Maintainers

I keep seeing commentary about AI making open source dependencies obsolete. The idea is that instead of using an open source dependency, the AI will just write all the code you need. No more need for that random person in Nebraska. They can finally take a well deserved break! Some people think this is inevitable, some think it’s hogwash. I like to take the stance of disliking everything equally. But to better understand all of this, let’s break it up into a few possible outcomes. There are 4 basic things that could happen if we take these arguments to their ridiculous extremes. ...

The Register recently published a story titled Putin on the code: DoD reportedly relies on utility written by Russian dev. They should be ashamed of this story. This poor open source developer is getting beat up now to score some internet points. It’s very upsetting. But anyway, let’s look at some receipts. If you’re not real smrt, it seems like pointing out an open source project is written by one person in a country you don’t like is a bad thing. It could be. But it also could be the software running THE WHOLE F*CKING PLANET is written by one person. In a country. But we have no idea which country. It’s not the same person mind you, but it’s one person. ...

Thomas DePierre joins Open Source Security to discuss the central idea from his blog post, “You are all on the hobbyist maintainers turf now,” exploring the massive disconnect between the corporate world that consumes open source and the hobbyist community that actually produces it. The conversation reveals this isn’t a new problem, but a long-standing reality whose consequences for security, stability, and the future of software we are only now beginning to truly confront. ...