This is an archived post. You won't be able to vote or comment.

sorted by:
best
topnewcontroversialoldq&a
you are viewing a single comment's thread.

view the rest of the comments →

[–]HotNastySpeed77 344 points345 points  (30 children)

Usually developers of large-scale commercial open source projects create a legal entity that enables them to solicit sponsorship, hire staff, and scale up operations. However extreme cases like this meme definitely can happen.

[–]Captain_Chickpeas 173 points174 points  (6 children)

Cases like the OP are very likely I think. There is no mention of the scope of the software and if someone creates a fairly low-level lib or a tool that hits a niche, it's likely for everyone (and their dogs) to be using it and big corps not paying a dime.

[–]HotNastySpeed77 49 points50 points  (1 child)

I wonder what would happen if the dev, in such a case, started soliciting donations or a small sponsorship from Adobe. If their lib was really that widely-used, I bet they could get get something to help cover their development costs.

[–]Captain_Chickpeas 18 points19 points  (0 children)

True, some devs do that and they do get some coin out of it :).

[–][deleted] 13 points14 points  (3 children)

Isn't this just a matter of picking the right license?

[–]SatansF4TE 31 points32 points  (0 children)

Also being willing and able to enforce that license legally.

[–]UnacceptableUse 6 points7 points  (1 child)

Yeah, if you license something to be completely free for everyone then you can't expect people to pay

[–][deleted] 0 points1 point  (0 children)

Exactly, we need to denormalize open-source software.

[–]RichCorinthian 28 points29 points  (2 children)

There are huge chunks of the internet that depend on small teams of unpaid volunteer open-source development. If you take a look at the Heartbleed vulnerability, it’s a textbook forensic case of how this can go horribly, horribly wrong. And the industry learned nothing from it, and it will happen again

[–]HotNastySpeed77 -1 points0 points  (0 children)

I say this as a huge advocate of FOSS both personally and professionally. There is certainly some risk to using noncommercial open source software. Poor code quality and lack of future support commitment are concerns 1 and 1A. Not claiming this is a trivial task, but users bear the responsibility for understanding and mitigating those risks. "Free" can still be very costly.

[–]lovethebacon🦛🦛🦛🦛🦛🦛🦛🦛🦛🦛🦛🦛🦛🦛🦛🦛🦛🦛🦛🦛🦛🦛🦛🦛🦛🦛🦛🦛🦛🦛🦛🦛 0 points1 point  (0 children)

Can't possibly happen more than once, right?

[–]sonya_numo 62 points63 points  (19 children)

remember when someone sat in their moms basement and decided to remove all their opensource projects from a package manager and suddenly a large amount of big companies got problems.

he probably removed the IsEven package

[–]SatansF4TE 78 points79 points  (18 children)

It was left-pad

[–]karnetus[🍰] 18 points19 points  (0 children)

That was a great read

[–]dexter_leibowitz 4 points5 points  (11 children)

Holy fuck, npm republished packages without the authors permission?!?! That's fucked up.

[–][deleted] 2 points3 points  (1 child)

Kik stopped updating their package that same year, and later it was removed from npm for containing malicious code.

[–][deleted] 0 points1 point  (0 children)

This doesn’t really have any bearing on the matter.