| ▲ | nine_k 2 days ago |
| AFAICT, the fee applies if you're using binary releases, or if you open issues, and are also generating revenue from the project. Apparently you can grab the sources and build the binaries yourself (as per the OSS license), never ask for support (by reporting issues), and still have to pay nothing, even in a commercial setting. It looks a bit similar to the RedHat model: they release open-source software (Linux kernel is GPL2), but you may want to buy their binary releases and support. Not so rarely companies would not mind paying a small amount to help support the OSS projects they depend on. This may give CTOs an easy way to expense such support, even though becoming a GitHub sponsor is more involved than many would like; I hope Wix will introduce even easier options (Open Collective, its own non-profit, etc). |
|
| ▲ | derefr 2 days ago | parent | next [-] |
| > or if you open issues I feel like there should be an exception carved out to this policy, if the submitter of an issue is offering to create (or, as a corporation, dedicate their own engineers' time to creating) a PR to resolve the problem the issue describes. As a maintainer of a few OSS projects myself, I see my fair share of "choosing beggars" (i.e. people who don't mentally model others' motivations, and so use github issues to essentially say "I got this for free, but it's not perfect for me, so can you please improve it in ways X/Y/Z to better suit my needs?" — without any consideration of whether their suggested improvement would ever benefit anyone else.) But if an issue's submitter offers to create a PR, then this makes it very clear that they're not operating in this mindset; and in fact, they're being quite considerate! By describing a real problem, and then offering to create a solution to that problem, they: 1. make sure that we actually want to solve this problem (i.e. that we don't think of their problem as a WONTFIX / something that doesn't belong upstream) 2. give us the opportunity to take over solving the problem ourselves, if we think it's some kind of highly-critical and finicky work 3. give us the opportunity to participate in / constrain / steer the design of a solution, before it gets developed (rather than just having code dropped in our laps and having to fight it into an entirely different shape) And it often doesn't even matter if the developer in question really has the skill and experience to develop the proposed solution entirely on their own. To me, a dev who creates a half-baked PR that we can then help shepherd over the line over the course of weeks/months of back-and-forth with them in the PR thread, is someone clearly in the process of developing that skill and experience, and potentially becoming an active contributor to the project — or maybe even a future maintainer. This sort of willingness to engage in a non-drive-by way is incredibly valuable. |
| |
| ▲ | thayne 2 days ago | parent | next [-] | | It's complicated. Reviewing a PR takes time and effort, and the maintainer may not want to do that for a feature that mainly benefits a company that isn't paying the maintenance fee. OTOH, as a maintainer, if a company finds a bug that would impact a lot of users, I would want them to report it, regardless of their payment status. But saying something like "Issues from paying customers/donors have higher priority" is kind of vague, and doesn't provide any concrete value to the payer. So I'm not really sure what a good balance would be. | | |
| ▲ | elsjaako a day ago | parent | next [-] | | I think this is one of those issues that only exists in theory, not in practice. If a company reports a bug in a clear and helpful way, it's probably going to get looked at anyway. Also, if a company cares enough about Wix to bother finding and documenting a bug, they should be willing to pay $60 for the software. So this is only a problem in the case where a company finds a bug, decides to report it, refuses to pay a minimal fee, and the maintainers are strict enough with themselves to ignore it because of the source. That feels unlikely to me. | | |
| ▲ | derefr 16 hours ago | parent | next [-] | | Careful with your wording, as I think you're slipping the goalposts a bit: the thing this "Open Source Maintenance Fee" is pushing back against here wasn't specifically bug reports. It was issues — a more general category, which, besides bugs, also contains feature requests. (And that, I think, is where this problem does exist "in practice.") As you say, I don't think anyone's going to demand money to look into an (easily-replicated) bug. A bug is, by definition, a blemish in your code quality with real-world implications; something that, even if affects no one, still feels slightly embarrassing/pride-stinging to have hanging around in your codebase. (And if the bug does affect even just one person, then it can also feel like your software is like a child or pet of yours who has accidentally done something bad to that person out of ignorance. You feel the need to re-educate your software to do better.) In either case, you'll likely accept anything that's truly a bug into your issue tracker (rather than closing it as a WONTFIX) regardless of who submitted it, or how it got there. You might keep deprioritizing it once it's in there, but you won't close it. But a feature request — no matter how obvious it is, or how many people want it — is different. The maintainers of a piece of code decide the direction the code evolves in; and if they never want to support some feature, that's their perogative. Maybe you just hate the feature! Maybe it'd force the code into a less-elegant architecture! Maybe the code exists entirely to scratch your own itch, and you're not going to implement anything that isn't part of your own workflow! Doesn't really matter in the end. It's these cases, I think, where putting money on the table would obviously sway that kind of decision. "Of all the directions you could freely choose to evolve the code... how about a little incentive to choose this one?" | |
| ▲ | robmensching 19 hours ago | parent | prev [-] | | You sound like a very reasonable person. :) Many arguments here are extremes with the assumption that everything is a hard lines that cannot be crossed. That's not generally how the real world works (there are some hard lines in the world) and the parties involved can communicate and do communicate. Overall, the OSMF is working very well right now. There are still a couple of wrinkles to iron out (like invoicing). It's also early. :) |
| |
| ▲ | robmensching 2 days ago | parent | prev | next [-] | | 100%. We're still learning here. I also don't expect every project to choose the same policy on how they tackle issues/PRs when requiring an Open Source Maintenance Fee. | |
| ▲ | monocularvision 2 days ago | parent | prev [-] | | I guess the point is if someone discovers a bug and opens a PR to fix it, then that person is, in a way, also a maintainer. They are “paying” for the maintanence of the project in time and effort. | | |
| ▲ | robmensching 2 days ago | parent | next [-] | | No. A maintainer is someone who maintains the project. Fixing a bug is a great contribution and makes you a contributor to the project. But you need stick around the project for a while, fixing issues that keep the project running and doing tasks that aren't necessarily required for your use of the project to become a maintainer. | |
| ▲ | jononor a day ago | parent | prev [-] | | I would only say that they have become maintainers if they consistently do so, over time. Including helping out in areas which is not directly useful to them. And thinking about the whole picture, not just individual features and bugs. And also putting in the time when it is needed, even though other obligations are pulling at them.
Of course it is somewhat of a continiuum. And it always starts with being a contributor. So that is on the right path. |
|
| |
| ▲ | robmensching 2 days ago | parent | prev | next [-] | | We're still working through the best way to talk about issues and PRs. This is an area where I expect maintainers to differ in how they apply the OSMF (every maintainer I've spoken to is 100% behind requiring payment for binaries). I wholly agree with the sentiment of your comment and we're still learning. Note: At this time, my project (WiX Toolset) does not require the OSMF for PRs. If there is a README that says we do, then I probably need to fix it. | |
| ▲ | entuno a day ago | parent | prev [-] | | And also an exception for reporting security-related issues. Because if you try and charge people money to responsibly report security vulnerabilities, then they'll just end up taking the full disclosure approach, which is probably not what you want. | | |
| ▲ | robmensching 21 hours ago | parent [-] | | Oh, definitely. CVEs have a special place to be reported in GitHub. PSA: Do NOT use the issue tracker to report a CVE. That makes everyone's life difficult. Go through the correct channel. |
|
|
|
| ▲ | robmensching 2 days ago | parent | prev | next [-] |
| > It looks a bit similar to the RedHat model Yes, very good recognition. The Open Source Maintenance Fee follows several of the paths RedHat paved long ago. > This may give CTOs an easy way to expense such support I'm finding it actually gives the CTOs (or someone a bit lower in the chain) the _requirement_ to pay like they always wanted to before. Said another way, in the past, many devs/leads/managers would say, "Oh, I'd like to sponsor this project but I can't get through procurement." With the OSMF, now they have the forcing function to help them through. This is not hypothetical, I've had companies tell me exactly this. > becoming a GitHub sponsor is more involved than many would like; GitHub Sponsors is great... except for a few very real cases where it is not. This is on my radar to improve over time. |
|
| ▲ | huslage 2 days ago | parent | prev | next [-] |
| Red Hat does not charge you to open issues on open source projects and never will. Their business model does not hinge on deriving value from core open source principles. |
|
| ▲ | mikestorrent 2 days ago | parent | prev [-] |
| > companies would not mind paying a small amount to help support the OSS projects they depend on meanwhile I've been trying to find a way to give Hashicorp some money for over a decade of depending on their tools, but their products simply are too good to need the enterprise versions! At some point we need something like a "certified B corporation" for "certified ethical fair-trade Free Software using corporation" where an independant body audits and makes sure you're donating to a sufficient % of the open source projects used in your production SaaS |
| |
| ▲ | nine_k 2 days ago | parent | next [-] | | You can open https://www.hashicorp.com/en/pricing and contact their sales department! Also, wasn't there an uproar when Terraform turned slightly less free? https://news.ycombinator.com/item?id=37081306 | |
| ▲ | robmensching 2 days ago | parent | prev | next [-] | | Yes! There are many Open Source projects my company depends on (like Astro, Vue, and Vite for our web sites) that I would love to pay a Maintenance Fee to encourage the maintainers to keep on keeping on. For all Open Source projects that we depend on and accept sponsors, we do pay the $10 "fee" even if they don't require it. | |
| ▲ | acedTrex 2 days ago | parent | prev [-] | | I mean enterprise vault has some really important features that open source doesnt. That could be a good direction to throw money at. |
|
