Hey guys, this time I really messed up :/
I think you should see something.
Like I mentioned many time before, this isn't my first attempt at creating an aggregator. Years ago, I built something similar, and back then I drew a lot of inspiration from Postmill. This time, to avoid starting from scratch, I get some elements from my old snippets. Originally, kbin was meant to be a project just for me and a few friends, so I didn't attribute the origin authors. That's not an excuse, though — I should have done it right away when the project became public on git. I have a point in my roadmap called "Preparing a repository for contributors," where I allocated a significant amount of time to educate myself about licenses, attributions, and so on. Unfortunately, everything unfolded in the wrong order.
https://codeberg.org/Kbin/kbin-core/issues/196
I think Emma is right. Since I share my small successes with you, I also want to be transparent about my failures and mistakes. I will push the proper attributions to the repository today along with some critical fixes.
To avoid reinventing the wheel, I took some code used in federation from Pixelfed as well. Essentially, there are two projects two projects will be marked. However, I have never concealed this fact:
I mean that I'm not a guy who wants to steal your code. It's obvious that someone will take a look at the code of a project that is very similar to theirs. Sometimes, I just become terribly messy when I have to do many things at once. This lesson will definitely teach me to prioritize tasks better.
In the end, I can only promise that once everything settles down and I manage to extract a library for ActivityPub, I will revisit the Postmill repository, this time with a pull request proposal.
You should definitely check it out.
https://postmill.xyz/ - Project page
https://raddle.me/ - Postmill instance
https://pixelfed.org/ - Of course, everyone here is familiar with this one ;)
PS. the website should be running a bit faster. I will talk about it next time.
This is the kind of transparent communication that buys so much goodwill and trust from the community. I've been enjoying my first experience in the Fediverse with Kbin, and the response here only makes me love it that much more. Nicely handled.
I think we did a good choice
Agreed. I had already created an account on a Lemmy instance (Lemmy.one since I wanted to avoid the two main .ml instances). I had just about settled but decided to give Kbin a try. While it doesn't seem quite as far along in it's development, it struck me as a better user experience. Combined with reservations I have about the Lemmy developers... Well, here we are. And seeing this level of involvement and dedication to doing the right thing from the developer confirms that choice. Kudos @ernest
I've been using both sides to figure things out, and I always end up using kbin more.
I like Kbin so far (as I post from Lemmy), and if I had the capability I'd write an app for it.
As I am totally new to this whole thing, could you elaborate for me on those reservations about the lemmy developers? And are those the same that created lemmy.world?
Seems just like another day with open source software.
You gotta be careful about licensing and attribution and it can get really messy, but no big deal really.
Seems like you're correcting this and acting in good faith.
It shouldn't happen, but it happens. Thanks for the transparency
Agreed, that's the key - act in good faith.
If you make a mistake, try to fix it in good faith. Seems like that's what is happening. 👍
@ernest Hey man, if it's of any help, I have a PHP (laravel) project which mostly federates fine, license is AGPLv3 as well, so feel free to reuse what you see fit.
I will definitely check it out! Thanks
@ernest It's still wip so not all AP activities are supported yet, but it's powering some of my bots ( @BigBo_Energy @MeteoUY @LaDiaria )
It makes a strong impression at first glance.
We appreciate the transparency and hope everything can be solved without much friction. Keep it up!
@ernest I thought you killed someone, based on the title 😂
I agree with the other commenter. Seems like you’re making it right. This is a new and sometimes messy frontier for a lot of people and processes. If someone is worried about protecting their IP, this isn’t the hill to die on.
Me too. I was mentally dreading a ReiserFS moment.
Cross-posting my comment:
This is one of my largest frustrations with the open source community. Everything is immediately assumed as malicious. There is no escalation, it's "you screwed me over" from the jump.
I suppose it's bred from decades of large corporations pilfering open source for profit. However, this post could easily have been, "I noticed there's some code I wrote that wasn't attributed, would you mind adding that?". Escalate from there if the appropriate actions aren't taken.
For real, the person's name is LitigousEmma. This is one step away from a copyright troll, which imo seems to the the mortal enemy of the idea of FOSS. Did this Emma recognize all the developers of the programming languages they used, or the people who made the computer they worked on, or the pioneers of electronics in general? It's not like Emma took quarks and atoms and turned it into an web aggregator.
In LitigousEmma's defense, kbin did not comply with the license terms of the open source software, so there is a valid concern here. Unlike most programming languages which are often released under licenses which do not requite attribution.
However, mistakes happen. The open source community is better off if we could all just start from 0 and escalate based on response.
Honestly that's my only issue with this. Ernest was totally rightfully called out for this, as he should have been. But Emma's knee jerk reaction is just a real bad look. Don't make any attempt to reach out and figure out why it's in there. Immediately make a public post accusing him of stealing code, trying to hide that he stole it, and claim it as his own...on a FOSS project no less...
Surely there's a step or 2 before that point..
I don't have any issue with opening an issue in the repo, that part seems reasonable. It, by definition, is an issue with the codebase.
Right, I wasn't saying it shouldn't have been a public post. Just that the public post shouldn't have immediately jumped to accusations. FOSS or not, accusing someone of stealing code and intentionally trying to obfuscate its origin to pass it off as their own is a big deal for a developer. One that can destroy your reputation
A simple "I've noticed snippets in here of my work that falls under a license which is not attributed at all. Could you add the proper attributions or remove it from your project?" says the same thing and doesn't jump to any accusations that you have no idea if are true or not
Not knowing either parties at all, I'd say the best solution is to assume both meant the best and some mistakes were made. One for forgetting to give credit for code, the other for wording in their asking to fix the mistake. At the end of the day, credit is given and the code grows, both benefit. Don't dwell on the small stuff that got there, problem is solved.
Agreed! Totally think this is a learning experience for both sides
An...earnest mistake?
I'm sorry
Some good points but a counter point to consider.
Whether it’s a photo used without permission by a big company or people using your work without attribution there does tend to be a dismissive attitude overall (not that that is the case here)
I can see how somebody could come into this situation with that as the background and just cut right to the chase.
There wasn’t a “cease and desist” (the legal equivalent of an ahem) nor a DMCA copyright takedown (harsher but less financial damaging than a copyright suit with damages)
Their tone was scolding but it was a “hey… heads up… you gotta fix this” without resorting to any of the above.
Ernest took it with the right attitude and Emma accepted it and that’s that.
Couldn’t really ask for a better outcome and Emma has every right to come out swinging harder than she did.
I can’t speak to her experience with this but personally it is sometimes better to be firm (but fair) at the outset so people don’t ignore a softer tone requiring you to escalate it.
That’s just bad for everybody all around.
Copyright is the enemy of freedom and knowledge. What if Einstein copyrighted E=MC^2? Emma didn't create the software, they just figured out how to make it.
And instead of making it closed they made it available under open source licensing. With the only terms being attribution.
They’re not the bad guy here. Nor is Ernest. There’s no bad guys here just a mistake, a call to fix it, a fix and an acceptance of that fix.
Really Ernest showed the perfect example of “if you have to eat crow eat it while it’s young and tender”
What an interesting phrase. I've never heard that one before. Perfectly sums up less elegant forms of phrasing it.
We have a similar one in Nigeria. If you are going to eat a frog, eat a fat one that has eggs
He couldn't have copyrighted E=mc^2, he'd have had to patent it. But laws of nature are excluded from patent eligibiligy in the US, and presumably most other jurisdictions.
Software code is an interesting edge case in the middle. The code itself is a creative expression, and so copyright applies. This brings benefits as well as restrictions; software code is also speech as far as many free-speech rights are concerned. The algorithms expressed by the code are subject to software patents, which is a more controversial grey area.
I agree. Firstly, a public post...and secondly...a public post bashing a fellow developer with passive aggressive quotes.
Now I may be assuming but it didn't seem like LitigiousEmma mad an attempt to privately contact Ernest and... and assumed the worst in the post.
I'm just a reddit normie so I don't know what happens behind the scenes but so far Ernest has been earnest and honest... as long as that is the case I'll stand with you bud!
You made a mistake and are taking responsibility for it. I respect that!
P.S. - Notice how LitigiousEmma's post is recent. LE just wants their name out there. If Kbin flopped then no fs would be given.
Nah I do believe that it was right to open an issue, and also that the code should've been credited. But it is now. Also I mean... yes? How else would you expect for them to find the code? /kbin is a project with quite a few eyes on it now. If you upload a project that nobody looks at, of course things like that go unnoticed. Doesn't make them less wrong.
But all is well that ends well. If you do anything in the public, you gotta be prepared to deal with people who might not be the friendliest. That's fine. I think defusing the situation like was done here and immediately fixing the problem was exactly how this kind of thing should have gone. It's on all of us to defuse tense situations, whether we're bringing up an issue or responding to an issue brought up by someone that might be offended. Kinda like how you should be driving defensively to avoid any accidents before they can begin to happen. I guess? Oh god I'm making too many driving analogies today I really gotta stop.
[edit]: I'm also not trying to call out the person opening the issue. There are many ways why it might have been worded like that, including past experience. People are very complex and seeing just a snippet of them like this isn't what we should immediately base all of our judgements on.
I like you even more now for admitting your mistake without any hesitation and taking the steps to rectify your error. Keep up the good work!
Right?! This is winning some direct support right here!
It's alright. I do think the actual issue was worded perhaps a bit harshly and combative, and I think you responded correctly. Very much appreciate the accountability here. To be honest if anything, this probably gives me more faith in you in the long run. There are many ways you could have dealt with it, but as far as I can see you've dealt with the issue as honorably as you could have.
Proper attribution can be tricky. We all learn. We all make mistakes. A lot of us will never release a project that makes it as far as yours has so even our issues don't become even nearly as visible.
Keep your head up and stay calm. You're doing great. We got you.
It's certainly a far cry away from "We will remain profit driven until profits arrive" that a certain someone said in response to a legitimate question over on the other site. A breath of fresh air really.
Lol, exactly what I was thinking. I can't imagine a Reddit admin posting something like this.
Frankly, it's very refreshing to see someone running the show that has this combination of work ethic, passion without hunger for power, and honesty. Thank you for the transparency!
You've obviously got a million things going on a minute here. Like someone juggling flaming swords, I don't think anyone is going to blame you for dropping one accidentally while more fire-soaked swords keep being tossed at you. Seems like you know what to do and that there are a lot of talented folks here willing to provide help anyway they can. We're with you (me in the sentimental sense, I'm not so talented when it comes to coding)!
Everyone makes mistakes. Your response was not to deny or try to redirect blame, but to own up to it and fix the problem - and there is no lasting harm. Honestly if anyone asks for more than that they're being an arse! Keep doing what you're doing, I'm one of the trillions of Reddit refugees, and I like what I see here
As a thought, this project is clearly suddenly getting much bigger than you intended. Maybe see if you can take inspiration from Linux Torvalds about how to manage a project on this scale while retaining control of it - he is basically the benevolent dictator of the Linux kernel, what he says goes (and he has had some very famous arguments!), but he does delegate and take help where he needs it.
The title here scared me so much haha. It just seems like there's a credit issue? I don't think you've done anything wrong. Small projects naturally are like that, and kbin kinda exploded in size quite fast, so it's understandable. Transparency is good. There's no rush I think. Honestly this post just makes me realize even more how awesome kbin is and how great of a dev and admin you are. It's rare to see. Massive kudos.
Seems that so long as the attribution is in place the Postmill people aren't going to push it further. I (and I hope the community) appreciate your transparency and honesty. That's the sort of thing that makes me want to stick around here and support this project.
And for fun, I will check out those other sites, since I hadn't heard about Postmill/Raddle before.
last time i used raddle, admittedly it was about a year ago, it was a barren wasteland.
Damn emma really tore into you in that issue lol. A lot of assumptions about malicious intentions when a simple mistake seems much more likely. I mean I know they're in the right defending their work but damn idk if they needed to make such a big public stink about it lol
It seems to me that she did it very gently ;)
Contacting the project "officially" through the the public tracker was the right thing to do.
As for the tone of the message - I don't think it was out of line considering the circumstances.
Mistakes do happen (licensing is actually hard) - and I'm happy to see it got fixed fast.
Which is why the tone is striking people here as over the top. Ernest is clearly not a large business trying to profit off their work so some benefit of the doubt was warranted.
Ernest corrected it and the story is over so none of this matters, but open source devs going at other devs who make a mistake with attribution just makes the ecosystem a less nice place to be. Save that hostility for the ones trying to take advantage of others
Yeah I suppose you're right. Just the little digs at earnest's character seem needlessly hostile to me. like saying he edited the code to hide its origins or saying "what would your sponsors think?"
idk. just don't like it. I do feel for them, I'm sure having your work copied without credit sucks. just wish we could all be friends and hold hands and shit:(
@RaleighEnt @ernest Yeah, this part - "I have never given you permission to take my work uncredited and slap your licence on it--I wonder what your sponsors would have to say about that." - Seems unnecessarily harsh. It's not wrong, it's just a bit overboard. "Never attribute to malice that which can be attributed to ignorance." or however that quote goes. It's a simple oversight.
If there's anything I've learned from programmer humor reaching all it's that 95% of code is creatively liberated.
That being said I'm happy to hear you being transparent and giving the credit where it's due!
Keep up the good work man and try not to burn yourself out, I know this just be a stressful time!
I honestly don't see this as a big deal, but I'm glad that you're being honest and open. Attribution is cool and all, but Emma makes it sound like you committed some sort of cardinal sin. I can never understand why someone who uses a permissive license gets so upset when their work is not attributed, you gain almost nothing from it.
Again though, attribution is still a net good. I think it's the polite thing to do, and I'm glad you're doing it.
When you ask for very little (credit for your hard work), it's even more infuriating when you're deprived of it. You could compare it to stealing ideas in academia - the omission of one tiny reference makes a huge difference.
That said, there is such a thing as a honest mistake, and Ernest is handling it in the best way possible. But there are enough instances of permissive licences being abused that I don't blame the original author for initially taking it badly.
I agree these things are a big deal for the original author, but you also have to consider what the other party is doing with your work. The tone of that issue is pretty hostile when a simple issue saying could you grant me proper attribution would have worked just as well. Ernest isn't a large company trying to profit of their work, he's just one dude. He was building a small project for just himself and released without clearing up his attributions. Its a small mistake that's easily rectified and didn't need to be so hostile.
That's fair, I guess I just view it differently. For me what I actually care about is copyleft. If someone says they used something I made I couldn't care less. At the end of the day I care if it's open source, if it's not then we have a problem.
Seems to me you're handling it the best way possible - yes, re-using open source code without proper attribution is an unfortunate mistake, but you've also clearly explained the reasons it happened. I also understand why the original code author reacted very strongly; when code is stolen maliciously and with intent, it's a huge "fuck you" to the original authors, who have freely released their code on the basis that they receive attribution of their use.
Good to see you've subsequently made up, and the code can stay. Thanks for being transparent, @ernest!
Licenses are hard. The fact that you are being transparent means this was not malice. Keep improving, and it all will work out in the end.
Website is definitely running faster. Thank you @ernest
Emma's point is valid, but it was a pretty ham-fisted and overly-agressive way to approach it. May need to touch some grass. Could have just been a "hey, noticed this. Could you look into this?" And then if your response wasn't great then get mad. Seems like the assumption from they get-go was that you're just an asshole that didn't care and did it intentionally.
You, sir, are an honorable person. I think I can speak for all open-source hobby programmers when I say: you make us proud.
Don't stress ernest. Mistakes happen
Thank you for the transparency
This is exactly what we like to see, people actually taking responsibility for their mistakes and rectifying them in an open and transparent manner
@ernest thank you for being transparent with us, it's what we can hope for when on platforms like this. I am happy to be here on kbin!
Is 'LitigiousEmma' an inside joke, or an extremely relevant username? haha
Edit: For some reason this keeps bouncing around in my head and the more I think about the more I believe that Emma should have contacted you privately (at first, anyway) instead of jumping right into attempting to publicly shame you.
The issue tracker for kbin codebase was the correct place to submit the complaint.
Licensing issues are tricky and if you're the copyright holder there's no way to know if people stealing your code are acting in good faith or not. Best course of action is to document and report the violations "officially". You need to have a clear track record in case the other part is going to try to deny or obfuscate the situation.
It was the right thing to do.
As for the tone and the username.
From what I can see, she's the main dev for that codebase and has been for many, many years. She gets to decide the tone, she's the one who's defending her rights and work.
Having said that, ernest handled it well - and is clearly acting in good faith. So that should be the end of that.
I’m not a coder, so hopefully you can answer my question. When using open source code, does each instance of borrowed code need to be “tagged” and identified to attribute to the original author? My brain keeps telling me that all this code needs is a MLA reference page, but after reading this post I’m assuming it’s more difficult than that.
Yup that's basically it. If you have some electronic device (like an Android or iPhone), you can go to some sort of "about phone" setting page and poke around for a licenses button that'll show you all the software that your device uses. It's just proper attribution.
I've done reverse engineering and found obvious illegally used GPL code in closed source projects, and they could (theoretically) get in big trouble for not following the license. (I anonymously requested their source based on the terms of the license, but the company threatened to sue for reverse engineering, so it's often not worth it)
Hi Emma!
We appreciate your honesty and transparency, keep up the good work!
That's ok dude. That's the nature of coding. We all copy and paste and take ideas from other places. Attributing is a low priority for minor personal projects and now suddenly your personal project is a bit bigger.
All good. No harm done. I look forward to seeing how this platform grows even more.
Mistakes happen, what matters is how you recover from them. Keep doing what you’re doing!
Thank you for being fearless in your honesty and humble with your mistakes. Keep up the momentum bro.
Oh this is no big deal at all (because your code is already open source)! I've dealt with similar situations at businesses before and it's just a matter of including the correct licenses and annotating the code where appropriate.
Let's say you used some AGPLv3 (strongest copyleft license) licensed code and you're not distributing your code under that same license. How do you use the AGPLv3 code in your code even though you're using say, Apache 2.0 license? The simplest way is to move that AGPLv3 licensed code into it's own folder/file(s) and put that license in there along with it. Also make sure you add a note about this in your
LICENSEfile and indicate that if someone includes that specific code in their own implementation they'll need to adhere to the AGPLv3.Some FOSS licenses are incompatible with each other but I don't think you have that issue. For stuff like the Zip license, Apache license, MIT, and similar licenses where you must "give credit" just add comments surrounding that code saying where it came from, what license it uses, and also include references to it in the
LICENSEfile.Loads of FOSS repos have complex stuff like this! It's a bit tedious for sure but it's not rocket science. You just have to do your homework and basically, "write everything down" (giving everyone credit and paying close attention to special cases like the AGPLv3).
Lol, she picked a hell of a username on codeberg. Very fitting.
"Hey Ernest, I see you have used my code from (project) without proper attribution as required by the license. Can you please correct the attribution or remove the infringing code?"
How hard would that have been? If she didn't get the response she wanted she could then escalate.
Although I'm parroting other's sentiments, I really do appreciate the transparency you have shown. Keep up the good work!
@ernest I appreciate the transparency on this. Don't beat yourself up too much though, we all make mistakes and this one is easily fixable with attribution.
You can only be honest like this and do your best! Thanks for all your hard work!
I feel a lot more comfortable with the developer of kbin (@ernest) than the Lemmy devs.
Here, he messed up by not giving attribution for some code, but the transparency and remedy of the error are appreciated.
It’s nice to see something that builds trust as opposed to burning it down like at #Reddit
#fediverse #kbin
Every single thread or comment I see from you further cements the image of a good dude.
Mistakes happen, how we handle it defines us, and you've handled this the best way possible.
I feel like you being this transparent about the whole development process is really going to help you earn the users' trust :)
Thank you very much for the transparency
It was a mistake and you went about this the right way. You're doing an amazing job!
I have no idea what this means but admitting your mistakes shows you are a mensch. Appreciate the updates and the effort!
Don't be so hard on yourself. Shit like this happens.
Thanks, Ernest. You’re good people. 😊
However I feel about the wording Emma chose, at the end of the day it was within her right to call you out. It's a great sign of good faith that you took the criticism, apologized, and are acting on it. From personal experience I also take stuff from the internet for personal projects... except my personal projects don't grow a thousandfold in terms of users almost overnight.
Don't sweat it, man. You're doing great.
You handled this extremely well, especially in the face of someone so clearly looking for things to be outraged by. LitigiousEmma had no reason to be that aggressive right out of the gate and comes off as someone that the Open Source community would be significantly better off without.
Regular and honest updates is what most platforms sorely lack. Thank you for this post! Things like this go a long way in cementing what big-name alternative makes it and which do not.
Most of the techy stuff goes over my head, but I do understand the importance of giving credit, as a student in the world of science academia. It looks like you're handling the situation well. We're all human, we all make mistakes, and plagiarism is a serious thing that slips under our noses sometimes. You're learning from this experience, which is a good thing!
Transparency matters. Even if it comes a little bit late, its good to see the ability to admit a fault. Btw, thanks for allowing us all to hijack your once upon a time small website @ernest lol
Good on you for being so transparent! Very well handled mate.
Appreciate the transparency Ernest.
Dude, well spoken! The author is in her right to confront you on it but you're handling it the right way.
You're the earnest Ernest I've ever come across.. technically the only Ernest but who knows right.
I think it just becomes a habit to use public libraries as a developer, that licences is not something you give a lot of thought after a while. And then your project blows up and a developer asks for an attribution. Which you gave, and was accepted! I don't understand the drama! It feels like it was settled very amenable and friendly!
@ernest Shit happens. Thanks for owning it and making it right :)
💕