Lesson 1: Respond instantly
Lesson 2: Early communication is essential
Lesson 3: Treat contributors like team members
Lesson 4: Age reports keep you honest
Lesson 5: Burndown is a must
Lesson 6: Consistency is the name of the game
Lesson 7: Documentation is king> Long-forgotten issues and PRs sap enthusiasm and hinder progress.
There are a truly massive number of open source projects that would benefit from this.
Mozilla is pretty much the poster child for "major issue that usually annoys the hell out of users who come across it, for a decade or more." Firefox and Thunderbird are littered with bugs that are half a decade to sometimes as long as two decades old. There are something like 40,000+ verified bugs in Firefox core.
Instead of those bugs getting fixed, we get shit nobody asked for like massive UI overhauls that everyone hates, integration of SaaS shit like Pocket, secretive data-collecting force-installed plugins for a media conglomerate's TV show (!), and so on.
Maybe they could free up some resources by firing some of the numerous product and project managers, while also moving their offices to places other than "the most expensive zipcodes in the most expensive real estate markets all over the world", while also trimming the CEO's pay, which has gone up even as market share has plunged; she's failing upwards.
To see the bugs fixed that bother you, contribute to the open source project? Can be code or paying a developer.
see also http://antirez.com/news/129 after "Flood effect" on some discussion on why this does not scale to open source projects.
Apply custom patches third-party code in the same way as you apply patches to your code. Prefer posting these patches in the upstream project you depend on - this will improve the quality of the upstream prpject and also will reduce the amounts of custom patches on your side.
The hardest part is to update heavily patched third-party code to new releases with significant changes. Fortunately, this happens rarely in real life. Bugfix and security releases for third-party dependencies are usually easy to apply even to heavily patched code in your repository.
Real-life example: we at VictoriaMetrics store all the code for third-party deps inside "vendor" directory. This is very easy because Go provides easy to use tooling for this - just run `go mod vendor` and that's it! It is also very easy to upgrade third-party deps via editing "go.mod" file with subsequent `go mod tidy && go mod vendor` command. It is easy to inspect changes to third-party code for security issues and bugs after this command with `git diff` before commiting them in our repository.
If it's a collection of changes, small improvements, etc to existing projects and repos then personally I'd go for separate forked repos. Then you can track your changes relative to the original project source code and (hopefully) contribute back PRs etc more easily.
As always - there are pros & cons to both - just a matter of choosing the approach that feels best 51% of the time :-). Of course, it's minor in general compared to the value of just keeping on moving on your projects and work!
But actually, the given solutions are mostly communication-focused, and the automation is to aid in that.
Good read.
What tool are you using to make the age reports? How do you determine if it's waiting on the submitter or the reviewer? Is it based on last comment? or requesting a review, etc?
There once was a tool similar to this that github bought and it was quite nice even for a small internal team but I'd really like to know what works well at your scale.
Cheers!
I hope they help - let us know if you give them a try!
1 - https://github.com/turbot/steampipe 2 - https://hub.steampipe.io/plugins/turbot/github 3 - https://hub.steampipe.io/mods?q=github 4 - https://github.com/turbot/steampipe-mod-community-tracker
That said, the tips is that article are equally valid for single repositories.
That said, all the solutions are applicable irrespective of how many repos you have. First I'd heard of an "age report" too. I like that idea. It's too easy for bugs to be marked low priority and then never get fixed.
I'd recommend also shrinking the number of repositories - this can significantly reduce the amounts of efforts needed to sync changes, which span multiple repositories. Ideally there should be a monorepo, where any change can be put in a single atomic commit, even if it touches the core part of the code, which is used in thousands places of the rest of the code.
Another recommendation is to keep user docs in the same repository as the code - then docs can be updated synchronously with the code in a single commit.
We at VictoriaMetrics are following most of the recommendations from the blog post, plus we try minimizing the number of repositories in order to reduce maintenance burden as described above.
1 - https://steampipe.io/docs/develop/plugin-release-checklist
I am also looking forward to seeing LLMs applied to this space.
Plenty of problems could be solved with some simple research and understanding of the code in a project. If that could act as a barrier between those with issues and those who contribute, I imagine it would help a lot.