I’ve been juggling far too many projects, but I’m now working to move FindBugs back into the active rotation.
I also want announce I'll be working with GrammaTech as part of the Swamp Project, and they will be helping with rebooting the FindBugs project. This has been in the works for a long time (almost a year), and although I’ve known that GrammaTech was likely to win an award, this hasn’t been official and something I could talk about until recently. Was hoping to have something a little more concrete to talk about as far as that goes; but I don’t yet have the information I wanted to share.
Thanks to all the FindBugs fans and supporters who lobbied for me to return to active maintenance of FindBugs. Give me a week to get up to speed on current project needs.
I don't mean to denigrate you, but I must be candid here: hoarding admin rights so that only you have them and no one else can get any work done is simply not acceptable in a team environment.
Going forward, I would recommend taking a look through other projects you may be involved with, and make sure that you are not the only person with admin access. If nothing else, it would increase the "bus factor" to greater than 1: https://en.wikipedia.org/wiki/Bus_factor
I for one have lost all trust on his ability to lead the project after such long absence, and the fact that he only reappeared after this hit HN, and only to respond here, to me is an indication he cares more about what people may be thinking / saying of him, than the well being of FindBugs.
I fear, the only way for FindBugs to stay alive, is for Bill to do what he probably should have done a long time ago: step down.
I don't mean to denigrate you, but I must be candid here: demanding work from others without putting in the hard yards yourself is simply not acceptable.
Going forward, I would recommend taking a look at your written communication, and make sure that you are being fair and kind.
- If you are the sole maintainer of a project, putting up a note in the README asking for a co-maintainer or someone to take over the project entirely.
- Responding to emails with, "I'm swamped/I don't think I can do this right now, can you help/would you be willing take on this role?" Totally acceptable. There are lots of eager developers out there who would be willing to contribute to an open source project if they could.
- Posting on HN asking if anyone is willing to help out. :-)
I get that sometimes stuff happens in real life--illness, working long hours, taking care of children or family members--these are all perfectly valid reasons for not being able to put in the time needed to work on an open source project. However, the developer community cannot offer its help if said help is not asked for.
"Thank you for your email. This is an automated reply to let you know that active development of this project is currently on hold. If you have any questions, please email email@example.com, who is the current maintainer."
This is ridiculous. Expecting the maintainer who hasn't contributed for over a year (hasn't given any life signs or shown any interest) to give admin rights to someone who genuinely cares about the project isn't entitlement. It's the absolute minimum he could do to keep the project alive at the expense of other peoples time and effort.
As such, there exists a kind of implied social contract between the project owner and users. The owner wants people to use the library and improve it, and the users in turn want semi-frequent updates/fixes and to be informed about the status of the project. Projects that are regularly updated receive more users and contributors, who in turn help provide bug reports, improvement ideas and PRs.
Calling users "entitled" for asking the owners to adhere to the aforementioned social contract, which defines open-source and holds it together like glue, betrays a fundamental lack of understanding of what this ecosystem is and how it manages to be a legitimate alternative to commercial software.
If the owner has other reasons for putting up the project on Github/Gitlab etc (e.g. it's their hobby project, or they want to showcase their code to potential employers), and has no intention to support it, then they should include a note in the readme that the code is not intended for production use. Problem solved.
No, there doesn't. The "reality" is this: you are using the code I have given out, and that's all you get from me.
I also very much enjoy how you talk about your own free time, and how it's not really "free" to evaluate this stuff, and thus there's a burden etc etc -- and then conveniently turn around immediately and say "but maintainers are required to give me their time, that's part of the social contract". What kind of bullshit is this? It's always the same shit -- time and money for me (I get to reap the rewards, shitpost on your bugtracker, and complain on my blog when you make me mad), none for thee (you're required to help me).
If you're so worried about your own time and your own cost savings -- go buy proprietary code. Or pay the maintainer. Then you can actually have a real contract without handwaving and appealing to non-existent "social contracts".
If you want to whine about taking on risk, maybe you should also bear the burdens of that, as well as the benefits. I'm sorry that's so unfair, but maybe it could teach you something.
> If the owner has other reasons for putting up the project on Github/Gitlab etc (e.g. it's their hobby project, or they want to showcase their code to potential employers), and has no intention to support it, then they should include a note in the readme that the code is not intended for production use. Problem solved.
So your answer is that we should always assume this "social contract" exists with every piece of code, and thus maintainers are obligated to slave away for us unless specified otherwise?
This entire post reeks of nonsense entitlement-justification. I do not owe you my free time because I posted a library on GitHub, though I may choose to give you my time. I am also free to rescind that offer at any time, and guess what -- I do not need your approval to do so (because, really, you are not that important). End of story.
Fine, then say so on the readme file! It's not lack of updates people are worried about. It's the uncertainty that comes with not knowing whether the owner intends to continue developing it or if they have abandoned it. If you pay some attention, you'll see that's what this entire conversation is about: the owner of a popular project being the single point of failure and then going missing.
>>I do not owe you my free time because I posted a library on GitHub, though I may choose to give you my time. I am also free to rescind that offer at any time, and guess what -- I do not need your approval to do so (because, really, you are not that important). End of story.
Again, no one is asking for your free time. If you don't want to update the project or push fixes, fine, whatever. The only thing people are asking you to do is to transfer ownership of the project - or at least admin/maintainer rights - to someone else in a responsible manner if you decide to abandon it. You may call this "entitlement." I call it "being an adult."
And frankly, get over yourself. You aren't that important either. Just because you posted a piece of shitty code on Github doesn't give you the right to act like an asshole when people come to rely on that code. Try not to let it get to your head too much, mmkay?
Understanding that a project with a single maintainer may become unmaintained unexpectedly should be common sense.
> Again, no one is asking for your free time.
You literally are. Including the time and energy needed to decide whether or not to continue maintaining the project, and to hand it off in an appropriate way.
> Just because you posted a piece of shitty code on Github doesn't give you the right to act like an asshole when people come to rely on that code.
Is this normally the tone you take when asking people who helped you to keep helping you?
Just because you randomly downloaded some code from Github and chose to rely on it doesn't mean the author owes you a damn thing. Don't like it? Fork it. That actually is how open source works.
It isn't the responsibility of the project owner to tell you that their project doesn't meet your needs. It is your responsibility to check how the project is run and choose whether or not to take on that risk.
People actually doing the work of evaluating the risks they are taking on is how open source actually does become a legitimate (sometimes safer) alternative to commercial software.
People not doing the work, taking on risk without doing their homework, and then whining when it bites them in the ass is, well, "the story of left-pad".
Sometimes there is.
You can express your disappointment in how a project is managed without implying that someone else isn't living their life properly.
Or are you implying the author is so thin skinned he cannot take a bit of judgement?
People who are passionate about a project, as a user or contributor, do tend to ask what the status/roadmap of a project is. At least in open source projects I contribute to, that's not considered as demanding something from the project leaders, just because no one has paid for the project.
IMO, there are times where it's valid to state that no one has paid for the project so aren't entitled to anything, but I don't think this case is a valid one. I've seen this statement being used many times with open source projects and such project usually tend to lose sight that users are a central part of open source projects.
However, "There is absolutely no reason to not be answering emails" gave me the impression that at least one person is demanding replies to emails. I still feel it's okay to tell the quoted person that if he doesn't pay someone he can't demand from that person to answer emails.
Last but not least, if someone hasn't answered emails for some time, who seemingly had enough trust before to be important in a software project, then it may be wise, even for people with legit demands, to see whether or not that person had good reasons for his absense or not.