In the wake of the xz exploit, I quipped, “Free software, eh, fine, whatever. What does •sustainable• software look like?”
I haven’t heard anybody give a more thoughtful or more useful answer to that question than @jenniferplusplus in this blog post, which has not one but •two• crucial insights:
@inthehands@jenniferplusplus This is extremely good. I think you could argue that a commons is exactly what the original "guys with beards sharing mainframe code" that started all this were trying to build, but either way it seems to me it's exactly how we should view it.
@fishidwardrobe@jenniferplusplus
Yeah, I think a commons is definitely an goal that’s been hovering nebulously in the air since before OSS was even articulated as an idea, but people have just completely missed the ball on the importance of “socio-” in “sociotechnical” and we’re now left with dangerously weak human systems surrounding strong technical ones.
@inthehands@fishidwardrobe I'm speculating, but to me it feels like a commons is the result they actually wanted, but not the result they thought they wanted.
The first insight is her analysis of OSS software as a commons. It’s an insight that feels so obvious it almost seems like it doesn’t need stating, yet when she does state it — when she works out what it actually •means• for open-source software to be a commons — well, for me that was one of those moments with a “before” and an “after” where I won’t inhabit the world the same way again. It made me see things I can’t unsee. Read the post just for that.
The second insight is that OSS is a socio-legal-technical problem, and we’ve given a lot more attention to the technical and the legal than to the socio-. We’ve been neglecting •governance•, the social systems of project decisionmaking.
As she puts it here: “Commons need long term organized care to sustain them. That's called governance.” Without that, there’s no sustainability. It needs the same kind of thought we’ve given to licenses. More, even.
Open source, she argues, is threatened by both •enclosure• and •extraction•. It’s largely succeeded in defending itself against enclosure, but is failing to fight off extraction.
What’s missing? She writes: “The Freedom promoted by [the open source] movement could also be called autonomy. Proper governance would safeguard that autonomy.”
That “autonomy” framing un-muddies a lot of muddy waters.
We can view maintainer burnout as a loss of autonomy. We can view private capture and extraction as loss of autonomy. We can view malicious actors injecting vulnerabilities as loss of autonomy.
•All• commons have a form of governance, whether intentional or de facto. Governance is the thing that can protect autonomy or doom it. It’s time for open source to get serious about it.
Add comment