DEV Community

Discussion on: Thinking upstream about the White House cybersecurity executive order

jayjeckel profile image
Jay Jeckel

Thanks for the post, that was a very interesting and informative read. Two things jumped out at me.

First, this: "Even more interesting: how much amazing open source software isn’t even being created today because there aren’t incentives in place for the people who might create and maintain it?"

The answer to that question is zero or at least trending toward zero. The kind of programmer that makes open source content doesn't do it for incentives and doesn't avoid doing it due to a lack of incentive. Just as a painter is compelled to paint and a writer is compelled to write, a coder simply must code. Every programmer that isn't just punching the clock knows this; we code because coding is a passion. Suits worry about returns on investment and cost/benefit analysis, but coders conceive of an idea and create it for no reason other than that "lonely impulse of delight", as the saying goes.

Second, "If we really want to address the health and security of open source, it’s time to get our house in order."

That is the most important point any of you suits out there can take away. Lately we hear a lot about what the corporate world needs from the open source community. Well, to be frank, the open source world isn't here to serve the interests of suits and their bottom lines. We don't work for you and, to be complete honest, we really don't care about your profits.

Never forget, it wasn't the open source community that came to the corporate world after our software strategy failed, it was the other way around, you came to us because free and open source is better than proprietary and closed source; because passion and freedom of ideas is better than paychecks and demands handed down from on high.

By all means, buy maintainers a coffee, fill their tip jars, donate to their paypals and patreons, I love to see open source devs prosper, but when big corporations talk about incentivizing open source development, all I hear is that they want us to be their unofficial freelancers, coding what they want coded when they want it and how they want it. In other words, they want us to get their houses in order by getting us to dance for dollars.

Instead of coming in as bosses throwing around money and making demands, I would much prefer that the suits pay their own programmers to improve the software and submit that code back to the project. Don't leech, don't try to control, just contribute to the community like the rest of us do.

To say it as simply as possible, if Billy Bob in Nebraska gets bored and abandons his project, causing AmaMicroZonBook's multi-billion dollar platform to crash... Oh, well. I guess they should have been actively contributing code and giving back to the community, instead of just leeching or throwing money around. Like you said, get your own houses in order, instead of trying to turn our community into your new unofficial dev department.

hassan_schroeder profile image
Hassan Schroeder

I disagree with the first point. I'm sure there are lots of good ideas that go unimplemented (or at least unreleased) due to the demands of making a living and other responsibilities (e.g. single parent, sole caregiver). A day has 24 hours regardless of how much "passion" for coding you have.

There are companies that include (paid!) open source maintenance and development as explicit team goals; we just need more of them.