cryptonerdcn

cryptonerdcn

HomeArchives

Some personal thoughts on open source

#opensource87
AI Translation
This post is translated from Chinese into English through AI.View Original
AI-generated summary
The author discusses misconceptions about open source and the lack of understanding in the IT industry. They highlight the impact of vulnerabilities in open source projects and the lack of support from companies. They emphasize the need for public awareness, legal improvements, and restraining greedy individuals. The state of open source is described as pessimistic, with slow growth and decreasing commits. The author suggests measures to support open source, including donations and pressuring companies to contribute. They address misconceptions and promote understanding of open source licenses. The text also mentions specific projects and platforms related to open source.

Recently, I saw some misunderstandings about open source on social media, which made me both laugh and cry. It's already 2024, and there are still many people, even in the IT industry, who don't understand what open source is.

Of course, how to explain the current situation is the key to distinguishing whether a person has the willingness to bring progress.

For example, in the open source field, the significant impact caused by vulnerabilities in projects like log4j shows that the current situation is "humans are greedier and stupider than imagined." Many companies, big and small, that use these open source projects have made huge profits from them, but they are unwilling to donate even a penny to support these projects (before the log4j vulnerability incident, only three donations were received in total). As a result, these projects lack maintenance and eventually cause significant losses to themselves.

So:

  1. Regarding this situation, explaining it as "that's just how humans are" is not helpful. The companies mentioned above probably think the same way - they naturally know that no one donates to the open source projects they use, but they think, "If I don't donate, someone else will, right?" or "Others also use it without donating, so what's the problem with what I'm doing?" Excluding moral judgment, just considering the "input -> output" aspect, for a company of some scale, investing hundreds to thousands of dollars per year in a project they heavily rely on could greatly improve the stability of the components they use and save them from the effort of replacing components due to lack of updates.
    (Side note: Of course, I believe that anyone who can completely exclude moral judgment from their heart is a scumbag. The stability of human society lies in the law, and its positive development lies in morality. "If bandits always win, then we should still be living in the Stone Age" by @ksintmelody.)

  2. Regarding this situation, explaining it as "so we should pay more attention to public awareness, improve the law, and restrain greedy people" clearly shows a more attentive attitude towards open source and a willingness to improve the current situation. In fact, there have always been people in the open source field pushing for a healthy environment. The birth of various licenses is one of the most important aspects. Licenses standardize various behaviors, not only specifying that users cannot do whatever they want with open source projects but also providing a solid foundation for open source software to generate profits. Of course, all of this is based on legal support and strict law enforcement. If you go to countries like North Korea to fight for open source rights, you naturally won't get good results.
    (Side note 2: Knowledge and art sharing also have licenses, such as the famous CC-BY series. Many people may think it only applies to images and not text, but it actually applies to both. So not all textual knowledge and images on any public platform can be used casually.)

However, in the new era, the current situation of open source is very pessimistic.#

According to statistics (*2):
Since 2011, the growth of lines of code has been slowing down, and after 2015, the number of lines of code has completely stopped growing. At the same time, the number of commits has been decreasing as time goes on. After 2015, the number of commits entered a free fall state, falling back to the level of 2007. This is in stark contrast to the booming cloud and AI industries that started after 2015.

Some people may say that this mainly focuses on open source projects, but many projects are no longer being updated because they are no longer needed, and the situation for new projects is much better. There is indeed such a possibility, but another statistic for popular open source projects indicates (*3):
"More than 50% of projects are red: they cannot keep maintainers above the poverty line. 31% of projects are orange, and these developers are willing to work for low wages, which are unacceptable in our industry. 12% are green, and only 3% are blue: Webpack and Vue.js." - 50% of projects are literally unable to make a living.

"For all maintainers, the total funding for open source is not enough. If we add up the annual income of these projects in the dataset, it is 2.5 million US dollars. The median salary is about $9k, which is below the poverty line. If this money is evenly distributed, it is about $22k, still below the industry standard." - Even if it is evenly distributed, it is only $22k per year. And this is not just based on donations received on GitHub, but also includes funds received on platforms like Patreon.

The overall trend of open source is alarming.

For individual open source contributors, there can be many suggestions, such as not starting open source projects anymore and directly building products. But what about open source itself?

"The struggle for the sustainability of open source is a thousand-year struggle to free humanity from slavery, colonization, and exploitation. Hardworking and honest people have given everything they have, but in return, they receive unfair rewards, and this is not the first time." (*3)

This cycle of developers who can't even afford to eat but are being exploited by those who benefit from open source cannot be sustained in the long run, and eventually, open source will wither away. What's ridiculous is that some people who make a living from open source don't even realize that open source is on the verge of starving to death - of course, even if they know, they may not care, as humans are greedier and stupider than imagined.

There is no doubt that the challenges faced by open source are difficult and long-term, and it will take enough time and effort to solve these problems.
The article "Software Below the Poverty Line" (*3) proposes some measures, such as:

Only accepting companies that donate a large portion of their profits (at least 0.5%) to open source or companies that do not rely on open source at all.
If you have enough salary, donate to open source.
Don't give up joining a union (I am writing this article in Finland, where 65% of workers have joined a union).
Don't give up alternative licenses for new projects.
Put pressure on Microsoft to donate millions of dollars to open source projects.
Expose corporate behavior through the publication of such data research.

I would like to add a few more suggestions:

  1. Carefully consider the license for your own projects and don't mindlessly choose MIT.
  2. Brave the exposure and protection of copyright infringement, making good use of the power of social media and the law.
  3. When the law is not effective, don't rely on it. Learn some security-related knowledge and retain the ability to retaliate. Even if you are a true Bodhisattva, Buddhism also talks about the wrathful gaze.

In conclusion, I pay tribute to the Chinese open source project authors I know (and don't know), and I encourage everyone to support them.

Finally, let me advertise my project, https://github.com/cryptonerdcn/wasm-cairo: This is a development kit for building a WASM runtime for StarkWare's universal ZK language, Cairo.

You can participate or donate to this project through Onlydust. Onlydust is an open-source project collaboration platform:
https://app.onlydust.com/p/wasm-cairo

References:

  1. GitHub's explanation of open source licenses: https://docs.github.com/en/repositories/managing-your-repositorys-settings-and-features/customizing-your-repository/licensing-a-repository
  2. Open source is dead: https://www.oschina.net/news/118100/open-source-is-not-growing-anymore
  3. Software Below the Poverty Line: https://github.com/xitu/gold-miner/blob/master/TODO1/software-below-the-poverty-line.md
Loading...
Ownership of this post data is guaranteed by blockchain and smart contracts to the creator alone.