I think it is very likely a few very big components and many, many very small ones.

This is a very common pattern. But that is hard to verify without examining all these components.

I would expect the Fat Head of most used open source projects to make up the vast majority of the open source code included in apps. It is not a common practice to include 1000 small projects into a code base for an app, or even 100.

Not usually 1000. But nowadays apps really do have a lot of dependencies - often more than 100.

An article about this:

https://wiki.alopex.li/LetsBeRealAboutDependencies

Rust apps also have been criticized for this. The thing is that when building a Rust app, every direct and indirect dependency is fetched and built locally. That makes them very visible. But the same happens e.g. with Debian systems with installing C or Python libraries, which bundle many pre-compilef dependencies, which is faster, and not as visible.

If an app includes 50 well-known big projects and 1000 small projects, the sum result can still be that small projects make up for a large fraction of the code.

It does not need to be an even distribution, it can be a “long tail” distribution.

And FOSS code is inherited often. Some years ago, a bug in a string-to-floating point connversion routine was found. This affected, if I remember correctly, PHP. But it turned out that many more languages were affected.

Similar with the TimSort algorithm, which was written by Python’s Tim Peters.

Sounds like hell is freezing over…

But you might have noted that weather patterns are becoming a bit strange recently.

Well, hobbyist projects are surely not the only pillar of the open source systems, and big projects like the Linux kernel matter immensely, too. But the article author does not deny that. He makes a point that the hobbyist projects are very important, too. Without them, there would be very little desktop software. I’d guess that much of KDE is hobbyist-powered.

And apart from that, financial support for projects important for infrastructure is a popular talking point. But I don’t see that happen much. Where are the SW engineering jobs for maintainers and contributors of real time Linux, messaging middleware, things like Ceph and file systems, FLOSS browsers, conference software, and so on? And now there are calls that the FLOSS community should care for security in infrastructure and industrial applications. If this were serious, one could simply pay the people who already do that (and massively hire more of them).

Guix vs Nix will be an interesting example. Nix has a way bigger user base right now but it has the whole Anduril & governance issue.

Guix has a way better configuration language and one can learn in an afternoon enough to use it productively.

What is your experience with guix like?

I am mainly using Guix as a package manager on top of Debian stable (and on top of my Arch install running in a vm). I use it mostly to have a reproducible development environment for my free time projects (which use Rust and Guile), and it works very nicely to that. It is also certainly a nice way to distribute software as source, with very little effort (just putting the own package definutions into a channel repo).

Does getting away from systemd affect things?

I have also started to run it directly on my PC as a base system. After replacing the NVidia GeForce card with an AMD Radeon one, I had no issues.

The configuration and init system work well - the only thing I would have to do is to write my own stumpwm(*) init script, which I didn’t have time for, so I use, as a fallback, i3wm and Gnome or XFce2, what I use at work, too.

(*) Stumpwm is a highly configurable tiling window manager written in Common Lisp. Similar to i3, but using key chords, and window manager actions are just lisp functions one can program and extend - they are called via key chords like Emacs commands.

In respect to the init systems, I have to confess that I am mostly agnostic. As long as it works, I am fine. I think Guix is the more modern and better approach.

The insight that a majority of open source projects are small contributions by hobby developers, and that it is their summed joint effort what matters, is very interesting.

This is part of a discussion that FLOSS development should be “funded better” to secure digital infrastructure.

What if the majority of contributors

(1) are not motivated by money in the first place, and

(2) don’t have time to work more?

Another thought: I think that one reason why the proportion of open source code grows is also software quality:

Companies would love to own all their code. So, when they employ people who work on proprietary code, the amount of proprietary code should grow, shouldn’t it?

Except that companies have mostly very short-term goals. And this affects quality: A lot of proprietary code has quite shit quality and is not really maintainable. Which has the effect that either the project dies, or becomes very slow to develop further, because of tons of technical debt.

FOSS projects do not have this constraint on short-term returns, so they often have better quality. Which makes it more likely that these projects live and prosper a bit longer. The short-term difference might not be even large - but the process goes year for year, round for round, and it becomes an evolutionary advantage.

In the end, everyone uses that Finnish students former hobby kernel project, and nobody uses Windows 95 - or wants to use its shitty successors.

(And this is why I also think that Guix will win in the long term: The capability to automatically re-produce all components of a program or system from freely available source is, in the long run, an overwhelming evolutionary advantage.)

Depends on the license.

And yes, you could say that the relationship between companies and open source contributors is a bit parasitic at times. But a part of them don’t care because for a start, they are not motivated by money to write open source software.

Nail on head! Exactly!

Here a summary I posted a while ago:

https://feddit.org/post/23120439

I think that one reason why the proportion of open source code grows is software quality:

Companies would love to own all their code. So, when they employ people who work on proprietary code, the amount of proprietary code should grow, shouldn’t it?

Except that companies have mostly very short-term goals. And this affects quality: A lot of proprietary code has quite shit quality and is not really maintainable. Which has the effect that either the project dies, or becomes very slow to develop further, because of tons of technical debt.

FOSS projects do not have this constraint on short-term returns, so they often have better quality. Which makes it more likely that these projects live and prosper a bit longer. The short-term difference might not be even large - but the process goes year for year, round for round, and it becomes an evolutionary advantage.

In the end, everyone uses that Finnish students former hobby kernel project, and nobody uses Windows 95 - or wants to use its shitty successors.

(And this is why I also think that Guix will win in the long term: The capability to re-produce all components of a program or system from freely available source is, in the long run, an overwhelming evolutionary advantage.)

Another aspect is that re-installing systems every few years prevents them from becoming messy. You can tidy your system up yourself if you know what you do, and keep detailed record of changes, but most people don’t do that.

Don’t know exactly, but I heard you can use clonezilla to move it into a vm image. That way, it is not any more bound to your current hardware and you can use it later if you need to access anything.

About a year later my niece threw it off the table and keyboard and touchscreen broke.

That’s the cost of not using old Thinkpads ;-). They have a magnesium frame coated with rubber, everything available as spare parts, and a maintenance manual on how to change things like keyboard and display. Not fast by modern standards, but more than good enough to run Linux.

I am not the article author. But I am doing mainly signal processing and embedded development, and most places I worked for in the last 25 years either have switched to Linux (and pay better because it’s more productive), or allow a development machine or VM with Linux. (Granted, in one company, I wrecked the department head’s nerves with using git instead of MS Team Foundation Server and MS source forge MS Visual Source Safe, but now it’s ten years later and even they offer a Linux platform product now, since Microsoft pulled Windows CE for not being able to compete with Linux.)

Better support for some old hardware, like scanners, even. (That’s because for some hardware vendors, OS upgrades are a means for planned obsolescence; They simply don’t provide updated drivers and your hardware becomes a doorstop so that you are invited to give them your money again.)

While I just land a recent Debian stable on my laptop, install cargo for new Rust apps (for things like jujutsu), and Guix package manager (for stuff like kakoune or vis), and call it a day.

Well, after 25 years the pursuit of agressive distro-overoptimization becomes a bit boring. But who am I to criticize what other people spend their free time with?

It does become insecure, so it’s not recommended. But old Linux installations don’t stop working just bevause of age. What becomes too out-dated eventually is web browsers.

Also, hardware requirements for Linux are much lower. My own main PC is from 2009 and works like a charm with new Debian. The one before lasted about ten years, it had a Pentium II like CPU.

Didn’t properly backup my data and lost a couple years of work doing a fresh install (school work and personal projects).

Always put /home on a separate partition.

Would not recommend doing backups drunk.

I would not use the root password when drunk.

Well, I was saying ultra-low maintenance, and most of the time, we both had much more important things to do (apart from navigating a pandemic). For example, going ice skating or trampoline jumping with her kid. And she is also not the type of person who likes yearly breaking UI changes. But as you remind me, I’ll get her another dist upgrade and browser update, so that online banking continues to work for her. That’s what you have friends for :-)