The Social Coding Contract

The Social Coding Contract

E6c6e133e74c3b83f04d2861deaa1c20?s=128

Justin Searls

November 19, 2014
Tweet

Transcript

  1. THE SOCIAL CODING CONTRACT

  2. My name is Justin Searls Please tweet me @searls &

    Say hello@testdouble.com
  3. Open Source is Good!

  4. !❤️!

  5. $%

  6. &'(

  7. is Open Source Good?

  8. !)

  9. %⏰+

  10. ,'(

  11. -

  12. - . -- -

  13. - . -- - / .

  14. - . -- - / . . 0

  15. - . -- - / . . 0 . 1

  16. - . -- - / . . 0 . 2

    . 1
  17. - . -- - / . . 0 . 2

    . 1 ✅
  18. - . -- - / . . 0 . 2

    . 1 ✅
  19. None
  20. None
  21. None
  22. None
  23. None
  24. ideology, n. \ ˌˌ i-dē- ˈ ä-lƧ-jē\

  25. ideology, n. \ ˌˌ i-dē- ˈ ä-lƧ-jē\ "They do not

    know it, but they are doing it"
  26. ideology, n. \ ˌˌ i-dē- ˈ ä-lƧ-jē\ "They do not

    know it, but they are doing it" - Karl Marx
  27. Open source fans are a bunch of hippies so I

    figured I'd start with a Marx quote
  28. None
  29. philosophy

  30. economics philosophy

  31. economics philosophy

  32. The march of progress & our false consciousness

  33. IN THE BEGINNING

  34. SPECIALIZATION

  35. SPECIALIZATION veggies

  36. SPECIALIZATION veggies meats

  37. SPECIALIZATION veggies meats games

  38. INDUSTRIALIZATION

  39. INDUSTRIALIZATION

  40. INDUSTRIALIZATION

  41. INDUSTRIALIZATION

  42. INTERNETIFICATION 1-Click

  43. BIG DATAFICATION

  44. BIG DATAFICATION ???

  45. Unintended Consequences

  46. None
  47. FOR, LIKE, AT LEAST A MONTH

  48. progress awfulness

  49. progress awfulness

  50. progress awfulness

  51. None
  52. progress awfulness

  53. progress awfulness

  54. None
  55. None
  56. Open Source's Progress

  57. .h & .c files

  58. None
  59. None
  60. None
  61. None
  62. veggies Makefile

  63. None
  64. None
  65. jar file

  66. None
  67. None
  68. None
  69. 1-Click Gemfile

  70. None
  71. None
  72. None
  73. None
  74. package.json

  75. None
  76. None
  77. None
  78. None
  79. None
  80. 50ft

  81. 50ft 100ft

  82. 50ft 100ft windows max file path limit

  83. short-term progress

  84. short-term progress for the low, low price of

  85. short-term progress for the low, low price of long-term fragility

  86. None
  87. Build a small, but non-trivial, Rails app. An empty app

    has ~50 gem dependencies; yours will have 75-100. Go away for six months. Come back and update all of your dependencies. Your app no longer works.
  88. It's easy to start a Jekyll blog, though. Easy to

    install sass. Easy to generate a Rails app. Always easy right now, never in a year.
  89. None
  90. What we think our app is

  91. What our app really is

  92. easy, but not simple

  93. We say "it's a Rails app"

  94. We never say "and Rails depends on thor >= 0.18.1,

    < 2.0"
  95. We never say "and Rails depends on thor >= 0.18.1,

    < 2.0" We don't even notice that!
  96. Bundler could not find compatible versions for gem "thor": In

    Gemfile: ajax-cat (= 2.1.0) ruby depends on thor (~> 0.15.2) ruby rails (= 4.1.4) ruby depends on railties (= 4.1.4) ruby depends on thor (0.18.1) Even though 272 gems can no longer be installed!
  97. What if Bundler told us more? ... Using unicorn 4.8.3

    Using zurb-foundation 4.3.2 Your bundle is complete! Use `bundle show [gemname]` to see where a bundled gem is installed.
  98. What if Bundler told us more? ... Using unicorn 4.8.3

    Using zurb-foundation 4.3.2 Your bundle is complete! Use `bundle show [gemname]` to see where a bundled gem is installed. Your bundle has 10 direct dependencies and 43 transitive dependencies.
  99. What if Bundler told us more? ... Using unicorn 4.8.3

    Using zurb-foundation 4.3.2 Your bundle is complete! Use `bundle show [gemname]` to see where a bundled gem is installed. Your bundle has 10 direct dependencies and 43 transitive dependencies. Your gems' version specifiers preclude the installation of 1300 gems.
  100. What if Bundler told us more? ... Using unicorn 4.8.3

    Using zurb-foundation 4.3.2 Your bundle is complete! Use `bundle show [gemname]` to see where a bundled gem is installed. Your bundle has 10 direct dependencies and 43 transitive dependencies. Your gems' version specifiers preclude the installation of 1300 gems. `bundle update` would be unable to update 5 gems to the latest version.
  101. None
  102. None
  103. C

  104. C B

  105. C B A

  106. C B A

  107. C B A

  108. C B A

  109. C B A ???

  110. C B A ???4?

  111. C B A ???4?5?

  112. C B A

  113. C B A

  114. C B A

  115. C B A

  116. C B A

  117. One day, every new install started failing

  118. B A C

  119. B A C 4

  120. myAC B A 4

  121. myAC B A D 4

  122. myAC B A D

  123. Video of me that weekend

  124. None
  125. None
  126. need

  127. convenience need

  128. convenience need complexity

  129. convenience need complexity risk

  130. convenience need complexity risk mystery

  131. As painful as Makefiles are, they still work 30 years

    later
  132. None
  133. None
  134. Open Source Maintainers are not Rockstars

  135. Maintainers are just extra-early adopters

  136. MAINTAINER EARLY ADOPTER

  137. MAINTAINER EARLY ADOPTER soap for ruby

  138. MAINTAINER EARLY ADOPTER soap for ruby No results found

  139. MAINTAINER EARLY ADOPTER

  140. MAINTAINER EARLY ADOPTER

  141. MAINTAINER EARLY ADOPTER

  142. MAINTAINER EARLY ADOPTER soap for ruby

  143. MAINTAINER EARLY ADOPTER soap for ruby 1. soapy-ruby gem

  144. MAINTAINER EARLY ADOPTER

  145. MAINTAINER EARLY ADOPTER

  146. MAINTAINER EARLY ADOPTER

  147. MAINTAINER EARLY ADOPTER

  148. MAINTAINER EARLY ADOPTER

  149. MAINTAINER EARLY ADOPTER

  150. SCRATCHING AN ITCH

  151. SCRATCHING AN ITCH

  152. SCRATCHING AN ITCH

  153. SCRATCHING AN ITCH

  154. SCRATCHING AN ITCH

  155. SCRATCHING AN ITCH

  156. SCRATCHING AN ITCH

  157. MAINTAINER EARLY ADOPTER

  158. MAINTAINER hey, let's own this together! EARLY ADOPTER

  159. MAINTAINER hey, let's own this together! EARLY ADOPTER wow, me?

    let's do this!
  160. MAINTAINER EARLY ADOPTER

  161. MAINTAINER hey, let's make you a committer! EARLY ADOPTER

  162. MAINTAINER hey, let's make you a committer! EARLY ADOPTER awesome,

    i will help sometimes!
  163. MAINTAINER EARLY ADOPTER

  164. MAINTAINER hey, let's never communicate again! EARLY ADOPTER

  165. MAINTAINER hey, let's never communicate again! EARLY ADOPTER sounds good,

    bye forever!
  166. MAINTAINER hey, let's never communicate again! EARLY ADOPTER

  167. Why don't maintainers just share control?

  168. time happiness

  169. time happiness

  170. time happiness

  171. time happiness

  172. time happiness

  173. Late adopters will disabuse them of this happiness

  174. MAINTAINER LATE ADOPTER

  175. MAINTAINER LATE ADOPTER 0 commits this week

  176. MAINTAINER LATE ADOPTER 0 commits this week

  177. MAINTAINER LATE ADOPTER 0 commits this week

  178. MAINTAINER LATE ADOPTER 0 commits this week

  179. MAINTAINER LATE ADOPTER 0 commits this week

  180. MAINTAINER LATE ADOPTER 0 commits this week

  181. MAINTAINER no recent commits? sounds stable! LATE ADOPTER 0 commits

    this week
  182. MAINTAINER LATE ADOPTER 800 stars? sounds safe! 0 commits this

    week
  183. MAINTAINER LATE ADOPTER open source? sounds free! 0 commits this

    week
  184. maintainer' s needs

  185. maintainer & early adopters' needs

  186. None
  187. user needs

  188. user needs a negotiation

  189. Literally, like, two days later

  190. MAINTAINER LATE ADOPTER

  191. MAINTAINER LATE ADOPTER

  192. MAINTAINER what?! it doesn't [enterprise] my [enterprise] at all! LATE

    ADOPTER
  193. MAINTAINER LATE ADOPTER how could they ignore such an important

    use case?!
  194. None
  195. None
  196. None
  197. None
  198. None
  199. None
  200. None
  201. None
  202. None
  203. time happiness

  204. time happiness

  205. time happiness

  206. Late adopters expect more niche features than early adopters

  207. Late adopters make better customers than users

  208. Late adopters make better customers than users

  209. Late adopters make better customers than users Dual-license

  210. Late adopters make better customers than users Dual-license "Pro™" features

  211. Late adopters make better customers than users Dual-license "Pro™" features

    Paid support
  212. Late adopters make better customers than users Dual-license "Pro™" features

    Paid support ¯\_(π)_/¯
  213. Maintainers should feel free to say "No"

  214. None
  215. MAINTAINER TROLLS

  216. [HATE] MAINTAINER TROLLS

  217. plz stahp [HATE] MAINTAINER TROLLS

  218. plz stahp [THREATS] MAINTAINER TROLLS

  219. woah! not cool! [THREATS] MAINTAINER TROLLS

  220. woah! not cool! [REDACTED] MAINTAINER TROLLS

  221. (›°□°ʣ›ớ ᵲᴸᵲ [REDACTED] MAINTAINER TROLLS

  222. None
  223. None
  224. None
  225. ASYMMETRIC POWER maintainer users

  226. ASYMMETRIC POWER maintainer users

  227. ASYMMETRIC POWER maintainer users

  228. ASYMMETRIC POWER maintainer users

  229. ASYMMETRIC POWER maintainer users

  230. ASYMMETRIC POWER maintainer users

  231. None
  232. time happiness

  233. time happiness

  234. MAINTAINER ANYBODY

  235. MAINTAINER i'm burnt out can someone help me maintain this?

    ANYBODY
  236. hello? MAINTAINER ANYBODY

  237. anybody? MAINTAINER ANYBODY

  238. time happiness

  239. time happiness

  240. No Maintainer is Forever

  241. None
  242. <_why disappears>

  243. What if there were an app for this?

  244. PRO %QPPGEVVQ5GTXKEGU 4WD[)GOU )KVJWD UGVWR

  245. ;QWT2TQLGEVU NKPGOCPLUNKPGOCP ;'5 ;'5 01 01 UGCTNULCUOKPGTCKNU ;'5 01 VGUVFQWDNGRTGUGPV

    0GGF*GNR!
  246. 2TQLGEVU;QW7UG UGCTNULCUOKPGTCKNU OKMGCNTGSWGUV npm %QPVCEV %QPVCEV 1HHGT*GNR

  247. None
  248. $GPGHKEKCTKGU VMCWHOCP DMGGRGTU npm npm 4GOQXG 4GOQXG +HCHVGTFC[U[QWFQPQVTGURQPFVQCEJGEMKPGOCKN[QWT TGRQUKVQTKGU QYPGTUJKRYKNNDGVTCPUHGTTGFVQVJGUGRGQRNG

  249. 61UGCTNU 57$,'%6%JGEMKP *KUGCTNU  2NGCUGXGTKH[[QW TGUVKNNCDNGVQ OCKPVCKP[QWTQRGPUQWTEGD[ TGRN[KPIVQVJKUGOCKNQTENKEMKPI VJKUNKPM

  250. I like to call this app:

  251. I like to call this app: SomebodyPleaseMakeThis

  252. I like to call this app: SomebodyPleaseMakeThis.io

  253. What about the ☁️?

  254. None
  255. Can any centralized service be open?

  256. I ask, because most open source infrastructure is centralized

  257. What if RubyGems disappears?

  258. What if npm fails and loses a month of backups?

  259. What might a decentralized dependency service look like?

  260. None
  261. OH NO! GITHUB WENT DOWN!

  262. None
  263. GOOD THING THAT' S ALL WE USE GITHUB FOR!

  264. None
  265. None
  266. None
  267. None
  268. None
  269. How can we connect numerous services while avoiding single points

    of failure?
  270. None
  271. None
  272. Open Source requires adoption

  273. Adoption requires trust

  274. None
  275. explicit trust

  276. explicit trust implicit trust

  277. How do we get people to trust us?

  278. Marketing!

  279. Consider Linus Torvalds' 1991 announcement of Linux

  280. None
  281. No Catchy Name!

  282. No Catchy Name! Self deprecation!

  283. No Catchy Name! Self deprecation! Off-message!

  284. Linux wouldn't have made the front page of Hacker News!

  285. None
  286. Logo!

  287. Logo! Web-site stuff!

  288. Logo! Foundation Affiliation! Web-site stuff!

  289. More dependencies means less time to vet them

  290. None
  291. Quick intro!

  292. Quick intro! Easy steps!

  293. Quick intro! Easy steps! Mostly green badges!

  294. It's an arms race %

  295. None
  296. gradients!

  297. gradients! Authoritative Tagline!

  298. gradients! One-liner! Authoritative Tagline!

  299. gradients! 1000 things! One-liner! Authoritative Tagline!

  300. Optimized for adoption

  301. Optimized for adoption

  302. Optimized for adoption

  303. Optimized for adoption

  304. Optimized for adoption

  305. Optimized for adoption

  306. Optimized for adoption

  307. Who's got time to vet transitive dependencies?

  308. The more people you trust, the more people you don't

    realize you trust
  309. Recognize when projects are marketing to you

  310. Open Security

  311. You can do worse than security through obscurity

  312. "Open source code is accessible to everyone!"

  313. "Open source code is accessible to everyone!"

  314. WHO READS THE SOURCE?

  315. WHO READS THE SOURCE? People who claim to

  316. WHO READS THE SOURCE? People who claim to People who

    actually do
  317. WHO READS THE SOURCE? People who fork

  318. WHO READS THE SOURCE? People who fork Forkers who do

    anything
  319. WHO READS THE SOURCE? People with Commit rights

  320. WHO READS THE SOURCE? People with Commit rights Committers

  321. WHO READS THE SOURCE? People that send a pull request

  322. WHO READS THE SOURCE? People that send a pull request

    Not just drive-by PRs
  323. WHO READS THE SOURCE? People hunting for exploits

  324. WHO READS THE SOURCE? People hunting for exploits

  325. /bin/bash

  326. None
  327. Global variables everywhere extern int posixly_correct; extern int line_number, line_number_base;

    extern int subshell_environment, indirection_level; extern int build_version, patch_level; extern int expanding_redir; extern int last_command_exit_value; extern char *dist_version, *release_status; extern char *shell_name; extern char *primary_prompt, *secondary_prompt; extern char *current_host_name; extern sh_builtin_func_t *this_shell_builtin; extern SHELL_VAR *this_shell_function; extern char *the_printed_command_except_trap; extern char *this_command_name; extern char *command_execution_string; extern time_t shell_start_time; extern int assigning_in_environment; extern int executing_builtin; extern int funcnest_max;
  328. Side-effects everywhere static void create_variable_tables ()

  329. The vulnerable function for (string_index = 0; string = env[string_index++];

    ) { char_index = 0; name = string; while ((c = *string++) && c != '=') ; if (string[-1] == '=') char_index = string - name - 1; /* If there are weird things in the environment, like `=xxx' or a string without an `=', just skip them. */ if (char_index == 0) continue; /* ASSERT(name[char_index] == '=') */ name[char_index] = '\0'; /* Now, name = env variable name, string = env variable value, and char_index == strlen (name) */ temp_var = (SHELL_VAR *)NULL; /* If exported function, define it now. Don't import functions from the environment in privileged mode. */ if (privmode == 0 && read_but_dont_execute == 0 && STREQN ("() {", string, 4)) {
  330. The vulnerable function for (string_index = 0; string = env[string_index++];

    ) {
  331. As a rubyist I don't spend a lot of time

    with for loops, but...
  332. The vulnerable function for (string_index = 0; string = env[string_index++];

    ) {
  333. The vulnerable function for (i = 0; env[i] != NULL;

    i++) {
  334. "The solution is not...proprietary software—the solution is to put energy

    and resources into auditing and improving free programs." - Free Software Foundation
  335. Who wants to audit the quality of code that literally

    everyone depends on?
  336. None
  337. popular adoption

  338. popular adoption importance of audit

  339. popular adoption importance of audit motivation to audit

  340. Tragedy of the Commons:

  341. Tragedy of the Commons: It's nobody's problem until it's everybody's

    problem
  342. text text text text text

  343. Don't let your business believe open source is a free

    lunch
  344. None
  345. None
  346. THESE STICK FIGURES WERE A LIE

  347. How we communicate

  348. How we communicate

  349. How we communicate

  350. How we communicate

  351. How we communicate Asynchronous text

  352. We are no more than:

  353. We are no more than: an avatar

  354. We are no more than: a user @name an avatar

  355. We are no more than: a user @name an avatar

    some emoji 78
  356. We are no more than: a user @name an avatar

    some emoji 78 text on a screen
  357. In open source, no one can hear you scream

  358. In open source, no one can hear you scream (And

    that's a problem.)
  359. None
  360. UNCERTAINTY?

  361. AMBIGUITY?

  362. DISAGREEMENT?

  363. SIMMERING DISDAIN?

  364. SIMMERING DISDAIN?

  365. SIMMERING DISDAIN?

  366. SIMMERING DISDAIN?

  367. SIMMERING DISDAIN?

  368. SIMMERING DISDAIN?

  369. This strategy can be great troll repellant

  370. What if we could do this:

  371. What if we could do this:

  372. What if we could do this:

  373. What if we could do this:

  374. What if we could do this:

  375. What does the future hold?

  376. progress awfulness

  377. progress awfulness we are here

  378. progress awfulness we are here

  379. progress awfulness we are here what happens here?

  380. Extrapolating from our culture of dependence

  381. None
  382. None
  383. None
  384. time high level low level Innovation ' s

  385. time high level low level Innovation ' s

  386. time high level low level Innovation ' s

  387. time high level low level Innovation ' s

  388. time high level low level Innovation ' s

  389. time high level low level Innovation ' s

  390. time high level low level Today' s dependency "culture" Innovation

    ' s
  391. time high level low level Today' s dependency "culture" Innovation

    ' s
  392. time high level low level Today' s dependency "culture" How

    will it translate? Innovation ' s
  393. Systems programmers tend to be conservative, cautious

  394. None
  395. Isolated from innovation

  396. Isolated from innovation curmudgeonly disposition

  397. curmudgeonly disposition Accidental cautiousness

  398. Accidental cautiousness Intentional cautiousness

  399. Embedded & real-time failures may have grave consequences

  400. high level low level

  401. high level low level HealthCare.gov

  402. high level low level HealthCare.gov

  403. high level low level HealthCare.gov

  404. Adopting a dependency outsources our understanding of how to do

    something
  405. Dependency Our app

  406. Dependency Our app

  407. Dependency Our app Understanding debt

  408. "Understanding debt" can be paid down by iterating

  409. If iterative releases aren't possible, don't outsource understanding

  410. high level low level

  411. high level low level

  412. high level low level

  413. high level low level 5-years

  414. high level low level 5-years 30-years

  415. high level low level 5-years 30-years

  416. high level low level 5-years 30-years

  417. high level low level 5-years 30-years

  418. high level low level 5-years 30-years

  419. high level low level 5-years 30-years

  420. high level low level 5-years 30-years

  421. easy to iterate high level low level 5-years 30-years

  422. easy to iterate high level low level 5-years 30-years hard

    to iterate
  423. These concerns require deeper up-front understanding of low-level systems

  424. DEPTH OF UNDERSTANDING High level web app Low level plane

    control
  425. DEPTH OF UNDERSTANDING High level web app Low level plane

    control
  426. DEPTH OF UNDERSTANDING High level web app Low level plane

    control
  427. DEPTH OF UNDERSTANDING High level web app Low level plane

    control Needs to know how browsers work
  428. DEPTH OF UNDERSTANDING High level web app Low level plane

    control Needs to know how browsers work Needs to know how planes work
  429. DEPTH OF UNDERSTANDING High level web app Low level plane

    control Needs to know how browsers work Needs to know how planes work
  430. DEPTH OF UNDERSTANDING High level web app Low level plane

    control Needs to know how browsers work Needs to know how planes work
  431. DEPTH OF UNDERSTANDING High level web app Low level plane

    control Needs to know how browsers work Needs to know how planes work ⚠️
  432. DEPTH OF UNDERSTANDING High level web app Low level plane

    control Needs to know how browsers work Needs to know how planes work
  433. "Modern" tooling is a product of high-level web development

  434. time Innovation ' s high level low level

  435. time Today' s perspective Innovation ' s high level low

    level
  436. time Today' s perspective Innovation ' s high level low

    level
  437. time Innovation ' s high level low level

  438. time Innovation ' s New, broader perspective high level low

    level
  439. Systems innovations may reciprocate some cautiousness & understanding

  440. None
  441. Open Source can be better!

  442. !:;

  443. !<=

  444. %>

  445. %> %?

  446. %> %? %4

  447. %> %? %4 @A

  448. &'(

  449. &'( &'

  450. &'( &' &'

  451. My name is Justin Searls Please tweet me @searls &

    Say hello@testdouble.com
  452. Please say hello if your team could use our team's

    help B
  453. Like everyone, we're hiring! Just join@testdouble.com

  454. Find me during a break to chat or to grab

    a sticker!
  455. My name is Justin Searls Please tweet me @searls &

    Say hello@testdouble.com
  456. Attribution: Lock designed by Sam Smith from the thenounproject.com Shower

    Curtain designed by Rohan Gupta from the thenounproject.com Campfire designed by VALÈRE DAYAN from the thenounproject.com Stand designed by Evan Travelstead from the thenounproject.com Shopping Cart designed by Renee Ramsey-Passmore from the thenounproject.com Milk designed by Jeff Seevers from the thenounproject.com Milk designed by NAS from the thenounproject.com Breakfast designed by Konrad Michalik from the thenounproject.com Tablet designed by Pham Thi Dieu Linh from the thenounproject.com Can designed by Blaise Sewell from the thenounproject.com Door designed by Olaus Linn from the thenounproject.com Door designed by Sebastian Langer from the thenounproject.com Box designed by David Waschbüsch from the thenounproject.com Tomato designed by Nana Faisal from the thenounproject.com Keyboard designed by misirlou from the thenounproject.com Computer designed by Edward Boatman from the thenounproject.com Hammer designed by John Caserta from the thenounproject.com Star designed by Edward Boatman from the thenounproject.com Puzzle Piece designed by Roberto Chiaveri from the thenounproject.com Mail designed by Anas Ramadan from the thenounproject.com Text designed by Christopher Holm-Hansen from the thenounproject.com Phone designed by Tom Walsh from the thenounproject.com Video designed by useiconic.com from the thenounproject.com Cocktail designed by Okan Benn from the thenounproject.com Laptop designed by Olivier Guin from the thenounproject.com Laptop designed by Michael Loupos from the thenounproject.com Airplane designed by Andrew Fortnum from the thenounproject.com Coupon designed by Scott Lewis from the thenounproject.com Database designed by Shmidt Sergey from the thenounproject.com Microchip designed by Martin Vanco from the thenounproject.com Speedometer designed by Olly Banham from the thenounproject.com