big software development house and interoperability is expected. This happens - it's a practical reality, because in theory they could just refuse to work with BigVendorSoft's changes.

If the software were instead GPL'ed then all that time spent reversing would be available for actual improvements. So, this is an opportunity cost problem, and restricts the freedoms of the community to advance.

GPL tends to maximize for community freedom, BSD tends to maximize for individual freedom. Both are appropriate.

Re:Freedom is not binary

[Draek]

If you want true freedom of code, you need to accept using code in a way you don't accept with. Otherwise it's not really freedom, is it?

Ways like putting your own name on it instead of the original developer's. The BSD license doesn't allow that, therefore it's not free either.

Ahh, absolute statements, aren't they a blast?

Re:Freedom is not binary

[mr_matticus]

Not to push another GPL-vs.-BSDL flamewar, but history shows that this level of restriction is prudent and protects the freedom of developers at later levels of redistribution

No, it doesn't. You're presuming an entitlement that does not exist. Developers at later levels of distribution have all the same freedom to that original code that they would otherwise have. They may or may not have rights to the work of third parties, but the existence of that third-party code is not guaranteed.

If Microsoft takes BSD code and makes a closed source derivative, your "later level developer" hasn't lost anything. Microsoft didn't have to create that derivation, and quite possibly would not have done so if not for the free use of the BSD code. The developer is no worse off with regard to that code.

Microsoft and Apple have taken BSD licensed code and turned it into proprietary software, which restricts the freedom of developers who receive copies of the BSD licensed code from Microsoft or Apple.

It doesn't. Developers who receive BSD licensed code still have full access to that BSD licensed code. Recipients of the proprietary derivative get the full use of that software. Without the freedom to close the code, the software product in question might not have existed at all; there's certainly nothing lost with regard to the parent code.

You are making the RIAA "lost album sales" argument, just with code, which you have rejected in that context. The fact that a copy of project A (BSD) appears in project B (closed) does not mean that developers of project A have lost anything.

The only people who really see more freedom from BSD licensing are people who want the freedom to restrict the freedom of others; how exactly does the BSD license benefit freedom in that case?

"Freedom" necessarily requires that people have the power to make choices you don't approve of.

The presence of restrictions means that there is not freedom. You can say that a few, careful restrictions on freedom is in everyone's best interests (the GPL does exactly this), and you might be right, but it's still a restriction on freedom--you are controlling the choice of others, just in a different way.

"Here is some code; do whatever you want with it" is freedom. That means selling it, compiling it in binaries and not releasing the source, inserting emoticons all over it, and whatever else you can imagine. "Here is some code; do whatever you want, except you can't distribute it without releasing the source code" is not freedom. It's maximized access, but constrained choice. The term "libre" refers to freedom of choice.

If democracy of access is your benchmark, you're not talking libre, you're talking demos. By that metric, GPL wins out over BSD, but it's not freedom you're advancing, it's order and justice--the classic contrast between individual and societal, American "life, liberty, and the pursuit of happiness" and Commonwealth "peace, order, and good government".

The very fact that you talk about restrictions to ensure fairness for everyone forecloses the possibility of freedom, because freedom is distinctly unfair.

Re:Freedom is not binary

[micheas]

Net/1 still required a unix license, as it had ed and other utilities from unix, Net/2 was not released until 1991, and was the first version of BSD that did not require a Unix license, ergo the lawsuit, doesn't mean that none of the code was released before that, or that the UC license was not similar to the modern BSDs. (admittedly there has been a license change to make the BSD license compatible with the GPL.)

What you got for $10,000 USD was the code available at UC's anonymous ftp site on a mag tape with a printed copy of the BSD license. The printed copy of the license was the big reason people paid up.

Re:Freedom is not binary

[man_of_mr_e]

While that's true, it's also galling when someone claims their software is "free" but you can't use it.

http://en.wikipedia.org/wiki/Viral_license

"The term 'General Public Virus', or 'GNU Public Virus' (GPV), has a long history on the Internet, dating back to shortly after the GPL was first conceived.[3][4][5] Many BSD License advocates used the term derisively[6][7][8] in regards to the GPL's tendency to absorb BSD licensed code without allowing the original BSD work to benefit from it, while at the same time promoting itself as "freer" than other licenses."

Re:Freedom is not binary

[LingNoi]

Ways like putting your own name on it instead of the original developer's. The BSD license doesn't allow that, therefore it's not free either.

I simply don't believe this without some proof. That sounds like a violation of copyright law.

Re:Freedom is not binary

You've got that backwards. Freedom is literally the absence of external restraint on your actions; autonomy. Freedom, by its very nature, is unlimited. If you must submit to an external force, you are by definition no longer free.

If there were no laws against killing, then you would be free to do so. That's kind of exactly why there are restrictions on that freedom.

Re:Freedom is not binary

[mr_matticus]

Ways like putting your own name on it instead of the original developer's. The BSD license doesn't allow that, therefore it's not free either.

Attribution is not use.

You could theoretically have a license without notice or attribution requirements, but none exist for general public use because there would be no notice to the user of rights or copyright status. This leaves BSD/MIT to set the curve on imposition of limitations.

To have absolute freedom, you must release code into the public domain. Almost no one is willing to do that. BSD/MIT are the closest to a public domain release.

Re:Freedom is not binary

[mr_mischief]

Keep in mind that before ubiquitous web access, projects were sometimes lost to time. Hell, they still are. A BSD-licensed work that's rolled into a proprietary one isn't hurt just as you say -- unless the original project folds and the only remaining copies of the code are in the proprietary project. The GPL really did help that situation.

The GPL also really helps encourage commercial developers to release their imrpovements and sometimes their own original creations as open source, because they know their competitors can't lock it up and improve it only internally (well, they can for internal use only, but not to make their own improvements in a closed-source copy and redistribute it).

The whole idea that you can't have freedom by limiting freedom is just silly. If you don't limit my right to kill you for what you say, then you can't have free speech. Freedom is only ever absolute when only a few people are free and oppressing everyone else. Freedom in the modern Western sense means precisely maximizing the freedom of all the commoners.

The BSD and the GPL are both very valid ways to protect certain freedoms. They just protect different sets of them. The BSD protects the freedoms of the immediate next developer very well. The GPL protects the freedoms of the original developer (nothing out for free that gets locked up) and developers after the immediate next developer (the guy who users the second guy's imrpovements, because they are not proprietary and closed) by limiting the freedom of the guy who might want to close the source. Which is more important depends on one's point of view, and may even differ according to project.

The problem between BSD and GPL tends to be that GPL folks take BSD code and make it GPL-only. This exercises a freedom the BSD folk say they cherish, but it irks them that they lose another freedom. That freedom is to take new changes back into the core project. It's a bit funny to think that the GPL is guaranteeing that very same freedom being taken from the BSD folks from the start, but only to software projects licensed under the GPL from the start. The proper way to handle this is probably for the GPL folks who borrow BSD code to go ahead and release under the GPL, but also to submit their changes back to the original project as BSD-licensed.

Having a copy that can be locked up in a proprietary project later doesn't hurt the GPL folks a bit if they are also guaranteeing that there's always a copy that can't be locked up that way. They lose a slight competitive advantage by writing code the proprietary software shops might possibly use, but that's the price for using BSD-licensed code as a starting point. There's no proprietary lock-in of the code so long as there's also the GPL version. Proprietary mprovements might be made to the BSD version including the GPL developers' improvments that don't get back into the GPL version, but if it's that important the GPL version should have started from scratch with all-GPL code.

Respect the BSD license and the BSD project when borrowing code written under the BSD, even if your code is normally GPL. Then the BSD developers won't bitch and moan about losing a freedom their license was written specifically not to guarantee them in favor of the freedom of others to lock their code away in a different license.

Re:Freedom is not binary

[mr_matticus]

Hell, they still are. A BSD-licensed work that's rolled into a proprietary one isn't hurt just as you say -- unless the original project folds and the only remaining copies of the code are in the proprietary project.

Well, the original project A still wouldn't be hurt, because it faded on its own merits. If the code still existed in a proprietary project B, B wouldn't have any responsibility with project A.

That same scenario happens now when a forked GPL project folds after the fork, if all the developers vanish, then all changes in fork 1 are lost insofar as they were not in existence at the time of fork 2's creation. Fork 2 has no obligation to keep copies of fork 1 just for posterity's sake, should fork 1 collapse.

The whole idea that you can't have freedom by limiting freedom is just silly. If you don't limit my right to kill you for what you say, then you can't have free speech.

It's not silly at all. Limited freedom is an essential element of any civilized society. Peace and order prevail over freedom for exactly the reason you and I have illustrated.

Is liability for defamatory speech a less free version of free speech? Absolutely. Is there anything "wrong" with that? No. Maximizing "fairness" or fundamental, democratic access is inherently less than free.

Freedom in the modern Western sense means precisely maximizing the freedom of all the commoners.

No, freedom still means freedom. Modern Western civilization simply takes a different balance of freedom, fairness, and rule of order.

The GPL does the same thing, emphasizing fairness and democratic access over freedom. It's disingenuous to call a system of restraint a "different kind of freedom"--it's simply not. More restraints = less free. For once, life really is that simple.

A regulated free market is less free than an unregulated free market. The regulated market is more fair, it's probably more openly accessible, and it's better for society overall. But it is not more free or even as free as an unregulated one.

The problem between BSD and GPL tends to be that GPL folks take BSD code and make it GPL-only. This exercises a freedom the BSD folk say they cherish, but it irks them that they lose another freedom.

It doesn't irk anyone. The BSD license inevitably contemplates forks being made into GPL projects. There's nothing improper about that.

That freedom is to take new changes back into the core project.

No such "freedom" or expectancy exists under the BSD license.

Unreproducible bugs

[vlm]

What are the parts that, in your projects, you would be relieved if someone else looked at for you?

How about unreproducible bugs?

I hate the whole situation.

The bug reports; "Uh, I got an error or something when I tried to run it" "OK, what was the error" "I don't know" "So how do you know theres a problem?"

Failing to reproduce the error. This ties in with the "prove a negative" problem. When to give up? Just document what I'm doing and hope for the best, I guess.

Problems that are probably specification failures but you can't prove it. Closely tied to mystery black boxes that do something, but no one is entirely certain what. Even funnier when there isn't really a spec, just kind of a goal. Best of all, when two groups make opposing policy decisions and want you to consider each other's design to be a bug.

When to close out the hopeless bug. Well, it doesn't hurt anything to keep it open. But bean counters like easily counted beans, like how many open bugs. Will I insult the submitter by closing it? Some 3rd party weirdos like to get involved at that stage, "I'm morally superior to you because I never give up on a bug like you did, ha ha ha" while the reality of the situation is they merely have more spare time, a poor self image, and a desire to very publicly display it. aka the "ticket ss" "I am morally superior and I say we will have order here! Order! Achtung!"

Finally, last but not least, circumstantially, crazy/insane people seem to encounter more unreproducible bugs than typical people. Don't know if they're more ornery so the tend to report more, or more creative so they tend to find more, but I do know they're a pain to deal with.

Other than that, its not so bad.

Re:Unreproducible bugs

[gringer]

Here's some advice that I find useful when reporting bugs:
http://www.chiark.greenend.org.uk/~sgtatham/bugs.html

There are some non-obvious things in there, such as trying things that clearly won't work, if asked to by the programmer:

Somebody reported a bug to me once, and I asked him to try a command that I knew wouldn't work. The reason I asked him to try it was that I wanted to know which of two different error messages it would give. Knowing which error message came back would give a vital clue. But he didn't actually try it - he just mailed me back and said "No, that won't work". It took me some time to persuade him to try it for real.

Re:Unreproducible bugs

[Kjella]

I just want to comment on that even if the bug isn't reproducible, it can be very real and very annoying. For example, an application I worked with had random cases of "things stop working". Restart services and the problem is gone - for a while. Increase memory and it's gone for a while longer. Turns out that finally, when they dug it out it was a issue with the caching system that'd not evict and insert properly under some race condition.

Another was a strange case of things going read only, but whenever an administrator tried to look at the problem it was gone. Well, finally we found out - through luck more than anything, that somebody was holding the wrong lock and it came from a completely different module. The only reason we caught it was because this particular lock was accidentally held for weeks rather than normally minutes so we could work it out with support.

P.S. I've found the usual MO is to ask for the impossible, like please provide an SQL trace of the problem - that happens randomly and you'll kill everything by trying to log everyone - then when you can't provide one close it because they have insufficient information from the customer. Still I can sort of understand - I have had mystery bugs that have come, gone and never come back. Don't worry too much unless the customer keeps reporting new incidents. If so, help me help you - if you got decent logging capability built in you should tell me what to turn on.

Re:Unreproducible bugs

[maxwell+demon]

Here's some advice that I find useful when reporting bugs:
http://www.chiark.greenend.org.uk/~sgtatham/bugs.html

There are some non-obvious things in there, such as trying things that clearly won't work, if asked to by the programmer:

Somebody reported a bug to me once, and I asked him to try a command that I knew wouldn't work. The reason I asked him to try it was that I wanted to know which of two different error messages it would give. Knowing which error message came back would give a vital clue. But he didn't actually try it - he just mailed me back and said "No, that won't work". It took me some time to persuade him to try it for real.

In that case, the developer failed to communicate relevant information. He should have explicitly said from the beginning that he needs the text of the error message to diagnose what the problem is.

Re:Unreproducible bugs

What are the parts that, in your projects, you would be relieved if someone else looked at for you?

How about unreproducible bugs?

I hate the whole situation.

The bug reports; "Uh, I got an error or something when I tried to run it" "OK, what was the error" "I don't know" "So how do you know theres a problem?"

Failing to reproduce the error. This ties in with the "prove a negative" problem. When to give up? Just document what I'm doing and hope for the best, I guess.

Problems that are probably specification failures but you can't prove it. Closely tied to mystery black boxes that do something, but no one is entirely certain what.

Now you know how they feel at Toyota :)

Re:Unreproducible bugs

[SLi]

Finally, last but not least, circumstantially, crazy/insane people seem to encounter more unreproducible bugs than typical people. Don't know if they're more ornery so the tend to report more, or more creative so they tend to find more, but I do know they're a pain to deal with.

I think I'm one of these. Perhaps I do lots of weird things with my computer that nobody else does, but I don't think it's all explained by that. It's more like software hates me and somehow in a murphyesque way just breaks every chance it gets. Both in reproducible and unreproducible ways.

One day I realized that can be an advantage too, especially since I can usually debug the problems and when I can't, I can usually help the people who can (but can't reproduce it). If software tends to break in your hands no matter what you do, consider becoming a tester. I'm interested in testing too, but the way software seems to hate me is for me the big inspiration to my theoretical computer science major and focus on software verification. I've observed that software that has been proven correct (to some specification) tends to break at least slightly less often.

Re:Unreproducible bugs

What about when you get idiots who say my web app is "caught in a loop" when what they really mean is they can't stop from clicking on a link in the app and keep on re-clicking on it before the page is even loaded. Yes I'm talking about you Doug!!

Re:Unreproducible bugs

[backwardMechanic]

You'd be surprised. Sometimes the half-clued user can be really difficult. They can see what you're asking won't work. They know they want their problem to work. So they can see there is no point typing something that won't work - they somehow assume you're wasting their time, or testing them, or something. I've also had the conversation:

me:Try X
user:It won't work
me: Yes, but I'd like to see the error message
user: But it won't work
...and, repeat...

I work a lot on hardware, and have a similar problem when things break (as they do, often). I ask the user 'what did you do?'. It still amazes me how many users try to cover their tracks. They assume I'm trying to apportion blame, even when I explain that I'm looking for help. I spend a week figuring out what they did, when they could have just told me. And then they'll deny it. Problems are often only tangentially related to what the user did (e.g. they swapped a cable, and happened to find a badly soldered connector), but knowing where they've been makes my life so much easier.

Re:Unreproducible bugs

[Inda]

Seems normal to me.

I had a user last week who complained his (my) spreadsheet kept asking for the database password. Knowing that the database didn't have a user password, I needed to investigate.

He was confident that he needed a password even though it seemed like a connection problem to me. Me the author of both spreadsheet and database.

I sent him a simple link to a folder where the DB sat and asked him to copy the contents back in an email. \\domain\dbfolder\test.txt

That obviously didn't seem like a fix to him and he wouldn't click it.

He's now on my 20/80 list.

Re:Unreproducible bugs

Working in a one-product-per-developer environment with me as the tester. Find a trivial bug. Get bitched at by the coder for not searching the ticket database. Sorry, mate, but there's nearly ten thousand tickets, a third of which are still open, don't have a lot of discrimination for search terms, and trac's search function kinda sucks anyway. Why should I spend an hour searching through tickets to find none before entering a ticket for a trivial issue that you can answer in ten seconds?

Then there's the coders who not only want you to provide steps to replicating the bug and debug info (fair enough), but also to find what part of their code is faulting. Ugh.

Related to your story, a user I encountered once telling me that the software was saying the file was corrupt. Knowing where she was in the application, there were two possible dialogues and neither had to do with file access. I asked her to read the exact message out to me "THE FILE IS CORRUPT". I asked her to read the message word by word as it 'was one I've not seen before'. "THE. FILE. IS. CORRUPT.". I asked her to read out the message letter by letter to 'get the syntax right so the coders could search for it'. Sure enough, the error message was the one saying that her analysis parameters were incorrectly set and the words 'file' and 'corrupt' were not only not present, but had no synonyms either.

Re:Unreproducible bugs

[vlm]

Finally, last but not least, circumstantially, crazy/insane people seem to encounter more unreproducible bugs than typical people. Don't know if they're more ornery so the tend to report more, or more creative so they tend to find more, but I do know they're a pain to deal with.

I think I'm one of these.

No, by crazy, I meant the people that claim I'm hacking them, and/or they want to kill me, or they're at home and drunk or high, or they are theoretically native born English speakers but are actually quite illiterate, or they apparently speak exclusively in 4-letter words, or they think I am part of the paranoid (or real?) conspiracy out to get them, or occasionally all of the above simultaneously. Perhaps not "crazy" so much as profoundly anti-social (which might be a symptom of being crazy).

In the army we had a term "magnet ass" for a guy whom mystically attracted incoming gunfire. Despite the fact that copper plated lead is not ferromagnetic. Well, it was the Army after all, not exactly a physicist convention. Anyway, you sir don't seem crazy, but merely seem to attract bugs. Perhaps a can of "Off"?

Re:The GPL.

[Cylix]

There can be only one!

How are volunteers unique here?

[betterunixthanunix]

What makes you think that corporate programmers are necessarily going to do drudge work better than volunteers? I guess you have only ever worked with big name proprietary software, where a lot of care was taken; I have seen many proprietary software packages that are barely usable, but they are niche products with little competition and thus there is no incentive for anyone to do a good job. So, where is the proprietary advantage?

Re:How are volunteers unique here?

[NewbieProgrammerMan]

I have seen many proprietary software packages that are barely usable, but they are niche products with little competition and thus there is no incentive for anyone to do a good job.

I want to say something snarky about barely usable proprietary operating systems and word processors...I just can't think of anything that's actually funny (as usual).

Re:How are volunteers unique here?

[tepples]

What makes you think that corporate programmers are necessarily going to do drudge work better than volunteers?

Because programmers aren't the only people that contribute work to a product. Name three well-known video games made entirely of free software and free cultural works.

Re:How are volunteers unique here?

[DaveV1.0]

What makes you think that corporate programmers are necessarily going to do drudge work better than volunteers?

Judging from the quality of 99% of the FLOSS software out there, I would say that primary difference is that corporate programmers actually do the drudge work whereas the volunteers don't. Or, more specifically, no one volunteers for the drudge work so it doesn't get done.

Re:How are volunteers unique here?

[CronoCloud]

Nethack, FreeCiv, Ur-Quan Masters

Re:How are volunteers unique here?

What makes you think that corporate programmers are necessarily going to do drudge work better than volunteers?

I believe he meant that the work actually gets done at all. Way too many open source projects have bad, out-of-date, incomprehensible user documentation, if any. As much as I love KDE (even if 3.5 > 4), it does get annoying when whenever I look at help, I find out that I'm welcome to write it. Now, why would I be looking for help in the first place, if I had the knowledge needed to write it?

Re:How are volunteers unique here?

[tepples]

You have a point about Freeciv, but the other two projects you mentioned aren't exactly poster children for the kind of project I was thinking of: well-known even among the non-Linux-using majority and under a free license since first publication. Yes, I know this is a no-true-Scotsman fallacy, but I'm looking for some way for Free gaming to compete on the same level as non-free gaming. If a proprietary platform can have a system seller (e.g. Mario series or that Xbox game that Beyonce sings about), a Free platform needs a system seller.

I dispute whether NetHack is as well-known as its fans think. Google queries "call of duty" game, "diablo ii", and even "animal crossing" game return about 10 to 100 times as many results as nethack.

The Ur-Quan Masters isn't exactly an "open source project" in the sense of the article because it wasn't made free until 2002, a decade after it was first published. It was freed only after it had already made as much money as it was going to make as proprietary software on two platforms (PC and 3DO). Micropolis (the Free version of SimCity classic) is in the same category.

Re:How are volunteers unique here?

[ztransform]

Or, more specifically, no one volunteers for the drudge work so it doesn't get done.

That's where contracting pays off. You agree to do the drudge work and get paid handsomely. Unfortunately you feel like shooting yourself in the process.

Re:How are volunteers unique here?

[DaveV1.0]

Contractors are not volunteers

Re:How are volunteers unique here?

I will do drudge work if I am getting paid for it. In fact, I prefer to do drudge work, it's much more relaxing....

If I want to relax for free, I'll do it at the beach without my computer...

Re:How are volunteers unique here?

[ajlisows]

There is a difference between doing a job poorly and not doing it at all. If a boss is saying "You will write SOME documentation or you are fired"...you are probably going to write some documentation.

That said, I just love doing a search for the "Windows has experienced a fatal error. The associated code is 45211", doing a search on that error, and finding a Microsoft web page that gives you helpful information like "This message means that Windows has experienced a fatal error." You think? Gee. Thanks guys.

Re:How are volunteers unique here?

[DragonWriter]

What makes you think that corporate programmers are necessarily going to do drudge work better than volunteers?

Corporate programmers aren't any better.

OTOH, a corporation can assign people who are proficient in non-programming tasks (UI design, tech writing, etc.) to cover the tasks programmers are neither inclined nor, often, qualified to do. (They can also assign programmers to drudge work programming tasks that programmers who aren't doing it for a paycheck would prefer to not do.)

A volunteer community could in theory attract non-programmers, but most community projects aren't configure to attract (or effectively empower) non-programmers because their tools and processes are geared to programmer-to-programmer collaboration. Solving that problem is a neat challenge, since developing the processes and tools to effectively incorporate (e.g.) UI designers into a community-driven project probably requires collaboration with UI designers in the first place.

Most corporations that do software development (open source or not) have processes that incorporate non-programmers (and not just as users that are the source of issues to resolve). But the processes and tools that work inside a corporation aren't always directly translatable into a community project.

License

Just copy the code :)

Re:The GPL.

[jedidiah]

You are always at liberty to 'code as you see fit' so long as you don't try to sponge off of someone else and then ignore their wishes.

OF COURSE you don't put GPL code on your projects

[Punto]

unless you want your project to become GPL. that's the rule. how hard is it to follow?

We don't want your code, thanks.

I'll use BSD code, but I will never submit a line of code to such a project.

Thanks. That's basically how we want you to operate.

Given your zealous nature and your love for the GPL's utter destruction of freedom, we doubt your sensibility and basic reasoning skills. If you can't comprehend a simple concept like freedom, then I sure as hell don't think that you can properly comprehend anything relating to programming or software development.

Use our code all you want. It's the best code around, and much better than anything you could write.

We don't want your code, because it's shit. Keep it to yourself, please.

Re:We don't want your code, thanks.

I'll use BSD code, but I will never submit a line of code to such a project.

Thanks. That's basically how we want you to operate.

Given your zealous nature and your love for the GPL's utter destruction of freedom, we doubt your sensibility and basic reasoning skills. If you can't comprehend a simple concept like freedom, then I sure as hell don't think that you can properly comprehend anything relating to programming or software development.

Use our code all you want. It's the best code around, and much better than anything you could write.

We don't want your code, because it's shit. Keep it to yourself, please.

Interesting words... I sure hope not all BSD folks are like this.

Installation

I do cross platform win32 and linux stuff, I hate fidling about with the installers etc.

Security through obscurity

[CrazyJim1]

Some of my projects I have involve security through obscurity. Obviously this gets hacked eventually, but making it Open Source would get it hacked immediately and harder. I run a game of hack and counter hack in my projects like an escalating war. If I'm lazy and want to release early, I may not put a lot of counter hacks in.

I know the counter argument that releasing a project will let it become secure. But there are some things which simply cannot be made more secure. An example of this would be Starcraft 1 which transfers the data between both clients so you can't prevent the map hack. Any way you look at it, if both computers have the information of every unit, a hack can be made. Now you can have counter hacks by security professionals to identify hackers and ban them. But if the information of the counter hacks was made public, hackers would work around them and not be identified and banned.

So there are times when you want your code secretive instead of publishing to Open Source.

Re:Security through obscurity

[betterunixthanunix]

Security through obscurity never ends well, for the simple reason that once the hack is in the wild, you are done for -- you now have to replace the entire system, rather than just updating some keys. Really, if the only way you can keep your system from being attacked is by obscuring it, then you are probably faced with a more general problem of trying to secure something which is inherently impossible to secure; such situations are very, very rare, DRM being about the only one that comes to mind (and that is not exactly a constructive endeavor).

You bring up Starcraft, which is an interesting choice of example -- it is actually possible to secure such a system, without relying on obscurity, using lesser known forms of public key cryptography. The situation, of course, is that a player might simply lie about not knowing where enemy units are, or might substitute a different map, or might lie about which units he has killed or where his units are located. The solutions to these problems all have a common theme: the game either cannot be played unless neither player is cheating, or a cheating player is forced to reveal that they are cheating. For a game like Starcraft, this would become rather complicated, but poker involves similar challenges and serves as a good example:

First, we will rely on the existence of a cipher with the following property: enc[k2, enc[k1, x]] = enc[k1, enc[k2, x]] -- in other words, if the cipher is repeatedly applied with different secret keys, the order is irrelevant (and thus, it can be decrypted in any order). Such ciphers do exist (you can look this up in any modern crypto textbook). Now, to deal a hand, player 1 will encrypt each card with some secret key (identical for each card), using a cipher with the property described above, and send the deck to player 2 in a random order. Player 2 will then select five encrypted cards, and use his secret key to encrypt them, sending them back to player 1 for decryption. Then, player 2 will select five more encrypted cards, and send them to player 1 (or at least the indices), and that will be player 1's hand. When it comes time to show the cards (we will ignore the issue of exchanging cards; this is also possible to do, using a similar procedure), players 1 and 2 simple reveal their secret keys -- thus, cheating is easily detected, because player 2 can see if player 1 lied about his hand, and visa versa.

It is reasonable to assume that a similar sort of scheme could be applied to Starcraft, since Starcraft also involves players learning information after secret moves by other players; it is just a little more complex than Poker. In general, such situations fall into the category of "secure multiparty computation" -- situations in which distributed computation is necessary, but where participants in the computation may lie about results or where some parts of the computation must remain secret from certain participants at certain stages.

If you don't mind my asking, what sort of work do you do where you feel that obscurity is the only possible answer?

Re:Security through obscurity

[vlm]

Any way you look at it, if both computers have the information of every unit, a hack can be made. Now you can have counter hacks by security professionals to identify hackers and ban them.

Good luck using technical means to identify the guys using a passive protocol analyzer to watch the data.

To catch any collusion, maybe over a telephone or whatever, analyze player behavior to see if they make the correct decision too often, as if using "hidden" data. Kind of like they do in Vegas. But that's not "counter hacking" by "security professionals" or whatever, that's just common sense. The really good cheaters will only cheat once per game at the most important moment... you'll never catch them, and if you do, they'll claim to be following a "hunch" or "guessing".

Re:Security through obscurity

[vlm]

The situation, of course, is that a player might simply lie about not knowing where enemy units are, or might substitute a different map, or might lie about which units he has killed or where his units are located.

When it comes time to show the cards (we will ignore the issue of exchanging cards; this is also possible to do, using a similar procedure), players 1 and 2 simple reveal their secret keys -- thus, cheating is easily detected, because player 2 can see if player 1 lied about his hand, and visa versa.

I don't think your plan would help detect players whom lie about enemy units.

Assuming the whole point is the actions are public but some items are hidden, and you want to prevent substitution, you'd just hash, sign, and share your interpretation of the gameboard at each move, and then at the end, when its time to reveal the board and tally up and see who won, you reverse engineer what the board should be at each step working backwards, recompute the hashes, and make sure the provided and calculated hashes match, and the sigs are valid? That would catch any odd substitutions that you mention.

Re:Security through obscurity

[betterunixthanunix]

"I don't think your plan would help detect players whom lie about enemy units."

What plan? I described a solution to a simpler problem, Poker, and said that similar logic may be applicable to a strategy game like Starcraft.

Assuming the whole point is the actions are public but some items are hidden"

A false assumption; in most RTS games, actions may be hidden as well (you can move your units in areas that your opponents cannot observe, you can build units without your opponents' knowledge, etc.). Simply hashing everything is insufficient; you must account for the hidden areas, and you must account for them in a way that prevents opponents from learning what is hidden except as defined by the rules of the game. Starcraft is played in real time; there are no turns or moves, which further complicates things.

Read about secure multiparty computation, and you will see how Starcraft is an example.

Re:Security through obscurity

[mindstrm]

So if we're talking online poker here....... my argument to your argument would be, who cares? Cheaters aren't stealing from the house, they are stealing from other players at the table.

The poker room operator, online or off, doesn't care about collusion itself, he cares about the perception by his potential and current customers that his system provides a fair game. As long as nobody is taking their business elsewhere because of the perception that the table is full of cheaters, it has no impact on their bottom line.

Re:Security through obscurity

[CrazyJim1]

If you don't mind my asking, what sort of work do you do where you feel that obscurity is the only possible answer?

Try making a MMORPG without a central server to save on bandwith, and half the latency. Yet have it so people can't just pull a Diablo 1, and have Greater Plate of the Whale or simply God mode. The short time of 3-6 months before hacks are created and propogated in the wild would get me enough money to either go the central server route, or create anti hacks. But if I release the MMORPG with source code too, people can write all sorts of hacks, or even recompile the client.

I don't see World of Warcraft releasing their source code, and they have a central server. Maybe you claim Glider could not have been made if WOW released its source code.

Re:Security through obscurity

[betterunixthanunix]

"Try making a MMORPG without a central server"

This is a perfect example of secure multiparty computation; you do not need obscurity here, if you are willing to hit your players' CPUs pretty hard (the cryptographic functions may become expensive as the number of players each person interacts with increases). However, it seems likely that some clever tricks to reduce the number of such operations could go a long way, and would have the added benefit of reducing the bandwidth needed by each player. It would also greatly reduce the ability of players to create hacks or god mode; the mathematics would simply not allow for it (unless there was a very grave bug in the code).

However, you may feel that the effort involved in studying the cryptography and designing secure protocols is simply not worth it, since you could just use a central server once you have the money available to run such a system. My guess is that this is why we do not see cryptographic systems being used for RPGs and online poker: the people who write this software do not really care about making it provably secure, they just want to get it out and keep it running long enough to turn a profit. Given that you seem to be a smaller operation than Blizzard, though, you may benefit from the network effects and community building of open sourcing the game, although you would have to be judicious about what patches you accept (i.e. a patch that renders nicer graphics is a good thing, but a patch that changes the secure protocol is not).

Then again, I am not a professional video game programmer, so there may be other issues to consider here (what sort of profit model is there in an MMORPG that has no central server, and therefore no subscription model?).

Re:OF COURSE you don't put GPL code on your projec

His point is not that it's hard to follow, but that he's frustrated to see other people enjoying the shiny GPL toys that he can't touch because his company is on the other side of the license glass.

Redirects and aggressive caching

[paulproteus]

You can all read the links now, thanks to Coral cache for the blog post, and memcached on our server.

Whee!

Outsourcing

This site is going to reveal certain kinds of project coding that generally disliked and thus understaffed. These sections could be hired out to coders and students in places like India, and really anywhere a student needs to make a little extra to cover rent or beer fund. Something like set up a little donation service to offer a gratuity for dealing with unloved gruntwork.

Could also offer a swap. Senior coders can offer to mentor students willing to push through these sections.

Re:OF COURSE you don't put GPL code on your projec

Very hard, apparently.

Lets say I'm developing a webapp for a client. Standard LAMP stack, and the frontend uses ExtJS.

I'm giving my client sourcecode, and they in turn are running the webapp publically.

Since I'm giving them sourcecode, does MySQL's GPL license require me to license it as GPL, even though my client is not going to redistribute it?
What about ExtJS's sourcecode that is also GPL? The only thing it links to is other javascript on the site, all of which is of course sent out in sourcecode format as theres no other way to do it. But does the 'linking clause' stop at javascript interaction, or does anything I use XMLHTTPRequests to access count as linking? If it does then my client would need to release sourcecode, which ExtJS's site seems to imply is the case. But if that is true it would become illegal to use GPLed javascript to do ajax requests to any public API that isn't GPL.

This is all asusming a public webapp. What if its an inhouse tool? Does that remove the requirements of redistribution?

I won't even get into the gray area that is TiVo, but if the GPL wasn't "hard to follow" they wouldn't have had to rewrite it to clarify Stallman's stance of some issues that came up. Which as a GPLv2 project, you may or may not agree with.

Evangelism.

[Hurricane78]

But I avoid that for everything.

Like preaching close-minded people, who think that they are much more open-minded than you just because they oppose what they perceive as the majority opinion. When they are really religiously locked on the exact opposite view, even sometimes imitating the opposite.

Or in short: People that don’t think for themselves and people that try to force their reality upon me.

Two examples would be
1) Those that completely and totally avoid putting anything closed-source on their system, even if they only have disadvantages because of it, and even if in the long run, it would help them getting free from closed source. In the case of (graphics) drivers, much more people would use Linux, if they could use all their hardware like on Windows. Which would force other companies to support Linux more. Which would strengthen open source as a whole, and also put more pressure on the still closed drivers, who now would be the worse working ones.
2) The Gnome team, who think they know better than me, what I want to do with my system and how I want to do it, and therefore only include options they think I should use. They even remove options that they don’t want me to use. Only cattle, fanboys and themselves can stand that in the long run. Since others will run into differences. A good programmer also allows options that he does not like. Because he cares for his users. That’s why they are options. He can still make his choice the default. (Yes, KDE4 also fell for this a bit. And Apple practically invented it.)

Re:Writing tests, user-level docs, and finding bug

[TheRaven64]

Oh yes. Bug reports that come with test cases are worth their weight in metaphors. One of the most useful contributions I've received was a test suite for my Smalltalk compiler. If you give me a bug report with a simple test case that lets me reproduce it, I can usually fix it quickly. I fixed one bug a few months ago that was dependent on library load order. On my machine, it never appeared. On someone else's, it always appeared. Once I had a test case that made it appear on my machine it was a trivial fix.

Most hippyware users don't pay for the code. When you use off-the-shelf software, there is a clear relationship between users and the project. Both users and developers are contributors - the users contribute money and the developers contribute code. With hippyware, a lot of the users are freeloaders. I don't have a problem with that - I don't lose anything from their use of the software - but I'm much more likely to bother listening to the opinions of other contributors than freeloaders.

Being a contributor doesn't always mean contributing code. Artwork, translations, bug fixes, and especially test cases can be contributed by people who aren't programmers (well, in the last case you might need some programming experience, but not much). If you've contributed any of these things, I'll pay a lot more attention to your feature requests. The same goes, of course, if you want to pay me for a bit to add a feature.

Documentation

Nobody likes writing documentation......poor documentation is the most common critiscism of an IT project at completion.

I mean...it's open source so the users can just read the code right?

Re:Writing tests, user-level docs, and finding bug

[Hurricane78]

Could you please tell me your projects, so I can avoid them and hence breaking my system? ^^

Two things

For me it is anything to do with the website and re-writes. I really don't like re-doing something, whether I originally wrote it or someone else did. I'll improve and tweak existing code until the cows come home, but wiping out working code and re-writing it annoys me. For some reason some open source projects seem to feel the need to do a complete re-write every few releases.

Documentation and comments.

[jacksonj04]

I wish I had a dollar for every time an OSS project spat out something like "ERROR: 0947445" with no mention anywhere of what aforementioned error code meant or how to fix it, then upon further dredging through a hundred uncommented lines of code to find out what was going on it turns out that the root cause was that I hadn't installed some-package-to-do-something-2.4-beta (which should have been a prerequisite, but isn't).

Re:Documentation and comments.

[Tablizer]

I wish I had a dollar for every time an OSS project spat out something like "ERROR: 0947445" with no mention anywhere of what aforementioned error code meant or how to fix it,

It's better than "unknown error, shutting down app". With a number, at least you can search for "0947445" in the source code.

   

Re:Documentation and comments.

[TheDugong]

"With a number, at least you might be able to search for "0947445" in the source code." Fixed that for you. The error could just be spitting out the value of a variable and only useful for diagnosis if you know of the context in which the error occurred.

Duh...

I avoid the part where nobody pays me.

(unfortunately, I haven't figured out how to get paid for writing open source software at all, so as you can guess, I don't actually write any).

Ever Anon, Anonymous Coward
PS - the captcha word was 'normal'. I think not :)

Re:Writing tests, user-level docs, and finding bug

We have this thing called money - you give it to others to get them to do work that you can not / will not do.

Try it sometime.

Consider Steam

[tepples]

The different between repositories in Linux distros, and the "apps store" that Apple is pushing, is clear as day: you can only even have one "apps store,"

Citation needed. Windows has several app stores for games alone: Steam, GOG, and Direct2Drive.

whereas nothing stops you from using third party repos for a given Linux distro.

The difference is that the repository model used by popular GNU/Linux operating environments is intended for use with free software or at least freely redistributable software. Distros like Fedora and Ubuntu currently lack anything like Steam, a repository of non-free commercial software.

Re:Consider Steam

[Virak]

Note the essential qualification, "that Apple is pushing". Windows is completely unrelated, and Apple's app store is exactly as described. And Apple's model is very much what is shaping the public perception of such things. For the average person, game download services like you mentioned don't seem to fall into the same category as 'app stores' any more than music download services do.

Re:Consider Steam

[icebraining]

The difference is that the repository model used by popular GNU/Linux operating environments is intended for use with free software or at least freely redistributable software. Distros like Fedora and Ubuntu currently lack anything like Steam, a repository of non-free commercial software.

Ubuntu is planning to integrate the ability to purchase non-free software in the Ubuntu Software Center by October 2010 (Ubuntu 10.10)

Re:Consider Steam

[Patch86]

Glad to hear it. Linux projects seem to get the whole Free-Libre and Free-As-In-Beer thing hopelessly confused, as a rule. A software distribution tool that has no way of paying for things seems like a half-way house, even if you only plan on serving open-source software.

Personally I have no problem with the concept of paying for software, even though I'm a huge open-source fan. I'm even happy with the concept of closed-source software, within certain circumstances. Some way of including it in the mainstream software management, and not treating it like some unwanted add-on, is much welcome.

Re:Consider Steam

[LingNoi]

The difference is that the repository model used by popular GNU/Linux operating environments is intended for use with free software or at least freely redistributable software. Distros like Fedora and Ubuntu currently lack anything like Steam, a repository of non-free commercial software.

It's true that there is no way to purchase software using the package manager. However, there is no reason that you couldn't integrate the package manager into a purchasing system such as steam.

One way you could do it is by shipping a debian file with the binaries only. When the debian file is installing you can call a script to enter a license key or make it call a DRM server for online activation. I think there are lots of things you could do using the underlying systems on linux which would be more difficult to do on windows if you were writing everything from scratch.

All your steam app would have to worry about is providing a list deb files to only logged in users and not unauthorised users.

Re:Consider Steam

[betterunixthanunix]

"Windows has several app stores for games alone"

Note that I said "apps store" as Apple is pushing it; Microsoft is not pushing any apps stores, and so the only ones you see in Windows are for specific markets, like games. The distros in Fedora or Ubuntu are much more general -- not just games, but also office suits, browsers, various little utilities, programming environments, libraries, plugins, and many other categories. Apple's "apps store" is similarly general, but Apple refuses to allow certain software into the apps store, including any software that would allow a user to install software from other sources (unlike a Linux distro, where such software would commonly be called a "text editor").

"The difference is that the repository model used by popular GNU/Linux operating environments is intended for use with free software or at least freely redistributable software. Distros like Fedora and Ubuntu currently lack anything like Steam, a repository of non-free commercial software."

Well, there is this:

http://fedoraproject.org/wiki/Releases/FeatureCodecBuddy

Mainly, Fedora wants to avoid pushing non-libre software whenever possible, since the aim of Fedora is to be a libre distro; CodecBuddy was an attempt to make a prudent compromise, since users were turned off to the idea of not having MP3 support (and others).

Re:Consider Steam

[Antique+Geekmeister]

SuSE tried this. Oh, dear lord, it was bad: the YaST installation tool would completely ruin installations of NVidia drivers or Microsoft fonts, and what it did to multiple kernel installations was unspeakable. The issue was that the vendors refused to actually use, or allow, RPM package managed installations, and attempts to wrap it up in bad shell scripting invariably broke. And Sun still does this with their amazingly foolish "rpm.bin" installers for Java, designed to force you to agree to their licenses before doing the actual installation. And HP, for various drivers, and other vendors.

There are repositories that have more correctly organized such packages: the "Penguin Liberation Front" has done so for Mandriva, for various emulation tools and MPEG and DVD decoders, and the old "Livinia" repository for various other drivers, including VMWare tools. There are patent and DMCA legal issues using such tools in the USA, but it's awfully handy when overseas to be able to review what's actually in those packages.

Re:Consider Steam

[icebraining]

Even Debian already installs closed-source drivers (from the non-free section) just fine. The news is that Ubuntu will include paid software.

support and testing for Windows

[bcrowell]

On a related note, the thing I really dread is support and testing for Windows. I have an open-source app I wrote that is cross-platform. I use it on Linux, but it also runs on Windows. Since I don't own a Windows machine and don't know anything about Windows, it makes it a real pain to test on Windows or reproduce bugs that only occur on Windows. Packaging for Windows is also a hassle. Of course there is wine, but testing in wine isn't the same thing as testing on a real Windows box. And even if I do succeed in reproducing a Windows-specific bug in wine, that doesn't mean that I understand enough about the Windows environment and APIs to be able to fix it.

Re:support and testing for Windows

Use ReactOS. That's what I do.

Cost of certificate and dedicated IP address

[tepples]

Nothing wrong with using HTTPS for normal sites too.

Until your certificate expires.

It's actually quite stupid that web traffic by default is all in plain-text, even login boxes on most sites.

A public HTTPS site requires a hosting plan with a dedicated IPv4 address and a certificate issued by a major CA. You usually don't get those with a typical $35 per year entry-level shared hosting plan from a host like Go Daddy.

Re:Cost of certificate and dedicated IP address

[EvanED]

Until your certificate expires.

A self-signed cert would be perfectly fine for most sites out there. Sure, it's susceptable to MitM attacks, but there's a reasonably big step from "I can eavesdrop" to "I can reroute your connections to me."

The biggest obstacle to this is the horrendous hoops you have to jump through to OK a self-signed cert in browsers.

Re:Writing tests, user-level docs, and finding bug

[mtippett]

Plug alert.

You should have a closer look at Phoronix Test Suite. The infrastructure is the half of the hard part in testing, so then it comes down to just writing the tests.

Re:The GPL.

[0100010001010011]

What about the Apache? or Sun? Or Apple licenses?

Personally I write stuff to the Beerware license. I really don't give a flying fuck what you do with code I write because I normally write it for me. If you find it handy, congrats. If you turn it into a multi billion dollar industry, congrats. I don't care.

License incompatibility

[tepples]

Actually, the GPL extends plenty of freedom to developers; the only restriction is that those developers cannot impose any further restrictions than those imposed by the GPL

Another problem is that a lot of works, even works under "permissive" licenses, are licensed incompatibly with the GPL. For example, how would one make a video game using engine code and scripts under the GPL with, say, textures under the Creative Commons Attribution License? One might claim that the game engine code, scripts, and non-program assets make up an "aggregate" under the GPL, but I'm still having trouble figuring out what constitutes "other separate and independent works, which are not by their nature extensions of the covered work, and which are not combined with it such as to form a larger program", if the engine puts specific requirements on those files.

Open Source Nazis

[Niobe]

What Aspects of Open Source Projects Do I Avoid? The part where I get yelled at by a developer for filing a bug that I tried diagnose to the best of my ability but didn't mange to fix myself. Because, as we know, you shouldn't even USE open source software unless you're willing to DEVELOP it as well. Pffft.

Re:OF COURSE you don't put GPL code on your projec

[Bogtha]

Both MySQL and ExtJS have, to put it diplomatically, "unconventional" ideas about how the GPL works. It's striking that, out of all the GPLed projects out there, you would pick two that are both unconnected to each other and do not represent mainstream GPL usage.

I try to avoid

RMS

Re:I try to avoid

[Secret+Rabbit]

How exact was this funny? RMS, even though he did do good things in the beginning, is a problem. Just check out the Subversion fiasco and the strawman thread on an OpenBSD mailing list (@misc I believe). The guy's nuts. He talks about stuff that he hasn't a clue on and completely avoids any point from another person that shows.

Unfortunately, he can't really be avoided. That is, assuming that your project gets any publicity and isn't GPL'd, he'll find you. And he's a hard guy to get rid of given that his only job seems to be stirring the shit.

* Waiting to get marked troll by Linux zealots as I have a poor view of there hero.

Re:I try to avoid

[u17]

I know, these quadratic means are truly awful to work with!

Re:I try to avoid

[simoncpu+was+here]

Theo is crazy as well, but I really don't mind them fighting each other because I can relate to crazy people. It's like looking into a mirror.

Re:I try to avoid

[PipsqueakOnAP133]

Both RMS and Theo are crazy. But between the two, I think I'd rather cheer on Theo since he's actually getting stuff done. RMS seems to only be preachy. Maybe should title these two, The Cathedral and The Bizarre.

Hmm.

[mindstrm]

I avoid all the parts where anyone evangelizes any part of it being "open source" or has any sense of entitlement.

I'll work on my project, or contribute to someone else's if I feel the itch, and that's about it. If I make my project open source, that's that.

I dislike OSS nazis who have this hippie "give back" attitude. I've released software. Some of it is open-source. I couldn't give a rat's ass if anyone "gives back" - I only expect that if you use the software *I* wrote, you abide by the terms I released it under.... whatever those terms are.

I don't do a project for the sake of being open-source - I do it because it's interesting, and if I make it open-source, it's because I want to share. I don't appreciate anyone reading any more than that into it.

Re:Hmm.

[Secret+Rabbit]

Hear hear!!!

That's obvious

[Locke2005]

The "not getting paid" part. All the rest of it, I'm down with!

Sorry, to say i've avoided Open Source entirely

[physburn]

I like downloading and using free software, but i liked my time to be payed for. So in 27 years of programming (since age 12), i've never writing anything to be open sourced. This is very ungratful of me, but i can't see me becoming less greedy.

Re:Sorry, to say i've avoided Open Source entirely

[einhverfr]

It's your model. If it works for you, great.

Me? I have gotten paid for at least the last 4 years to do open source and documentation work full time.

Of course this depends to some extent on what the software does. Some software is easier to make money developing than others.....

The aspect of open source projects I avoid is

[hey!]

contributing.

Re:The aspect of open source projects I avoid is

[bill_mcgonigle]

contributing.

You got modded funny, but the statistics show that your post represents the 95th percentile view.

Re:The aspect of open source projects I avoid is

[nicks,nicks,nicks!]

...asking the main devs for help to START contributing. Like every one of them came into the world coding real life code in all the languages. Well, hello people, some people need a friendly welcome and less ego on part of you guys. KDE > GNOME on that count.

Re:The aspect of open source projects I avoid is

[hey!]

Recently I offered to write documentation for an open source product I use. This was a valuable offer; I'm not a tech writer, but I have considerable experience both as a developer and product manager, so I know what documentation needs to do.

The project (which will remain nameless) had had a pretty good quickstart several year ago, but they are hopelessly out of date. Not only are many of the features used in the quickstarts deprecated, a lot of them are unmaintained and don't work properly. On the other hand, the user guide is really, really bad. It's written from a coder's perspective. There's lots of handwaving philosophical discussion and patting themselves on the back about how brilliant the project's ideas are, but very little guide a to how to do any of the things the users were likely to want to do.

So I made an offer. I'd write a tutorial quickstart and HOWTO that would guide users through the basic mechanics of the system, then provide step by step examples that would teach the users not only how to do specific things, but also be indexed to concepts in the user guides.

The response was that they'd accept the documentation on two conditions. (1) I had to join their developer group, use their source control system (which I'd have to learn because it was not cvs, git, or svn) and submit any documentation as patches. (2) I had to subscribe to their developer mailing list.

It was silly. All they needed to do is say "yes, give it a shot and we'll tell you whether we like it or not," and a week later I'd have given them a key missing piece that none of them were willing to tackle themselves.

Re:The aspect of open source projects I avoid is

[hey!]

I was joking. I have offered small contributions to several projects.

Probably my biggest contribution has been bug reports. Being a developer myself, I can write a *killer* bug report. I reckon that if people are giving me free software, the least I can do is save them some time.

I've had the same experience with documentation.

[Futurepower(R)]

Quote: "... FOSS projects are very particular about their UI, even if they don't know what they're doing..."

I've had the same experience with documentation. I've tried to help, but some FOSS programmers don't want their inadequate, poor quality explanations changed.

I contribute to Slashdot discussions...

[Alex+Belits]

...and I really dread arguing with religious people, free market advocates and American loyalists.

While it's important to constantly that those categories of people are completely morally bankrupt, stupid and plain evil, it's like diving with a snorkel into an enormous vat filled with decomposing brains. Can someone else do it?

Re:I contribute to Slashdot discussions...

[Alex+Belits]

to constantly that

I accidentally the whole verb. It's supposed to be

to constantly demonstrate

I'm an 800k'er, you insensetive clod!

[rts008]

...it's the ~1m UIDs who do so who were in turn trained by us 900k'ers, which we learnt from the 700k'ers and so on.

Yeah, no mention of us 800k'ers I noticed. What have you got against us?
Trying to write us out of history won't work...we'll fight back!
*slaves massive array of USB controlled Nerf Missile Launchers to cluster of 486's and 586's for targeting control, then starts passing out torches and pitchforks*

Re:I'm an 800k'er, you insensetive clod!

[gd2shoe]

Boys! Boys! No need to fight! Well, of course this is Slashdot... But we're going to need those missile launchers. Be careful with those pitchforks. They're sharp. I have some cork if you need it.

Re:I'm an 800k'er, you insensetive clod!

[Aighearach]

like you pathetic whelps think you can make history a decade late or something. You gotta make the cut before you can be written out. You think nerf missiles are gonna phase the BOFH?! Attention all netslaves, Get Back To Work!!!

Re:I'm an 800k'er, you insensetive clod!

[orngjce223]

Set a pitchfork on fire so it's also a torch! See, angry mobs can now be twice as efficient!

The Curse of "Patches Welcome"

[bill_mcgonigle]

Interestingly, some projects could _really_ use a manager, but open-source projects are often begun by programmers who want to get away from having a manager.

There are a few floating managers disguised as QA people and community liaisons that manage to do a pretty good job at this without being recognized. Some of them read here. You're appreciated.

Project Names !

[spudgun]

Project Names

Lightning = Calendar ?

Funambol = syncml ?

Duckling ?

Squid = Proxy Server

Gnome

Filezilla

Great Fun Names , but a bit hard to Explain to Management or Customers !

as a simple user, not involved in development

I can tell you what all open-source devs avoid:
1- documentation
2- usability
3- specs
4- testing
5- debugging
6- support

RTFM

[syousef]

Hey now, we cannot have it both ways. If we want to push community support, that means that we have to be ready to answer the same novice questions over and over again

We do answer again and again. We've got it down to a fine art. A single answer: RTFM!

Re:RTFM

[GigaplexNZ]

Next question: WTF is RTFM? ;)

Re:RTFM

[silverglade00]

That should be in the FAQ.

Re:RTFM

[smi.james.th]

The Fine Manual isn't always that good, though, and it's not always that easy to find in the first place. I've got a fair amount of experience with *nix and "man " sometimes even confuses me... "I just want to know what the option does!!!" or "What the config file is called!!!" A lot of people I know weren't even aware that such a thing as "man" existed, and when I've told them about it, a lot have said similar things to what I've just expressed, often man pages are very technical and don't answer obvious questions. (Obvious to my mind anyway...)

I'd be willing to bet that a lot of new users wouldn't be able to get that far. I've had experience recently of a friend who is new on linux calling me just about every week to come to fix something that he doesn't know how to do, he's not a stupid chap, but it seems as though a lot of things that were obvious to me just weren't to him. F/LOSS is sort of lacking in the documentation front, just in my experience...

Re:RTFM

[BranMan]

Assuming you are not trolling... Read The (Fine) Manual

Re:RTFM

[gestalt_n_pepper]

And the FAQ should be in the manual.

Re:RTFM

[calibre-not-output]

And the FAQ should be in the FM.

Fixed. What is it with *nix geeks and acronyms?

Re:RTFM

You would know if you would read the f***ing manual.

...and the answer is:

Getting them to build successfully after first downloading the source.

My most hated

[BillX]

Depends on the size of the project. I haven't worked on any large-scale projects, so I can only really give a perspective from one-man itchscratch programs to those with a dev team of 3 or so... my least favorite parts:

1) Documentation
I write it, and try to make it informative, but...people don't read it. Certainly some do, but there is that percentage who quit reading (and start emailing you questions that are answered in the friendly manual) because the documentation is too technical, and that other percentage who quit reading at the 3rd page because it isn't technical enough. And you also have to assume some minimum level of proficiency for you user/implementor, which is just a guess at best (and the skill level of the userbase may change dramatically as the project progresses or it gains popularity/promotion in specific circles, think "featured on AOL News"). You can't really include an entire semester of CS101 in your documentation. Not even to mention all the users that cry at you because they speak a language you don't, and you haven't provided a Turkish/etc. version.

Which leads into...
2) Tech Support
I don't just mean the emails from users who didn't/couldn't RTFM (you can use the delete button for this, at the expense of disgruntled users publicly slamming your project/self/lineage), but the gruntwork of providing support infrastructure. Somebody's gotta keep on top of the spammers in the forums and wiki you set up. Somebody's got to keep up with the patches / security advisories on them, and clean up the mess when they get hacked. Somebody's got to staff the IRC channel, if applicable.

3) PR
Of course, if you don't stop coding and start pumping the project, nobody's going to know about it. Who is a great coder, excellent technical writer AND a people person? Or marketing person, for that matter. This might well be my least favorite task.

Re:Writing tests, user-level docs, and finding bug

[hughbar]

Yes agree, but happily I have a (mainly) web based project: http://www.hughbarnard.org/content/alternative-currency-software and use Selenium: http://seleniumhq.org/. I also export the tests to Perl to give me a large, very ugly (I don't publish it currently) monolithic regression test. When someone finds something broken, I fix it and add another test for that...

I bit the bullet about two years ago and sat down and wrote a user manual, it needs restructuring now though. I use Perltidy: http://perltidy.sourceforge.net/ to automate some degree of developer documentation.

I think my point is that, even for small projects, it helps to set up a little bit of organisation and use of tools, takes some of the pain away.

My two bits

I don't like developers who use the "it's open source so it's better!" argument for everything. I've been a Linux-only person for quite some time, but I honestly think that if I hear the term "open source" used a weapon one more time, I'm going to puke.

Also true from a programmer's perspective

[GreatBunzinni]

I run a couple of small FLOSS projects and I have to confess that producing documentation is by far the most painful task that I need to accomplish. It basically demands that you put down in writing something which, as you've just spent a considerable slice of time which may amount to years writing it, to your own eyes is so blindingly obvious to use that you shouldn't be wasting your time writing about it. Adding to that, it's frustrating to document code because as the source code is easily accessible anyone can just fire up a text editor and read it.

To make matters worse, sometimes you are forced to rewrite a portion of your code. When you do that, if you already have some documentation written then you are forced to go back, find any reference to that particular behaviour and rewrite it to reflect your changes. And pray to God that you don't have to yet again rewrite everything all over again (or write a new copy of the docs) to reflect a minor version. Tools like Doxygen do help mitigate this problem but they are only good enough to handle code references, and they do that at expense of filling the project with long winded comments which, if you happen to use an editor which doesn't support code folding all that well, make up reading and writing code a bit needlessly complicated.

Ignoring some other nasty aspects of writing/maintaining a documentation, at least to me documentation boils down to wasting your time. It's a task which doesn't have any noticeable positive feedback and it always feels like you are completely wasting your time with fluff tasks. After all, if you've written an excellent documentation then your users will simply read it and go on with their lives while you never get to hear about it.

But although that's my personal view regarding producing documentation I also understand the need for it. It's extremely important to provide (and also have available) a decent documentation. Without it your users (and sometimes even you) are left disoriented and forced to waste time with basic things. But that won't make the job of generating it any more enjoyable than it already is.

It's obvious

[Chemisor]

GPL is so troublesome because in most companies there is no way in hell anybody will let you release the source code to the product. Hence, no GPL code can be included, but many developers don't bother looking up the license for the code they use, which causes later trouble for the company. It's as simple as that.

As a user

[FiloEleven]

The thing that keeps me away from using many open source projects is the installation process. This was true when I used Windows and remains true since I switched to OS X. Far too many cool-sounding projects require me to go to 3 or 4 different sites, find the correct libraries for my platform, install them, then download the project I'm actually interested in and hope it finds them or even go through the hassle of compiling it myself.

For people heavily into system management this isn't a big deal, but my focus is on actually using the product, and I want the same instant gratification I get when I buy commercial software--double-click and go. If an installer for my platform isn't available it's no dealbreaker, but please make sure that your documentation on the installation process is good. More than once I have gotten 3/4 of the way through the process I mentioned above only to have something fail due to a missing library or whatever after carefully following the instructions outlined by the project's site. Other times, the "instructions" consist of "you will need to get X, Y, and Z before compiling this. Here's the source," with nothing else to tell you what goes where or how to build it.

End users should not be doing the packaging work of the project developers for them. That doesn't fly in a commercial environment, which is what free software is competing against. If you want more users, make sure they can easily get your software running on their system.

I realize this submission asked about contributors, but the overwhelming lack of focus given to the installation process makes me think that it's an aspect being avoided, or at least poorly handled, by the majority of developers.

Re:As a user

[RAMMS+EIN]

Interesting you should mention the installation process. The secret is that open source actually tends to do a much better job there than proprietary software. You just happen to have had the misfortune of only having used the two major platforms where this isn't the case.

Allow me to expand. On both Windows and OS X, the installation process is basically "get the binaries from somewhere (CD, website, what have you), dump them on your computer, and if there is an installer, run it". Rinse and repeat for every dependency that isn't bundled with the thing you are actually installing.

This is, as you have obviously found, very tedious and annoying.

The solution in the closed source world is to (1) bundle as much as possible with the operating system (hence you get > 10 GB OS installs) and (2) bundle everything else with the product you're distributing. With luck, this means that you only need to fetch one file and run at most one installer.

The disadvantage of this approach is that you end up using up lots and lots of disk space, and usually have multiple different versions of the same libraries on the same system. Which wastes more space, and, in the worst case, causes the dreaded "DLL hell", where multiple versions of a library have the same identifier, and programs that depend on one or the other version may end up getting the wrong version and not working.

With open source, the solution is to let the maintainers of the operating system package the software and integrate it with their system. When this works (and nowadays, that is on all major Linux distros and *BSDs), it means that installing software is just running a simple command (or clicking a few widgets in a GUI, if you prefer), and you will automatically get all the necessary dependencies pulled in and installed, as well. No more dependency hell, a lot less space wasted (I have _never_ operated a system where the OS partition had more than 10 GB on it), and everything tailored to your OS.

Now, what you have run into is software developed with an open source operating system in mind, but installed on a proprietary operating system without automatic dependency resolution. That means that, basically, neither solution is implemented, and you have to go and do the dependency resolution by hand. Yuck. I feel your pain.

The good news is that you can get a package manager with dependency resolution on OS X. Back when I still used it, there was a choice of pkgsrc, DarwinPorts, and fink. This is several years ago, so there may be more or fewer choices nowadays. Perhaps one of those can easy the pain. Good luck!

Re:As a user

[PipsqueakOnAP133]

Actually, the real solution to the installation process is be like OSX.

Sure there's a few libraries that you link to that are in the OS itself, but statically compile everything non-OS together or distribute them as libraries tied to the application in the application bundle.

This way, there's no DLL hell. It's just, I want this app, and it happens to include everything it needs except the OS itself. When you don't want the app anymore, throw out this app and all the dependencies get deleted too. No garbage left.

Why do I say this?
Because while it's typically nice to install something from a one line apt-get call, not everything is available in the repo, and sometimes new libraries that some packages depend on could break other existing apps. In the end, the package manager only tries to hide the fact that there's potential conflicts between all the stuff you may want to install. And now adds a dependency in that your package manager needs to be self-consistent too. A DB in front of a dependency manager.

Sure it saves space, but download disk image and run saves debugging time.

Re:As a user

[FiloEleven]

This mirrors my thinking. I understand the *NIX way of doing things, and it makes good sense for that breed of system--it's even doable on OSX as RAMMS+EIN pointed out, provided your package manager works. I tried either DarwinPorts or Fink a while back, I don't recall which, and couldn't get whatever package I was instructed to get even though I was following the instructions exactly, which goes back to one of my original points.

As you say, OSX puts everything in an app bundle. Windows has the same ability: DLLs can be called from the same folder containing the .exe file. I've occasionally seen open source projects that do this. IMO the space saved by requiring a separate resource install--usually well under 50MB, often under 5MB--is not worth the hassle of the easter egg hunt of tracking them all down. Just throw 'em all in there by default and let savvy users delete what they don't need, or make the extra effort to maintain a "full" package with everything and a "slim" package without external libraries. That shouldn't be too hard to set up with the advanced build tools around today.

And to reiterate, the inconvenience becomes an aggravation only when stuff doesn't work. Documentation is important, and if your installation process is pretty involved, your documentation should match it.

There's such a thing as too much, though...

[smi.james.th]

While I was in school, the programming textbooks that we had commented just about every single line, like this:

int foo( int bar) { /*begin function foo, accepts bar as an argument */
return bar * bar; /*multiplies bar with itself and returns the value*/
} /*end function definition for foo */

That hurt my eyes quite a bit while I was trying to read code (especially since a lot of the students copied the style). You'd imagine that it would be fine for the introductory "Hello World" listings, but even when we're past pointers etc. the style still continued.

I'm all for good documentation of code, and I agree that it does need to be maintained, but there is such a thing as too much, I think.

Another thing that kind of drives me crazy is when the opening brace isn't on its own line, like in the example above. I like them to be nicely lined up underneath one another, but that's just me, I suppose.

Re:There's such a thing as too much, though...

[GooberToo]

int foo( int bar) { /*begin function foo, accepts bar as an argument */
return bar * bar; /*multiplies bar with itself and returns the value*/
} /*end function definition for foo */

Never seen that one before. I consider that broken too. It's not far off from the example I provided of some of the worst use comments.

The arguments

The pointless arguments over shit that doesn't really matter between Linux kernel contributors.

Packaging

[RAMMS+EIN]

It's interesting that nobody else seems to have said it yet, but here goes:

What I avoid when working on open source projects is packaging. I'll do design. I'll write documentation. I'll write the code. I'll find and fix bugs. I'll communicate with users. I'll make it as easy as I know how to to get the program working on your system.

But I avoid making a package for any one particular system.

It would probably greatly improve how easy it is to get started with a particular program, but I still can't seem to get myself to do it. Whenever I create a package, it always feels like I'm taking sides, like the platform I'm making a package for is somehow more favored by me than other platforms. And the few times I have created packages, they have not been included in any of the canonical repositories. So nowadays, I pretty much don't bother anymore.

Even though I think that, detach, in particular, would really make a great addition to every Unix-like operating system.

Re:Packaging

[marcosdumay]

What is the difference from detach to nohup?

Re:Writing tests, user-level docs, and finding bug

[xiong.chiamiov]

Please, for the love of God, somebody come along and write a test suite for my project. I'm sick of breaking code by accident! ;)

That's the real advantage of TDD - it forces you to write a good test suite.

Suggestion

[calibre-not-output]

Perhaps in your case a rolling release like Arch Linux (or -gasp- Gentoo) would be more suitable, then. I've yet to find a package manager that I like more than dpkg/apt, but portage is actually very nice once you get used to it.

Re:Suggestion

[gd2shoe]

I haven't tried Arch yet, but I have tried Gentoo. Installation took days, and upgrades took hours*. I know it's cliche at this point, but there really is a lot of truth to the accusations. I'm given to understand that Gentoo is optimal in offices and labs that rely on distcc because it greatly decreases compile time.

*(It was years ago, and I haven't really looked back. Maybe I will eventually. Maybe things have improved. I have been quite happy with Debian, though. I just wish that Sun would get a clue.)