Even the most closed community will often accept a contribution if you are polite and email them.
An open source developer had disabled pull requests and other operations on their repository because they were fed up with harassment. They gained a reputation for being extremely disagreeable at that time. I was unaware of this and simply assumed that was how the project worked. I had to do some minor investigative work to find their email address and I sent them a polite, low pressure email with my unsolicited patch and made it clear it was fine to use it or ignore it. They thanked me, explained the situation, even apologized for the difficulty, and said locking things down was the only way they knew to cope with the situation, and of course applied the fix.
It promises literally NOTHING else, including zero cost. Free and open source software can and should cost money! (The "free" in "free and open source" is not about money, people!)
I'm actually very enthusiastic about these OSS "supply chain" attacks that have been happening in various communities. Because optimistically I hope it'll help people realize that OSS _is not a supply chain_ (more details here: https://lobste.rs/s/cxwidw/no_one_owes_you_supply_chain_secu...). Unless you're paying your vendor AND/OR have a contract in place with them with certain guarantees, you do not have a supply chain.
One term thats in almost every FOSS license is "this software is provided with no warranty." A supply chain implies a warranty. Therefore, FOSS is not a supply chain.
- FOSS applications don't have to be distributed publicly — that's only the common social expectation
- FOSS does not imply that the code should be available for non-customers. The developer decides who is the customer.
- FOSS is *encouraged* to be sold for money, *you can sell others' software, even if it's originally free of charge* (see https://www.gnu.org/philosophy/selling.en.html)
- Open-source licensed with non-free license is still open-source, although non-FOSS
- You, as a developer, should not be ashamed to choose non-free open-source license if you want to earn (more) money on your software or apply additional restrictions for your benefit. It still could be copyleft.
TL;DR: we invented LICENSE.md and stick to it a lot, but nobody thought of making SOCIAL.md. When someone says "open source", many assume:
> The author is making it "for people, for society, for everyone around them, interested in developing the project, adding new features (especially those I need), and improving it in every way for the benefit of all users. After all, if that's not the case, why even publish it?"
This, however, is just a most common social expectation of FOSS, but far from the only case. Lack of mention of this distinction between technical and social open source is the main cause of disagreements, disputes, and, ultimately, burnout due to misaligned social expectations.
I used to have to explain the problem and the difference to an outraged public, but recently I came across an article by Jeffrey Paul https://sneak.berlin/20250720/the-agpl-is-nonfree/ comparing open-source code to a gift! My explanation boiled down to:
"Don't like the gift, it doesn't suit you? Throw it out and forget it!"
You don't need to put up a marketing page that tries to convince people to use your software. Instead (or as well), consider explaining all the reasons why someone should not use your software. More users, more problems.
Greybeard here... let me start by saying I like the cut of the author's jib. I'm old enough to have sat before the elders of the arpanet when there were only 1's and they had to forge about half of them into 0's manually. Another thing about the old ways of making software is projects were often written or maintained by one or two people at a time. The intarwebs at large had their email addresses and mailed them bug reports directly. Some projects got discussed by the community on IRC or mailing lists. People were generally professional and if they weren't they were deleted from the mailing list or added to people's block files on iirc and pine.
But my point is... the active dev group was, at any time, very small. Mostly I'm talking about small utilities like make, Sendmail, sed, awk, sed. Perl seemed like it was just Larry Wall and tchrist for most of the time before 1990. gcc was an insane counter-example with a cast of thousands who submitted patches and you had to socialize your patch w/ RMS if you wanted it upstream.
oh wait... I forgot to make my point... My point is... the new tools support larger teams of people constantly interacting. I think there are great benefits to having a small team and effectively giving the middle finger to internet randos who don't submit their patches on one of their kidneys (i.e. - they'll think long and hard and sure as he'll won't submit two.) But getting people interested in your work output isn't one of those benefits. So... absolutely... go old school... But keep in mind the size of your team will be small and it may be hard to attract users.
But... screw users... I write software to support my own use cases. I open source it on the off chance someone else may find it useful.
Why anyone gave CoCs and their adherents the time of day over the past decade will always be a mystery to me. We should have pointed, laughed, and banned them. Instead, large projects and corporations dove headfirst into CoCs and grievance politics, openly inviting woke/DEI/leftist entryists in. Looking back I think it was a COVID and ZIRP fever dream. The reversal upon Trump's second presidency goes to show how performative it was.
Every political group has bad faith actors who care more about winning the argument than the truth. And worse faith actors who are just there to trash talk people. Just look at the red button / blue button argument (where the vitriol in the debate would only make sense if the buttons were real, or if people like being jerks).
Better faith CoC people talk about freedom of association vs freedom of speech - if a platform doesn't like their oppponents, isn't it fine to ban them? Or say it should just be treated as a more utilitarian "be nice" convention for the mailing list (obviously it depends who is calling the shots, but that is true in any project).
>Better faith CoC people talk about freedom of association vs freedom of speech - if a platform doesn't like their oppponents, isn't it fine to ban them?
Sure, but the problem here is far more insidious. By latching into delicate and, at times, controversial issues, CoC may hold a project hostage and threaten character assassination.
Imagine that for some bizarre reason, CoC establishes that issues are only to be talked about on Mondays. People can comply, or they can leave, no biggie. Strange but clear cut.
Now, say it instead establishes whatever politically motivated consideration. The choice now becomes one of positioning oneself into the current political climate. This makes sense at times, but also leaves a door open for abuse akin to rules lawyering, gotchas and crybullying. Sometimes creates a phantom HR that has no interest beyond exerting its power and which does do with no accountability.
Problem is anyone raising this as an issue or rejecting such proposal is going to look bad while doing so. It's easier to keep your head low.
The problem here is "open source" is seen as free support and working for "the community" for free and since the code is out there, no-one needs to pay the maintainers. (which is false)
Some mention GitHub sponsors as the solution, however it is a power-law system and benefits the very early participants or already famous developers to make a meaningful amount of income. But it is now at its late stage for everyone else. In some cases, some maintainers on sponsors get attacked / cancelled over a disagreement and that is the end.
It is completely thankless and unsustainable. $5 donations do not work either.
Now with AI, unless you are at a company that can afford it, there is little reason for human developer(s) to be working in open source and relying on $5 "sponsors" since AI agents are used to replace the need of paying for support for the developer.
What worked 20 years ago for paying for human support, now does not work today unless you do not mind about willing to work for free and spend some tokens. If you don't someone else will with an agent.
Not even Richard Stallman or the FSF makes money on this, nor do they have a solution in 2026 as it is unenforceable. But one thing that Stallman, Torvalds and other famous developers have is influence and that is what pays their bills.
The article recalls people that open-source software is not necessary created for the community, but rather by the author, for the author oftentimes.
The "support" is not only the maintenance burden which (sometimes) could be solved for money. It's also the features that the original author just don't find useful at all, but others may want to have.
If I don't have Mac, never used it and don't plan to buy it, why would I want to accept contribution to support this platform? It's useless for me, I won't be able to test it (and it will break sooner or later), and once the code is accepted, it's usually assumed that it would be maintained by the application author, not the code contributor (unless additional CLA is signed, etc).
Isolating up is the opposite of interesting to me.
What's clear is they mediating all selection choice and interest through pressure points of a single fixed trust board is of limited use going forward. I don't think the vouches and other web of trusts tackle the actual root need to disaggregate, decentralize.
You can anti-social open source, reject, flee to nihil and going away, solo-ing. I think that's mad bad and dumb; just my judgement call. I agree strongly with v-it, open source is social. It's interesting and fascinating to open your mind. These other signals are fascinating. The glut of goodness is something we should firehose better, not shy from.
https://v-it.org/
I care about what my best friend finds interesting. I care about what the people I willingly interact with daily find interesting. I categorically do not care what jauntywundrkind finds interesting, and if that bothers them, they're welcome to not use the little knickknacks I make for my friends; the license permits that.
I have a friend who points out that in the FOSS community, fork == drama. Either the drama causes the fork or the fork causes drama. What you describe sounds more anti-drama than anti-social.
Even the most closed community will often accept a contribution if you are polite and email them.
An open source developer had disabled pull requests and other operations on their repository because they were fed up with harassment. They gained a reputation for being extremely disagreeable at that time. I was unaware of this and simply assumed that was how the project worked. I had to do some minor investigative work to find their email address and I sent them a polite, low pressure email with my unsolicited patch and made it clear it was fine to use it or ignore it. They thanked me, explained the situation, even apologized for the difficulty, and said locking things down was the only way they knew to cope with the situation, and of course applied the fix.
Yep!
To be more specific, Open Source only promises the four fundamental freedoms (https://en.wikipedia.org/wiki/The_Free_Software_Definition).
It promises literally NOTHING else, including zero cost. Free and open source software can and should cost money! (The "free" in "free and open source" is not about money, people!)
I'm actually very enthusiastic about these OSS "supply chain" attacks that have been happening in various communities. Because optimistically I hope it'll help people realize that OSS _is not a supply chain_ (more details here: https://lobste.rs/s/cxwidw/no_one_owes_you_supply_chain_secu...). Unless you're paying your vendor AND/OR have a contract in place with them with certain guarantees, you do not have a supply chain.
One term thats in almost every FOSS license is "this software is provided with no warranty." A supply chain implies a warranty. Therefore, FOSS is not a supply chain.
> The author is making it "for people, for society, for everyone around them, interested in developing the project, adding new features (especially those I need), and improving it in every way for the benefit of all users. After all, if that's not the case, why even publish it?"
This, however, is just a most common social expectation of FOSS, but far from the only case. Lack of mention of this distinction between technical and social open source is the main cause of disagreements, disputes, and, ultimately, burnout due to misaligned social expectations.
I used to have to explain the problem and the difference to an outraged public, but recently I came across an article by Jeffrey Paul https://sneak.berlin/20250720/the-agpl-is-nonfree/ comparing open-source code to a gift! My explanation boiled down to:
"Don't like the gift, it doesn't suit you? Throw it out and forget it!"
I agree, and add:
You don't need to put up a marketing page that tries to convince people to use your software. Instead (or as well), consider explaining all the reasons why someone should not use your software. More users, more problems.
Greybeard here... let me start by saying I like the cut of the author's jib. I'm old enough to have sat before the elders of the arpanet when there were only 1's and they had to forge about half of them into 0's manually. Another thing about the old ways of making software is projects were often written or maintained by one or two people at a time. The intarwebs at large had their email addresses and mailed them bug reports directly. Some projects got discussed by the community on IRC or mailing lists. People were generally professional and if they weren't they were deleted from the mailing list or added to people's block files on iirc and pine.
But my point is... the active dev group was, at any time, very small. Mostly I'm talking about small utilities like make, Sendmail, sed, awk, sed. Perl seemed like it was just Larry Wall and tchrist for most of the time before 1990. gcc was an insane counter-example with a cast of thousands who submitted patches and you had to socialize your patch w/ RMS if you wanted it upstream.
oh wait... I forgot to make my point... My point is... the new tools support larger teams of people constantly interacting. I think there are great benefits to having a small team and effectively giving the middle finger to internet randos who don't submit their patches on one of their kidneys (i.e. - they'll think long and hard and sure as he'll won't submit two.) But getting people interested in your work output isn't one of those benefits. So... absolutely... go old school... But keep in mind the size of your team will be small and it may be hard to attract users.
But... screw users... I write software to support my own use cases. I open source it on the off chance someone else may find it useful.
I laughed at “back when there were only 1’s and they had to forge about half of them into 0’s manually.” Stealing that one.
The CoC crowd are there to only instigate trouble.
Why anyone gave CoCs and their adherents the time of day over the past decade will always be a mystery to me. We should have pointed, laughed, and banned them. Instead, large projects and corporations dove headfirst into CoCs and grievance politics, openly inviting woke/DEI/leftist entryists in. Looking back I think it was a COVID and ZIRP fever dream. The reversal upon Trump's second presidency goes to show how performative it was.
Every political group has bad faith actors who care more about winning the argument than the truth. And worse faith actors who are just there to trash talk people. Just look at the red button / blue button argument (where the vitriol in the debate would only make sense if the buttons were real, or if people like being jerks).
Better faith CoC people talk about freedom of association vs freedom of speech - if a platform doesn't like their oppponents, isn't it fine to ban them? Or say it should just be treated as a more utilitarian "be nice" convention for the mailing list (obviously it depends who is calling the shots, but that is true in any project).
>Better faith CoC people talk about freedom of association vs freedom of speech - if a platform doesn't like their oppponents, isn't it fine to ban them?
Sure, but the problem here is far more insidious. By latching into delicate and, at times, controversial issues, CoC may hold a project hostage and threaten character assassination.
Imagine that for some bizarre reason, CoC establishes that issues are only to be talked about on Mondays. People can comply, or they can leave, no biggie. Strange but clear cut.
Now, say it instead establishes whatever politically motivated consideration. The choice now becomes one of positioning oneself into the current political climate. This makes sense at times, but also leaves a door open for abuse akin to rules lawyering, gotchas and crybullying. Sometimes creates a phantom HR that has no interest beyond exerting its power and which does do with no accountability.
Problem is anyone raising this as an issue or rejecting such proposal is going to look bad while doing so. It's easier to keep your head low.
I am out of ideas on this one.
The problem here is "open source" is seen as free support and working for "the community" for free and since the code is out there, no-one needs to pay the maintainers. (which is false)
Some mention GitHub sponsors as the solution, however it is a power-law system and benefits the very early participants or already famous developers to make a meaningful amount of income. But it is now at its late stage for everyone else. In some cases, some maintainers on sponsors get attacked / cancelled over a disagreement and that is the end.
It is completely thankless and unsustainable. $5 donations do not work either.
Now with AI, unless you are at a company that can afford it, there is little reason for human developer(s) to be working in open source and relying on $5 "sponsors" since AI agents are used to replace the need of paying for support for the developer.
What worked 20 years ago for paying for human support, now does not work today unless you do not mind about willing to work for free and spend some tokens. If you don't someone else will with an agent.
Not even Richard Stallman or the FSF makes money on this, nor do they have a solution in 2026 as it is unenforceable. But one thing that Stallman, Torvalds and other famous developers have is influence and that is what pays their bills.
The article recalls people that open-source software is not necessary created for the community, but rather by the author, for the author oftentimes.
The "support" is not only the maintenance burden which (sometimes) could be solved for money. It's also the features that the original author just don't find useful at all, but others may want to have.
If I don't have Mac, never used it and don't plan to buy it, why would I want to accept contribution to support this platform? It's useless for me, I won't be able to test it (and it will break sooner or later), and once the code is accepted, it's usually assumed that it would be maintained by the application author, not the code contributor (unless additional CLA is signed, etc).
Isolating up is the opposite of interesting to me.
What's clear is they mediating all selection choice and interest through pressure points of a single fixed trust board is of limited use going forward. I don't think the vouches and other web of trusts tackle the actual root need to disaggregate, decentralize.
You can anti-social open source, reject, flee to nihil and going away, solo-ing. I think that's mad bad and dumb; just my judgement call. I agree strongly with v-it, open source is social. It's interesting and fascinating to open your mind. These other signals are fascinating. The glut of goodness is something we should firehose better, not shy from. https://v-it.org/
I care about what my best friend finds interesting. I care about what the people I willingly interact with daily find interesting. I categorically do not care what jauntywundrkind finds interesting, and if that bothers them, they're welcome to not use the little knickknacks I make for my friends; the license permits that.
This is not antisocial.
I have a friend who points out that in the FOSS community, fork == drama. Either the drama causes the fork or the fork causes drama. What you describe sounds more anti-drama than anti-social.