this post was submitted on 22 Jul 2023
52 points (100.0% liked)

Rust Lang

3 readers
1 users here now

Rules [Developing]

Observe our code of conduct

Constructive criticism only

No endless relitigation

No low-effort content

No memes or image macros

No NSFW Content

founded 1 year ago
MODERATORS
 

Previously: https://lemmyrs.org/post/175672

I originally had sources and data of the site public, hoping they would be interesting to study, aid in bug reporting, bring contributions, and make site's algorithms transparent.

Instead, I got knee-jerk reactions about lines of code taken out of context. I got angry dogpiles from the Rust community, including rust-lang org members. I don't need to endure such mudslinging. Therefore, the sources are no longer available.

As of right now bitcoin crate is not deprecated, instead libs.rs responds with error 502.

you are viewing a single comment's thread
view the rest of the comments
[–] kornel@lemmyrs.org 6 points 1 year ago (2 children)

Do you have suggestions what the future of lib.rs should be?

[–] Kerfuffle@sh.itjust.works 10 points 1 year ago (1 children)

Do you have suggestions what the future of lib.rs should be?

Not the same person, but my suggestions would be:

  1. Reverse the decision to go closed source. Making stuff less transparent isn't really going to help, and the primary controversy is coming from philosophical differences not the code itself. You can't practically (and really shouldn't) hide your policies. So going closed source is just another thing for people to complain about.
  2. Allow opting out of the opinionated parts in a relatively easy way. You can't force other adults to align with your philosophy here, and trying is just going to cause problems.
  3. Personally, I think a better approach to the opinionated part isn't directly changing data or obscuring/deprioritizing results. What you could do instead is add a section that has some context about why you think certain categories/crates are harmful. This makes the information available but doesn't force people to do any particular thing.

I think by taking that approach you'll avoid a lot of the backlash because you are allowing people a choice.

I'm not a lawyer and this isn't legal advice, but personally I'd be pretty careful about editorializing/moderating content in this kind of situation. Suppose someone publishes as crate that actively causes harm. Users download it and get their data stolen/wiped/whatever. Can they reasonably have an expectation that you should have protected them from that sort of thing? After all, you are editorializing the content and going so far as to moderate content that doesn't cause direct immediate harm to an individual but even content that potentially is harmful to society.

Possibly I should disclose that I avoid lib.rs currently because I don't agree with the philosophy of editorializing crates and personally I hate opinionated stuff that doesn't give me choice/control. I use open source software/resources specifically because I care about having a choice. We don't disagree philosophically on points like the harm of crypto such as bitcoin, I just don't like this approach to dealing with it. Also, painting all crypto stuff with the same brush can potentially delay less (or maybe even non-?) harmful alternatives that don't involve wasting massive amounts of computation to no end.

[–] Zeitufah@lemmyrs.org 5 points 1 year ago (1 children)
  1. Allow opting out of the opinionated parts in a relatively easy way. You can’t force other adults to align with your philosophy here, and trying is just going to cause problems.

Would a link to crates.io be enough here? When I want objective data, I go to crates.io; when I want curated info about crates or want to find a new crate for some topic I go to lib.rs; when I want hand-written info about crates I go to blessed.rs/crates.

I personally agree with your point 1. and slightly agree with your point 3.

[–] Kerfuffle@sh.itjust.works 2 points 1 year ago (1 children)

Would a link to crates.io be enough here?

I'd tend to say: probably not. It's not that people don't know that crates.io exists, right? So that's not changing anything.

or want to find a new crate for some topic I go to lib.rs

And lib.rs will suppress the visibility of crates it thinks are "bad" and you'd never even know the crate existed to go look at the objective data on crates.io. Or let's say a result comes up but it's just an empty page with a link to crates.io: you won't have enough information to know whether it's worth going through the trouble of following a link to another site and a lot of people wouldn't bother.

So I don't think that change really solves anything.

[–] Zeitufah@lemmyrs.org 1 points 1 year ago* (last edited 1 year ago)

And lib.rs will suppress the visibility of crates it thinks are “bad”

So does blessed.rs, and yet I never heard anyone ask blessed.rs to be more objective or include crypto - probably because it's really obvious that blessed.rs is very opinionated, way more opinionated than lib.rs. I'm wondering if lib.rs could save some hassle by making its opinionated nature more clear, maybe by changing the top text from "Lightweight, opinionated, curated, unofficial alternative to crates.io." to "Lightweight, opinionated, curated, unofficial. For objective, unopinionated data go to crates.io."

Or maybe your point 2. from above would actually be the best solution - while I don't agree that lib.rs has to provide objective data, people obviously expect it to, so, if it's not too much work then it would surely be a nice way to solve some drama.

It’s not that people don’t know that crates.io exists, right?

I'd expect that the people who do know that it exists go there in the first place if they want objective data. Or go look on multiple sites if they are looking for a new crate for a relevant project (search using crates.io, search using lib.rs, look at blessed.rs, google) - at least that's how I'm doing it.

[–] manpacket@lemmyrs.org 3 points 1 year ago (1 children)

It's an improvement over crates.io, but I stopped using it after BurntSushi removal a while ago - I prefer data as is rather than having to double guess every search result. You got a bunch of good suggestions already. Going closed source is not going to help long term. I hate crypto stuff too, but calling them names is not helping to educate users. I will probably be fine with "this crate/category exists, it is bad because (insert some legit third party links), if you want to know more - proceed at your own risk" and remember the decision to proceed.

[–] kornel@lemmyrs.org 5 points 1 year ago (1 children)

I prefer data as is rather than having to double guess every search result

What's the bad scenario you're worried about here? What type of data you're specifically worried about? Do you expect me to maliciously manipulate the data, or is even well-intentioned curation and use of heuristics somehow not acceptable?

My view on data cleanup is probably very different than other people's, because I've spent a lot (likely too much) time with the crates' data. The pure unadulterated source data is… bad. It's very sparse (most crates don't fill it in). It's full of outdated information (set once and forgotten, wrong for forks). Some crates-io category slugs are pretty misleading, so tons of crates are miscategorized by their own authors: parsing is not for file parsers, database is not for databases. accessibility …I can't even. Who put ogg parsers, gRPC, garrysmod, RFID readers in there?

There are tons of name-squatted crates, ferris guessing games, or just people's baby steps in Rust. If you search on crates.io you often get the pure data of someone publishing a crate years ago and forgetting about it. This is pure, this is ranked objectively, this is curated and subjective.

crates-io shows you plainly only the license of the crate you're looking at. lib.rs goes further and checks if the crate has any dependencies which are GPL, because if a crate says it's MIT but has GPL deps, it actually is GPL.

crates-io shows you repository URL exactly as-is specified in the metadata, which could be inaccurate (in case of forks) or outright fake (someone else's repo). lib.rs checks if the repository URL actually contains the crate or has the same owner as the crate, and will add a link to the true source code if the repo url is suspicious.

crates-io shows owners' names from the free-form name field, so somebody malicious could pretend to be a well-known trusted user. lib.rs only allows display names for established/reputable accounts, and uses login name for new/untrusted accounts.

[–] Aloso@lemmyrs.org 1 points 1 year ago

What’s the bad scenario you’re worried about here? What type of data you’re specifically worried about? Do you expect me to maliciously manipulate the data, or is even well-intentioned curation and use of heuristics somehow not acceptable?

I think they are worried that some crates may not show up in the search results, either because their author requested their removal, or you decreased their search ranking for political reasons.

And I agree with you that crates.io is not a viable alternative due to the poor quality of the search results. So switching from lib.rs to crates.io doesn't make sense for this reason alone, since crates.io may not display the crate you're looking for either, unless you already know its name.