How to deal with the tragedy of shared lands in OSS

In January 2022, the colors.js incident occurred. This page is a summary of the discussions that took place in Japanese on Twitter at that time.

colors.js case:.

The developer of the open source library colors.js intentionally tampered with these.

He refused to "work for free" citing financial hardship.

This has triggered a debate about the treatment and responsibilities of open source developers.

[Developers of OSS "faker.js" and "colors.js" intentionally tampered with the libraries themselves "No more free work" - ITmedia NEWS https://www.itmedia.co.jp/news/articles/2201/11/news160. html]

stepney141: I feel that the OSS author going crazy because he didn't get paid is a typical public goods (i.e. goods or services such as parks or highways) and market failure relationship. I feel that it is a typical relationship between public goods (i.e. goods or services such as parks or highways) and market failure.

stepney141: OSS on GitHub, I wonder why it's not listed as a public good in an elementary microeconomics textbook. It's a public good.

stepney141: OSS was originally based on the recognition that knowledge is a public good and that "increasing the number of free riders of knowledge will lead to the development of knowledge". but it did not envision that the providers of knowledge would be on the wrong side.

stepney141: Bruce Perens, who came up with the definition of open source, is saying this, but in reality, the developers of Babel are suing for donations. The reality is that Babel developers are suing for donations, or developers are using force, as in the case of colors.js/faker.js.

"In a world where communism is not working, open source is succeeding with its seemingly communist strategy. Why is that? It is because the cost of production of ordinary (material) goods and information (which exists as digital data) is completely different. In other words, the economic principles are different. For goods made of information, such as computer programs, it costs almost nothing to copy and increase the quantity. The cost of electricity is negligible. The cost of using the equipment is also negligible. Contrary to this, it takes one pound of flour to copy one loaf of bread." --- "Definition of Open Source" at

stepney141: I remember the developers of log4j2 also made a statement in response to criticism of their vulnerability response, saying "We are doing all the tasks for free. I remember that the developer of log4jj also made a statement like "We are doing all the tasks for free" in response to the criticism of the vulnerability response.

stepney141: why do free riders and under-supply not occur in OSS as a (quasi-)public good, but rather voluntary supply by developers is observed? A theoretical economic study _no=1&page_id=13&block_id=83 Hosei University Repository

Just wondering about the validity of the assumption that there is a strong complementarity between OSS and computers.

stepney141: The reality is moving in a direction quite far from the conclusions of this paper, and since around 2019, when GitHub Sponsors was created, I think everyone I think people have started to think that OSS can only work if developers are compensated for their work.

stepney141: OSS, it may be more appropriate to see it in the framework of "economic anthropological gift economy" rather than "microeconomic public goods". may be more appropriate than "microeconomic public goods".

>In a world where communism is not working, open source is succeeding with its seemingly communist strategy. Why is that? It is because the cost of production of ordinary (material) goods and information (which exists as digital data) is completely different. In other words, the economic principles are different. An item of material information, like a computer program, costs almost nothing to copy and increase in quantity...... --- [for a definition of "open source".

nishio: released source code is a low-cost good that can be copied, but "adapting the source code to the latest situation (e.g. security patches)" is rather I guess it means that "adapting source code to the latest situation (e.g. security patches)" was rather a scarce good.

anohana: Really, the code is a nama thing and needs continuous care. The care part doesn't scale much.

nishio: This is also the case with machine learning, where sample code is published with the paper and it is easy to "try it out", so "the knowledge is a good that can be easily copied". On the other hand, "knowledge that can be modified for practical use" is a "scarce good that is difficult to procure on the market" that is not even described in the paper.

nishio: I don't know what to do about the so-called "Tragedy of Common Land", where the OSS maintainers who produced scarce goods are destroyed as a result of no one paying for society's common goods because they can be copied and used without paying for them. I don't know what to do about the so-called "Tragedy of Common Land" of destruction.

voluntas: The perspective that OSS itself can be copied as much as you want but not depleted, but the OSS maintainers are depleted (exhausted) is truly a tragedy of the commons. That is indeed Nishio.

voluntas: Well, I guess the bottom line is that everyone has been treating OSS maintainers too carelessly. I think the "someone will take care of it" attitude has finally exploded.

stepney141: OSS is often thought of as a free good (like air or sea water), but in reality it is not. In reality, however, it is not, but something that is produced by human beings with their income and time.

Various ideas for "The tragedy of the commons, I don't know what to do about it.

Visualize the costs that maintainers are incurring in good faith.

nishio: The larger the source code, the higher the cost of modifying it to fit the situation, and the higher the cost of getting new people to do it. >nishio: The larger the source code, the higher the cost to fix it, and the higher the cost for new people to do it, the more it accelerates the "burden on a few maintainers"?

nishio: I wonder if there should be a mechanism to visualize the costs that maintainers are incurring in good faith. I wonder if it would be good if companies could see the burden of maintainers via API for the OSS they use in their products, and be able to detect in advance about the bad ones where the burden is concentrated.

nishio: If we take the "amount used" by npm or something and estimate the "number of active maintainers" from the Github commit log and use it as the denominator, can we estimate the "amount of damage to society when one maintainer goes crazy"? Can you estimate the "amount of damage done to society when one person goes crazy"?

yuiseki_: i was thinking the same thing!

Drawing payment in the form of premiums

nishio: For a profitable corporate user, there is a real loss in having trouble with the OSS he is using, so I wonder if it is possible to extract payment in the form of an insurance premium to avoid such problems. I wonder if it would be possible to extract payment in the form of an insurance premium to avoid such a situation.

lempiji: i thought the insurance mechanism would pass too, but it still seems difficult to file a dependent package and estimate premiums. if they force push If it's force-pushed, it only takes one person to go crazy and you're out. I also thought that if we were to do it, it would be safe for GitHub to scan on its own, but this would be hard for competition to work and might be tough later on...

Semi-automate maintenance,

takiuchi: I think it would be better if users could send patches without a dedicated maintainer, and the PR could be semi-automatically merged and patches could be sent like a blockchain. The branch with the most patches could be the main one.

takiuchi: it's not a programmers Way like joining forces to help. I'm trying to figure out how to make it work more lazily and automatically.

Businesses are turning into businesses.

kazuho: Yeah, I mean, the support and maintenance costs are huge, which is why "OSS companies" are in business. That's the trend for the last quarter century.

kazuho: we talked like that last year

nishio: Why didn't OSS companies show up to support the project in question, even though there is room for "OSS companies to be viable because of the large maintenance costs"? Why didn't any OSS company appear to support the project in question?

nishio: ...because the market is being destroyed by the existence of "unreasonable players" who offer their work for free even though it is high cost work Nah... someone who dumping out of good intentions, crushes the competition, and creates a composition where all the work is concentrated on him, and then bemoans the concentration of that work... the road to hell is paved with good intentions...... ...

It was pointed out that the word "dumping" is hurtful to people, so I'm correcting that below.

whitphx_en: but I can't imagine faker.js or colors.js becoming a paid business that is not a donation... why?

Is this a limitation of my mind that I can't come up with because there is no precedent of this magnitude (source needed)?

Or maybe the support cost was not zero, but it was just enough to get a lick of salt.

whitphx_en: in other words,

Is it a matter of the absence of a system (lack of liquidity) that makes people pay for a cost that is not zero, but is minute, or is there really no potential profitability there?

whitphx_en: even my Awesome Emacs Keymap, which is trained on Emacs key bindings but forced to use VSCode I'm saving the sufferer a little time, and if there were true fluidity in the economic system, I'm sure the person's employer would pay me an appropriate prorated share of the floating costs, but the reality is that this is not the case. Why?

whitphx_en: my personal hypothesis is simple, economically rational "because it's not worth paying for"

I wonder if the ideal system to calculate the cost of the float would be available, but I doubt it would pay for itself.

By the way, there are many people who are willing to donate (perhaps beyond economic rationality), and we are very grateful to them!

I can't imagine >>faker.js or colors.js becoming a paid business that isn't a donation.

nishio: do you mean that there will be a company to support after this or another free project? I mean, there's already a free project out there to replace it.

nishio: If this is the case, it means (to turn off empathy and put it in a cold way) that you were just taking the initiative to do the work that others would provide for free if you didn't. I'm not sure I'm the only one who has done this, but I'm not the only one who has done it.

nishio: I checked carefully and found that there was more than one maintainer, not just one, and one of the maintainers was able to quickly set up a replacement project in response to this incident. I'm glad you took a break and said "I can't do it" if you can't do the maintenance for free. If they couldn't do the maintenance for free, they should have just said "I can't do it" and taken a break.

hrjn: I had a strong feeling that I could add ANSI color on my own, but when I actually looked at color.js, I felt it was a bit of an itch I could scratch and it would be very convenient. I'm not sure if it's a good idea or not, but it's a good idea.

I think this humble convenience is a subtle way of not motivating people to do this. https://t.co/yoKDzvK5Pu

Advertising revenue return

nakawankuma: There may be room for inducement by making it possible to get something like advertising revenue depending on the number of downloads, etc. + making the committer multiple (like a public stock listing). There may be room for inducement by making it possible to get something in advertising revenue depending on the number of downloads, etc.

Nico Nico Creator Incentive Program

toshi_miura: maybe something like NicoNico's Creator Incentive Program, and have them redistribute from the paid github program or something, Is that too much to ask?

basic income

nishio: in light of the discussion so far, I thought, on a practical experience basis, that I have a desire to offer what I make for free. For the sake of the principle of mutual aid!" I don't think it's something like that.

nishio: and we can behave according to that desire because we have the income to live without monetizing it, and if the income were to disappear Production will go down.

If the market is left to its own devices and does not provide adequate income, there is the option of a "basic income for OSS authors" with government intervention.

nishio: If we try to get as close to the beneficiaries as possible to finance this, maybe an additional sales tax on software? Maybe there could be a reduction for companies that donate or contribute to open source. This would create an incentive for companies to donate and contribute.

Related Hometown tax-like proposal

https://twitter.com/yutkat/status/1480815178547884034?s=21

Employees of companies using OSS can donate up to X,000 yen per month to the OSS of their choice like a hometown tax payment. I think something like that would be good.

Make it JAS-like

https://twitter.com/lm700j/status/1480775599719591938?s=21

Not an MIT license, but "if a company with more than millions of dollars in annual sales uses it, pay for it."

justinto_nation: or even simpler, MIT and all those lukewarm licenses should stop now, Or, even simpler, we should all just stop using MIT and lukewarm licenses like that right now, and put in more and more of the "companies with annual sales of millions of dollars or more pay to use it" mechanism that the proprietary guys are so fond of doing.

Requests to fix environment-dependent bugs are prioritized through a market mechanism by having them express "how much you're willing to pay for it".

nishio: I think this is also an interesting angle on the point that was made in the Hatteb comment about the lack of competitiveness.

Security patches are not competitive because everyone's needs are met by working on one. The problem is the cost of dealing with "user environment-dependent bugs" and "needs of each user", which increases with the number of users.

nishio: In that light, we could have the environment-dependent bug fix request express "how much you're willing to pay for it" as well as the feature addition request. 0 If the creator thinks it is interesting even if it costs $0.00 (if there is a non-monetary incentive), he/she will do it. If it is not interesting, the ones with the highest price will be processed first. The market mechanism will prioritize.

Better Than Free" by Kevin Kelly

"Better than Free": Nanazaemon's Notebook

nishio.iconThere is a collection of considerations that are also relevant to this discussion.

"If copying is free, you need to sell what you can't copy," "Eight Generative Forces Better Than Free," "Immediacy," "Personalization," "Interpretation" (Copying code, which is merely a collection of bits, is free. And it can only be useful to you with support and guidance), "authenticity," "accessibility," "embodiment," "sponsorship," and "findability."

nishio: I sympathize when I know how he lost his property in a fire and tweeted asking for donations, but I don't think most users of the library follow the author or even notice his tweets, since they are not fans of the project's owner. I don't think most users don't follow the author or are even aware of his tweets.

nishio: I guess they didn't get as many donations as they thought they would, but on the other hand the issues piled up and up. when I bug report to OSS, I ask if the author's finances are stable? " when reporting a bug to OSS. When reporting bugs to OSS, no one thinks, "Is the author's family financially stable? So, with their lives in a state of uncertainty, their time was taken up by free labor, and the stress drove them to vandalism.

nishio: If I had been around, I would have said to him, "You don't need to support it now, take a break from OSS activities and focus on stabilizing your own life. but either there was no one there to do that, or you weren't in a mental state to listen...

nishio: Some people have suggested that the word "dumping" is too strong, and I feel that it is indeed too strong, so I am considering rephrasing it!

nishio: To properly supplement the context, I'd like to ask, unrelated to this particular individual, "If a company undertakes a task for a fee, and there are customers who are willing to pay for it, what is the cause if the company doesn't appear? But if for some reason no company is willing to take on such a task, what is the reason? The question is

nishio: and the answer is that it may be due to the existence of players who undertake the work at a low price, at a level that is not profitable for the company.

nishio: It was pointed out that the original statement appeared to slander a specific individual regarding this project, and we do not wish to do so. I have corrected the wording to not relate it to the

relevance

hiroko_TB: The reason why I want to do open source is because it is something that doesn't exist in the world and people are in trouble. I think the reason why people want to do open source is because it doesn't exist in the world, and everyone is in trouble, so they want to solve the problem themselves, and also open it to the public for the benefit of others in trouble. I don't think he was thinking of profit from the beginning.

hiroko_TB: I think your main focus is to do something about the problems you and others are facing, and since you yourself were helped by free software and open source in the past, you want to give something back. I think you also want to give something back to them. So, I think it is an exception to the rule for commercial companies to just use the software.

hiroko_TB: So, perhaps companies like Google, in order not to become evil, are actively promoting open source release, and have been I think they are trying to return more than what they have borrowed and keep the innovation ecosystem going.

hiroko_TB: So, if you skip over the goodness of human nature and talk about whether it is rational from a capitalistic point of view, or if you say that such mutual aid should not be considered as an asset in the first place, I would think that you have a different god to believe in in the first place, and that you are an extremely cold person. I think that the God that you believe in is different from the one you believe in at the beginning, and that you are an extremely cold thinker.

nishio: I didn't understand the definition of dumping, strictly. "In general, it refers to throwing goods away at low prices that ignore profitability, but in a strict sense, it is price discrimination, That is, selling at different prices in domestic and foreign markets." --- Encyclopedia of Japan (Nipponica)

2022-01-12

nishio: this thread is interesting

__pandaman64__: before we talk about the tragedy of common land, it would be good to read this diagram and think about what corresponds to what position

https://gyazo.com/24fac832b1b9df74242d5b8a1b2e9d0b

__pandaman64__: to lay out my coherent thoughts,

- Software itself is a non-competitive good

-- Software can have exclusivity (e.g. Windows), but open source software has no exclusivity

- Software development and maintenance would be an equivalent good to the developer's time.

- Therefore, development and maintenance are competitive (e.g., no feature can be implemented while one bug is fixed)

- In the case of OSS, development and maintenance may also be practically non-exclusionary

- At this point, development and maintenance = developer's time is "common ground" (competing, non-excludable goods)

- i.e., there is an incentive for software users to benefit from the developer's time (to have the software improved), which the developer cannot eliminate

- In this case, the developer's time is over-consumed (compared to the Pareto-efficient amount)

- i.e., the user is free-riding on the developer's time

- I suspect that the open development model is a factor in the non-exclusionary nature of OSS development and support.

-- For example, Lua and SQLite don't seem to have this problem

- I'm sure other OSS companies are getting around these places (I doubt it).

__pandaman64__: "nishio: no one paid for society's common goods because "you can copy and use them without paying". The result is the destruction of OSS maintainers who were creating scarce goods, the so-called "tragedy of the commons", I don't know what to do about it." I'm saying roughly the same thing, but I think it's clearer and more interesting to distinguish between the software itself and the developers' time

>nishio: the so-called "tragedy of the commons" in which the OSS maintainers who were creating scarce goods are destroyed as a result of no one paying for society's common goods because they can be copied and used without payment, I don't know what to do.

__pandaman64__: - For example, the process of ex-tui

1. OSS becomes widely used

(2. Users will have an incentive to consume more of the developer's time)

(3. Developer cannot eliminate it)

4. excessive consumption and exhaustion of developers' time

which can be interpreted as a hidden mechanism.

- Interesting to consider a counterexample of each.

- Counter-example to #2: no matter how widely cat is copied and used, it will not be hard to develop and maintain. Because most users are happy to use the cat they have now.

-- note that the use of cat itself has no external influence

-- because the software itself is non-competitive

- 3 counterexamples: it would be nice if developers could eliminate development/maintenance requirements. For example, rejecting them or demanding money from them.

-- but it will still be non-competitive, and the free-ride incentive will still exist, so it will be hard to raise the necessary amount

-- Sad.

__pandaman64__: - these things can be learned in economics (especially microeconomics)

- Recommended textbook: The Power of Microeconomics

- Interesting read: Economics for People Who Hate Capitalism ｜Book Publishing｜NTT Publishing

nishio: >Public goods are... A good that is at least one of non-competitive or non-excludable... Competitiveness is the property that the benefits of a good cannot be gradually preserved without additional costs as the consumption of that good by consumers increases.... Exclusiveness is the property that can actually exclude the act of consuming a good without paying for it.... Public good - Wikipedia

nishio: the concept of excludability is particularly interesting. If the maintainer is asked to work for free, he/she can just say no, there is no obligation to respond, so why not do so? This is because it is in the maintainer's interest to work for free when non-monetary incentives are included.

nishio: For example, here is a situation: I have a library that I have maintained for many years, it is the most used of all similar libraries, and I am proud to be the best. You have a library that you have maintained for many years, which is the most used among similar libraries, and you are proud to be the best. If you don't take action, users will stop using your library and move on to the second best library.

nishio: In this situation, if we only look at the financial incentive, we can say "the maintainer is not obligated to do the work for free, so just refuse, or charge a reasonable amount of money. But for some reason, the maintainer doesn't choose to do that, and then does the work for free and complains. Why? Because the maintainer has another incentive. In this case, it is pride.

nishio: To generalize more, the creators want users to continue to use the software and want more users, and they provide free software and free maintenance as a means of satisfying this desire. The software is provided free of charge and maintained free of charge as a means of satisfying this desire. By doing so, they are giving up their original exclusionary nature.

nishio: this thread is also interesting:.

ruten: this is, I think, something I've been thinking about as I've been putting out a lot of free software myself. → "How to deal with the tragedy of shared land in OSS - Yasukazu Nishio's Scrapbox."

ruten: "Writing a program or something to provide a function" is a "proposal" to the world. There are ideas to improve the world, to make it more convenient, to make it better than it is now. Sometimes, the program is the embodiment of that idea.

ruten: So, it is pure fun to see the number of users of the program increase and the size of the user base grow, because it proves that my "problem-solving approach to society" was correct. I genuinely enjoy it.

ruten: But maintenance has nothing to do with that kind of enjoyment and becomes an obligation, I think. It's just work. And maintenance work inevitably occurs as the number of users increases and the opportunities for use increase.

ruten: So one way is to detach it from yourself and say "feel free to maintain it," but a program is an idea, its own thought about the world, and a part of itself. It is an idea, a thought about the world, and a part of itself that is integrated with itself.

ruten: I think it's difficult because you have to give up your own ideas, the achievements you've made in proving them, and the satisfaction of the desire for honor you've gained from them. Emotional issues are involved.

ruten: I suspect that many people would not do the act of writing and publishing a program for free if they did not have an emotional need to begin with. There may be times when it is purely a case of giving back, but some kind of greed tends to get involved. It can also get involved along the way.

ruten: at some point the free development and delivery of a program, and the emotional rewards that come from it, will have an inversion of the balance. This happens as the maintenance load increases. So many developments stop halfway through, as motivation drops off. Because in many cases, the pinnacle of the reward is where it is recognized and accepted by many.

ruten: It would be nice if there was some kind of economic monetization system, but then the system would be taken advantage of by those whose supreme goal is to maximize profits. It is quite difficult.

ruten: however, I think it would be healthy to have some sort of economic benefit. I wondered in this case about the emotional damage that can be done, especially when it comes to free use by huge for-profit corporations.

The argument that the MIT license is evil

justinto_nation: in this case, I don't like the "I went crazy because my life was in trouble" kind of story, and in the first place, the OSS The author going crazy (or being found crazy) is a risk that always exists, besides natural disasters.

justinto_nation: In the end, is the maintenance and release of the OSS (project) dictated by the reliability of the OSS (project)? Is it done democratically? (Is it done democratically?). (Is it done democratically?).

This way, the OSS of a weak scale can automatically die/kill in peace.

justinto_nation: i feel like the MIT license is fundamentally bad.

I certainly don't think it's an exaggeration to call this guy a dumper.

justinto_nation: whatever, there are some places where I wish more various OSS projects would go crazy!

If you don't, the world won't realize how important you guys are, or maybe someone will observe an indicator of how much huge companies are spoiled by MIT (not just the free ones): ......

/tkgshn/ just rely on higher organization.

Pointing out that basic income is the idea that you can rely on a "higher organization" called the government to do something about it, and that they have no idea how to make that spending a sustainable mechanism.

certainlynishio.icon

I guess by pushing it to a large organization called the government, you lose the details and have the illusion that the money will come from somewhere.

The composition has not changed because the money needed for spending is eventually collected from the individual in the form of taxes or inflation.

---

This page is auto-translated from /nishio/OSSで共有地の悲劇が起こることにどう対処するか using DeepL. If you looks something interesting but the auto-translated English is not good enough to understand it, feel free to let me know at @nishio_en. I'm very happy to spread my thought to non-Japanese readers.