Most active commenters
  • berkes(4)
  • matheusmoreira(4)
  • int_19h(3)
  • matkoniecz(3)

←back to thread

Mozilla Firefox – Official GitHub repo

(github.com)
848 points thefilmore | 26 comments | 13 May 25 05:23 UTC | HN request time: 2.209s | source | bottom
Show context
floriangosse ◴[13 May 25 06:55 UTC] No.43970232[source]
I think it's actually an understandable strategical move from Mozilla. They might loose some income from Google and probably have to cut the staff. But to keep the development of Firefox running they want to involve more people from the community and GitHub is the tool that brings most visibility on the market right now and is known by many developers. So the hurdle getting involved is much lower.

I think you can dislike the general move to a service like GitHub instead of GitLab (or something else). But I think we all benefit from the fact that Firefox's development continues and that we have a competing engine on the market.

replies(6): >>43970680 #>>43971628 #>>43971800 #>>43972174 #>>43972919 #>>43983811 #
fhd2 ◴[13 May 25 08:14 UTC] No.43970680[source]
In my experience, most contributors who are deterred from contributing because they can't use GitHub aren't particularly valuable contributors. I'm sure there's exceptions, but I haven't seen any for non-trivial open source projects I've been involved in. I might even argue that it could be good to have a slightly higher bar to deter low quality one time contributors.
replies(11): >>43970739 #>>43970819 #>>43970821 #>>43970824 #>>43970955 #>>43971022 #>>43971133 #>>43971148 #>>43971264 #>>43971283 #>>43971354 #
1. berkes ◴[13 May 25 08:24 UTC] No.43970739[source]
You just showed the poster-child of gatekeeping that is harming Open Source.

Every contributor is valuable, it's in the name, the definition of "contribute".

Any bar to entry is bad, it certainly never is the solution to a different problem (not being able to manage all contributions). If anything, in the longer run, it will only make it worse.

Now, to be clear, while I do think GitHub is currently the "solution" to lower barriers, allow more people to contribute and as such improve your Open Source Project, the fact this is so, is a different and other problem - there isn't any good alternative to Github (with broad definitions of "good") why is that and what can we do to fix that, if at all?

replies(4): >>43970756 #>>43970880 #>>43971139 #>>43971646 #
2. sneak ◴[13 May 25 08:26 UTC] No.43970756[source]
Not all PRs are created equal.
replies(2): >>43970831 #>>43971082 #
3. berkes ◴[13 May 25 08:39 UTC] No.43970831[source]
And that is good.

Diversity, here too, is of crucial importance. It's why some Open Source software has sublime documentation and impeccible translations, while the other is technically perfect but undecipherable. It's why some Open Source software has cute logos or appeals to professionals, while the other remains this hobby-project that no-one ever takes serious despite its' technical brilliance.

4. int_19h ◴[13 May 25 08:47 UTC] No.43970880[source]
This is just blatantly wrong on so many levels.

Proposed contributions can in fact have negative value, if the contributor implements some feature or bug fix in a way that makes it more difficult to maintain in the long term or introduces bugs in other code.

And even if such contribution is ultimately rejected, someone knowledgeable has to spend time and effort reviewing such code first - time and effort that could have been spend on another, more useful PR.

replies(5): >>43971030 #>>43971106 #>>43971168 #>>43971533 #>>43983703 #
5. nicman23 ◴[13 May 25 09:13 UTC] No.43971030[source]
lol go closed then
6. myfonj ◴[13 May 25 09:21 UTC] No.43971082[source]
Also don't forget that not all contributions are done through PRs or are actual code changes. There are folks that do tests, make MREs, organise issue reports, participate in forums … they all are also contributing: their time and efforts.
7. ◴[13 May 25 09:24 UTC] No.43971106[source]
8. fhd2 ◴[13 May 25 09:29 UTC] No.43971139[source]
In spirit, I agree.

In practice, if you get dozens of PRs from people who clearly did it to bolster up their CV, because their professor asked them or something like that, it just takes a toll. It's more effort than writing the same code yourself. Of course I love to mentor people, if I have the capacity. But a good chunk of the GitHub contributions I've worked on were pretty careless, not even tested, that kind of thing. I haven't done the maintainer job in a while, I'm pretty terrified by the idea of what effect the advent of vibe coding had on PR quality.

I feel pretty smug the way I'm talking about "PR quality", but if the volume of PRs that take a lot of effort to review and merge is high enough, it can be pretty daunting. From a maintainer perspective, the best thing to have are thoughtful people that genuinely use and like the software and want to make it better with a few contributions. That is unfortunately, in my experience, not the most common case, especially on GitHub.

replies(1): >>43971529 #
9. lpln3452 ◴[13 May 25 09:33 UTC] No.43971168[source]
This isn't a platform issue — it's a problem with the PR system, and arguably with open source itself. If you're unwilling to spend time on anything beyond writing code, maybe keep the project closed-source.
replies(1): >>43971220 #
10. majewsky ◴[13 May 25 09:45 UTC] No.43971220{3}[source]
Or, more obviously, make it open-source, and make a big fat note in the README of "I will not accept PRs, this repo is just for your consumption, fork it if you want to change it".
replies(1): >>43971664 #
11. arp242 ◴[13 May 25 10:46 UTC] No.43971529[source]
In my experience low-quality PRs aren't that common, but I do agree dealing with them is annoying. You can't just tell people to go away because they did spend their spare time on it. On the other hand it's also garbage. Sometimes it's garbage by people who really ought to know better. IMHO low-quality issues are the bigger problem by the way, a problem that existed well before GitHub.

But I just don't see how GitHub or a PR-style workflow relates. Like I said in my own reply: I think it's just because you'll receive less contributions overall. That's a completely fair and reasonable trade-off to make, as long as you realise that is the trade-off you're making.

12. dgb23 ◴[13 May 25 10:47 UTC] No.43971533[source]
It's not wrong, it's just based on the assumption that the projects wants contributors.

Quite obviously, any incidental friction makes this ever so slightly harder or less likely. Good contributions don't necessarily or only come from people who are already determined from the get go. Many might just want to dabble at first, or they are just casually browsing and see something that catches their attention.

Every projects needs some form of gatekeeping at some level. But it's unclear to me whether the solution is to avoid platforms with high visibility and tools that are very common and familiar. You probably need a more sophisticated and granular filter than that.

replies(1): >>43973215 #
13. matkoniecz ◴[13 May 25 11:12 UTC] No.43971646[source]
> Every contributor is valuable, it's in the name, the definition of "contribute".

No. I definitely seen people who created multitude of misleading bug reports, flood of stupid feature requests. I personally did a bit of both.

There are people who do both repetitively, fill issue reports without filling requested fields. Or open issue again when their previous report was closed.

I got once bug report where someone was ranting that app is breaking data. Turned out (after wasting my time on investigating it) that user broke data on their own with different software, through its misuse.

There were PRs adding backdoors. This is not a valuable contribution.

There were PRs done to foment useless harmful political mess.

Some people pretend to be multiple people and argue with themselves in pull requests or issues (using multiple accounts or in more bizarre cases using one). Or try to be listed multiple times as contributor.

Some people try to sneak in some intentionally harmful content one way or another.

Some contributors are NOT valuable. Some should be banned or educated (see https://www.chiark.greenend.org.uk/~sgtatham/bugs.html ).

replies(1): >>43982086 #
14. int_19h ◴[13 May 25 11:17 UTC] No.43971664{4}[source]
It's not a binary. Many projects do want PRs, but it doesn't mean they have to accept any random PR, or fawn over every contributor who creates an obviously low-effort one. It's perfectly fine to "gatekeep" on quality matters, and that does mean acknowledging the fact that not all contributors are equally valuable.
replies(1): >>43973445 #
15. skydhash ◴[13 May 25 14:14 UTC] No.43973215{3}[source]
> Many might just want to dabble at first, or they are just casually browsing and see something that catches their attention.

You can easily craft an email for that. No need to create a full PR.

replies(1): >>43973714 #
16. matheusmoreira ◴[13 May 25 14:35 UTC] No.43973445{5}[source]
> fawn over every contributor who creates an obviously low-effort one

It's that sense of superiority that pisses me off.

Many maintainers condescendingly reply "contributions welcome" in response to user complaints. People like that had better accept whatever they get. They could have easily done it themselves in all their "high quality" ways. They could have said "I don't have time for this" or even "I don't want to work on this". No, they went and challenged people to contribute instead. Then when they get what they wanted they suddenly decide they don't want it anymore? Bullshit.

You're making the assumption that these are "high quality" projects, that someone poured their very soul into every single line of code in the repository. Chances are it's just someone else's own low effort implementation. Maybe someone else's hobby project. Maybe it's some legacy stuff that's too useful to delete but too complex to fully rewrite. When you dive in, you discover that "doing it properly" very well means putting way too much effort into paying off the technical debts of others. So who's signing up to do that for ungrateful maintainers for free? Who wants to risk doing all that work only to end up ignored and rejected? Lol.

Just slap things together until they work. As long as your problem's fixed, it's fine. It's not your baby you're taking care of. They should be grateful you even sent the patches in. If they don't like it, just keep your commits and rebase, maybe make a custom package that overrides the official one from the Linux distribution. No need to worry about it, after all your version's fixed and theirs isn't. Best part is this tends to get these maintainers to wake up and "properly" implement things on their side... Which is exactly what users wanted in the first place! Wow!

replies(3): >>43973820 #>>43976343 #>>43977035 #
17. LegionMammal978 ◴[13 May 25 15:00 UTC] No.43973714{4}[source]
"Crafting an email" in the format required by many email-based projects is hardly easy for the average user, who's most likely using a webmail service that does not have much control over line wrapping and the like. Accepting patches in attachments (instead of the email body) helps with this, but naive users can still easily get caught by using HTML email, which many project maintainers love to performatively turn up their noses at.
18. majewsky ◴[13 May 25 15:11 UTC] No.43973820{6}[source]
> People like that had better accept whatever they get.

FOSS maintainers are not a unified mind. The people who go "contributions welcome" and "#hacktoberfest" are somewhere near one end of the spectrum, and the folks dealing with low-effort contributions are somewhere near the other end of the spectrum.

replies(1): >>43973918 #
19. matheusmoreira ◴[13 May 25 15:20 UTC] No.43973918{7}[source]
Of course not. That's why I singled out a very specific kind of maintainer: the type who thinks himself superior to users even when they engage at their level. Guys so good they can't be bothered to do it themselves but complain when others do it.

Good maintainers may be firm but they are always nice and grateful, and they treat people as their equals. They don't beg others for their time and effort. If they do, they don't gratuitously shit on people when they get the results. They work with contributors in order to get their work reviewed, revised and merged. They might even just merge it as-is, it can always be refactored afterwards.

That's hard to do and that's why doing it makes them good maintainers. Telling people their "contributions are welcome" only to not welcome their contributions when they do come is the real "low effort".

20. matkoniecz ◴[13 May 25 18:54 UTC] No.43976343{6}[source]
> People like that had better accept whatever they get.

no, I am not obligated to merge badly written PRs introducing bugs just because I had no time to implement the feature myself

replies(1): >>43979900 #
21. int_19h ◴[13 May 25 19:59 UTC] No.43977035{6}[source]
> Just slap things together until they work. As long as your problem's fixed, it's fine. It's not your baby you're taking care of. They should be grateful you even sent the patches in.

Thank you for a clear and concise illustration of why some contributions are really not welcome.

Just about the only thing I will agree with you on is that projects should indeed make it clear what the bar for the proper contribution is. This doesn't mean never saying "contributions are welcome", if they are indeed welcome - it's still the expectation for whoever is contributing to do the bare minimum to locate those requirements (e.g. by actually, you know, reading CONTRIBUTING.md in the root of the repo before opening a PR - which many people do not.)

replies(1): >>43979854 #
22. matheusmoreira ◴[14 May 25 01:45 UTC] No.43979854{7}[source]
Making things clear and being honest about the scope and status of the project is always a good thing.

Dismissing users making feature requests and reporting bugs with a "PRs welcome" cliche is quite disrespectful and very much a sign of a superior attitude.

23. matheusmoreira ◴[14 May 25 01:53 UTC] No.43979900{7}[source]
Let all those "bad PRs" with useful features and fixes accumulate at your own peril. You might wake up one day and find you're not upstream anymore because someone else has merged them all into a fork. I've seen it happen.
replies(1): >>43996941 #
24. berkes ◴[14 May 25 08:02 UTC] No.43982086[source]
This can be categorized as "spam".

Fighting spam isn't done by using unfamiliar tech, but by actually fighting the spam.

With good contributor guidelines, workflows, filters, etc.

Contributions that don't adhere to the guidelines, or cannot fit in the workflow can be dismissed or handed back.

Two random examples of things I came across in PRS recently:

"Sorry, this isn't on our roadmap and we only work on issues related to the roadmap as per the CONTRIBUTION-GUIDELINES.md and the ROADMAP.md"

"Before we can consider your work, please ensure all CI/CD passes, and the coding style is according to our guidelines. Once you have fixed this, please re-open this ticket"

That is fine, a solved problem.

Using high barrier tech won't keep intentionally harmful contributions away. It won't prevent political mess or flamewars. It won't keep ranters away. It won't help with contributors feelings of rejection and so on. Good review procedures with enough resources, help prevent harmful changes. Guidelines and codes of conduct and resources and tech to enforce, help against rants, bullying or flamewars, not "hg vs git". Good up-front communication on expectation is the solution to people demanding or making changes that can never be accepted.

25. berkes ◴[14 May 25 12:28 UTC] No.43983703[source]
It is not wrong.

For one, it's semantic: It's only a contribution if it adds value to a project.

What you probably mean is that "not everything handed to us is a contribution". And that's valid: There will be a lot of issues, code, discussions, ideas, and what more that substract, or have negative value. One can call this "spam".

So, the problem to solve, is to avoid the "spam" and allow the contributions. Or, if you disagree with the semantics, avoid the "negative value contributions" and "allow the positive value contributions".

A part of that solution is technical: filters, bots, tools, CI/CD, etc. Many of which github doesn't offer, BTW. A big part is social and process: guidelines, expectations, codes-of-conduct, etc. I've worked in some Open Source projects where the barriers to entry where really high, with endorsements, red-tape, sign-offs, wavers, proof-of-conducts etc. And a large part is simply inevitable "resources". It takes resources to manage the incoming stuff, enforce the above, communicate it, forever, etc.

If someone isn't willing to commit these resources, or cannot, then, ultimately, the right choice to make is to simply not allow contributions - it can still be open source, just won't take input. Like e.g. sqlite.

26. matkoniecz ◴[15 May 25 16:56 UTC] No.43996941{8}[source]
You seem to assume that in all cases such situation would be a problem.

In fact it not always is a problem. For some I would love if someone else would maintain it, for some fork is friendly and has a bit different purpose and so on.