A cry for help or wanton vandalism by Open Source Project maintainers? Last week, the maintainer of the popular NPM package manager was responsible for breaking compatibility far and wide. As it turns out, this was a cry for attention for the plights of small but important OSS projects that are used widely by “Billion Dollar mega corporations” while the few (or even single) maintainers are merely scraping by to pay the bills.
A little bit of research proves that this is far from a solitary issue an neither is it a recent development. Over the last decade, many projects that you and I use every day have almost disappeared because the maintainer just could not spend the time for free anymore. How did it get this far and how could this possibly be improved? Listen to this episode to hear our thoughts on the matter.
Here are the articles we used in this episode:
- https://www.bleepingcomputer.com/news/security/dev-corrupts-npm-libs-colors-and-faker-breaking-thousands-of-apps/
- https://increment.com/open-source/the-rise-of-few-maintainer-projects/
- https://www.propublica.org/article/the-worlds-email-encryption-software-relies-on-one-guy-who-is-going-broke
- https://www.informationweek.com/it-life/ntp-s-fate-hinges-on-father-time-
- https://arstechnica.com/information-technology/2014/04/tech-giants-chastened-by-heartbleed-finally-agree-to-fund-openssl/
Podcast: Play in new window | Download (Duration: 42:48 — 29.5MB)
Subscribe: Apple Podcasts | Spotify | RSS | More
Please use the Contact Form on this blog or our twitter feed to send us your questions, or to suggest future episode topics you would like us to cover.