←back to thread

Open Source is one person

(opensourcesecurity.io)
433 points LawnGnome | 1 comments | 28 Aug 25 01:54 UTC | HN request time: 0.206s | source
Show context
ivanjermakov ◴[28 Aug 25 16:27 UTC] No.45054096[source]
Too bad the notion of completed/finished/done software is very weak. In theory, there it nothing wrong with an OSS project made by one person.

I would like to see the LOC these one-person projects with >1M downloads have. I suspect most of these are a simple Node/browser/OS API single-file wrappers that are simple to get right and treat it as complete.

At the same time such projects are easy to verify upon adding as dependency. Lately, I've just copy-pasted relevant parts of a library to my project because adding it as a dependency has a cost. I doubt this is a common practice though, especially in NPM land.

replies(2): >>45057980 #>>45074853 #
1. sgbeal ◴[30 Aug 25 14:12 UTC] No.45074853[source]
> Too bad the notion of completed/finished/done software is very weak.

FWLIW, this simple definition suffices for me: software is complete insofar as it requires no changes to do what its maintainers would like to do with it at the current point in time.

"Complete" software frequently changes to "incomplete" as the desires of the maintainer(s) change(s), and may just as quickly revert to "complete" as changes are made.

This definition does not consider the desires of non-maintainers because there's _always_ at least one such person who wants a given pieces of software to do their one weird thing (which the maintainer(s) will not ever add).