Some days I wonder why I bother. I’m sure others who have open sourced their code have had (and continue to have) the same experience. In fact, I’ve read about it, so I know it affects all of us, but here’s a summary of events that have consumed a substantial amount of my time today:
At around 7:35pm last night, Andreas Jung of zopyx.com sent me an e-mail to ask what had happened to pwtools 0.3 as it seemed to be MIA.
I took a look at PyPI and found that, indeed, the record for version 0.3 had inexplicably vanished. No problem — I added it back, and also posted version 0.4 (with an updated word list).
This afternoon, Andreas sent me the following terse e-mail:
Why can’t you just upload a release file to PyPI? If you host is down then everybodys buildouts are broken.
Now, leaving aside the fact that I’d fixed his problem already, and that it had nothing to do with my website whatsoever, the fact is that this e-mail is rather rude. Andreas is using a piece of software I’ve released for free in source code form, and is now demanding that I do something for his personal convenience. Since I was busy, I pointed out that the problem wasn’t that I hadn’t uploaded a file to PyPI, and that he couldn’t rely on PyPI in any event if he wanted his buildout to work no matter what. (PyPI has probably had more downtime than my site in recent times anyway, even if there are mirrors of it available these days.)
A couple of e-mails later, after I complained about his rude e-mails and sense-of-entitlement, Andreas informed me that
This is the typical egotistic Python package maintainer mentality. …I call this clearly asshole attitude…Once again: this is egocentric asshole mentality.
Hardly surprising that he finds it typical, I think. Andreas then proceeded to fork the package (fair enough, it’s MIT Licensed), but has left the author field on his fork set to my name, the website field set to my website, and changed the package description to
pwtools provides a robust password generator and a password security checker based on the design of libpasswdqc. pwtools does not use code from libpasswdqc, but is implemented in pure Python. This is a fork since the primary maintainer refuses to upload release files on PyPI.
This is completely untrue. In actual fact, the only reason I hadn’t uploaded
the source distribution is that when I started out with PyPI, it was called
the cheese shop and didn’t support that. Sometimes I forget that these days I
python setup.py sdist upload rather than just registering the new
version. Not a big deal, but equally not something I’m going to rush to fix
just to satisfy Andreas Jung (who, I expect, is making money from whatever
he’s using Python for).
As a result, I’m now faced with having to waste the PyPI maintainers’ time asking them to fix his forked package’s record.