What Aspects of Open Source Projects Do You Avoid?

paulproteus writes "I'm a Debian developer and a part-time contributor to a few smaller projects. I do a lot of free software-y and open source-y things. Sometimes, though, I don't do them. I figure some other Slashdotters might have similar hang-ups — we contribute to a project, but there are parts that we really dread thinking about. So I wrote a post about having these hang-ups, and I made a place on the web to share how others can help your project. What are the parts that, in your projects, you would be relieved if someone else looked at for you?"

public relations

[Runaway1956]

As long as I don't have to make freindly with the natives, the headhunters, and the unwashed masses, I'm happy.

Adding comments

[kickme_hax0r]

I've picked up an open source project that doesn't have comments. There's major chunks of it that the code is such a mess that I have no idea what it does, yet I'm supposed to be fixing it.

Re:Adding comments

[RAMMS+EIN]

There's the Commentator for that.

Anybody have an implementation of that for *nix?

Writing tests, user-level docs, and finding bugs

[multipartmixed]

Please, for the love of God, somebody come along and write a test suite for my project. I'm sick of breaking code by accident! ;)

One thing I don't do is troublesome licenses

[carlhaagen]

In developing (I work with a company doing _mostly_ web-based applications; perl, php, asp, all that gibberish) I steer clear of projects and software with a troublesome license. I am very pro-open source, I am very pro-freedom, and I am very pro-FREE FOR NON-COMMERCIAL USE, so don't get the wrong idea, but I mainly steer clear of anything GPL when it comes to the point of including GPLd software in the projects I work with. Simply: it spells nothing but trouble to me. Please do discuss, debate, don't just f***ing go all nazi gpl/linux/grandma on this by modding it "troll".

Re:One thing I don't do is troublesome licenses

[maxume]

You could say "I choose to respect the GPL in situations where I am not prepared or legally able to do the work necessary for compliance."

Re:One thing I don't do is troublesome licenses

Have you ever read Slashdot before? There are tons of people who don't like the GPL on here, some with reasonable opinions, some frothing lunatics.

Re:One thing I don't do is troublesome licenses

[Jeff+DeMaagd]

Going off on not wanting to be called a troll without explaining why GPL is so troublesome to you doesn't help the discussion that you're supposedly trying to have here.

Re:One thing I don't do is troublesome licenses

[maxume]

People can use GPL code without giving anything back. They just can't modify it and hide those modifications from their users.

Re:One thing I don't do is troublesome licenses

[TheRaven64]

And the moment you distribute it you have to give the code to anybody you distributed to who asks

No you don't. You just have to give it to the people that you give binaries to. The GPL explicitly does not require you to give anything back, it requires you to give freedoms forward. In practice, this often means community-driven development with people contributing their changes upstream. They do this because it's cheaper than maintaining a fork though, not because the license compels them to. And, guess what? That economic incentive applies to permissive licenses too.

Compare, for example, Yahoo! contributing changes to FreeBSD back and Google keeping their internal version of Linux private. The GPL did absolutely nothing to protect Linux. The BSDL did nothing to protect FreeBSD. Yahoo! gave code back because they determined it that the cost of maintaining a fork was greater than the competitive advantage gained by keeping the code private. Google kept their filesystem (among other things) private because they made the opposite decision.

90% of software that is developed is never distributed. It is written in house to solve a particular problem. Whether you see any code back from these people depends entirely on whether they think it's cheaper. They can use GPL or BSDL code internally without any legal issues.

Re:One thing I don't do is troublesome licenses

[vadim_t]

No you don't. You just have to give it to the people that you give binaries to

Exact same thing I said. You have to give the code to anybody you gave the binaries to who asks for it.

Compare, for example, Yahoo! contributing changes to FreeBSD back and Google keeping their internal version of Linux private. The GPL did absolutely nothing to protect Linux. The BSDL did nothing to protect FreeBSD.

Yes, but Google had to necessarily give the source for their changes for Android, while just try and get the source from Apple. Darwin OSS development was pretty much inexistent last time I looked, and what little there is seems to be unusable.

Yahoo! gave code back because they determined it that the cost of maintaining a fork was greater than the competitive advantage gained by keeping the code private. Google kept their filesystem (among other things) private because they made the opposite decision.

Sure. But that means Google can't ever sell that. The moment Google sells something with GFS in it, somebody will be able to ask for the code.

I find this overall to be an acceptable compromise. I can't just walk into Google's office and check out if they're using any of my source there and if they changed anything. Enforcing anything on internal usage would be very difficult, impractical, and involve tactics and methods I disapprove of. The moment Google releases anything to the public however, it doesn't matter whether they want to give it or not, they're legally obligated to give the code.

If you find the GPL to be insufficient, there's the AGPL, which Google seems to really hate as it makes the keeping changes internally much harder.

So resuming what was said so far:

When changes are made only internally, with BSD they get contributed when convenient, and with the GPL as well, with AGPL any user over the network can have them.
When changes are released externally, with BSD they get contributed when convenient, with GPL any user can have them, with AGPL any user can have them.

In light of that and my own preferences I therefore prefer the AGPL to the GPL where possible, and heavily prefer GPL to BSD.

Re:One thing I don't do is troublesome licenses

[mindstrm]

And the moment you distribute it you have to give the code to anybody you distributed to who asks

No you don't. You just have to give it to the people that you give binaries to.

Those two statements are the same... and you can eliminate the need for waiting for people to "ask" by simply offering equivalent access at the same time. eg: A src tarball available over HTTP in the same location as hte binaries. Even if the use chooses not to download, it was available. You only have to give hte "written offer" and then maintain those copies under certain circumstances.

But again - the GPL has nothing to do with forcing people to contribute back to projects - it only requires that if you want to redistribute code, modified or not, you must also distribute the source to those changes in a reasonably useful format. You owe no allegiance whatsoever to the "project" that started it.

Re:One thing I don't do is troublesome licenses

[evilviper]

You just have to give it to the people that you give binaries to.

Which is exactly what he said... Swap "distributed" with "give" and it's nearly the same sentence.

In practice, this often means community-driven development with people contributing their changes upstream. They do this because it's cheaper than maintaining a fork though, not because the license compels them to.

This is just misleading enough to be untrue... While the GPL doesn't force you to contribute "back" (only "forward", as you've called it), you then can't stop anyone from, themselves, giving it "back", and contributing all changes upstream.

90% of software that is developed is never distributed.

Yes, but the word "distribute" is peppered all over his post. He's clearly talking about distributing it.

Re:irc.freenode.net

[betterunixthanunix]

Hey now, we cannot have it both ways. If we want to push community support, that means that we have to be ready to answer the same novice questions over and over again, especially since a lot of concepts are lost on Windows and Mac OS users -- like the idea of a package manager. Yes, it may seem like the most obvious question in the entire world, but I frequently get asked things like, "How do I install ," and if we are unwilling to answer such basic question, people will just get scared (and subconsciously assume that "Linux is not ready for the desktop").

We may find it annoying, but we absolutely should not avoid it. In fact, we should being doing it more often.

Re:Getting slashdotted...

[PetiePooo]

The blog was cross-posted to asheesh.org. Lets slashdot them too!

try this

[Colin+Smith]

Don't bother with IRC. Insist on email instead.

Then train a bayesian classifier (bogofilter) to answer the questions for you.

You just have to remember Bayesian classifiers are good at yes/no classifications (e.g. spam/notspam), so I have several corpuses and test incoming emails serially against them, tagging with the ones which match. Then process the email according to the tag. FAQ should be fairly easy. Use a procmail rule to answer, "thanks for your question, please have a look here".
 

real hackers don't dread

[10am-bedtime]

Ahhh, can't resist...

Real hackers don't dread unpleasant tasks. They write code that (perhaps write code that) does the unpleasant task for them.

Re:real hackers don't dread

[quantaman]

How do you write code to do PR/create docs? Please, be my hero.

Simple, you obviously just need to write a program capable of passing the Turing Test.

Of course when you finish you probably want to give it some interesting tasks besides just PR/documentation, last thing you want is for it to get pissed off and go all Skynet.

Re:real hackers don't dread

[rockNme2349]

Sorry, but I tried that already. It was an incredible AI, so I assigned it the process of documenting my latest project. Unfortunately that was too unpleasant of a task for it, so now it's working on code to create PR docs. I guess I'll just see what it comes up with.

Re:real hackers don't dread

[icebraining]

See? If you had licensed your code as OSS he wouldn't be obliged to re-invent the wheel! You're a bad parent*.

*If the AI is Turing-test passable, is it considered a being?

Someone avoided performance optimizations

[paziek]

Someone avoided performance optimizations on openhatch.org
If you have tough time deciding if you should do those, ask slashdot - that will clear up things!

From a user perspective

[93+Escort+Wagon]

I think the answer is obvious - what most developers avoid like the plague is documentation.

Re:From a user perspective

[fm6]

Too true.

Hey! Unemployed tech writer here! Anybody got something juicy for me to work on? I particularly enjoy API references and programming guides.

Thanks for Slashdotting me

[paulproteus]

Working on fixing the site...

Re:Thanks for Slashdotting me

[paulproteus]

The blog post can also be read at http://www.asheesh.org.nyud.net/note/debian/avoiding-working-on.html

Re:Ego

[WrongSizeGlass]

I try to avoid the rabid advocates who seem to think (or at least they project) that using anything that isn't open source is some kind of affront to the entire open source movement.

Sorry guys 'n gals, but sometimes I need something now and can't wait for it to be included, supported or fixed in an open source solution. My clients aren't patient and don't really care about the necessity for creating an equal playing field for all software developers.

Unreproducible bugs

[vlm]

What are the parts that, in your projects, you would be relieved if someone else looked at for you?

How about unreproducible bugs?

I hate the whole situation.

The bug reports; "Uh, I got an error or something when I tried to run it" "OK, what was the error" "I don't know" "So how do you know theres a problem?"

Failing to reproduce the error. This ties in with the "prove a negative" problem. When to give up? Just document what I'm doing and hope for the best, I guess.

Problems that are probably specification failures but you can't prove it. Closely tied to mystery black boxes that do something, but no one is entirely certain what. Even funnier when there isn't really a spec, just kind of a goal. Best of all, when two groups make opposing policy decisions and want you to consider each other's design to be a bug.

When to close out the hopeless bug. Well, it doesn't hurt anything to keep it open. But bean counters like easily counted beans, like how many open bugs. Will I insult the submitter by closing it? Some 3rd party weirdos like to get involved at that stage, "I'm morally superior to you because I never give up on a bug like you did, ha ha ha" while the reality of the situation is they merely have more spare time, a poor self image, and a desire to very publicly display it. aka the "ticket ss" "I am morally superior and I say we will have order here! Order! Achtung!"

Finally, last but not least, circumstantially, crazy/insane people seem to encounter more unreproducible bugs than typical people. Don't know if they're more ornery so the tend to report more, or more creative so they tend to find more, but I do know they're a pain to deal with.

Other than that, its not so bad.

Re:Unreproducible bugs

[gringer]

Here's some advice that I find useful when reporting bugs:
http://www.chiark.greenend.org.uk/~sgtatham/bugs.html

There are some non-obvious things in there, such as trying things that clearly won't work, if asked to by the programmer:

Somebody reported a bug to me once, and I asked him to try a command that I knew wouldn't work. The reason I asked him to try it was that I wanted to know which of two different error messages it would give. Knowing which error message came back would give a vital clue. But he didn't actually try it - he just mailed me back and said "No, that won't work". It took me some time to persuade him to try it for real.

How are volunteers unique here?

[betterunixthanunix]

What makes you think that corporate programmers are necessarily going to do drudge work better than volunteers? I guess you have only ever worked with big name proprietary software, where a lot of care was taken; I have seen many proprietary software packages that are barely usable, but they are niche products with little competition and thus there is no incentive for anyone to do a good job. So, where is the proprietary advantage?

Re:How are volunteers unique here?

[DaveV1.0]

What makes you think that corporate programmers are necessarily going to do drudge work better than volunteers?

Judging from the quality of 99% of the FLOSS software out there, I would say that primary difference is that corporate programmers actually do the drudge work whereas the volunteers don't. Or, more specifically, no one volunteers for the drudge work so it doesn't get done.

Re:How are volunteers unique here?

[tepples]

You have a point about Freeciv, but the other two projects you mentioned aren't exactly poster children for the kind of project I was thinking of: well-known even among the non-Linux-using majority and under a free license since first publication. Yes, I know this is a no-true-Scotsman fallacy, but I'm looking for some way for Free gaming to compete on the same level as non-free gaming. If a proprietary platform can have a system seller (e.g. Mario series or that Xbox game that Beyonce sings about), a Free platform needs a system seller.

I dispute whether NetHack is as well-known as its fans think. Google queries "call of duty" game, "diablo ii", and even "animal crossing" game return about 10 to 100 times as many results as nethack.

The Ur-Quan Masters isn't exactly an "open source project" in the sense of the article because it wasn't made free until 2002, a decade after it was first published. It was freed only after it had already made as much money as it was going to make as proprietary software on two platforms (PC and 3DO). Micropolis (the Free version of SimCity classic) is in the same category.

Re:irc.freenode.net

[ZackSchil]

The "app store" concept might help a lot in this regard.

Re:The BSD license

[mrclisdue]

Not to mention that the op is suggesting that one fights fir with fire, which would normally result in the fir being summarily consumed, immolated, if you will.

Unless the original fire is extremely small AND the fir is extremely green.

hth,

Re:Ego

[dvice_null]

> A lot of open source coders seem to avoid UI aspects and usability like a plague

- Programmers write code.
- UI designers design UI
- Technical writers write user documentation
- Graphical designers draw buttons and icons

The problem is that majority of open source developers are programmers and UI designing is a completely different profession.
Two possible solutions:
- Programmers must learn UI designing also
- We need more UI designers to join us

Re:Ego

[Securityemo]

My CS undergrad program has UI design as an obligatory second year course.

Re:Security through obscurity

[vlm]

The situation, of course, is that a player might simply lie about not knowing where enemy units are, or might substitute a different map, or might lie about which units he has killed or where his units are located.

When it comes time to show the cards (we will ignore the issue of exchanging cards; this is also possible to do, using a similar procedure), players 1 and 2 simple reveal their secret keys -- thus, cheating is easily detected, because player 2 can see if player 1 lied about his hand, and visa versa.

I don't think your plan would help detect players whom lie about enemy units.

Assuming the whole point is the actions are public but some items are hidden, and you want to prevent substitution, you'd just hash, sign, and share your interpretation of the gameboard at each move, and then at the end, when its time to reveal the board and tally up and see who won, you reverse engineer what the board should be at each step working backwards, recompute the hashes, and make sure the provided and calculated hashes match, and the sigs are valid? That would catch any odd substitutions that you mention.

Re:irc.freenode.net

[Snaller]

You could make documentation....

One of the reasons I avoid all this open source stuff is that most of it is badly documented, and quite often there is an almost hostile tone towards people "Just learn unix you scrubs" - no thank you.
If you want your stuff to be used by a lot make simple instructions and a userfriendly interface - if you just make it for your self feel free to ignore this.

Re:Ego

[roman_mir]

You are probably right, but I think open source programmers need more of one more thing , which they maybe not getting enough of. Blow jobs. I think free and open source programmers need more blow jobs. From hot women. We should get the hot women to join in on this idea somehow.

License incompatibility

[tepples]

Actually, the GPL extends plenty of freedom to developers; the only restriction is that those developers cannot impose any further restrictions than those imposed by the GPL

Another problem is that a lot of works, even works under "permissive" licenses, are licensed incompatibly with the GPL. For example, how would one make a video game using engine code and scripts under the GPL with, say, textures under the Creative Commons Attribution License? One might claim that the game engine code, scripts, and non-program assets make up an "aggregate" under the GPL, but I'm still having trouble figuring out what constitutes "other separate and independent works, which are not by their nature extensions of the covered work, and which are not combined with it such as to form a larger program", if the engine puts specific requirements on those files.

Re:Ego

[acidrainx]

Exactly. I'm a professional UI developer and I used to contribute to open source software quite a bit back in the day. I don't contribute much these days mostly because of lack of free time to do so, but this was a major point of contention for me.

The biggest problem is that the programmers have trouble accepting advice for changes to the product they've poured their blood, sweat, and tears into. I've found for the most part that many open source projects are over complicated. One of the best ways to improve the usability of a product is to simplify it. You need to remove or conceal the features that are rarely used. Unfortunately, those features tend to be the hardest to implement, so the person who implemented it wants to make sure people know about it. It's not unexpected that they wouldn't be happy if you suggest that it be removed.

Open Source Nazis

[Niobe]

What Aspects of Open Source Projects Do I Avoid? The part where I get yelled at by a developer for filing a bug that I tried diagnose to the best of my ability but didn't mange to fix myself. Because, as we know, you shouldn't even USE open source software unless you're willing to DEVELOP it as well. Pffft.

Re:Freedom is not binary

[man_of_mr_e]

Yes, precisely. Did you actually *do* it?

You’ll get back the following:

@(#) Copyright (c) 1983 The Regents of the University of California.Incidentally, on my FreeBSD server at home it shows a bit more up to date code:

strings /usr/bin/ftp | grep California

@(#) Copyright (c) 1985, 1989, 1993, 1994
The Regents of the University of California. All rights reserved.

Notice how the ftp in Windows predates the first copyright in FreeBSD. That copyright, 1985 also pre-dates the first open source version. The first open source version of BSD was Networking Release 1, which was released in 1989, and did in fact contain a 1989 copyright.

Re:irc.freenode.net

[Dorsai65]

One of the reasons I avoid all this open source stuff is that most of it is badly documented

THIS

IRC channels, wikis, blogs, mailing lists (and their archives), a set of web pages... none of these is a valid substitute for actual documentation that a user can actually find an answer in. Fine, if you feel the need to be high-tech, edgy, l33t, or whatever, make it a pdf or downloadable html pages. Do not force users to have to jump through any 'extra' hoops to try and get help with a problem they may be having. I'd also add:

• If you get some variation of the same question over and over again, you need to (better) explain it in the docs.
• If a user finds an actual bug, don't make them have to sign up for some service or other that they'll (hopefully) only need once (i.e. Bugzilla) to report it. Maybe have a bugs@myproject.org to triage.
• CLEARLY provide SOME way to contact SOMEBODY actively involved with the project. Keep this updated if you don't want to be getting annoyed emails five years from now.
• If it's a Linux app, it would be kinda nice if it worked/looked good under ANY desktop, not just your personal favorite.

The aspect of open source projects I avoid is

[hey!]

contributing.

Re:Ego

[Ihmhi]

So were those! Pattern, perhaps?

The Curse of "Patches Welcome"

[bill_mcgonigle]

Interestingly, some projects could _really_ use a manager, but open-source projects are often begun by programmers who want to get away from having a manager.

There are a few floating managers disguised as QA people and community liaisons that manage to do a pretty good job at this without being recognized. Some of them read here. You're appreciated.

Re:Cost of certificate and dedicated IP address

[EvanED]

Until your certificate expires.

A self-signed cert would be perfectly fine for most sites out there. Sure, it's susceptable to MitM attacks, but there's a reasonably big step from "I can eavesdrop" to "I can reroute your connections to me."

The biggest obstacle to this is the horrendous hoops you have to jump through to OK a self-signed cert in browsers.

Also true from a programmer's perspective

[GreatBunzinni]

I run a couple of small FLOSS projects and I have to confess that producing documentation is by far the most painful task that I need to accomplish. It basically demands that you put down in writing something which, as you've just spent a considerable slice of time which may amount to years writing it, to your own eyes is so blindingly obvious to use that you shouldn't be wasting your time writing about it. Adding to that, it's frustrating to document code because as the source code is easily accessible anyone can just fire up a text editor and read it.

To make matters worse, sometimes you are forced to rewrite a portion of your code. When you do that, if you already have some documentation written then you are forced to go back, find any reference to that particular behaviour and rewrite it to reflect your changes. And pray to God that you don't have to yet again rewrite everything all over again (or write a new copy of the docs) to reflect a minor version. Tools like Doxygen do help mitigate this problem but they are only good enough to handle code references, and they do that at expense of filling the project with long winded comments which, if you happen to use an editor which doesn't support code folding all that well, make up reading and writing code a bit needlessly complicated.

Ignoring some other nasty aspects of writing/maintaining a documentation, at least to me documentation boils down to wasting your time. It's a task which doesn't have any noticeable positive feedback and it always feels like you are completely wasting your time with fluff tasks. After all, if you've written an excellent documentation then your users will simply read it and go on with their lives while you never get to hear about it.

But although that's my personal view regarding producing documentation I also understand the need for it. It's extremely important to provide (and also have available) a decent documentation. Without it your users (and sometimes even you) are left disoriented and forced to waste time with basic things. But that won't make the job of generating it any more enjoyable than it already is.

Re:RTFM

[GigaplexNZ]

Next question: WTF is RTFM? ;)

Re:Ego

[b4dc0d3r]

There are FIVE words!

Re:RTFM

[silverglade00]

That should be in the FAQ.