|
Gazpacho posted:what if the baby is hitler ok settle down jeb
|
# ? Jan 30, 2020 00:50 |
|
|
# ? Apr 26, 2024 09:52 |
|
lancemantis posted:I guess I'm just a person that's lost a lot of faith in institutions so maybe my thought patterns come off as weird do you have faith in yourself to attempt to claw back what you've made from being used for evil, even if that attempt is ultimately unsuccessful?
|
# ? Jan 30, 2020 00:51 |
|
has anyone noticed the irony of posting this on twitter?
|
# ? Jan 30, 2020 01:02 |
|
CRIP EATIN BREAD posted:has anyone noticed the irony nope
|
# ? Jan 30, 2020 01:03 |
|
i think part of what i have trouble with is that individual oss devs would not necessarily align with what we’d consider ethical consider the ‘angry at immigrants’ license: https://www.treefinder.de/
|
# ? Jan 30, 2020 01:48 |
|
PCjr sidecar posted:i think part of what i have trouble with is that individual oss devs would not necessarily align with what we’d consider ethical I mean this is just humans. The idea that we'd all hew to some higher standard of ethical behavior is sort of lol. We can barely get our filesystem guys to not kill their wives.
|
# ? Jan 30, 2020 02:05 |
|
abolish ice. also, npm.
|
# ? Jan 30, 2020 02:09 |
|
PCjr sidecar posted:i think part of what i have trouble with is that individual oss devs would not necessarily align with what we’d consider ethical hahah holy poo poo
|
# ? Jan 30, 2020 02:09 |
|
akadajet posted:abolish ice. also, npm.
|
# ? Jan 30, 2020 02:12 |
|
i dont even know what npm is and i laugh every time somebody drags them
|
# ? Jan 30, 2020 02:15 |
|
akadajet posted:abolish ice. also, npm.
|
# ? Jan 30, 2020 02:16 |
|
Jonny 290 posted:i dont even know what npm is and i laugh every time somebody drags them npm is github but it only hosts javascript people reference in production.
|
# ? Jan 30, 2020 02:16 |
|
Jonny 290 posted:i dont even know what npm is and i laugh every time somebody drags them It's the nodejs package manager and it's even worse and stupider than you would imagine given that
|
# ? Jan 30, 2020 02:16 |
|
Captain Foo posted:It's the nodejs package manager and it's even worse and stupider than you would imagine given that the only thing I've seen that's worse than npm was bower but that's a really high bar to reach.
|
# ? Jan 30, 2020 02:18 |
|
the only reason removing your package tends to work in doing damage is that npm is surprisingly fickle as a package manager (see old post of mine somewhere about how they can allow the same dep multiple time with clashing versions within a package), and they at different times in the past had no good protective mechanism around dropping packages, parking names, reusing names for new packages. Coupled with the lack of stdlib, it was easy for a user to have a little util function used by thousands and thousands of projects, drop the package, and then gently caress up everyone's build because a bunch of people appear to run npm as part of every build on every prod node. Plus they had a history of generally having semver recalculated on each single new build, which would let maintainers drop point versions of existing packages and start loving with random builds across the world. This is hilarious and gathered attention from the press, but any shop that has their poo poo together would pin deps better, vendor or mirror them, and just not be stuck with it. So the whole effort of "please take your package down in protest" is intended to harm firms that depend on it while hoping Palantir still hasn't got their poo poo together after all that time and the few attempts that happened already.
|
# ? Jan 30, 2020 02:21 |
|
Shaggar posted:npm is github but it only hosts javascript people reference in production. bower was literally just github
|
# ? Jan 30, 2020 02:23 |
|
PCjr sidecar posted:i think part of what i have trouble with is that individual oss devs would not necessarily align with what we’d consider ethical drat is that German as hell
|
# ? Jan 30, 2020 02:36 |
|
akadajet posted:the only thing I've seen that's worse than npm was bower but that's a really high bar to reach. goddamn bower was so fuckin dumb
|
# ? Jan 30, 2020 04:25 |
|
PCjr sidecar posted:i think part of what i have trouble with is that individual oss devs would not necessarily align with what we’d consider ethical quote:I dislike the flood of immigrants they caused to come here - come here to replace unprofitable Europeans like me.
|
# ? Jan 30, 2020 04:38 |
|
I remember how many devs I spent time around outside of work tended to always be front end types and they’d always be talking about bower and poo poo and I didn’t get wtf those things were supposed to do other than being examples of someone with too much time pasting over broken garbage
|
# ? Jan 30, 2020 04:47 |
|
lancemantis posted:I remember how many devs I spent time around outside of work tended to always be front end types and they’d always be talking about bower and poo poo and I didn’t get wtf those things were supposed to do other than being examples of someone with too much time pasting over broken garbage package managers for javascript. good idea in theory, badly executed and managed.
|
# ? Jan 30, 2020 05:51 |
|
This thread assumes you write some OSS code that is used by bad actors, and therefore asks you to act to undo or at least slow down the evil that you helped unleashed onto the world (your code, also baby jails) in order to undo the facilitating you inadvertently did. What about the opposite though, where your code is used by a good, benevolent actor (say doctors without borders, curing ebola): is being inactive enough to get the moral benefits of helping make the world a better place through your idiot code? If we can ask whether passivity in face of bad situations (your code jailing babies) is enough to make you a bad person, would a similar utilitarian argument be possible with good code uses: is not actively maintaining OSS code that would help solve a bad situation (ebola) actually disengagement in front a greater evil, and technically bad?
|
# ? Jan 30, 2020 13:09 |
|
therefore, just merge my loving PR you nerd
|
# ? Jan 30, 2020 13:09 |
|
this code is all hosted on github so these people should be boycotting microsoft instead of worrying about some nerd's left-pad Implementation
|
# ? Jan 30, 2020 16:30 |
|
MononcQc posted:therefore, just merge my loving PR you nerd
|
# ? Jan 30, 2020 16:34 |
|
MononcQc posted:Hot off the presses is icebreaker.dev, a website that finds the current ICE practices in the US to be troubling cases of human rights abuses (rightfully so), and tries to call out all code authors and maintainers in the open-source world to participate in protests and donating to orgs fighting concentration camps on US soil, but also encourages tech people to adopt a new license which forces ethical behaviour (listed below), or to just flat out pull your code from public repositories: something that icebreaker.dev site linked to was a nonprofit Corporate Accountability Lab who had written a pair of licenses of their own (one for software, the other for general works), with the bonus of having actual lawyers involved in the process of constructing them they have a series of blog posts from way back in 2018 that go over how the licenses were designed. one thing mentioned there is that they specifcally ruled out just referring to the human rights declaration: quote:Our initial drafts attempted to incorporate other principles, declarations, and conventions of law by reference (e.g., UN Guiding Principles on Business and Human Rights, Universal Declaration of Human Rights, etc.), to promulgate the standards that a business must follow to receive license to use the copyrighted work. A problem that we found with this approach is that such declarations and conventions are generally written to nation-states and are phrased at such abstract levels that would-be licensees could have some legitimate grievances with the ambiguity of terms that we otherwise want to be strong and defensible in the realm of contract law. Contractual conditions that are subjective and difficult to assess or otherwise measure are generally frowned upon in effective contract drafting, so we wanted to figure out something cleaner. ps: how many .dev domains does coraline run? i think i've hit like five different ones so far when reading up on this stuff, each looking like different rebrands of the same (commendable) idea. tbh it doesn't give me much confidence that this latest edition is going to be getting regular maintenance
|
# ? Jan 30, 2020 21:11 |
|
The lawyery ones are interesting. I'm still torn on the idea of EULA-like clauses into copyright licenses. Bryan Cantrill has a good blog post on that front (written in the context of companies trying to get AWS to not just wrap OSS poo poo and charge for it): http://dtrace.org/blogs/bmc/2018/12/16/a-eula-in-foss-clothing/quote:...
|
# ? Jan 30, 2020 21:20 |
|
Progressive JPEG posted:something that icebreaker.dev site linked to was a nonprofit Corporate Accountability Lab who had written a pair of licenses of their own (one for software, the other for general works), with the bonus of having actual lawyers involved in the process of constructing them I think this is pretty good. edit: but agreed, it seems a lot more like a eula
|
# ? Jan 30, 2020 21:24 |
|
no one wants to talk about a eula because there's basically no machinery to handle eulas in common dev workflows.
|
# ? Jan 30, 2020 21:26 |
|
bring 👏 back 👏 shrinkwrap 👏
|
# ? Jan 30, 2020 21:31 |
|
MononcQc posted:The lawyery ones are interesting. I'm still torn on the idea of EULA-like clauses into copyright licenses. Bryan Cantrill has a good blog post on that front (written in the context of companies trying to get AWS to not just wrap OSS poo poo and charge for it): http://dtrace.org/blogs/bmc/2018/12/16/a-eula-in-foss-clothing/
|
# ? Jan 30, 2020 21:37 |
|
JawnV6 posted:bring 👏 back 👏 shrinkwrap 👏 shrinkwrappa deez nuts
|
# ? Jan 30, 2020 21:38 |
|
honestly though i think that the idea of open source has passed its useful stage and has just become free work for exposure. So my real response is simply "stop writing open source software."
|
# ? Jan 30, 2020 21:39 |
|
at this point I think the “meritocracy” people and the “open source” (as defined by the OSI) people are effectively two sides of the same coin - convinced that a short set of rules cannot result in externalities
|
# ? Jan 30, 2020 21:39 |
|
sometimes i'll write something one-off that i need that isnt super big but could be useful, so i'll throw it on github and let someone else find it useful, too. i'll be damned if i'm going to do anything more than that, like check where it's at or care who is using it. i have one repository that has a little bit of a following (and some idiot is donating to even though i didnt ask for it and had to sign up for an account to get the $1/month) and i havent looked at it in months except to laugh at the people submitting PRs that i will never, ever review or accpet, or laugh at the people who forked it to rewrite it in javascript.
|
# ? Jan 30, 2020 21:45 |
|
ended up going with the hippocratic license for the dns thing. in true istp spirit its very much a prototype and im the only contributor so i just rewrote the git history with the new license and thereby effectively removed distribution under the prior license (which was gpl3) had mainly looked at these three options: - hippocratic license (mentioned by OP): now on v1.2, their faq claims that it's gotten some(?) legal review at least so thats cool, but they still say its in draft stages so who knows. worst case ill just rewrite history again when there's a new version - corporate accountability lab license: also looks fine, but its got a weird thing where the licensor/developer is expected to "register" their use of the license with the lab. this seems kinda bullshit, particularly if you think about derivative works and whether that would result in a new licensor who would also need to register? what if the registration doesn't work anymore?? i had sent the lab an email asking about this and didnt hear anything back (but i only gave em like 18 hours) - then there's this one where they've basically got a big ol bulleted list of things they dont like. for example "deforestation" is great when part of a scheduled harvest/replant program: captures carbon much more effectively and also creates building materials for housing, win/win
|
# ? Jan 31, 2020 13:31 |
|
I think getting a good license up front is good but I think a clause that the author retains the right to deny use to anyone at any time is the only practical way to actually avoid having your code used for unethical purposes.
|
# ? Jan 31, 2020 18:23 |
|
just got an email back from corporate accountability lab and it sounds like they don't mind if the license language is edited to omit the registration requirement:quote:Thanks so much for your email and your interest in +CAL. Yes, feel free to make the modification that you proposed. Our intention with the language was really so that we could track the usage, so even if you change the language, we would love to hear how you are using it and any feedback you have. so they actually seem pretty alright too if anyone's looking at them, and tbh it feels like they've put in a lot more real lawyer hours into what they're trying to accomplish than the other two options. if anyone ends up using +CAL i'd recommend being a cool person and letting them know about it anyway since it looks like they do good stuff in general. after getting that response id seriously consider using them. however the license itself seems to be more around keeping corps in line and specifically mentions "commercial entities" and "supply lines", as such it looks like its a bit more specifically focused on the nonprofit's mission
|
# ? Jan 31, 2020 21:47 |
|
rotor posted:I think getting a good license up front is good but I think a clause that the author retains the right to deny use to anyone at any time is the only practical way to actually avoid having your code used for unethical purposes. i think this is what sorta owns with the hippocratic license. in my non-legal-not-a-lawyer-nor-an-expert opinion its sufficiently vague to be poisonous to any corporate or government legal department while individual users wouldn't really be affected. it's like 'don't do evil' jslint territory Progressive JPEG posted:for example if anyone posts yet another loving loss edit i'm going to cut them off under article 5 of the declaration so loving fast
|
# ? Jan 31, 2020 21:49 |
|
|
# ? Apr 26, 2024 09:52 |
|
Progressive JPEG posted:poisonous to any corporate or government legal department i have bad news
|
# ? Jan 31, 2020 22:18 |