A resource to get notified when certain open source projects change in a negative way? (sh.itjust.works)

submitted 3 months ago by brrt@sh.itjust.works to c/opensource@lemmy.ml

7 comments fedilink hide all child comments

I’m looking for a way to keep an eye on open source software I’m using, especially if there are detrimental changes. Like for example when there’s an acquisition (Raivo Authenticator) or the project has not been updated in a long time (potentially posing a security risk).

But I don’t want to have to read about every project, just the ones I’m using.

Anyone got any ideas?

you are viewing a single comment's thread
view the rest of the comments

[-] fenndev@leminal.space 15 points 3 months ago

I don't think one currently exists, but it would be an interesting project. There are plenty of trackers for CVEs but in terms of project ethics, acquisitions, etc., there's a space for it.

The two main problems I can see are:

How do you define 'negative'? An open source application being acquired is often a bad thing, but not always. An acquisition by FUTO is more likely to be viewed positively than an acquisition by Microsoft, but either can be interpreted positively or negatively depending on the person.
Community involvement is absolutely critical. If I were running a service like this (for example), I would only really be keeping up on the services I use and care about. I would need others to submit info and then verify it.

this post was submitted on 05 Jul 2024

72 points (100.0% liked)

Open Source

30950 readers

461 users here now

All about open source! Feel free to ask questions, and share news, and interesting stuff!

Useful Links

Rules

Posts must be relevant to the open source ideology
No NSFW content
No hate speech, bigotry, etc

Related Communities

Community icon from opensource.org, but we are not affiliated with them.

founded 5 years ago

MODERATORS

Cloak@lemmy.ml

kevincox@lemmy.ml

CrypticCoffee@lemmy.ml

Lettuceeatlettuce@lemmy.ml