cx405
commented
1 year ago @Minion3665 @Derpford (for visibility)
Closed cx405 closed 1 year ago
cx405
commented
1 year ago @Minion3665 @Derpford (for visibility)
kira-bruneau
commented
1 year ago If you want a technical reason: The core developers of PolyMC were kicked out and made the Prism Launcher fork. If you have two duplicate projects where one is effectively no longer maintained, it makes sense to point people towards the project that's actually maintained. Especially when you have to trust the developers with access to your Microsoft account to use the app. Given the choice between a single maintainer who's been shown to be hostile to a specific marginalized group of people, or the original community of the project, it's a much safer bet to trust the original community. If you can't recognize a single person having the potential to steal your Microsoft credentials as a threat, especially given how dramatically everything happened, I really don't know what else to say.
If you believe there are technical reasons for adding it back, then open a PR and make the case for it, but it's unfair to imply that the decision was "unprofessional" because you disagree with it. Especially when you mention that as a project owner he had the right to kick people out the project, but then the NixOS community doesn't have any basis to find that behaviour threatening and remove the package? I'm trusting that you don't actually have bad intentions, but that sounds like a biased application of your beliefs.
I think you also have to understand that NixOS is not just a technical project. It's a community of people volunteering their time. A lot of the people who are part of the NixOS community have to live with the overwhelming targeted hate and harassment that lenny has shown (including myself). I don't think you'll find very many people in the community will want to volunteer their time supporting something that's been actively hostile towards community development.
Minion3665
commented
1 year ago I think Kira has said anything else that I would want to say, thank you Kira.
I'm going to close this issue now (I think I can do that but not lock them?). See you around.
Hi.
But the original PolyMC, current PolyMC and the fork Prism, both did this in the past and do this now. There are no risk increase as there are no facts about malicious activity. If there is proven malicious activity: stealing keys, installing malware, spyware and so on - then the software should be booted. But there are none.
I think you confuse it with a perceived risk, but its from psychological field. For the same reason, people involved in non-technical conflict forked a project as they feel they can't trust the other party. This is understandable, but the trust choices for people of one group does not translate global trust.
Using technical malicious activities (commonly "hacking", "hacking activity", "hack tools") , regardless by what group and for what purpose, does translate into global (dis-)trust.
I believe you are confusing personal mis-trust with global based on technical evidence. Possibly you are personally involved in conflict.
I have read the few bugs on PolyMC and this is also not correct. I think the correct timeline is this:
Which technical risks and who are we, please? I think the correct act here would be to link the people using PolyMC into direct evidence, so that people themselves can draw consequences and decide whom to trust and how to proceed.
Until now there has been no technical malicious activity from PolyMC project.
PolyMC has instructions on the website, that include installation on NixOS. Overriding won't help here much I think, because the projects may drift apart (which is natural).
If you have been a maintainer of PolyMC in NixOS and decided to drop it and switch to the fork Prism, regardless of your motivation (I believe you don't need any, its free software) - this does not translate into dropping of PolyMC, let alone - blocking it.
The resolution I wanted was actually: 1) more accurate information about what happened, ideally with links to archived discussions, so people using the software decide what software to use for themselves 2) Prism fork in NixOS (which happened) 3) PolyMC in NixOS unmaintained or switching maintainers (it was dropped instead) 4) block of any project in NixOS that engages into technical warfare/malware (PolyMC doesn't fall into this area, previously or currently)
Given that it has been resolved the way it has been resolved, rewinding is possible, but is basically on the shoulders/conscience of NixOS curators, keyword "professionalism".
We were not arguing: I posted my opinion of the subject, Derpford responded with his opinion. After exchanging arguments, I commented that this case was resolved in a terrible way and is basically done for me. Derpford preferred to continue discussion thus I continued responding. At some point we posted diametrically opposed opinions, where it ended and which is pretty normal thing.
Neither of us tried to convince the other with force or badwording, so it puzzles me why this was attributed as "heated discussion".
Posting the comment and then closing the thread is not really nice, as your opponent has no chance to respond to that. This is behavior is normally used in law enforcement / penitentiary system, I believe this is wrong way to communicate in development as this contributes towards a non-transparent, prejudiced society (the way I see it).
I am not sure what happens to both projects in the future, nevertheless I wish you good luck coding. Best
Reply to https://github.com/NixOS/nixpkgs/issues/196480#issuecomment-1523181235_