On Thu, Oct 30, 2025 at 4:23 AM Elliotte Rusty Harold <[email protected]> wrote:
> On Thu, Oct 30, 2025 at 8:38 AM Elric V <[email protected]> wrote: > > > > Not doing that is profesional misfeasance. > > > > You are aware that open source software does not come with a warranty or > > any sort of promises about being "fit for purpose" or whatever? > > Volunteer driven development is not a "professional" undertaking. > > Doesn't mean we shouldn't all try our best to deliver stuff that works > > and isn't a leaky bucket, but calling it "misfeasance" is many a bridge > > too far. > > I don't believe we are trying to do our best. In 2025 certain > principles of secure software engineering are well known and well > understood, but too often open source projects don't follow them. > Instead they prioritize developer convenience with known bad practices > like commit and never review. > > You can build any random nitro-fueled, Rube Goldberg drag racer you > like in your own garage, but it isn't allowed on public roadways. I'm > increasingly convinced we shouldn't be allowing software that doesn't > meet basic professional standards on the public Internet. > > On the plus side, if software that runs the Internet were required to > meet minimum standards like code review, then mega-corps that depend > on these rickety foundations would be highly incentivized to fund > improvements Not how it works. Corporate uses grab what works for them. Things that don't work, fail scans or cause problems eventually get replaced either by other OSS things that do work or by homegrown things that may or may not work. The history of the ASF is the history of the kind of "garage work" that you disdain. With enough eyeballs and core software value, what starts as "unprofessional" code turns into very high quality software. We have some of that in our Commons repos. We have some that needs work. Patches welcome. Phil > so the world no longer depends on the thankless work of > one random person in Nebraska: > > https://xkcd.com/2347/ > > -- > Elliotte Rusty Harold > [email protected] > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [email protected] > For additional commands, e-mail: [email protected] > >
