To the Colors
Welcome
Users of the colors.js color conversion library were surprised recently when their printers started to print "Liberty Liberty Liberty…" and then began spewing random characters in an infinite loop.
Dear Reader,
Users of the colors.js color conversion library were surprised recently when their printers started to print "Liberty Liberty Liberty…" and then began spewing random characters in an infinite loop. The weird appearance of the printed page made those users wonder if a vandal had broken into the source code, but the truth that began to emerge was much stranger.
It turns out that the developer of the colors.js and faker.js libraries sabotaged the code himself. Marak Squires had apparently become disillusioned with the way large companies were using his code without contributing or providing compensation. On November 2020, he wrote on the faker.js GitHub page, "Respectfully, I am no longer going to support Fortune 500s (and other smaller-sized companies) with my free work. There isn't much else to say….Take this as an opportunity to send me a six figure yearly contract or fork the project and have someone else work on it."
At the time, it wasn't clear how the story would end. This month, we all found out.
Although colors.js and faker.js are independent projects that are largely overseen by a single volunteer, they have quite a large footprint in the world. According to reports, colors.js receives more than 22 million downloads per week and is integrated into many open source tools by commercial vendors, including the Amazon Cloud Development kit.
This kind of story always makes us want to choose sides for a proverbial "haves and have nots" or "business" versus "everyone else" debate. However, it would not be accurate to assume that the Free Software founders opposed commercial uses. The four freedoms that underlie the Free Software movement tolerate no restrictions on how the code will be used (as long as it stays free), and the commentaries at GNU.org make it clear that prohibiting commercial use is just another limitation on freedom.
One of the reasons the early Free Software pioneers didn't care if someone else got rich was because they totally didn't believe that getting rich was all that important. They wanted an identity for Free Software that was independent of wealth, and to them, the best way to ensure that was not to restrict wealth but to not care about it. Of course, they were young back then. As volunteers get older, they start to think about a mortgage and college tuition for their kids, and the idea of contributing for the pure joy of it while a large corporation is deriving value from the work must be quite unsettling.
I can see why this developer was ready to stop giving his work away for free – especially with mega vendors like Amazon using his code and not pitching in or compensating him. However, the problem with this kind of dramatic exit is that it plays into the hands of those who depict Free Software as a playground for unruly anarchists who can't be trusted with real business. I can imagine there are Microsoft sales reps out there right now scheming on how to work this episode into their pitch.
Note that none of this has anything to do with Linux – at least directly. The affected projects are based on JavaScript and are therefore cross-platform, but in the long run, this kind of theatrical protest is not a good look for the open source development model, which means it isn't good for the Linux community.
Independent open source developers burn out all the time, and, ideally, resources are available within the project for an orderly transition. However, many projects are too small or too fragmented to provide the needed continuity. What is striking about this case is that Squires served notice all the way back in 2020 that, unless a paycheck was on the way, someone else would need to take over. Should we have been listening? Perhaps it is time for the Linux Foundation or another of the multimillion dollar organizations dedicated to overseeing the Linux image to provide some direct outreach and transition support for these small projects that give Linux so much of its luster.
Joe Casad, Editor in Chief
Buy this article as PDF
(incl. VAT)
Buy Linux Magazine
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs
Subscribe to our ADMIN Newsletters
Support Our Work
Linux Magazine content is made possible with support from readers like you. Please consider contributing when you’ve found an article to be beneficial.
News
-
Linux Servers Targeted by Akira Ransomware
A group of bad actors who have already extorted $42 million have their sights set on the Linux platform.
-
TUXEDO Computers Unveils Linux Laptop Featuring AMD Ryzen CPU
This latest release is the first laptop to include the new CPU from Ryzen and Linux preinstalled.
-
XZ Gets the All-Clear
The back door xz vulnerability has been officially reverted for Fedora 40 and versions 38 and 39 were never affected.
-
Canonical Collaborates with Qualcomm on New Venture
This new joint effort is geared toward bringing Ubuntu and Ubuntu Core to Qualcomm-powered devices.
-
Kodi 21.0 Open-Source Entertainment Hub Released
After a year of development, the award-winning Kodi cross-platform, media center software is now available with many new additions and improvements.
-
Linux Usage Increases in Two Key Areas
If market share is your thing, you'll be happy to know that Linux is on the rise in two areas that, if they keep climbing, could have serious meaning for Linux's future.
-
Vulnerability Discovered in xz Libraries
An urgent alert for Fedora 40 has been posted and users should pay attention.
-
Canonical Bumps LTS Support to 12 years
If you're worried that your Ubuntu LTS release won't be supported long enough to last, Canonical has a surprise for you in the form of 12 years of security coverage.
-
Fedora 40 Beta Released Soon
With the official release of Fedora 40 coming in April, it's almost time to download the beta and see what's new.
-
New Pentesting Distribution to Compete with Kali Linux
SnoopGod is now available for your testing needs