The Xz backdoor and a near miss on the F-Droid app store show how the entitled attitude of some people in the open source community can be used to push malicious or insecure code.
Yup. I’ve contributed to a number of FOSS projects (including lemmy) and try to always observe the proper etiquette. That means (IMO):
read through the contribution guidelines and follow them to a T
check for feedback at least once/day
allow at least two days for initial feedback, and gradually back off (so bump after 2 days, bump again after another 3-4 days)
if there’s no feedback after a week, bring it up on another channel (IRC, Matrix, email, etc)
never demand anything, always ask how to help
None of that is written down anywhere, but to me it’s common sense. If you don’t want to do that, fork the project and maintain it yourself. Maybe they’ll pull your changes in if they’re good.
Yup. I’ve contributed to a number of FOSS projects (including lemmy) and try to always observe the proper etiquette. That means (IMO):
None of that is written down anywhere, but to me it’s common sense. If you don’t want to do that, fork the project and maintain it yourself. Maybe they’ll pull your changes in if they’re good.