• 乇ㄥ乇¢ㄒ尺ㄖ
    link
    fedilink
    228 months ago

    second, because there is no one else to pass the project to.

    If I ever maintain a FOSS Project this one will be one of the things I need to figure out along the way, surely there’s someone trustworthy out there, surely

    • lemmyvore
      link
      fedilink
      English
      428 months ago

      But why take a chance? It’s easy for anybody who’s truly interested to fork it, and if you’re calling it a day it’s all the same to you.

      The problem with endorsing someone else is that they inherit all the clout without having put their time in. Let them prove themselves.

      • 乇ㄥ乇¢ㄒ尺ㄖ
        link
        fedilink
        12
        edit-2
        8 months ago

        But why take a chance?

        This could be a simple answer as : I don’t wanna cause inconveniences to my users to a more complexe one such as… umm, ideological reasons… I don’t want to see a project I started get archived or taken down…

        Let them prove themselves.

        It’s a requirement…

        to me finding mainteners is part of what makes a FOSS project successful

        • @[email protected]
          link
          fedilink
          68 months ago

          As I see it, there are 3 options.

          Allow forks and let community sort itself.

          Pass on to someone trusted, that ideally has been part of the project for a long time, or even the start.

          Have a fork that is officially endorsed.

          Depending on the software, different approaches may be appropriate. For something like this with VPN, I would want the fork to be vetted by the community before trusting it. If the original owner endorsed one, id probably update to it quickly but keep an eye on the community.

          If it was something with less security risk, id probably move quicker if features were added I like. With something like this, with higher risk, id be assessing forks and alternatives equally.

    • @SzethFriendOfNimi
      link
      17
      edit-2
      8 months ago

      Lesson learned from the whole XZ thing. Anything related to security does run the risk of nation state actors abusing trust. Makes it hard to do right

      • 乇ㄥ乇¢ㄒ尺ㄖ
        link
        fedilink
        48 months ago

        Indeed, or buying-off other maintainers and making them turn against you 👀, it’s crazy world we live in and everything goes