- cross-posted to:
- lemmyapps@lemmy.world
- fediverse@lemmy.ml
- cross-posted to:
- lemmyapps@lemmy.world
- fediverse@lemmy.ml
Artemis was a promising mobile app for Kbin, with a dedicated community, a rapid pace of development, and a high level of polish. Then, the developer disappeared.
Apache. The problem is there is foundational software in the world that is aging and not being actively maintained. Basically they jump into action when someone catches a security issue, but also that way too many of those security issues only get found when they’re being actively exploited. Even if it’s being used by your bank.
I recall reading about a university ?compsci? lab where the professor who leads it assigns her students to examine priority dependency chains. They trace everything back and report on who is maintaining various upstream packages, and identify situations where it is like just one person or otherwise really vulnerable. Then they have some sort of institutional resources to offer that person support and add extra hands to the workflow. So it is more proactive than what you are describing in that they are going out and looking for things that could be problems, not just awaiting a disastrous exploit and patching it up after the fact.
But it’s just some small group somewhere. On the main I think we agree on the deficit of support for FLOSS components and applications that functionally run the whole world. It’s so crazy but invisible. I am not a developer, just a fan of developers and their work. Most people I know IRL are not developers. Everyone thinks the software on their phone works because Apple and Google pay engineers to build everything. They don’t know about all the FLOSS components to the phone, the services it uses, the network etc, and how so many bits and pieces are maintained in part or in whole by volunteers on their free time.
Remember when the boat got stuck in the panama canal and everyone was suddenly interested in supply chains? I forsee/fear the event that prompts the whole world to learn about dependency chains.
Relevant xkcd
That was the Suez Canal lol
omg i stand corrected
https://en.wikipedia.org/wiki/2021_Suez_Canal_obstruction
also it only lasted 1 week?? i felt like it was 9 months long
TODO: read the wikipedia beyond the introduction
yes axactly