Open Source is one person

(opensourcesecurity.io)

433 points LawnGnome | 1 comments | 28 Aug 25 01:54 UTC | HN request time: 0.213s | source

Show context

speakingmoistly ◴[28 Aug 25 04:46 UTC] No.45048465[source]▶

[Relevant xkcd.](https://xkcd.com/2347/)

It's interesting to see the periodic rediscovery of "capitalism + technology relies on unpaid, voluntary labour", or as the author puts it, "Open source, the thing that drives the world, the thing Harvard says has an economic value of 8.8 trillion dollars".

The one flaw that I see in the author's analysis though is that they don't seem to account for whether the packages accounted for by their source have dependents or monthly downloads. There's *a lot* of dead code out there. When excluding abandoned packages, I bet the picture is still grim, but it might be less so.

replies(4): >>45050706 #>>45052465 #>>45052716 #>>45055153 #

sorrythanks ◴[28 Aug 25 11:04 UTC] No.45050706[source]▶

>>45048465 #

half way down the page:

> So now, let’s look at the number of maintainers for projects with over 1 million downloads this month.

replies(1): >>45051654 #

1. speakingmoistly ◴[28 Aug 25 13:00 UTC] No.45051654[source]▶

>>45050706 #

Fair point, I glossed over that part a bit fast.

It does go in the direction I thought it would though. I'd be curious to see (or to take) a look a little deeper at what those thousand of packages are.

↑