💾 Archived View for adamthiede.com › log › 2023-07-30.gmi captured on 2024-05-26 at 14:40:55. Gemini links have been rewritten to link to archived content

View Raw

More Information

⬅️ Previous capture (2023-12-28)

-=-=-=-=-=-=-

Software Governance

It's not that big of a deal, but a recent prolific contributor to Alpine Linux just kinda quit, without really any warning. (Maybe there was a warning to those in charge? Maybe not. I don't know, I'm not in charge.)

Governance of projects is important. It's important to have responsibility for things that people depend on. This contributor maintained a lot of packages in the 'main' repository, including software where timely updates are an important security feature, like Firefox. I like that Alpine is kinda chaotic, but I think Fedora's model of "sponsorship" to become a packager is pretty cool too. It prevents unvetted randos from committing code to a bunch of people's machines at once and makes sure there's a chain of trust through humans.

Anonymity is nice sometimes, but chains of trust are better. Anonymity can be selective, too; I think maintiners of critical subsystems should, at least amongst themselves, be identifiable, contactable, real humans. It's hard to trust Alpine and software like it when the most prolific contributor of the past few years is an anonymous anime avatar who up and vanishes with no explanation. But hey, it's volunteer work, right? At least this person did the good service of making an exit, even if it was a weird one.

back to gemlog