[throwlaplace]

no your argument isn't useful. the question is never about rights because we all know what the maintainer's rights are (so it's always a discussion of obligation).

if you accept that the open source projects are voluntary as an axiom then you in fact cannot criticize choices made by the volunteer.

here's an analogy: a homeless person asks for money. you don't give him money but buy him food. can the homeless person rightfully criticize you?

[wgerard]

Here's another analogy:

A homeless person asks for money. You don't give him money but give him some advice. Can the homeless person rightfully criticize you?

You can absolutely criticize choices made by volunteers. I don't think you need to think too deeply about this to imagine situations where few would object to criticizing a volunteer's behavior. An obvious one would be if an open source maintainer willfully included malware/etc. into their project - which, to many people, ignoring glaring security issues is vaguely equivalent.

I obviously don't think vitriol is warranted ever, but criticism obviously is from time-to-time.

[throwlaplace]

what is the relationship of your analogy to this situation? is the maintainer the homeless person in your analogy?

you can criticize all you want as an exercise of your critical thinking faculties but the volunteer is not in anyway obligated to heed the criticism.

"it's my money/time and I'll spend it how I want, which includes burning it"

is the fundamental axiom. Given that that is the foundation what sense would it make to criticize that person for burning the money - it's right there in the premise that they're allowed to!

[wgerard]

> what is the relationship of your analogy to this situation? is the maintainer the homeless person in your analogy?

It's your analogy, you tell me.

> you can criticize all you want as an exercise of your critical thinking faculties but the volunteer is not in anyway obligated to heed the criticism.

Nobody said they were. Nobody's trying to punish the maintainer legally. That doesn't mean criticism won't be offered or warranted.

Here's another analogy: You have a right to be a jerk in real life. Nobody's going to physically or legally stop you, barring extreme circumstances. People will still criticize you for being a jerk, as is THEIR right.

[throwlaplace]

in my analogy you're the homeless person and the maintainer is the charitable person. in your analogy the homeless person is getting advice from ...?

>People will still criticize you for being a jerk, as is THEIR right.

completely specious. code in a github repo is not active participation in society. the fact that it's public does not mean it's been submitted for evaluation in any way. criticizing a thing that wasn't critically submitted is meaningless. it's like calling my practice sketches inferior to commissioned pieces - no shit that's the point!

[wgerard]

> in my analogy you're the homeless person and the maintainer is the charitable person. in your analogy the homeless person is getting advice from ...?

the maintainer?

> completely specious. code in a github repo is not active participation in society. the fact that it's public does not mean it's been submitted for evaluation in any way. criticizing a think that wasn't critically submitted is meaningless. it's like calling my practice sketches inferior to commissioned pieces - no shit that's the point!

Uh, what? By packaging something as a crate, by listing it on crates.io, you're submitting it to be used. If you don't want it to be used or evaluated, at all, why in the world would you publish something as a crate on a public registry?

This is more like submitting your sketches to a public art gallery and then being upset when the public criticizes it.

[throwlaplace]

>This is more like submitting your sketches to a public art gallery and then being upset when the public criticizes it.

that's not what happened. there weren't simply discussions of the viability or soundness or the crate. there were implicit/explicit demands for changes. so your analogy is wrong again - it would be like submitting public sketches and then facing demands that the sketches be improved. does that sound like something that i as the artist should be comfortable with? more importantly does that sound like something a reasonable person would do (make demands for alterations to sketches submitted to a public art gallery)?

[weberc2]

I reject the axiom. No one is above criticism provided the criticism is rooted in fact (i.e., defamation is not criticism).

[throwlaplace]

it's not about whether someone is above criticism - it's about whether criticism makes sense in the context of what's being proffered. in another part of this branch of the thread i make the analogy with a an artist's sketch posted to a public art gallery. it's not that you can't criticize, it's that it doesn't make sense to criticize because the artist isn't attempting to achieve anything.

maybe a better analogy is if i play a pickup game of basketball and i get labeled a bad player for not trying my hardest. it's not that the criticism is misplaced it's that it doesn't make sense at all - i wasn't trying to be a good player! i was trying to have fun.

[weberc2]

That’s not the issue at all, and we know this because the project was advertised as secure and the critics were arguing that it wasn’t advertised as such. This is characteristically different than your basketball analogy because it is neither explicit nor implicit that the project was unsuitable for production. Drew is arguing that the criticism is invalid because maintainers are within their rights to even lie about their projects because all responsibility lies downstream. Note that security DOES indeed lie downstream, but Drew is mistaken for arguing that this downstream responsibility immunizes maintainers from such criticism. This is a non sequitur.

I don’t understand the desire to make this out to be a sort of dichotomy—both groups have the right to do what they did (the maintainer to reject patches and even allegedly lie about the security properties of his project and the critics to criticize even in bad taste) and both parties could have handled it better. TFA did a fine job for implicitly acknowledging this by simply referring to the situation as sad all around.

[throwlaplace]

>That’s not the issue at all, and we know this because the project was advertised as secure

this is so weird to me. i have a really difficult time on hn often because i don't understand why people that claim to be intelligent can't distill out the fundamental/primary issues.

it's a free/proffered/donation/voluntary/no strings attached piece of code. that is the first thing that defines its use/understanding/existence/ontology whatever other words. everything else is contingent upon that. you can debate this point - you can say something about the social contract of open source software and your responsibility to the community if you yourself have benefited from other open source projects and etc but no one is debating this. everyone is debating aposteriori things.

if i put a mattress out on the street with a sign "no bed bugs" and you pick it up and it has bed bugs in can you be mad at me? can you take action against me?

i don't know what kind of framework i need to appeal to in order to underscore this issue so that people address it directly instead of things further down the line. i would really appreciate someone showing me how to either do this (put the focus on the thing i'm engaging with) or tell me why i'm wrong for focusing on that.

[throwaway894345]

> this is so weird to me. i have a really difficult time on hn often because i don't understand why people that claim to be intelligent can't distill out the fundamental/primary issues.

I feel the same way, but not about /u/weberc2's post.

> it's a free/proffered/donation/voluntary/no strings attached piece of code. that is the first thing that defines its use/understanding/existence/ontology whatever other words. everything else is contingent upon that.

This is another of your own axioms. These aren't universal. In particular, if a maintainer states or otherwise implies that his project is secure and suitable for production and then behaves otherwise, criticism is warranted. Even if he doesn't, criticism is still permissible.

> you can debate this point - you can say something about the social contract of open source software and your responsibility to the community if you yourself have benefited from other open source projects and etc but no one is debating this. everyone is debating aposteriori things.

No one is debating this because it's not necessary. The maintainer's explicit assertions about his project (its security, etc) override implicit "social contract" responsibilities.

> if i put a mattress out on the street with a sign "no bed bugs" and you pick it up and it has bed bugs in can you be mad at me? can you take action against me?

Not sure, but I can certainly criticize you.

> i don't know what kind of framework i need to appeal to in order to underscore this issue so that people address it directly instead of things further down the line. i would really appreciate someone showing me how to either do this (put the focus on the thing i'm engaging with) or tell me why i'm wrong for focusing on that.

In general your arguments are based on your own axioms. If your axioms aren't widely-shared, then you will run into these sorts of disagreements.

[throwlaplace]

>This is another of your own axioms. These aren't universal.

how is this my axiom? it's on github. no one has paid for a license (the license is completely permissive).

>In particular, if a maintainer states or otherwise implies that his project is secure and suitable for production and then behaves otherwise, criticism is warranted.

is that part of the TOS of github? is that part of the bylaws of the guild of software engineers? is that in the bible? where is this codified except in this thread around this issue where everyone is mad?

>Not sure, but I can certainly criticize you.

you can do whatever you want. you can stand on your head and recite the star spangled banner. i'm posing the question whether it's reasonable. is it reasonable to criticize me for putting that mattress there in that state?

>In general your arguments are based on your own axioms

again they're not mine in the least - i did not coin the phrase "don't look a gift horse in the mouth". that is much older than me and fairly universally understood/accepted.