This is where the supply chain metaphor — and it is just that, a metaphor — breaks down. If a microchip vendor enters an agreement and fails to uphold it, the vendor’s customers have recourse. If an open source maintainer leaves a project unmaintained for whatever reason, that’s not the maintainer’s fault, and the companies that relied on their work are the ones who get to solve their problems in the future. Using the term “supply chain” here dehumanizes the labor involved in developing and maintaining software as a hobby.

  • Ephera
    62 years ago

    Yeah, I’ve noticed that I’ll occasionally hesitate to click on that “Publish” button for a new software project, because I’ll think to myself, if someone starts using this, they’re fucked.

    At the same time, I don’t want to put a disclaimer into every README stating that it’s hot garbage. Like, it’s a repo. Of course, it could contain software which is still in early development or unmaintained or whatever. And I’d rather tell what I’d like it to do someday rather than what ridiculous requirements it won’t fulfill.

    I’ve kind of started to revel in my previously-not-really-strong decision to put my code up:

    1. as AGPL, which for example deters Google from ever using it, and
    2. on Codeberg, where it won’t get seen as much and it’s more at the heart of the open-source community rather than on this commercialized platform where most people only go to download released software.