Open Source Friday with Jordan Harband and NPM
24 Mar 2024 (9 months ago)
Duolingo
- GitHub Copilot increased Duolingo's productivity by 25% and improved the learner experience.
- GitHub is essential to Duolingo's engineering and helps create a better experience for learners.
Open Source Friday
- Open Source Friday discusses package dependencies and their impact on projects.
- Jordan Harband, a principal open-source architect at Herodevs, shares his experience in open source.
- Herodevs provides long-term support for end-of-life open-source software, ensuring security and stability for users.
- Herodevs partners with maintainers and contributes financially to open-source projects, supporting the ecosystem and allowing maintainers to focus on development.
Maintaining Open-Source Software
- Jordan Harband's journey in open source began with small contributions and gradually led to maintaining impactful packages.
- Maintaining JavaScript shims led to involvement in the TC39 standards committee.
- The speaker expresses concern about the wide reach of their code and the potential impact of breaking changes, emphasizing backward compatibility and semantic versioning.
- Jordan highlights the potential unintended consequences of moving fast and breaking things, citing the example of a social network's motto potentially contributing to the erosion of democracy.
- The speaker advocates for a cautious approach, emphasizing the importance of considering the impact on users and the responsibility that comes with maintaining widely used software.
- Breaking changes in popular packages can have significant consequences for users, especially if they are widely used transitively.
- Maintainers of popular packages face difficult choices when making breaking changes, as they may have to choose between supporting older versions or leaving users vulnerable to security risks.
- It is important for maintainers to minimize breaking changes and to provide users with ample time to upgrade before forcing them to do so.
- Backporting security fixes to older versions can help to mitigate the risks associated with breaking changes.
- Encouraging financial contributions to open-source projects can help to support maintainers and allow them to spend more time on maintaining their projects.
- Maintainers should avoid finding themselves in scenarios where they have to make difficult choices about breaking changes by minimizing breaking changes and providing users with ample time to upgrade.
- The speaker discusses the challenges of maintaining open-source software and the importance of making breaking changes at the right time.
- Encouraging users to adopt new versions of software can be difficult, especially when there is no clear benefit or incentive.
- Two-factor authentication can be an effective way to protect packages from being compromised, but it can also limit adoption.
- When making breaking changes, it is important to make it as easy as possible for users to upgrade.
Supporting Open-Source Software
- Developers can set up their projects for success by using packages from a registry, writing thorough tests, and using linting and type systems.
- Companies should encourage their employees to participate in the sustainability of open-source software by contributing financially and otherwise.
- Open-source software maintainers need financial support to continue their work.
- GitHub Sponsors, Tidelift, and Open Collective are platforms that allow individuals and organizations to sponsor open-source projects.
- It is important for companies to actively participate in the open-source ecosystem by financially supporting the projects they depend on.
- Contributors can support open-source projects by contributing code, documentation, or money.
- HeroDevs recently partnered with Bootstrap to support versions 3 and 4.
- Developers should keep their dependencies updated using tools like Renovate or Dependabot.
- Employers should sponsor open-source projects instead of individuals.
- Maintainers appreciate any amount of financial support, even small donations.