(opensourcesecurity.io)

433 points LawnGnome | 1 comments | 28 Aug 25 01:54 UTC | HN request time: 0s | source

Show context

blueflow ◴[28 Aug 25 09:58 UTC] No.45050331[source]▶

>>45047460 (OP) #

If they had done an activity check they would have seen that half of all projects have zero maintainers.

replies(1): >>45051284 #

ysofunny ◴[28 Aug 25 12:21 UTC] No.45051284[source]▶

>>45050331 #

software once "perfected" (working well enough long enough) needs NO maintenance. No cleaning. No calibrating/tunning.

updating is a systemic issue, not a per-project matter

replies(8): >>45051346 #>>45051557 #>>45052779 #>>45053610 #>>45053967 #>>45055423 #>>45056222 #>>45057634 #

blueflow ◴[28 Aug 25 12:29 UTC] No.45051346[source]▶

>>45051284 #

Maybe we need a Linux distro based on "inactive" software and look how reliably it performs.

replies(2): >>45051400 #>>45051997 #

1. BirAdam ◴[28 Aug 25 12:36 UTC] No.45051400[source]▶

>>45051346 #

s/inactive/stable/

Well, when you talk about a distribution there's a different issue.

The entire Linux ecosystem is constantly shifting with each package releasing new versions, and therefore everything else must be updated to accommodate the changes in the dependency tree.

You could get away with some stuff being only stable versions, but things like mesa, x11, chrome, etc... would still be constantly changing as would their dependency trees.

↑

Open Source is one person