Open Source is one person

(opensourcesecurity.io)

433 points LawnGnome | 1 comments | 28 Aug 25 01:54 UTC | HN request time: 0.001s | source

Show context

vitonsky ◴[28 Aug 25 11:38 UTC] No.45050932[source]▶

Huh, I just checked stats on ecosyste.ms

It looks they consider as maintainer only those people who listed on package.json, not a real number of contributors on github or anything.

So all conclusions in this post is based on wrong assumption and incorrect data interpretation. That's all you need to know about it.

I think you could list random people on github in your package.json to looks cool in eyes of stats cultists.

replies(2): >>45051042 #>>45054486 #

msgodel ◴[28 Aug 25 17:02 UTC] No.45054486[source]▶

>>45050932 #

Maintainers and contributors have overlapping but subtly different responsibilities AFAIK.

Maintainers are the ones responsible in the end for the state of the repo while contributors suggest changes.

replies(1): >>45054727 #

1. vitonsky ◴[28 Aug 25 17:25 UTC] No.45054727[source]▶

>>45054486 #

I have couple open source NPM packages I develop together with other developers. In some of this packages I have less than 50% contributions in code. But I listed as contributor on NPM, just because I found this packages and did not update contributors list a long time.

So definitions does not matter when stats that author refers, does not include a developers who own over 50% code in repo, but includes me as contributor.

That's widely known problem of programmers to believe that world is perfect and all data are always actual. Actually it won't.

↑