Transcripción
Extracto de la transcripción automática del vídeo realizada por YouTube.
all right good morning let's roll my name is Justin a fun fact I get paid by the tweet so if you can follow me on Twitter and say hello I'd love that or if you want to drop me a long-form line you can reach me hello at test double comm open-source
is good right companies working with competitors other companies on common tools and then turning around and sharing that for free startups now they can stand on the shoulders of giants and build great new things with just adding a little code on top companies
that couldn't exist otherwise and then never before in the history of the universe has an individual that's not state-sponsored or company sponsor had been able to just do a little work of their own and then literally change how the world works but
is open-source good really I mean companies love consuming open-source but if you ever want to share an upstream patch much less open source a library they suddenly are very stingy and skeptical of this open source thing and then a lot of startups keep falling
into the same trap of hoovering up all of this free stuff without understanding how it works and building maintainability nightmares right as they get successful they can't add new features anymore and most of the maintainers I know are pretty burnt out
right like they don't like the fact that they're doing something for fun and their free time companies are running on that stuff and then expecting customer support you know on nights and weekends so today my goal is just to bring to light a handful
of issues affecting open source and my only objective here is to encourage you to do the same thing because maybe if we can start to build a broader awareness of some of the systemic issues in open source we can start to have ideas of how to fix them and then
maybe somebody will come along start to create new creative solutions for those things and then we can you know start to live and realize the promise of true openness whatever that means and then we're done but again today very little minor just looking
at a handful of things topics such as dependencies pulling back the curtain a little bit to show what it's like to be a maintainer issues of trust adoption security and then some deep thoughts about how we interact with each other as humans as well as
where I think the future is heading I like to start off with term definition the word ideology most of us think of the word ideology as like a political subscription or affiliation what you believe but I like this definition more they do not know it but they
are doing it ideally as the negative space that's driving our actions without us even realizing it it's a quote from a dude named Karl Marx open-source fans are a bunch of hippies so I figured I'd start with the Marx quote that comes from the book
capital and capital is an interesting book because as a work and it sits at the intersection between philosophy and economics I think it's an interesting subject to start with today because so does open source right we share all this code altruistically
as if to earn karma from people we don't know and yet there's all these companies out there making bucket loads of money off of open source and every company that even doesn't contribute open source needs it to get by so thinking of capital and
traditional economies I want to look chart the march of progress of economics you know in the beginning everything was shitty everyone was just trying to get by survival day to day but then as groups of people started to form specialization emerged you know
you could go to one market for your veggies and another person for your meats and through efficiencies this opened the door to the development of human culture recreation and art emerged industrialization further optimize this because now we could go to one
place and get all kinds of goods the internet totally inverted that so now from from my bed on my iPad I can order things from anywhere in the world and have it all shipped to my door this is progress but where does it lead us you know this year there were
rumors that Amazon is actually using big data to predict what you're going to buy before you click one click and they're actually shipping it to distribution centers near you in advance so that they can send it to you the same day or the next day and
some people are starting to ask questions like is this march of progress actually somehow taking away something about that's been cord of the human experience so it's an unintended consequence another example of unintended consequences and the like
progress of economics Food Inc right this documentary was a big hit and look at that aggressive tagline you'll never look at dinner the same way but I think it'd be more honest if that said for like at least a month because because we can't change
these these are systemic issues when you chart progress over time there's a natural accretion of awfulness it just mounts up until it gets to a point where we all freak out about it and when we freak out about it we think we're gonna fix this right
but we can't just turn on a dime nothing stops this train it's going to keep on getting worse before it gets better and maybe we can rein it in to current panic levels later speaking of awfulness let's chart the same march of progress about all
of the tools that we use to suck in new dependencies from the open source world so charting open source is progress over time in the beginning there were just files out there on the internet and so if I wanted to like build a system and and pull in some open
source I'd have to go find it first download it and then literally like check it into my version control depend on it and then logically it kind of continued on as part of my application if it broke I had to fix it and that was a guard against pulling
him too much because I didn't understand it and it was just more and more for me to maintain make files and and and common build system tools emerged as a great way to depend on stuff logically so now I could build an application and depend on something
like lib XML and it could be built on each of the systems that needed to be able to compile but you know it existed as a separate entity I could upgrade it separately and I could view it as apart from my application code Java and its jar files were another
great innovation because now instead of having all these build systems configured appropriately a single compiled you know bytecode could be distributed and then run anywhere so with Java I could literally go to a website download a jar put it on that class
path and it would work and this was so convenient that it actually opened the door to those same sites saying oh and by the way we depend on this third thing that's what we call a transitive dependency and what that allowed was really all of these libraries
that we depend on to become small more focused and even you know when you think of transitive dependencies like Apache Commons emerged is almost an alternative language stack within a language ecosystem it was extremely novel Ruby you guys have done great
work making this even easier with rubygems and bundler now when I'm writing my gem file I only say the things that I explicitly depend on and those transitive dependencies are discovered for me and their version resolution is handled for me automatically
without me even knowing and I kind of arbitrarily deep dependency graphs only really thinking about the stuff that I directly depend on NPM has just taken this a step further because the node.js runtime doesn't require it allows you to load the same library
multiple times in a single process which means I declare my dependencies and then it just naively sucks up all the dependencies of my dependencies and so on and so forth to these gigantic trees and it gets really broad and really deep up to the point where
our very common thing for a node.js library to run into is a support ticket saying hey I can't install this because it's literally longer than the windows max file path limit of 256 characters which that was a joke we this march of progress is optimizing
for convenience you know getting getting somewhere more quickly it's short term progress and it's available to us for the low low price of long term fragility the the comedian Louie CK talked about this recently it's true everything that makes
you happy is going to end at some point and nothing good ends well it's like if you buy a puppy you're bringing it home your family saying hey look everyone we're all gonna cry soon look at that what I brought home I brought home us crying in a
few years here we go countdown to sorrow with a puppy our communities louis c.k a guy named gary he told me to build a small but non-trivial rails app an empty app will have 50 gems but yours will end up with 75 to 100 now go away for six months come back
update all your dependencies your app no longer works I know from experience in the Ruby community that this is true but it's easy to start a Jekyll blog it's easy to install sass it's easy to generate a rails app it's always easy right now
never in a year the reason I think is that when somebody asks us what our application is we think of the code that we write as being our application even though upon inspection and all of us would agree that our app is really the full stack of everything that
we ship into production it's never been easier to ship something to production but the things that we're shipping to production have never been more complex I'm guilty of this all the time I say oh it's a rails app because that conveys a lot
of information all at once I never think to say oh and rails depends on Thor at this very specific version specifier I don't even notice that I didn't even know it until I made that slide even though 272 gems can no longer be installed in the same
[ ... ]
Nota: se han omitido las otras 4.988 palabras de la transcripción completa para cumplir con las normas de «uso razonable» de YouTube.