| ▲ | homebrewer 2 days ago |
| Your company, and others like it, are of course entitled to a refund. These infrastructural projects never get any funding when everything goes well, but when an overworked maintainer screws up in good faith, everybody piles on them. The attacks on OpenSSL maintainers ten years ago were disgusting, and I think we've learned nothing since then. |
|
| ▲ | Joker_vD 2 days ago | parent | next [-] |
| No, we've learned to stop using OpenSSL. And ASF does receive funding, by the way, even if not much (slightly less than two and a half million USD in 2024). |
| |
| ▲ | Macha 2 days ago | parent [-] | | So let's pretend this only paid for employees. 5-15 employees depending on where they live. Let's assume 1-2 admin and 13 devs. A quick eyeball of the projects list looks like about 100 projects: https://projects.apache.org/projects.html So each project gets funded enough for 10% of a developer. That's not enough to provide infrastructure to commercial users satisfaction. | | |
| ▲ | Joker_vD 2 days ago | parent [-] | | Depends on what, exactly, the developers are doing with them projects! If those are in the "maintenance mode" (no new features, just fixing bugs and making sure it still builds with newer toolchains/ecosystems), then this amount of humanpower may be quite reasonable. | | |
| ▲ | whizzter 2 days ago | parent | next [-] | | It's still a drop in the ocean, heard of that KISS-CAM CEO that got busted for cheating? His company literally seems to be built on selling hosted Apache Airflow services and just took in a series D round of 93 MUSD. Apache HTTPD still seems to run about 17% of all sites, plenty of those probably make money using the software. https://www.netcraft.com/blog/january-2025-web-server-survey Open source is open, so naturally people can use it but the ecosystem has also been at a breaking point for years and bad actors has caught the scent of that. | |
| ▲ | dlachausse 2 days ago | parent | prev [-] | | The vast majority of ASF projects are in maintenance mode. This isn’t a bad thing, but compared to a project like the Linux kernel for example, Apache httpd is mature software that doesn’t require many full time developers to maintain. |
|
|
|
|
| ▲ | sshine 2 days ago | parent | prev [-] |
| > The attacks on OpenSSL maintainers ten years ago were disgusting I didn't register the attacks, but I'm sure there were some when you say it. I summarized the blame on that incident xkcd's wording: "some random person has been thanklessly maintaining since 2003" https://xkcd.com/2347/ |
