via @moneyball on X
What does it mean to be open source? When I first got involved with open source bitcoin in 2017, I thought this was a simple question. However, it is far more nuanced that I rarely see discussed. There are at least 9 different gradations ... am I missing any?
- Source available. This one is straight forward.
- Permissive license. Does the license restrict commercial use or is it free open source like MIT License?
- Working in the open. That is, does a team work for months or years in private only to publish code for major releases? Or are issues and PRs in a public tracker with public discussion on a daily basis?
- General vs. specific design. Did the team that created the software design it with only their specific application in mind? Or did they design it general enough to accommodate many types of future users?
- Supporting external contribution. Does the core team prioritize and review external contributors PRs?
- Recruiting external contributors. Does the core team embrace and champion new contributors who aren't affiliated with the core team's organization?
- Self-sufficient funding. Does the core team proactively seek external funding sources for development of the project so that the project can survive even if the founding entity abandons it?
- External maintainers. Does the core team attempt to grow external contributors into maintainers and ultimately relinquish some power over the direction of the project?
- Public good mindset. Does the project's culture allow it to shift from what might initially start as a company project to ultimately a public good?
Good post. One question might be missing:
Are the builds reproducible?
What if the software is a website like SN?
How can users trust that the code in the repository is the code that is running on SN?
Agree reproducible builds should be added to the list of best practices.
There are ways to use HSMs to allow users to verify server-side builds matches the open source code, although I think only conceptually. Would love to see this done in practice so we can learn from it.
I ran an open source project for years.
A lot of people equate open source with being free (as in cost) but there's also free (as in freedom). It's useful to distinguish these two concepts.
Gratis :- without charge Libre :- having freedom
There's a lot of misconceptions about why people write open source software in the first place.
Or of course it can be any mix of the above or something I didn't even think about. Usually the license will give you a hint as to which.
Personally I think transparency is the most valuable. I have no problem paying for software but all other things being equal I'd rather pick open source software simply because I can look at the code and see what it does even if I never want or need to change it.
An important addendum: Based on early feedback, allow me to clarify. I'm not suggesting redefining open source. A better way to frame it is open source best practices.
view on twitter.comAs laid out by the FSF in 1986:
I'd like to partially contend 3. While Satoshi did announce his project in advance, he only released the source code once a viable product was ready.
Sure working in open could apply pre-initial launch or post-initial launch. I think the latter is more important for a sustainable project that serves as a public good.
As far as I can tell, this is the definition and requirements: https://opensource.org/osd/
Of course you have a stricter version in the form of Free/Libre Software.
This is false. Free Software and Open Source are just two words for the same thing. This is not just my opinion - it's coming from Bruce Perens - the founder of the OSI. https://lists.debian.org/debian-devel/1999/02/msg01641.html
Access and contribution to the project is accessible by anyone
Anybody con modify the code to their liking.
I'm in agreement with all these points
Facebook = Free . You are the open source all you data sold, lol