I get being done with something when you've had a bad experience, but the maintainers here went to every effort to accommodate, and did so in a friendly way.
It reads like this guy wanted a fight and an excuse.
I think the correct answer is to just make the fork as proposed and use that instead, it solves the problem and removes the guy from the equation entirely. The fact he rejected it doesn't matter and he can be angry all he wants.
Daniel Stenberg creator of cURL has famously gotten a lot of weird support requests and emails over the years due to his license being shipped with an insane number of different utilities. He has handled them gracefully and with good humor from what I've seen, but not everyone is comfortable with fielding questions from random non-technical users - if that's where this dev is coming from then forking the project would probably let him dodge a lot of the responsibility. I just can't clearly tell due to how terse his replies are.
1. I would say succinct here due to the fact that it lacks the negative connotations of terse, but it also implies a completeness of information which sadly isn't here. Please don't read terse as insulting or negative in any way.
> If users experiencing issues with the ambee library in this package, they will knock on my door. And I'm not willing to support that or accept that burden. Especially as I don't see a good repacking reason in this case.
I absolutely agree that there is a legitimate reason to say "look, I can't handle the support burden from this", but users aren't going to track down the original project to make support requests if you fork it, rename it and point everything to the new one.
(Obviously you might get one or two, but anyone that motivated would probably be making their own package and run into the exact same issue anyway, at some point you can't really blame the package).
The existence of pypi does not mean everyone is forced to link back to it and use it has their own source repo. Frenk insistance that everyone uses pypi and only pypi is just a tantrum not based on reality.
People could use his package from pypi and still have an outdated version. People could use a pinned version from pypi and they would always get an outdated version. People could be using an installed software from long ago and thus have an outdated version.
Thus his concerns are not magically solved by not packaging sources.
Plus, he has an attitude problem, is passive-aggressive, is closed minded and won't discuss. May he have fun with his newly weirdly licensed package,
You're right that the existence of PyPI doesn't mean everyone is forced to link back to it, but damn it would make a lot of stuff a hell of a lot easier if it did. I've been bitten by Debian packages being years out of date, I've seen packages modified by maintainers in ways that are poorly documented and useful for Debian users rather than Python ecosystem participants.
I've managed to work my way out of that now and would never go back to that world if I can help it as the trade of reduced engineering quality (along various axes) for increased "freedom" is not one that I value (personally, or at work). So I can really empathise with this persons position.
I think they handled it poorly, communicated poorly, came to the wrong conclusions, and left the discussion in a bad place, but all of that just screams frustration to me, and I can understand where it comes from.
I've been bitten far harder by pypi packages trying to download random opaque binaries, miscompiling their own binaries, vendoring and failing to update large packages, having impossible-to-satisfy dependency requirements (relying on pip only ever making a half-assed attempt at satisfying them) and generally making strange assumptions about the target system.
Fast forward 3 years and a bug impacted a user's data in the portable package. The developer became increasingly irate even after it was fixed and demanded we stop publishing it. To avoid confusion, I even renamed the portable package to a new app name, forking it. That made him even more angry and he started publicly claiming we were "stealing" his work, despite following the license, maintaining his copyrights, and directing users to donate to his donation page to support development. He put up banners on his website and documentation pages about the "theft". As his emails to me went downhill, I got the feeling he might poison the code itself upstream to mess with the fork. I didn't want to deal with that just for one small app, so I abandoned it.
So, yes, this does happen. And some people thing "because I said so" is a valid position.
I would have forked his repo, and said, "We'll be happy not to include any of your code. We'll just use this forked repo which is now our code."
To make matters worse, he even used the fact that the NixOS discussion was temporarily locked down due to high tensions and accused NixOS maintainers of attempting to shift the maintenance burden on Home Assistant, which is hardly what all this is about.
Aside from how this issue has been handled, poorly, that seems like a reasonable technical decision for HA to make, particularly given that their main use case is semi-technical user installing on a Raspberry Pi, and in that case is it something they should be forced to support? A fork seems like the right option there?
I'm afraid they do (that's from the project founder, and current CEO of the company supporting HA development).
which is something I haven't really seen anything in the open source world manage, though that might be because I'm not much of a contributor. What happens if a utility explodes in usage and the author can no longer effectively support it as a result of being buried in overhead?
Are there any mechanisms for limiting how much of one's life an author signs away to their project (without feeling compelled to grow an operation) while still retaining an Open Source designation?
In this particular instance, if you think the problem is "nix users are overwhelming me" - then you have a hard and fast requirement of: if you want support fill out this form that includes OS version. If someone lists NixOS as their version you give a canned response linking them back to the Nix github page.
If the issue is just a generic: my package is so huge there is just an unending list of people asking for help. Ignore them? I get as a maintainer you may have a desire to help folks, but nobody is forcing you to. Browse github and respond to the things you feel like responding to, and ignore the rest.
I mean this with all due respect, but part of being an adult is knowing when and how to say no.
The project has zero issues right now. I think that is not the real reason.
It sounds like this author is looking for a third option, one that doesn't involve people management (1) or ghosting (2), and as far as I can tell, no mechanism for this exists that doesn't violate the current tenets of open source.
A direct consequence of open source is that the good user experience burden falls to the consumer, not the producer. If someone wants control over the user experience, they want a closed-source model.
You don't have to do anything to keep it open source. The source is already open, others can use it, fork it, etc. There is no formal obligation for you as maintainer. However as a maintainer you can feel a moral obligation for whatever reason (pride, guilt, peer pressure, etc).
That way, the project lives on with minimal disruption to its users.
For distribution repacks specifically, there’s the old device of providing a configuration-time option to change the web and email addresses in the documentation (e.g. GCC does this), but I’m not sure if this will work when Google results for the error message will still point you to the upstream. There’s also the bug report checklist with “I have verified I am running the last development version”, but that comes with its own limitations.
1. Some kind of forum/wiki starts providing community support and increase community contributions pick up the burden
2. Some business starts supporting this component and picks up a lot of the burden because they fix things that cause them pain in their business.
I've never seen a single person passion project be both open source and well supported for a long period of time without healthy community engagement.
Yeah, it's called setting realistic expectations. If I release something open source, I don't owe you anything. Support, help installing, fixing bugs, spending time implementing your specific feature...
Exactly. He made that point a few times, but the replies don't always seem to address the issue he raises.
> Would you be happier if we forked your upstream source to provide our own, or provided a similar Python package with an identical API that we can use as a drop-in replacement?
Wouldn’t this remove the burden of support from the author? Or it might be that I don’t understand exactly their proposal.
Now, some users will perform due diligence and maybe find the NixOS issue referenced in OP and look elsewhere, but many will find the project and immediately file an issue there in the upstream, leading to the author's main concern of "I don't have time to support NixOS issues".
I was thinking that people will do the same or else how will they know if the github repository returned from search results is truly the one installed?
So for example if this will be the case with a package I use I will report the bug to the fork because the package manager showed me their link.
I will not search for name-like projects or the original one and report there if a fork was distributed to me.
This is why I am confused why a fork is not solving the burden of possible bug reports. Also the fork assumes its own maintenance this is the purpose of the fork.
The "fine article" always contains the correct bits.
No, they offered solutions and only gave up when the author refused to provide any actual objection other than that he didn't like it. "Doesn't want people to file bug reports because downstream broke something" is a reasonable objection, but it's also a fixable problem. "The only thing that will ever make me happy is you completely removing this package from your distro" is neither.
I can fully empathize with him that he doesn't want some other project shipping an old an broken version of his project even though it is allowed by the license.
FOSS is really quite ill at this point. If you don't recognize what is happening, you're going to see this happening more. Continuing to blame maintainers that are burned out and frustrated and broke won't fix the systemic issues.
I can understand the author's concern, and NixOS offered to maintain it's own fork to mitigate it, and the author rejected the idea. That tells me that it was more of a temper-tantrum stemming from some other deeper issue than just a concern about support.
That response was what confused me as to the problem with packaging the library, as it seems like that would fix the inundated-with-support-requests issue.
They can also act as a bigger person and say "Sure, we understand, respect your wish and will find an alternative."
The author's conduct in that thread is certainly not what I'd call "acting as the bigger person".
If they were serious about their request they'd be looking into having the homeassistant guys removing it, or PRing to homeassistant. Or changing the license to make it closed source.
From looking at the ambee repo the license appears to still be MIT; can't see any relicensing anywhere.
(And actually, as has been mentioned elsewhere, it seems like it wouldn't be possible for him to relicense in reality as the package is explicitly developed for homeassistant and as such would need to comply with homeassistant's licensing to be included as a dependency of it)
I'm starting to get the feeling that home automation might be somewhat hostile to repackaging.
He just doesn't want the extra work to support another distro which would include an outdated version of his package.
If you make a license FOSS then people are free to do what they want. Just don't make it FOSS if you don't want.
"Slightly assholic at first sight Actually a nice guy that just likes to get stuff done."
If you have to warn people that you're an asshole and then try to convince people that you're actually a nice guy, then you're probably not a nice guy.
> Seems like an author that doesn't understand the spirit of FOSS.
> Why is a person like this even engaged in FOSS if they don't have a desire to share or even engage in a reasoned discussion?
That said, the thread ended with something to the effect of "well, we can include instructions on how to install his software" -- an option which wasn't presented until the end, yet it fully complies with his request.
He added the dependency himself https://github.com/home-assistant/core/pull/51645
Nobody gives a shit about frenk or his code directly here - they want to use Home Assistant. But now that frenk added his code as a dependency, he has the right to transitively make Home Assistant un-packagable on NixOS?
EDIT: On top of that, the way NixOS works is philosophically in-line with Home Assistant
> Open source home automation that puts local control and privacy first
Pinning every Python dependency instead of fetching HEAD is how you get local control and security!
However, this would become problematic if Home Assistant also uses a GPL dependency (which it probably does). That dependency would impose a requirement that all other libraries used by Home Assistant use a GPL-compatible license (which his license likely wouldn't be).
yes it is? they make sure the user get a specific version that is (hopefully) vetted and know as working properly; this is much safer than pulling HEAD for a 3th party repo. As long as the libs are updated regularly and when security issue are found, I see no problem with this approach
> he has the right to transitively make Home Assistant un-packagable on NixOS?
Pretty sure a custom license is not compatible with the Apache 2 license of "Home Assistant"; also as the code is in use by a third party, the author should not be able to retroactively change license, only next releases.
Probably will be forked or removed depending on the specific of the case and of the code.
This is exactly what nixpkgs maintainers do, using more reliable and explicit tools than the likes of pip. A significant effort is made to enable tests on as many packages as possible, meaning that when you get a package from nixpkgs, it has been tested against the exact dependency chain (down to the libc) it is being shipped to you with. If tests fail, issues are investigated and solved.
This is a far stronger guarantee than you get from almost any other installation method.
The argument that "In that case you are shipping an broken Home Assistant version." is incorrect, since we also enable tests, when possible, on Python packages to ensure they are packaged correctly.
Even if home-assistant would download the files at runtime it can't put them at the right location and it would only work for python only packages.
IMHO the author needs to put the license he really wants (restricting the use of his project) and deal with the consequences. If you put an open source license to your project people make certain assumptions... like they can use your project.
If you want your software to be used in one and only one project and in a certain way, then it is not open source.
Is it the official policy of the home-assistant project that their software should not be packaged by NixOS?
frenck is the fourth most active contributor to home-assistant - and it uses quite a few libraries he has authored: https://github.com/home-assistant/core/graphs/contributors
If frenck is saying NixOS can't package his libraries, he's actually enforcing that NixOS cannot package home-assistant. Is this direction agreed by the other maintainers of that project?
I have the impression that it is the policy of the home-assistant project that their software should not be run in any way not supported by them, and not redistributed by any distribution or other third party. They're somewhat actively hostile against people not following that.
Though if that's the case it seems misleading of frenck that he hasn't clarified that this is a home-assistant policy in any of his comments around this.
So far, so good, until folks actually leverage the rights frenk handed them and he shows up and says "Please respect my wishes and don't distribute my open source code." I can see how this is very confusing for a packaging team.
It sounds like the "correct" approach here is for frenk (and HA?) to signal this lack of flexibility up front and stop distributing HA under an open source license. This will at least prevent other projects from investing in a packaging effort only to be asked to stop somewhere along the way.
There are also a lot of contributors who might have an opinion about closing the license: https://github.com/home-assistant/core/graphs/contributors
For context, balloob is the founder of Home Assistant
If the views in that discussion are generally representative of the perspective of a majority of homeassistant maintainers & stewards, I'd be extremely wary of relying on the software long term.
> Just do as he asks
This is the absolute antithesis of the intent of open source.
What an awful community response.
I disagree with this assertion (...and with Frenck too). There was no need for NixOS packagers to involve HA here, they are outsourcing work upstream. Imagine some small-time driver author/maintainer asking Debian to remove their driver - and Debian's solution to honor this request is to ask Linus to drop the driver from his upstream tree!
The long-held tradition, when you disagree with upstream, is to maintain your own patch-set that you are responsible for and have to labor to keep current - that is not the antithesis of open source - it is very much in the spirit of exercising the right to change the source code as you see fit.
If their reason is "we don't want our driver distributed from someone else's git repo" then it would be a very good idea to warn Linus about it!
HA are perfectly entitled to continue including the package. The NixOS dev opening that thread was doing so with the intent of warning them about a potentially problematic upstream maintainer. There's an argument to be made that that dev was overstepping, but they weren't making any demands: their intent was informational.
The community response was multiple HA admins expressing the opinion that NixOS should remove the package. That's definitively overstepping on their part, and completely against what open source is about.
The "potentially problematic upstream maintainer" being a Home assistant core developer.
To me - the subtext was NixOS still wants to do both: have reproducible builds that match HA and honor lib authors wishes. Lib author "rejected" forks, so one way was for NixOS to ask upstream HA to drop the library as a dependency. It doesn't sound like a friendly heads-up to me, from the thread title.
There are two HA folk (excluding frenck) commenting on that thread. The first demands than nixos devs should "Just do as he asks", which seems to me like they are very much getting involved in the dispute.
The second only comments to close the thread, and—while they do include the phrase "it's not our issue" in their closing comment—the rest of that comment accuses the OP of bad faith posting, and goes on to misrepresent the issue completely, claiming the problem is that NixOS are doing things that are unsupported (Frenck's objection was to NixOS packaging his package at all in any form, not to anything specific they were doing with it). So again, that seems like the second poster is very much contributing to the dispute, not "not getting involved".
> one way was for NixOS to ask upstream HA to drop the library as a dependency. It doesn't sound like a friendly heads-up to me
I guess a lot of this does depend on how reasonable you think that request would be. I thought the post seemed friendly as it was phrased politely. And I think removing the dependency should be reasonable if HA wished to remain an open source project given the dependency is now defacto closed source (perhaps not technically in licence text, but the author harassing anyone wishing to avail of the licence would seem to nullify that).
> from the thread title.
Title opens with the word "consider". Seems polite to me...
You're expecting an entirely unrelated community of users to be invested in the goals and interests of NixOS. They're not, and perhaps they see Frenk's point in a way that people that aren't part of their community do not.
Additionally Frenk didn't react to any proposal to still distribute home assistant and it's dependencies while respecting his wishes. This seems like a pretty clear-cut case of involving the upstream community, to make sure they're aware and ok with their dependencies trying to block distribution or to change something if that's not the case.
The whole saga left me rethinking my home assistant usage, since it seems like this could become a larger issue with other distribution mechanism not sanctioned by upstream.
I'm expecting an open-source community to adhere to the intent of open-source, which is to provide software in a freely redistributable way to that puts users first in contrast to traditional Berne-convention-based IP approaches focused on author protection & remuneration
above user utility.
Any community placing authors as dictators of the distribution of their work at the expense of users are not aligned with open-source in intent.
That's a perfectly reasonable stance if you have no interest in open-source: everyone is entitled to release closed-source software if they prefer.
IMO there was no discussion in that thread just "remove from no" "we can't do that" repeat
I'm sure someone like that would do a little more diligence before blasting on the home-assistant community forums about one of their moderators (and apparently the 4th largest code contributor to the ha project overall).
if you contributed to nixpkgs in the last months you have probably seen me already but for the people that don't know me already: I am Sandro, one of the more active reviewers and contributors of NixOS/nixpkgs in the last months.
If you have any question about the situation or NixOS in generally feel free to drop me a comment and I try to answer them to the best of my knowledge. I can't speak for the entire NixOS organization so all my comments on this thread are my own views. I also do not receive any benefits from this in form of money or something else.
1. Spending so much time trying to get the project to stop what they were doing.
2. Peacefully come to a mutually beneficial arrangement.
3. Front page HN where I will most certainly be avoiding using any project the author is part of.
IANAL but it seems to me that even if he switches to some custom no redistribution/repackageing license unless he stops using pypi's infrastructure he's granting all pypi users the right to publish the code independently. By uploading it to pypi he's explicitly given all users of pypi the right to publish it.
 - https://pypi.org/policy/terms-of-use/
> Are you enjoying my work? And want to support me in my effort helping the world to become a better place by dedicating my time & knowledge to create & innovate open source software solutions. Allowing everybody on this earth the privilege to enjoy those things for free?
Really looks to me that Mr. Nijhof doesnt quiet get what open source is about.
> I just did notice Fedora redistributing some of my packages because of your question, so will file a similar request with them.
Btw speaking of licenses, since frenck said he will be changing it by adding exceptions and making it non-free. Douglas Crockford said in one of the talks that one certain three letter company contacted him and wanted to use JSON format but weren't sure they could comply with "The Software shall be used for Good, not Evil." And he gave them that exception by stating: "I thereby allow ** to use JSON for Evil". My advise to Frenck is to adopt some similar proprietary license if he wants his work not be included in distros like Fedora and Debian. And grant exceptions to his fav projects like HA /s
I'm really astonished with this comparison.
I mean, c'mon, Nix is a tiny niche. It's not like the support burden will be colossal.
> Slightly assholic at first sight Actually a nice guy that just likes to get stuff done. @home-assistant Herder @hassio-addons Creator
When we release software to others under an open license we are explicitly allowing them to do exactly what nix is doing.
I'm not sure what other reason we have a component independently deployable other than to make it usable by people in other projects.
AFAICT it's kind of the opposite problem to systemd owning unrelated stuff because it's easier on those developers.
That wasn't the issue and it's crazy how much people interpreted it as such. His issue is with how it was packaged with it. He want it to be exclusively distributed using PIP.
If you don't want to depends on PIP, well sure don't use it.
But then the problem would be that it probably could not be on PyPI, since by putting it to there you grant users the right to do stuff with source, including distribution.
"If I upload Content other than under an Included License, then I grant the PSF and all other users of the web site an irrevocable, worldwide, royalty-free, nonexclusive license to reproduce, distribute, transmit, display, perform, and publish the Content, including in digital form."
(first pointed out here: https://news.ycombinator.com/item?id=27507770)
In the github issue, as far as I can see, he doesn't "complain" at any point about having "no time to support users".
What he does say is "I'm not willing to support that or accept that burden" [of supporting NixOS users], and "I have no intention of spending time in this project" [meaning NixOS].
It appears that he just isn't interested in NixOS or supporting NixOS users. That's absolutely his prerogative, and does not mean he is "complaining" about not having "enough time" for it. And regardless, how he chooses to spend his volunteer/unpaid time really isn't anyone else's business.
There are some other valid criticisms here but I don't feel this particular point is a fair take.
Don't do open source (especially a very permissive licence) if you don't want others using your code as a dependency.
They do finally go into a little more detail about what their issues are with the packaging, beyond the single post with details originally in the thread.
> In the end, I think the way this project distributes Home Assistant (and its integrations, including Ambee) is not providing the intended working and thus may surprise the end user. In the end, those users are likely to knock on the doors of the Home Assistant project and their integration maintainers, not this project. As a matter of fact, most of my packages in this project are outdated and don't match the distributed version of Home Assistant.
They don't seem to address why they don't think that any of the proposed solutions would have addressed their concerns.
> I like to give back my knowledge and time to the open source community.
Considering how unreasonable he was in that thread, I'm assuming he was just in a bad mood or something like that. Except now he's on the front page of HN with tons of comments criticizing him and painting him as a bad person.
99.999% of people will probably forget this by tomorrow, but it still would suck to be on the receiving end of this kind of attention I think.
However the MIT license dictates what can or cannot be done. No need for further drama.
Seems like he does give back his knowledge and time to the open source community. Much more than me I can tell you, and probably more than many of people in thread.
What he don't like is people expecting support from him in ways that differ his initial distribution methods, which makes sense when time is a limited ressource and he clearly has expectations on how he want to spend it.
The point of NixOS is reproducible builds, that is if you build a given nix environment you will always get the same code. Dynamically pulling from PyPI at runtime defeats that.
The author doesn't want any way of downloading the code other than getting "the supported version" from PyPI, as they don't want to deal with support requests for issues that are fixed later. They are likely worried that packaged versions will become stale, and users will expect support for specific versions, which they are unprepared to offer.
I think the offers from NixOS of having to enable config flags to get this enabled which make it clear it's not supported by upstream should be fair. Part of open source is that others are free to modify your code, and if you have a problem with that you're not really ok with the idea of open source.
(Sure, that's slightly different than identifying such an auto-update point and then trying to do a supply-chain attack. But do maintainers look at what they package? In how much detail?)
Nobody does this, as this is completely unreasonable thing to expect.
It is not uncommon to see them request changes to the bumped library to fix any issues they have noticed.
Package versions are recorded in component manifests so it will not default to the latest version, someone has to make a code change and PR on homeassistant to update the version. And they are collected in a requirements file for every HA release. So it should not be hard to automate that if needed whenever the HA Nix package gets updated to ensure the latest used version of ambee package is included.
Why would users report to his project when installing Home Assistant? That's not usually how it works and Home Assistant has a lot of other dependencies.
What do you mean by that, why shouldn't they include it?
The person proposing the Nix package is a Home assistant developer afaik, so that would be weird.
Another incident was when they deprecated/unsupported installing it on a generic Linux install last year, which they had to (somewhat) back down from after community outrage.
The nixos guys also offered various proposals to him to completely avoid any support burden on his part, all of which he roundly rejected.
Seems he's just being unreasonable for the sake of it tbh; I can't see any logical reasoning behind it all.
If users experiencing issues with the ambee library in this package, they will knock on my door. And I'm not willing to support that or accept that burden. Especially as I don't see a good repacking reason in this case.
Which is the whole point of acting on it before it happens...
It's crazy the amount of entitlement I see toward open-source developers. You don't like his stance, then fork it and support it yourself. You are already lucky to have a good base to work on, you shouldn't even be entitled to that!
The only entitlement form the nixos devs has been using a right which Frenck explicitly chose to provide when licensing his software.
In the end, the will have to fork it, and probably maintain a fork of HM, since he is relicensing it to disallow repackaging.
In response to "not having the latest":
Generally we (nixpkgs) lag behind a bit, as managing ~60-100k packages takes some time. But as long as the process to build a package hasn't changed, we will have a bot which automatically attempts to update packages based on metadata from pypi, github, and repology.
"If you want to report a bug, please reproduce the issue with the latest pypi package. Reports for any other deployment methods will be closed without further discussion."
The Nix community is one of the few that has feet in both camps, so it's all the more frustrating to see a stupid reaction like this; a traditionally distro wouldn't even bother packaging any of this stuff or engage at all.
unfortunately the library author made a PR to Home Assistant, a program that is packaged in many distro; all those distro will add his package. see
So long as everyone is supposed to just grab some docker container or OS image from the home-assistent people, the traditional distros that should back up NixOS here won't even be looped in.
But by being unkind himself, he surrendered that privilege.
So now he won't and shouldn't get what he asked for.
I don't understand how an adult human could fail to understand this.
Asking a favor while simultaneously being a jerk is not likely to work.
Especially since the code layer is so thin. The project has existed for a week, and consists of 360 lines of python, most of which are get/set on what I think is JSON.
Edit: Geez. Half the commits are bumping dependencies. The project is incredibly clean and beautifully structured, but gosh...
Now those are two very active projects but what I mean is that no one is forcing the author of the repackaged code to support anyone he does not have time to support. If they want support they can ask the nixos project maintainers for it.
I don't think there's a way to actually do that with an open source project though.
This library was written specifically to be used in Home Assistant, as per project policy the code that interfaces with devices needs to live in a separate python package. So there is no real fame to be had from this particular package.
He surely sees this repackaging as a source of potential headaches. If the nix folks could convince him that the package would never contain modified code (no no untested/unsupportable modifications), and further that the home-assistant package in nix would always use exactly the version specified upstream (so no version mismatch concerns), he would likely be less opposed.
Unfortunately the latter is very much not true right now.
They did everything possible to try to convince him but he had his ears closed and refused to listen.
> Unfortunately the latter is very much not true right now.
Based on the above, it is very much true.
requiring users to explicitly set config.ambee.acceptThatThisPackageIsNotSupportedByUpstreamDevelopersAndIWillGoToNixpkgsToReportAnyIssues = true to be able to install the package, or they would get an error that would make it even clearer. Would that be enough for you?
the author replies just:
I feel like I'm starting to be on repeat now. Please don't add any of my stuff to this project.
The whole chain is a guessing game trying to figure out what the real issue is (and in the end, it’s not even found — the author randomly finds an alternative he likes)
"I'm running into some issues with ambee..."
"First, make sure you aren't using the version in nixpkgs. I do not support that distribution and cannot help you."
He misunderstands how nixos works and suggests that Home Assistant will be able to install his package via pip on nixos.
From his conduct in the thread this seems a red herring. The nixos devs have proposed a selection of reasonable solutions to avoid any support burden on his part, all of which he's rejected outright.
This sucks for nixOs, but it looks like community incompatibility means they won’t be able to support HomeAssistant at all.
If instead of packing these separately, the home assistant nixpkg for home assistant simply downloaded all the required dependencies from PyPi, and verified them against a maintained list of checksums as part of the nixpkg (for reproducibility), then frenck probably would not object to that, since the last I knew the some of the official home assistant docker images do preinstall the requirements for the majority of plugins like that.
I'm suspect frenck's real concern comes from any possibility of modifications in the packaged version, combined with any possibility of nix allowing home assistant to be used with a version that is not an exact match of what home assistant specifies.
Alternatively If this could be packages as some form of home-assistant sub-package that was guaranteed to always match the PyPi version specified for home assistant exactly, without any mixing and matching, it would likely allay his concerns. Unfortunately he has not spelled out his concerns fully, so I cannot know for sure. I also have no idea if this is at all feasible in the nix packaging system.
From what I can tell the Home assistant core team doesn't not want to deal with any other installation variants than their own supported ones. Their user base consists of a lot of technical tinkering people (hobbyists, electricians, etc) but those who don't necessarily have Linux sysadmin skill's. So you could say they are skilled enough to get themselves in any of a hundred different configuration scenario's that would then need to be debugged by the HA developers for each support ticket. For a developer knowing the installation environment is at least sane is a great help.
That said, Home assistant does lend a lot of its growth to open source contributions, collaboration and being free software. If it was not as open in the beginning it might not have gathered enough attention to grow its current size. Cutting off developments in other directions like this to me feels against what FOSS stands for.
Honestly sounds like they just cannot have his project or anything that depends on it.
Luckily that ambee code looks trivial to duplicate.
Users will contact the author for support, but users are getting the software indirectly via a packager, which means a) there might be changes from the packager b) they might be getting an older version that appears to be the "latest" and c) they don't have a way to install a modified version provided by the author to test out a fix in the same way that they installed their current version.
(It's true that with nixpkgs these problems are much more solvable than in basically any other distro, but the risk is stil there.)
There are likely multiple root causes. The whole space of issue management around libraries and applications using those libraries is a horrible and abusive mess. In my experience, between an application using a library and a library users will target whichever is easiest; not most applicable. Plus, most opensource user support is a fucking chore (you'd need to pay me for these days) that's unsustainable.
Another cause is likely the cost of nixpkgs contributions themselves. Personally, I no longer contribute to nixpkgs because even for tiny changes the process is ridiculously expensive. That's not including the cost of getting up to speed with nix/nixpkgs and the, often, highly opinionated packaging.
nixpkgs needs to be broken up into multiple independently distributable packages.
But he hasn't had to face any of that, and a couple different methods to avoid that happening were suggested and rejected offhand.
In this case it clearly hasn't happened to this author (yet) AND the nixos devs have put forward a selection of reasonable proposals to prevent it happening to him. All of which he has rejected without and real justification.
If you read the full thread it becomes clear that his citing fear of support burden is not made in good faith. His acts of blocking redistribution of his package in any Linux distro (here & Fedora at least) is clearly a bigger burden for him to take on than he would take on if he allowed the redistributions.
Well, you can disable the issue tracker for a project on GitHub. You're not even required to publish a project on GitHub, you can host it somewhere that doesn't offer any way to contact you.
Hell, I could go make that overlay right now and link it in a nixpkgs issue for discoverability. What's this frenk person gonna do? Cut me an issue saying "pls delete this code from the internet"? Hah!
His library was written specifically for Home Assistant and it's an internal dependency that no one usually sees. It's a 300 lines wrapper for Ambee API.
I think he also posts some of the funny ones on Twitter