[solaire_oa]

Author here. This is a good callout, there are a few reasons why it's a plugin and not open source (yet).

First is that I didn't want to make a plugin in the first place, I wanted to make a bookmarklet, but HN's CSP policy was too strict. So that was a bummer.

Second is that I have very mixed feelings about open source these days, and so open-sourcing feels less and less like the sensible default state. One of the sibling comments here discovered the alltrust.json and vibecoded around it, which is really a case in point about why open sourcing feels like I'd be leaving myself "open" to be domineered (not just by users, but by bots and companies as well).

Third is that the system/plugin is partly LLM-assisted itself (even though the code is minuscule), and I'm self conscious of being a slop-slinger. Or at least, pushing up repos with LLM code just feels, idk... lazy and asymmetrical (despite this plugin having clear utility, which I think it does).

But it's completely fair to say "oh look, a plugin about trust that's closed source, how hypocritical." I get that. If there's enough interest I'll open source it, sure.

[imiric]

Hey, that's a perfectly reasonable stance, and I can relate to it.

Apologies for working around it and putting the code out there against your wishes. If you check my post history, you can see how opposed I am to these new tools, and "vibe coding" specifically. In my defense, I really didn't want to spend a lot of time on this, and LLMs do a decent job at this type of mechanical conversion. And I really don't judge anyone for using them mindfully, as you've clearly done in this case. The code didn't read like slop to me, if it's any consolation. :)

Besides, this "closed source" criticism is really a non-issue in this case considering it's a browser extension with clear JS, which anyone can inspect if they were really interested.

Cheers!

EDIT: I've deleted the gist. :)

[solaire_oa]

No problem at all! I didn't mean to be accusatory. And I wouldn't say inspecting the plugin code is against my wishes at all, no, definitely keep that hacker spirit alive! And feel free to reload the gist.

I suppose that my point is more that creating a GitHub repo has some strings attached to it nowadays, is all.

[qubidt]

I've found many developers having switched to non-github forges (e.g. forgejo/gitlab/sourcehut or what have you), but particularly self-hosted instances, to sort of opt-out of the culture around mpdern-day open source. My sense is the barrier of entry is a social signal that they'd like to opt out of being assigned community manager+tech support+moderator for anonymous users. typically there isn't a functional issue here, but I guess avoiding the town square is a good way to avoid having to interact with the town drunk/crank/large language model

[mentalgear]

Appreciate the long reply and insights into your thoughts. I feel your resistance of slinging LLM slop, but hiding it doesn't make it better. I'd far more appreciate it being open source and mentioning it has been generated with LLM assistance, over not mentioning it at all. If the code has been reviewed and is simple enough to understand, it's appreciated and not perceived as vibe coded slop.

[solaire_oa]

For sure, source is now available here https://hn-trustspark.com/src/

I can figure out how to shasum/sig the extension for heightened trust.