It's not about meticulously reviewing every commit for every project that I use, obviously nobody has time for that. For me the most important part is being able to fork the project if you want to add features or are unhappy with the way the original project is going, you don't merely have to beg the maintainers to add a certain feature, you can do it yourself. And perhaps more importantly I'm not screwed if, for one reason or an other, the original maintainers decide to drop the project.
It's very important to me that emacs is open source not because I review every single commit (I don't) but because it means that I can commit a lot of time tweaking and learning the ins and outs of the editor without worrying about having to switch to a different one a few years from now when the original devs get acqui-hired by Facebook and they stop working on their project.
Also, simply making the source-code visible to all, helps keeps the honest guys honest. That's true even if the licence isn't truly Free and Open Source.
That's true and, to me, has been brought on the spotlight from Microsoft practices around VSCode. On the other hand, for an OSS project, building the binary is not that hard.
I see where you are coming from, but this is simply not true. You can argue nobody concerned with his own reputation commits spyware to a public repo, but malicious actors are usually not concerned with that or try to stay anonymous in the first place.
> You can argue nobody concerned with his own reputation commits spyware to a public repo, but malicious actors are usually not concerned with that or try to stay anonymous in the first place.
It's not so black-and-white though, hence "keeps the honest guys honest". Are Microsoft and Google 'malicious actors'? They're hungry for our data, but they often only do it when they don't think we'll be able to find out what they're doing. https://news.ycombinator.com/item?id=17749330
> or me the most important part is being able to fork the project if you want to add features or are unhappy with the way the original project is going
Which is not "complete control" and that was the point I was arguing against. That having source code access enables you to gain some control over your own life is not a point I was arguing against.
Additionally another point: even if you fork you can't keep that fork alive without manpower. Nowadays all the dependencies and apis change all the time as well.
It's very important to me that emacs is open source not because I review every single commit (I don't) but because it means that I can commit a lot of time tweaking and learning the ins and outs of the editor without worrying about having to switch to a different one a few years from now when the original devs get acqui-hired by Facebook and they stop working on their project.
reply