[Lammy]

> there are multiple PRs to address that, but the maintainers give no good reason for not accepting it.

Congrats on discovering the difference between “““Open Source””” (pro-corporate; a way to socially engineer people to do work for you for free from which you can turn around and profit) and Free Software!

“THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION.”

[notepad0x90]

You quoted a snipped out of context and argued the wrong thing. They don't need to give a good reason for accepting it, that's not the issue. the issue in this thread is taking away the ability to create PRs to begin with. You're overreaching and saying "not only do we offer no warranty or guarantees for this program, but we will actively prohibit others from linking their fixes to issues to prevent you from making the program usable". You don't owe users anything, but your users don't deserve hostility from you either!

[vdqtp3]

> taking away the ability to create PRs to begin with.

> your users don't deserve hostility from you either!

No one has the right to demand my time to review their PR to my code and explain or justify a rejection. If I don't want to accept PRs, that's a valid choice on my part.

[notepad0x90]

I feel like I'm not even speaking english on this thread. I've said MANY times that project owners owe nothing to anyone, period. You don't owe anything. Ignore the PRs, send them to your junk folder. I don't care.

That has nothing to do with this discussion.

People have a right to propose changes to broken things they use. Your right to ignore them and not provide support is a two-way street. Others also have a right to ignore what you want and propose changes for other users to see.

it's right there is name of the feature "Pull Request", it's a request, not a demand.

If you were operating a non-profit business in person, you can't get mad at people suggesting changes either. You can ignore them for sure, you can pull up some disclaimer or whatever. But it's hostile and mean to prevent people from even stating their opinions and proposing a change.

At that point, make your project private.

You don't owe the public many things, but when you create a project and make it public on a shared hosting site, other users also have rights to make commentary, since you've exposed it as public, and proposals and to assist each other. I'd even go further to say that this counts as intentional interference with users' attempt to fix vulnerable and buggy code, and as such an intentional attempt to harm the public. It's one thing to not guarantee anything about your software, it's another thing to prevent people from trying to fix it.

[_aavaa_]

> You don't owe the public many things, but when you create a project and make it public on a shared hosting site, other users also have rights to make commentary, since you've exposed it as public, and proposals and to assist each other.

Nothing is stopping them from doing that. But they are not entitled to do it on my repo.

[notepad0x90]

It is not on your repo, that's the confusion in this thread. PRs have not made it to your repo yet, you're not entitled to them. It's regarding your repo, but it is not a change or an activity that's made it into your repo. It's people who have checked out a branch on their repo, PRs are a way for those people to publish the changes in their version of your repo -- their version.

What you guys are suggesting on this thread is to prohibit people who gained access to your repo as a result of you making it public (not just the zip/tarball of the code, but the repo) from linking the changes they made in their repo to the original parent repo. They're requesting you merge their changes, but not demanding, and you can ignore them. but that request and linkage helps your users, who are already not being supported by you or given any warrantly of usability of functionality by anyone at all. You're making something available to people and making it harder for them to support each other and fix the software on their own.

[_aavaa_]

There is no confusion about that. I think the confusion is repo being used for both 1) the actual remote git repo hosted by GitHub and 2) the “repo” at GitHub.com/username/project.

I know that opening a PR does not affect the first, but it very much affects the second. For my project both are mine, and just as I have the right to ignore a PR and I have the right to reject any after they’re opened, so too do I have the right to reject PRs before they’re opened.

> their version

And they can keep doing that without cluttering my page.

> what you guys are suggesting…

So what? Who or what states they are entitled to have their changes visible as a request on my repo?

Having publicly accessible issue and PR pages opens breeds the kind of entitlement you are showing here: they do not have a right to open requests on my page any more than people have a “right” to comment on a blog post or a YouTube video. And keeping an issue/PR section available leads people to assume that they have a right to do it simply because they can.

[Lammy]

> People have a right to propose changes to broken things they use.

Here's the root of your misunderstanding. “Broken” is subjective, relative only to you.

> it's right there is name of the feature "Pull Request", it's a request, not a demand.

That's marketing-speak. It is absolutely a demand. PRs are a growth-hacking feature and are part of how GitHub got to be so dominant. The abuse of social pressure calling someone's project unmaintained was the same mechanism used for the XZ Utils backdoor: https://securelist.com/xz-backdoor-story-part-2-social-engin...

[notepad0x90]

> Here's the root of your misunderstanding. “Broken” is subjective, relative only to you.

This is not a misunderstanding. I want to know what other people subjectively think is broken, and their proposed fixes. So, if I agree with them, I can opt to use their fixes. A lot of time the developer does not want to maintain the added complexity, or does not agree with architectural or design decisions by the contributor, and that's fine. But I, as a user might agree with the contributor. it costs you, as the maintainer nothing to let people propose changes. nothing at all. as others have repeated many times on this thread, you're not even obliged to respond to PRs, it won't even cost you appearance or reputation. You're just annoyed, that's it, and instead of ignoring the thing that annoys you, the solution is hostility.

> That's marketing-speak. It is absolutely a demand.

If you have a contributor policy clearly defined, it isn't. When you publish a project for the public, people will use it, that's the expectation.

Perhaps if github linked your contributor policy that might help. You can also setup an action that will auto-close all PRs, commenting your contributor policy for everyone to see the reason. There are many ways to handle this, but people on this thread are choosing the lazy option that harms users the most. I think part of it might be that many of you have not dealt with projects that benefit heavily from PRs.

[Lammy]

> I want to know what other people subjectively think is broken

And I do not. In fact I don't want to hear from anyone who uses my software at all, in any way. My software is for me, not for you, and not for them. If you think it's broken, make your own that isn't.

[Lammy]

Wrong; unsolicited PRs from people who want me to maintain their needs for them are what's hostile. Take the project as-is, fork and maintain it yourself, or pay up.

[notepad0x90]

Why are unsolicited PRs hostile, you have no obligation to even read them? Unless you're saying you're obligated to do something about PRs.

If you want to host public projects, you will always have some responsibility to the public. Similar to how hardware makers shouldn't be making hard to repair their hardware.

[Lammy]

> If you want to host public projects, you will always have some responsibility to the public.

I disagree with this completely.

[notepad0x90]

If you plant a public tree for example, you may not be responsible if the tree produces a poisonous fruit or not, but if someone puts a sign next to the tree telling people "boil before eating,otherwise it's poisonous", that's their right. But if you don't want your tree to look bad and prevent them from doing so, now you're responsible for any poisoning from the tree. You can either be responsible or not responsible, but you can't be __irresponsible__. You can't act in a manner that you know will harm others, when not doing so costs you nothing, not even a perception of obligation.

If you have the right to turn off PRs, any company out there also has the right to make thing that are hard to repair. I don't want to say anyone who agrees with you on this thread complaining about Google or some other company shutting down your accounts with no explanation either.

[Lammy]

> If you have the right to turn off PRs

Joke's on you; I already do shut down every PR automatically on my projects with the repo-lockdown bot: https://github.com/marketplace/actions/repo-lockdown

Making my code public at all is what costs me nothing. I am already writing it. I am already versioning it with Git. Giving you access to it is either a no-op or is some amount of public good. It can never be a negative. This is what Free Software is. Read Stallman: https://www.gnu.org/philosophy/free-sw.html#four-freedoms

[Lammy]

Too late to edit, but here's the inarguable truth straight from the mouth of the Open Source Initiative, that the term was the direct product of Netscape's desire to get people to work for them for free: https://opensource.org/history

“The ‘open source’ label was created at a strategy session held on February 3rd, 1998 in Palo Alto, California, shortly after the announcement of the release of the Netscape source code. […] The conferees believed the pragmatic, business-case grounds that had motivated Netscape to release their code illustrated a valuable way to engage with potential software users and developers, and convince them to create and improve source code by participating in an engaged community. The conferees also believed that it would be useful to have a single label that identified this approach and distinguished it from the philosophically- and politically-focused label ‘free software.’”

[mnau]

Open source is not open contribution. There are many examples of open source, but closed contribution, e.g. SQLite.

What you are listing is a business strategy of a company (free labor and advertising). Desires of a company are very different from an unpaid volunteer.

In projects that leave PRs unanswered, the maintainer is already unpaid labor, but contributor want him to work on the contribution. That might not align with what maintainer wants.

Edit: Personally, I find reviewing least pleasant part of dev work. Thanks to LLMs, that now also significantly more of my paid work. My desire to do code reviews in my free time is massively lower. I would rather do it myself.