Does open source need its own Priority of Constituencies?
This is a modal window.
The media could not be loaded, either because the server or network failed or because the format is not supported.
Formal Metadata
| Title |
| |
| Title of Series | ||
| Number of Parts | 39 | |
| Author | ||
| Contributors | ||
| License | CC Attribution 3.0 Unported: You are free to use, adapt and copy, distribute and transmit the work or content in adapted or unchanged form for any legal purpose as long as the work is attributed to the author in the manner specified by the author or licensor. | |
| Identifiers | 10.5446/67210 (DOI) | |
| Publisher | ||
| Release Date | ||
| Language |
Content Metadata
| Subject Area | ||
| Genre | ||
| Abstract |
|
FOSS Backstage 202234 / 39
2
9
11
15
26
30
36
37
00:00
Open sourceOpen setPrincipal idealDigital signalPoint cloudElasticity (physics)Address spaceKolmogorov complexityOrder of magnitudeView (database)Data modelSoftware maintenanceInformation securitySoftwareChainSoftwareCloud computingRight angleQuicksortSpacetimeInternet service providerBridging (networking)Open sourceNP-hardVotingSoftware developerPoint cloudGroup actionDecision theorySoftware maintenanceWeb 2.0ChainWeb browserDifferent (Kate Ryan album)Self-organizationInformation securityStandard deviationNumberMultiplication signCodeComputerPresentation of a groupDegree (graph theory)MereologySystem callOSI modelInheritance (object-oriented programming)Line (geometry)Open setReal numberOvalComputer animationXML
08:04
Flow separationData modelAddress spaceOpen setPrincipal idealState of matterMobile appSoftwarePerspective (visual)QuicksortTerm (mathematics)Web 2.0BitVotingDecision theoryTheoryMereologySoftware maintenanceSoftware frameworkParity (mathematics)AuthorizationRight anglePoint cloudProjective planeImplementationText editorOnline helpWeb-DesignerOpen sourceCloud computingLevel (video gaming)Web browserCodeWeb applicationSoftware developerBuildingWorld Wide Web ConsortiumSpacetimeRevision controlInternetworkingSlide ruleCartesian coordinate system10 (number)GoogolAverageXML
16:03
Principal idealTheoryInternet service providerAreaSoftware maintenanceExpected valuePresentation of a groupMobile appRevision controlDiscrepancy theoryVotingDirection (geometry)Expert systemPatch (Unix)Consistency1 (number)Projective planeText editorRight angleWeb 2.0Open sourceImplementationGoodness of fitArithmetic meanProcess (computing)Self-organizationPosition operatorMultiplication signOrder (biology)Greatest elementData structureSoftware frameworkSoftware developerCASE <Informatik>Video gameDifferent (Kate Ryan album)System callFocus (optics)Cloud computingWorld Wide Web ConsortiumTheoryQuicksortChemical equationChainNumberShared memorySoftware testingSoftwareComputer animation
24:02
Process (computing)CuboidRevision controlRight angleSoftware bugPatch (Unix)Open sourceMultiplication signMereologyChemical equationDemosceneDifferent (Kate Ryan album)Self-organizationOrder of magnitudeSoftware developerConservation lawPoint (geometry)Direction (geometry)CodeProjective planeSoftware maintenanceInformation securityFitness functionSheaf (mathematics)NumberLine (geometry)Category of beingDegree (graph theory)Table (information)TheoryScaling (geometry)VotingGastropod shellPerspective (visual)QuicksortMathematicsSoftwareEnvelope (mathematics)Discrepancy theoryCASE <Informatik>Pairwise comparisonContext awarenessComputer configurationComputer animationMeeting/Interview
30:13
Open sourceOpen setComputer animation
Transcript: English(auto-generated)
00:04
Well, thank you so much. I'm really excited to be talking about this topic. It's a topic that is really dear to me So let's get let's get started
00:20
So there's been a lot going on around Open source for a number of years and we've seen lots of different activity in that space and lots of really interesting articles and Thinking happening that are really discussing Some of the ways that we're seeing The ecosystem and the community of all and I think one of them the first really important
00:44
Such piece of writing to me is Nadia egg balls roads and bridges That's being published now in 2017. So it's not a recent Work anymore, but I think it's it's really foundational and in re sort of like rethinking the open source ecosystem
01:02
And we've seen a lot of activity and lots of people writing really controversial pieces about Open source in the last like five or six years this is an example of a really interesting article by John mark, um, and
01:20
Just as interesting Answer to that article by Mike over by Who really talks about? How large corporations are benefiting from open source and not necessarily giving back to it And we've also seen in the open source space
01:42
Lots of people put putting Companies building open source software up against cloud providers and this is an example here We know what the subtitle is actually cloud infrastructure providers threaten the viability of open source, right and we've seen the reply from cloud providers
02:02
about these topics and concerns of Large open source vendors becoming not so open source anymore There's also been a lot of work around the ethical aspect and the ethical considerations of
02:21
Open-source And sort of like the impact that open source has on the broad broader ecosystem and users do and we've even You know, we've even seen sort of like diehard Open-source people like Bruce Prince who's at the origin of the open source?
02:41
Organization the the OSI, um and You know start Talking about the issues with open source and the fact that it's really hard for it to be funded and More recently. I'm sure you you haven't missed that the sort of like really big security issues. We've had
03:03
Right before the the new year was locked for J and followed into the new year was called dot JS and faker dot JS um And you know, I think it's fair to say that over the last course of the last like four or five years We've really noticed of what we can essentially call like an open source crisis, right?
03:23
we've seen maintainer run out we've We've seen people claiming that cloud is capturing too much value we've seen we've seen ethical concerns over the impact on and users of open source, um, and We also are experiencing now a real software supply chain security
03:46
Crisis to some degree in which open source has a very large part And so, you know, that begs the question. Well, what's going on? like why so so much drama around the space right now and
04:02
You know I posit that what we're actually experiencing right now, what we're witnessing is the emergence of new constituencies And you know when you consider open source The way we've been thinking about open source has been essentially it was the four freedoms
04:22
that's more around free software arguably and the open source definition And that as a tool worked really well in a much smaller Ecosystem where there was a ton of overlap between the users of the software and the developers, right?
04:43
Essentially if you wanted to use software 20 years ago you had to be pretty technically savvy to be able to do so and so obviously you see this huge overlap between People building software and people using it because I said you just couldn't use it
05:02
Was that like really understanding how it was built right and of course this has dramatically changed as Open source moved from being on this really niche, um aspect of
05:20
Software itself, which was itself very niche to you know powering depending on who you ask and how it's measured like 50 to 90 percent of the lines of codes of Software which pretty much runs everything nowadays from cars to phones to computers to pacemakers to your fridge, right?
05:45
And so obviously when you move from something that is very niche to something that is very mainstream Well, there's a lot more people and those people and those constituencies those stakeholders are Incredibly diverse and you no longer have this kind of overlap that we had
06:04
You know to deck two or three decades ago and in in this overlap in which having Tools as Simple as the four freedoms or the open source definitions were enough to reason and understand this ecosystem
06:24
So it turns out that there are Other Communities that have been faced with this question of a broadened audience a broadened community more constituencies a long time ago, um, and
06:45
We can learn from them. And one of those that's particularly dear to my heart because I really come from the web is w3c and So the briefly see is the standards organization that standard as that standardizes a lot of the technology for the web
07:02
and the reason that they're way ahead of us and thinking about this is that The browser has been Widely deployed and impacting a lot more people way Earlier than open source, um is technically doing now
07:24
Although obviously the two are related. Um, and so the priority of constituencies is something that dates from 2007 and actually an IIC chat between some of the folks that were in the HTML working group some of which moved into
07:42
The what we G later on that we're trying to find um solutions to make decisions when There were conflicting interests in a particular piece of technology
08:00
and that was ended up essentially being put in written and become sort of part of Some of the Essentially that the guidelines that the framework That is used to to this day to continue to make decisions about how specs for the web are
08:24
designed um and this Yeah, so the term changed a bit It's now called put user needs first used to be a priority of constituencies But I think sort of the priority of constituencies captures the how
08:40
More than the put user needs first which captures sort of the why you want to do the rest of the whole thing But regardless it's the same concept, right? And there's also some really interesting related thinking from the ITF on this topic And you know, the whole thing is best summed
09:01
from the ITF's perspective as When there was a conflict between the interest of end users of the Internet and other parties ITF decisions should favor end users, right? And the priority of constituencies itself essentially focuses on
09:21
Servicing end users over authors So those are people actually building web applications and the W3C lingo over implementers where those building web browsers Over spec editors where those actually writing the specs over a theoretical purity, which is you know the
09:40
Making a decision that wouldn't be serving a user but would be you know Two API's would be consistent with one another for example, that would be theoretical purity And so, you know if you start looking at the size of each of these constituency you also understand Why this? Framework of thinking is not only
10:03
Interesting, but also how it can actually help right end users of the web are billions developers writing web applications are millions Engineers building browsers are in the thousands and spec editors are in the tens, right? So you can really see how
10:20
essentially a Spec editor putting in an hour extra work to make something more clear can save 100 hours at the implementer level a million at the authors level and a billion for end users, right? So there was this kind of like impact that's interesting to assess Right, um, and you know as a side note, this is actually quite close to how the Apache software foundation
10:46
thinks about these things And if you look at them, you know, the end user authors implement respect at their theoretical purity And you remove kind of like everything that's in the middle, right
11:01
And move like the the implementers and the spec editors think of them as community right and think sort of like authors and end users as The recipient of what the community does you really you end up was like, you know community Is more important than theoretical purity, right?
11:20
And this is kind of like community over code and that's really close to all sorry I'm going too fast was though that's really close to the sort of like Apache Mentor of really thinking about the people overthinking about code So can we actually take this party of constituencies that was designed for the web and
11:43
Use it for open source and what would that look like if we actually did so So let's first have a look at like who exactly are the main stakeholders that we can think about when we think of Open source software, right? So, um, you know at the heart we have maintainers, right?
12:05
We also have contributors to the project then we have app developers So those are people that would be using that software To build applications, right we have the cloud infrastructure which is
12:23
You know Deploying that software that open source software so it can be used by app developers And then we have end users people actually using that software and at the very end we have people right because when you're thinking about software I can You know, I can be using a piece of software to do something about someone that
12:47
Isn't using that piece of software, but that is impacted by my usage of the software for example Imagine that you're walking down the street as a person, right? Um, and there is a camera that is
13:04
Do you know Filming you and using AI to identify you right you technically not using the software But the software is being used on you and it impacts you because maybe you didn't want people to actually know you were walking down that street or you're in the surveillance state and that's something that's
13:23
You know that you really like obviously concerned about so, you know, it goes that this whole way So if we actually ordered these we end up essentially was you know People over end users over app developers over cloud infrastructure over contributors over maintainers
13:43
over theoretical parity So that's kind of what an open source priority of constituency would look like And so, you know that kind of begs the question well is Priority of constituencies a silver bullet like is it the framework that we're missing to think about open source properly
14:02
Does it solve all of the web's problem? And obviously I mean Maybe the answer isn't a question. The answer is no, right by itself. That's not enough Um, and so let's look a bit as to what the problem was the priority of constituency is
14:22
in the web, so One of the key issue that we see in the web We know when you think about the fact that you want to move the work as upstream Towards this as much towards the spec editors as you as you possibly can right?
14:43
You quickly realize that this implies that folks that spec editors, right? Have a lot more work to do than implementers and implementers have a lot more work to do than authors and authors Have a lot more work to do than end users, right?
15:00
so that's kind of fine if the Economic situation of all of the players matches this and if you look at this slide here, you see that, you know an average End-users are just people of the web, right? Um, and so They you know tend to have like people money ie not a lot compared to a corporation
15:21
If you move to authors which again is w3c lingo to talk about web developers You will see in that space software vendors are actually Much more well off than individual people. They're usually small corporations So, you know you have this this sense of authors have more money than end users
15:44
So that kind of makes sense because they actually have more work to do Right, and if you move to implementers, you're now talking about the browser makers So essentially folks like Microsoft Apple Google etc. Right. Um, and you obviously see there that they have a lot more money. And again, that makes complete sense
16:02
Now what happens when you move to spec editors? Well, it turns out that although a lot of spec editors are actually folks working for implementers There's also a lot of what the w3c calls invited experts. Um that are People that are
16:21
Helping write specs because they really care and then they usually doing that either on their own time or Sort of like freelancing one like consulting arrangements and often was very little money, right? And also there's a number of organizations In the world that could really benefit from being involved in the spec editing process because they get impacted by it
16:44
That don't have the means to actually contribute, right? So what do you realize here? Well There's like this huge discrepancy in uh means between implementers and spec editors, right? This is like a really big problem And so essentially to try and avoid that what really needs to happen is money has to flow upwards
17:07
To help the spec editors actually take on a larger share of the work as they should right, um in order to Benefit the whole uh chain and really move all of the work as upstream as possible
17:25
I mean i've talked about the you know, this issue a while back. Um, there has been um increasingly helped with um Open, uh w3c, uh, and the w3c members helping out invited experts
17:42
Um, which are you know folks working On specs but not working, uh for uh, a large corporation. Um, and um That still needs more work, right? Um, and i'm sure of course like you'll you'll recognize How this kind of issue was people actually doing a lot of the work at the very top like very upstream
18:06
Are having financial difficulties, right? So if we move this back to open source and actually start thinking about money. Um, We're going to uh, you know Notice a problem again. And so that kind of makes this priority of constituency
18:21
uh, not only kind of a direction as to where work has to move and who you have to um, Think about first when there are conflict of interest, but it also serves as a cannery in a coal mine um sort of like pointing out, uh when there are Discrepancies in the economic situation of the different stakeholders and and and how that actually impacts
18:44
the the health of the overall ecosystem Which I think is kind of at the heart of the crisis that I was talking about in the beginning of this presentation The network we're testing in open source right now, right? So again looking at people end users app developers cloud infrastructure providers contributors maintainers and theoretical purity, right?
19:02
Well, what do we notice? Uh, well everything is going fine up until you start going to contributors and maintainers, right? You see this nice move from like people End users app developers having more money cloud infrastructure having more money and then well contributors. It depends, right? It can be individuals. Um, it can be small corporations
19:24
Um, you know small companies and same for maintainers, right? And so again, we're noticing this Unbalance here between folks that need to do more work that are close to upstream But that actually have very little means and so again sort of the suggestion to solve this problem
19:42
Is to figure out ways to move money and means upwards. I mean this could be money It could be like lots of different resources, right? but really sort of funding that upstream work Which is important essentially for the the health and the balance of the overall ecosystem Right, so, uh, uh, i'm actually, uh on time, which is wonderful. Um
20:07
essentially, uh, what I really like with w3c's priority of constituencies Is that it is um It was designed to do two things The first thing is to keep focus on the impact that you have
20:25
Downstream from where you're working at because that's what matters, right? Um when you are writing a spec or when you are maintaining a project Uh, you have to keep in mind not only your own
20:40
benefit But also how is this going to impact? Um constituencies stakeholders downstream, um, is it going to make people's life? Um hell is it going to make it really difficult to deploy? Is it going to make it difficult to build on top of like all of these different topics from ethical concerns?
21:04
To developer experience are all sort of like baked into this really simple Um a tool this really simple conceptual framework of the priority of constituencies in case of doubt think about the uh The the folks the most downstream
21:22
uh the end users the people at the Sort of like the bottom of this whole structure and how they're all impacted. Right? So that's the first thing The second really nice aspect of the the priority of constituencies Is that it really helps to maximize
21:40
The benefits to the commons by upstreaming stuff, right? I mean we all know we all know this intuitively Uh upstreaming is really good, right? It's good for the ecosystem Um, it's good for the projects. It's good for the people relying on the project, right? And so, um, This this this framework that this priority of constituencies really shows that the more things are upstream
22:04
um the cheaper it is Um to um to do the work like the less hours it actually consumes of like everyone's time Um, and the more effective that is right, um, and so then lastly What if the party of constituencies wasn't really designed to do but if you lay it down like this what it really shows
22:24
is um, you know where there is actual discrepancies between The work expectations if you're really close to upstream and the economic situation, um of uh, depending on what your position, right? Um, so it's a tool that is great to think about these issues and um,
22:45
Really sort of like put a spotlight on the areas where we're seeing lots of work expectations And few resources, right and um in the web It's clearly on the spec editors and open source very clearly maintainers and contributors
23:04
should be the ones doing the most work if we want to think of Maximizing the benefits to the commons. It's much better If everyone upstream stuff, it's much better if a project is well maintained rather than having You know everyone downstream having to patch it, right?
23:22
but this requires um adequate resources and what we're seeing in open source is We don't have those resources, right? So anyhow, I think the priority of consistency is a wonderful little tool to think about these issues Um, and uh, that's what I have for you today, so we have a few minutes for questions discussions i'd love
23:43
to Hear what your thoughts are and um, thank you so much for your attention Thank you very much for this very insightful talk um, I yeah, I really enjoyed the the picture really that this um, this paints basically, um
24:00
How things are structured and how things should be should be structured. Um here um, and I think from at least from from It seems like let's say money is moving slowly upstream now. Um in The discussion at least is there. Um, let's see the log 4j log for shell. Um,
24:21
A lot of discussions. Okay, how can we fund it better? There are a lot of initiatives. Do you see? Is there anything that that caught your eye? Was it okay that they are implementing basically this this theory already there there are good efforts in moving that upstream Um So, I mean clearly like things are moving
24:41
Right. And so the answer is um, yes But then when you look at the scale of the problem and how much is actually moving You know, I I have more concerns right, um, which is that um You know the the amount of of if you're talking like literally money resources
25:05
Well, I mean first of all, we can't just talk about money resources, right? Because that's not the only thing in most cases. Actually, that's not what's needed right, um, so, you know, that's um, um Money is one aspect of the problem. But the way we're looking at this right now is
25:22
It doesn't feel It feels like the movement is right But it doesn't feel like the picture of what the situation is is well understood and well shared Like the discrepancy is absolutely staggering between how much money is um
25:41
Uh used in open in uh, sorry in property software, right? Like if you look at uh, I did some some back of the envelope math in a different talk a while back And there's roughly a trillion dollars spent a year on developer salaries a trillion dollar like if you actually stack a hundred dollar bills Right, it's enough to make a skyscraper
26:03
Like it's it's like, you know, it's it's beyond imagination how much one trillion dollars, right? And what we're talking about like massively exciting efforts in trying to fix open source security We're talking about like one two, maybe five million dollars, right?
26:21
so, you know, it's like it's a lot of it's an order of magnitude is is you know, uh, Five million dollars and a hundred dollar bills sits on a table on a desk, right? Compare that to like the amount of money that's spent in property software You're talking about vastly different numbers And then consider that you know
26:41
As I was sitting at the beginning of this talk Depending on how you count sort of like 15 and 90 percent of actual lines of codes running for anything are open source, right? So you're talking about spending, you know, like point zero zero one percent on open source Whereas you know, it's like actually 90 percent of your code that doesn't make any that doesn't compute
27:01
So yes, the direction is good. But I mean, come on like we're not looking at this properly Okay, and there's another question, um from the audience Um, how do umbrella organizations such as software freedom conservancy fsf apache and so on fit into it? So that's a great question, um
27:22
so I think in um mainly in two ways, um one is Organizing well three ways one is organizing the effort of different different Stakeholders, right which is you know what they do already. The second one is providing a whole bunch of infrastructure
27:40
Which they also do already and I think there is an opportunity To start thinking about a third option and i'm not sure existing umbrella orgs are actually properly designed and organized for that Which is I think we need to think about uh paying and maintainers not developers building the software
28:00
but um for lots of projects actually paying folks to do sort of like the The work that nobody really wants to do that's not super exciting but needs to happen You know the maintenance right making sure that um Um Bugs are triaged and like security patches are applied and like the right version is released and all of that stuff, right?
28:20
and I think there is um Appetites in the broad community for people to actually do these kinds of jobs Part-time or you know on top of something else And I think we should leverage this Okay, yeah, and I think a final question that we have um is a comment from uh from
28:42
Someone watching and saying I appreciate a lot all of your efforts thinking outside the box To find more balance into the open source scenes. Um, I remember another talk from you about licenses. How do those Topics connect how do those ideas connect?
29:01
Um, that's a great question, uh They connect initially for me because I was thinking about these two things about at the same time um I don't have a better answer for now. I I think no, let me try to give a better answer. Um, I think that um
29:21
My thinking around licenses and my thinking around this uh are both part of Actually making us as a community More concerned about our downstream impact and how what we do is then used And uh for the benefit of people or not, right and making us more um
29:46
aware of this and more intentional about this so, um, yes same sort of like, um, underlying concerns Uh and wants and desires, right? But looking at it from a different perspective. I think the priority of constituency is
30:05
More pragmatic more practical and can reach a lot more people than uh works around licensing