Tag open-source

Here's a tough but common situation for open source maintainers: You want a project you co-maintain to be more secure by reducing the attack surface. There are one or more folks in privileged rol...

Quitting my job to start a company.

Just discovered https://github.com/gayanvoice/top-github-users/blob/main/markdown/public_contributions/united_kingdom.md According to that I'm #1 in public GitHub contributions in Scotland, #10 in the UK and, if I were in the USA, would be #9. Neat.

When contributing to other users’ repositories, always start a new branch in your fork.

Upgraded a library and the new major version removed support for something I was using. However, instead of complaining to the maintainer, I copied the code into my repository, reformatted the code and went along my merry way. Thank goodness for freely licensed source.

8 comments

A central open source program office is a designated place where open source is supported, nurtured, shared, explained, and grown inside a company. With such an office in place, businesses can establish and execute on their open source strategies in clear terms, giving their leaders, developers, marketers, and other staff the tools they need to make open source a success within their operations. This guide aims to help you figure out why and how to establish a program to manage the open source use and creation inside your company, as well as to show how your developers can make their own contributions to open source projects outside your operations.

A comprehensive guide to funding open source software projects

I've been trying to invest more and more of my free time interacting with founders. I genuinely feel we've been through a lot with Sentry and I can provide some useful value to others. More so, I believe most people in this industry, most successful people, do others a disservice but not having honest conversations about the hardships and endurance it takes to succeed. As part of that I thought it'd be interesting, or at least therapeutic, to talk about some of the history in written form. I previously wrote about Sentry's Seed Funding, but I want to go deeper on some other topics this time around. I'm not entirely sure what future topics I'll cover, but hopefully you'll find some value in it.

Want to hear more? Register for “The Future of Open Source: The State of Sustainability”, on October 26. Sentry is an Open Source company…

I've been working on a site to assist Open Source maintainers and contributors. Very much a WIP. Check it out... https://label.dev

I don't have time to keep up with all the daft Open Source projects I release. I wish my skill and my energy was as wide as my ambition. Several years ago, I came across Felix Geisendörfer's Pull …

We need more of Richard Stallman, not less écrit par Ploum, Lionel Dricot, ingénieur, écrivain de science-fiction, développeur de logiciels libres.

IMHO, an underappreciated aspect of 'filing bug reports is (hard) work for people' is that it's hard work that often has no particularly immediate payoff. Filing a bug report will mostly not get the problem fixed immediately the way you want; at best it may get you a fix in the next release, which will arrive who knows when. Sparked by: https://hachyderm.io/@funnelfiasco/110344473863227729

To keep the modern technological world of open source software safe, it is critical to efficiently and accurately communicate information about open source vulnerabilities. The OSV Schema, created through the collaboration between OpenSSF members and housed within the Vulnerability Disclosures Working Group, provides a minimal, easy-to-use first class JSON format for describing vulnerabilities in open source software.

I want open source maintainer to be a profession. A thing you start by joining something bigger than just yourself, and then you grow in it. And eventually spawn off your own thing, hopefully. 🗣️ @filippo@abyssdomain.expert https://youtu.be/OBWCM2G6_-I

FOSS licenses come in two approaches. The distinction is _who_ is granted the most freedom: - in "copyleft" licenses the emphasis is on the end-user, ensuring that they are _always_ passed the four freedoms; - in "permissive" licenses, the emphasis is on other developers/programmers, including allowing them to _not_ pass on the four freedoms. Is disappointing people still mistake this as being a difference between #FreeSoftware and #OpenSource because each has always supported both types.

Fake—or captive—open source can be defined as software that is released under a license that is not truly open.

A GitHub action to generate a stackaid.json file based on your repository's dependency graph - GitHub - stackaid/generate-stackaid-json: A GitHub action to generate a stackaid.json file based o...

A few thoughts on GitHub&rsquo;s practice of keeping their code synchronized with Rails <code>main</code>.

A handy guide to financial support for open source - GitHub - nayafia/lemonade-stand: A handy guide to financial support for open source

Licensing is what holds open source together, and ClearlyDefined takes the mystery out of projects' licenses, copyright, and source location.

It works! I am now a full-time independent open-source maintainer. I'm announcing my first cohort of six clients, and sharing some details of how the model works.

Open source people: "open source fucking sucks, it's not sustainable. Nobody pays you for all your hard work and everyone is way too entitled, thinks you owe them something." Also open source people: "join us, it's easy, just find a repo of a cool project and start helping out!"

Plausible Sounding-Guff @monkchips@mastodon.social (@monkchips)Fri, 27 Jan 2023 09:37 GMT

Automattic acquired Pocket Casts last July, and since we’ve been tapping away trying to make the best podcast client for people who love listening to podcasts. And! The team has been working …