- cross-posted to:
- technology@beehaw.org
- fediverse@kbin.social
- fediverse@lemmy.ml
- cross-posted to:
- technology@beehaw.org
- fediverse@kbin.social
- fediverse@lemmy.ml
Highlighting the recent report of users and admins being unable to delete images, and how Trust & Safety tooling is currently lacking.
Ya, reading the GitHub issue sounds entirely like burnt out devs being abused by users. It’s a massive issue in open source.
The Late Night Linux and Linux Dev Time podcasts talked about exactly this in a recent episode. It can be extremely demoralizing to do all this work for free for a project only to be inundated by ungrateful people demanding you fix something or implement a feature they want. Many open source projects have died because of that.
We’re not talking about a user demanding you release a flatpak build targeting their personal linux distribution running in a VM’d WSL, we’re talking about a consumer facing social app that doesn’t include the functionality for a user to delete something they added.
You know what the acronym used for describing the most basic functional web app api is?
CRUD - Create, Read, Update, Delete
What we’re talking about is a complete free and open source project that’s built and maintained completely through volunteer labour.
There are zero obligations towards the people actively using the software.
While I agree that the functionality should exist, the devs can literally do whatever they want. Nobody is paying them.
Edit: you’re also seeing only a single instance of a conversation. I can guarantee that the devs have been dealing with asinine and demanding users for a while now. There comes a point where your patience wears thin.
Yes, there are, and that obligation is to not publish something as production ready if it is illegal to use because of how it’s built.
I’m a software developer, I understand exactly how frustrating user demands are, that was still a completely and utterly unacceptable way to respond to a very politely worded request for software that literally just doesn’t break privacy laws to run.
As the commenter pointed out, if you don’t want to fix it, fine, but then you absolutely have a moral, ethical, and professional obligation to document that clearly in your README.md.
No, there really isn’t. Do I feel that project owners should follow good practices for maintaining clean code that also allows users to keep things legal? Absolutely I do.
But that is not the same thing as an obligation. If there was a single cent exchanged between the devs and anyone else (donations do not count) then this conversation would be entirely different.
I don’t agree with the devs’ stance. But it is 100% their prerogative to say no. It’s their project, not ours.
As am I.
I agree.
No, you absolutely do not. Although I do somewhat agree on the professional part, but it’s still not an obligation. It’s completely unprofessional, but that’s different than it being an obligation.
The word obligation is not as narrow as you’re using it:
Does he have a contractual obligation? No, no contracts were signed. Does he have a legal obligation? No, the license file in the project absolves him of legal liability.
But he absolutely has a moral, social, and professional obligation to do so.
If you want to apply such a better definition, then you have an obligation to learn Rust and submit a PR to bring the project into compliance. You have a societal obligation since you are aware of the issue and use Lemmy.
You owe it to your fellow Lemmites. Lemurs? Lemmings? Whatever the term for a Lemmy user is.
All I have an obligation to do is give back to society, and I do so through taking care of my parents and grandparents, volunteering teaching classes every weekend at the community center, volunteering to upgrade and maintain an app for a non profit, donating to charity, open source projects and news organizations, helping my elderly neighbours with their snow and leaf clearing, etc.
And if you find one of my open source github projects will cause a user to violate a local law, kindly file an issue and I’ll immediately update the README.md and take it down until the issue is fixed.
100% your prerogative.
You seem to know what you are talking about. Have you made a pull request yet?
Have you learned how to program to fix the problem?
It doesn’t seem worth my time to learn Rust just to submit a PR to devs who behave like that, they’ll just reject it and be pithy, like they are when a user asks them to comply with EU privacy law.
Ya, this is exactly the attitude that burns out devs and kills projects. Congrats for being super entitled towards a free project.
It is not entitled to expect a published project to comply with basic privacy legislation and not be illegal to use.
If your bar for this project is that much below basic consumer expectations, then this project was always going to fail.
No it’s not. But what is entitlement is bombarding voluntary devs with garbage requests. Is this particular issue entitlement? No. But having seen the various requests made over the last year or so there’s a breaking point where a person gets overly sensitive.
Think of being pestered ALL day at work over garbage and having an all around bad day. Then on the way home you jump into a store to pick something up and someone says something annoying but ultimately innocuous to you. Some people can handle it in stride, some people’s nerves get frayed.
I’m not excusing the devs here. I don’t actually know what their thoughts are. But from personal experience in the dev world and from what I’ve seen, it looks to me like they’re getting frustrated by users.
And they might be in a region where the privacy concerns don’t apply to them. And I agree that it’s a problem, but ultimately it’s their right and prerogative to not implement.
Remember, absolutely no one here has paid a single CENT to the devs for their work (not talking about donations).
So complaining about the quality of their work while you are benefiting from it for free is literally entitlement.
I understand having frayed nerves, I even understand snapping at someone because you’re having a bad day, and I do feel sympathy for the devs, and wouldn’t hold this against them (especially since they’re at least providing a nuke everything option that will address it).
But the line between entitlement and reasonable expectation is not one of monetary compensation.
Engineering ethics does not let you off the hook just because no one paid you to build what you built. If an engineer goes to the park and unilaterally builds a playground that doesn’t meet basic legislated safety standards and kills a kid, they’re not off the hook. They will be investigated by their professional body and have their license revoked.
Hell if they just build a playground off in the woods on their own private land but don’t take reasonable steps to prevent kids from accessing or using it then they will have their license revoked.
Your failure to provide a reliable source for your claims is not my problem.
If you cannot provide a reliable source of your claims, your claim will be dismissed.
Sure, but if you want to extend the analogy that far, then the devs are just posting free plans online on how to build a playground. It’s the instance owners who physically build the “playground” and are liable.
Is it entitlement if it’s making using the entire thing illegal everywhere? Since there is no tooling to block traffic from the EU / not federate with instances that don’t comply with GDPR?
No. It’s the dev’s project. They can do whatever they want with it. They can delete the repo and go live in the woods if they want.
To be clear, I don’t agree with the stance they have taken. But I also see the kind of reactions there are far from what people are making it out to be. I think the people complaining about the devs being “mean” are just hypersensitive and have never been told “no” their whole lives.
Like I said, I disagree with the devs’ position to not implement this feature. It’s been highly requested, and for good reason. But this is a free project. If they say no, then it’s no. If we don’t like that decision, then maybe we need to move somewhere else.
It sucks but sometimes that’s life.
I don’t care if they are mean. The app isn’t GDPR compliant. That’s what matters.
Fine, that’s what matters. Then ask them to implement it or write it yourself.
And if they say no, then that’s your answer and Lemmy instances within the EU will need to move out of the EU or just shut down.
while i think there are people like that i think this particular issue is a serious issue that should be handled properly. i think the conversation should have been much professional from both sides, but nonetheless this issue addresses a serious problem.
Why should it be handled professionally? I don’t necessarily disagree, but what makes you say that? This isn’t a paid job. They aren’t working for a corporation. And all of their work is voluntary for a free project.
Does them working on the project voluntairly, makes them be able to steal code from non-opensource projects, ignore licenses and do other shit like that? If the answer is no, why does working on the project voluntairly lets them break the law in other ways?
That’s a lot of incorrect assumptions there.
They didn’t steal any code. They didn’t ignore licenses either. In fact, the only reason they had a judgment ruled against them is because they were taking monetary donations. Which was interpreted as “profiting”.
They reverse engineered a process without stealing anything. They didn’t even circumvent DRM, which is actually protected by law on the grounds of creating personal backups and data/software preservation.
You’re either very ignorant on the subject or you just ate up Nintendo’s BS.
I was talking hypothetically. Are they allowed to do that? If not, then they cannot be noncompliant with GDPR, simple as.
Actually yes. The people that run afoul of the GDPR are the people who run the instance servers. The code writers are not the ones legally responsible.
Yeah, theu are just as legally responsible as admins of instances.
That’s going to vary heavily based on regional laws. You cannot make such a blanket statement like that.
there is a lot of difference between a random internet forum and an issues forum. also that particular issue was made with good faith even though both of them might have gone overboard. people suck a lot and might even make stupid arguments or issues. people stick to your work because they like it and they hope it will continue without dying next day, even though you do it voluntarily. this gives more weight here since their work is more like an internet forum where people voice out their thoughts. given such weight, i think they should have handled it properly, if they did it would not have been made a post or an article. i have no biased opinion for any party here, but since I respect lemmy a lot and doesn’t want lemmy to have a bad name, i think their developers should not give in and be unprofessional and give lemmy a bad reputation.
That’s how a Minecraft server I ran died. Too many people telling me how to run it and trying to break things when I was asleep.
Ya, I know exactly what you experienced. It sucks and it’s why we can never have nice things.
What I truly don’t understand is why the negative eggs that you WILL ALWAYS HAVE NO MATTER WHAT, read it again, ALWAYS HAVE NO MATTER WHAT, gets so much mental attention than the many more people who are actively applauding you and saying their thanks and giving you their praises.
I will never understand the focusing on the negative I guess. It’d be easy as fuck for me to ignore people’s assholeishness while still taking their badly typed criticism and improving (if I reasonably can).
Shit, it makes me feel like the fucking champ when some random persons says thanks for something I did, and I laugh and ignore the ones who don’t like what I do.
But hey, if focusing on the few negatives instead of the mountains of praise is what you want to do, it’s all yours.
Imagine you get approval to build a new park and playground for your neighbourhood. You spend hundreds of hours designing the plan and layout and you spend incredible amounts of your own money to get the resources.
You get to work and things are going well. As you near the end of months upon months of work, the park finally opens for families and kids to use.
As you’re standing there proud of your work, some people come over to you. Do they say “thank you!” or “you did amazing work”? No, they come over to complain about things that are missing, tell you what you should have done better, that you didn’t accommodate their each specific needs, etc.
You would very quickly get bitter and demoralized.
Like I mentioned before: this is a massive problem in the open source development world and has killed many great projects. This has nothing to do with “mental attention” and everything to do with users abusing the devs and their time.
In your analogy, the park didn’t follow any safety guidelines and people are dying on the rides and falling into a lake with piranhas.
In my analogy it’s a park with trees, bushes, rocks, and slides. I said “park in your neighbourhood” not “mega-extreme rollercoaster park”. I also said “you got approval” which is generally from the city or other governing municipal/county/regional body. And that also requires a plan to be submitted before approval is stamped.
So no, what you did is make up a bunch of crap to strawman my argument and try to make what I said wrong in some way.
Nice try.
They by definition didn’t “get permission” if they are noncompliant with GDPR.
Are they in the EU? No? Then they don’t need that permission.
Are they in the US? Then they need that permission too.
Your comment doesn’t make sense to me.