this post was submitted on 08 Dec 2023
243 points (99.2% liked)

Fediverse

28277 readers
667 users here now

A community to talk about the Fediverse and all it's related services using ActivityPub (Mastodon, Lemmy, KBin, etc).

If you wanted to get help with moderating your own community then head over to [email protected]!

Rules

Learn more at these websites: Join The Fediverse Wiki, Fediverse.info, Wikipedia Page, The Federation Info (Stats), FediDB (Stats), Sub Rehab (Reddit Migration), Search Lemmy

founded 1 year ago
MODERATORS
 

Artemis was a promising mobile app for Kbin, with a dedicated community, a rapid pace of development, and a high level of polish. Then, the developer disappeared.

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 2 points 11 months ago (1 children)

Not sure what ASF is (something Software Foundation?) but sounds like they are a solution and not a problem

[–] [email protected] 3 points 11 months ago (1 children)

Apache. The problem is there is foundational software in the world that is aging and not being actively maintained. Basically they jump into action when someone catches a security issue, but also that way too many of those security issues only get found when they're being actively exploited. Even if it's being used by your bank.

[–] [email protected] 4 points 11 months ago (2 children)

I recall reading about a university ?compsci? lab where the professor who leads it assigns her students to examine priority dependency chains. They trace everything back and report on who is maintaining various upstream packages, and identify situations where it is like just one person or otherwise really vulnerable. Then they have some sort of institutional resources to offer that person support and add extra hands to the workflow. So it is more proactive than what you are describing in that they are going out and looking for things that could be problems, not just awaiting a disastrous exploit and patching it up after the fact.

But it's just some small group somewhere. On the main I think we agree on the deficit of support for FLOSS components and applications that functionally run the whole world. It's so crazy but invisible. I am not a developer, just a fan of developers and their work. Most people I know IRL are not developers. Everyone thinks the software on their phone works because Apple and Google pay engineers to build everything. They don't know about all the FLOSS components to the phone, the services it uses, the network etc, and how so many bits and pieces are maintained in part or in whole by volunteers on their free time.

Remember when the boat got stuck in the panama canal and everyone was suddenly interested in supply chains? I forsee/fear the event that prompts the whole world to learn about dependency chains.

[–] [email protected] 1 points 11 months ago (2 children)

Remember when the boat got stuck in the panama canal and everyone was suddenly interested in supply chains?

That was the Suez Canal lol

[–] [email protected] 1 points 11 months ago

omg i stand corrected

https://en.wikipedia.org/wiki/2021_Suez_Canal_obstruction

also it only lasted 1 week?? i felt like it was 9 months long

TODO: read the wikipedia beyond the introduction

[–] [email protected] 1 points 11 months ago