Let's get some stickies!

Ok.
Social networks, nucleous realities, absent parents, old blinded newbies, AI, freedom, cool.
But I’m afraid we see the nose of something complicated coming.
It looks like common digital culture and implicit rules and customs are being slowly forgotten or smashed, pov dependent.
The sense of community (like in coders communities) seems loose, limp, elastic, melting.
I take, I throw, I trash, after me, the deluge.
That’s my feeling, when I see AI apps and authors (transmitters) popping from nowhere.
But mainly, I see no bad intentions, just a knowledge lack.

No problem with AI, as long as this tool is used as a tool, with intelligence.
No problems with new people, as long as they behave like people, not like backhoe loaders.

But man, there are rules, legal or not, explicit or not, it’s a kind of cement preventing disputes, chaotic situations, energy loss.
At least some respect for others, previous coders, the ones that have worked hard before. Or just empathy.

Twice in some weeks, we are witnesses of people arriving, presenting apps that will be the better ever, with no sources and walking over others (even shared) grass, sometimes without even asking or contacting the authors.
I’m pretty sure they don’t mean any harm.
I personally wouldn’t have behaved like this if I wanted to harm and swindle a community. I would have followed to rules and uses.
Blind enthusiasm, AI ecstasy, ignorance of the “coders” culture are perhaps the reasons.

And it’s just a start, I’m afraid.

How to react, or better, how to prevent?

In my opinion, everybody should at least read and accept a minimal set of rules.
Mandatory step.
(As well as for new members to enter the forum, this said by the way.)

Coders (well… publishers or how we wanna call it nowadays…) rules:
-Imagine you are the dev coming before you. How do you feel? (aka empathy).
-Always contact a dev if you want to use their code, talk, exchange with them, get friends, eventually.
-Don’t use other’s namespaces, app names, names without their consent.
-Release the source code before the binaries.
-Explicitly point, if and where, you are using AI code.
-Don’t claim to make the best app on earth.
-Don’t claim to be the best on earth (if you want to be credible).

And, as we are here, why not discussing the forum rules or sticky post for the new members:
-There is a search tool: the magnifier top right of the window. Use it, at least for 10 minutes before posting.
-Use the general search engines, like: “my_search_terms site:forum.sailfishos.org”.
Then and only then, ask for help/information to members whose time is precious.

So, should we make some sticky posts?

Trash talking the original author, be that implicitly or explicitly, and an overinflated ego sure does a good job masquerading as bad intentions. Both substantially amount to sabotage.

I don’t think the forum rules is a place to enforce common decency and common sense for developing apps. It is sad that they even need spelling out - but doing so might be a good thing. I just don’t think it works well as rules, and definitely not rules for the forum.

About overinflated ego, I see it more as a sickness, symptom of something actual.
Personal opinion. Not to say nothing must be done.

Are there bad places for that? Are there enough places for that?
I don’t know, really. But it’s here, that we encounter the problem.
I’m trying to be pragmatic, in order to prevent more of such situations, time and energy loss.

I was perhaps not very square on what I meant.
Not “in the forum rules” but “rules on the forum”, somewhere, like on a sticky post.

I see two needs:
-How to behave as new member/user (aka search before posting)
-How to behave as new app publisher (the rules I cited above)

Now, how? and where? has to be found.

Yes. The actual forum rules would be a bad place. If it is not immediately related, or a condition for participating, then it has no place.

Too many written rules upfront will be very off-putting to many, me included. No amount of written rules can replace common sense - and too many rules in general is a slippery slope to fascism. Here i don’t think we are quite risking that, but as it is explored, please be mindful.

It’s so regular you could set your watch by it. The decay of a community is just as predictable as the decay of certain stable nuclear isotopes. As soon as an open source project, language, or what-have-you achieves a certain notoriety—its half-life, if you will—they swarm in, seemingly draining the very life out of the community itself.

Instead of consuming of ill-gotten hemoglobin, these vampires suck the very life and energy out of people. By nature they feed on generous individuals who tend towards helping others, and leave their victims exhausted, bitter and dispirited.

They’re not evil creatures, Help Vampires. They act only on their blind instinct to feed, driven by base urges like most living things. Often even they themselves are not aware of their Help Vampire status, so leave your stakes at home.

From this article also discussed in this post.

Being from 2006, it does not address the new scurge of AI coding (for a niche system like SFOS? That can’t go well. Remember, AI is just the sum of a lot of internet posts) but the sentiment is the same.

There are two points here, separate but related:

1. The use of AI in coding. I agree with @ric9k and many others that there is nothing wrong with using AI to code provided you understand its limitations and people know that an app was written by AI or contains AI elements. People who dismiss the use of AI in coding with comments like (paraphrasing) ‘we don’t need more of this AI slop’ are like ostriches burying their head in the sand and hoping it will all go away. It won’t. AI is here to stay - Pandora’s box is already open and AI cannot be un-invented. I was a long time Blackberry 10 user (Z10, Z30, Passport, etc) and saw the slow death of the OS first hand because software developers didn’t want to invest time and money in developing for a third OS after IOS and Android. Users couldn’t get the apps they needed, the user base dwindled and it became more and more uneconomic to keep the OS going. Sort of sounds familiar… Jolla provides almost no apps for Sailfish beyond the ‘standard set’ (i.e. contacts, calendar, email, browser, etc). Further app development is left to the community. If, instead of denigrating AI at every possible opportunity, the SFOS community found a way of making it work properly, openly and safely for coding SFOS apps, according to a set of agreed guidelines, etc, then maybe more developers would jump on the SFOS bandwagon and a greater variety of apps that ordinary people (not just the Jolla enthusiasts) need for their daily lives might get developed. AI is still in its infancy, so this may not be now or tomorrow, but things are developing fast - so its worth thinking about this seriously now.
2. Newbie App Developers. In the last few months there have been a couple of new (to the community) developers to SFOS who have had their enthusiasm snuffed out by the negative response to their efforts on this forum. There may well have been many others who wanted to try their hand at SFOS development (using AI or traditional methods) who did not dare put their heads above the parapet for fear of being attacked or treated badly. Surely we should be trying to encourage and help/support new developers in their efforts rather than giving the impression that this community is simply a closed club that does not welcome new initiatives? Again, I agree with @ric9k and others that what these new entrants lacked was an understanding of how to approach their projects, especially when they were based on existing code developed by others. So a set of guidelines or ‘stickies’ to help address this problem, maybe one for new developers in general and another for the use of AI in coding, seems to be an excellent and pragmatic approach for solving this problem. And then, when newbies make a mistake (or hopefully before) they can gently and constructively be directed towards these guidelines rather than being trashed in public. Obviously some people won’t follow the guidelines even if they are asked to, so I agree that a firm (but constructive and polite) response may be necessary. On the Telegram/Fernschrieber issue specifically I found @WerkWolf to be factual, constructive and polite in his response - he recognised that his app had not been developed for some years, whilst pointing out some of this things he would have preferred the new developer to do or not to do. Let’s hope we can encourage new talent rather than disparage it in the future.

I have carefully read a text you wrote. It seems you were somewhat disturbed by a situation where a new member took the code of an application you recently developed, added their own elements, and presented it as their own success. Indeed, failing to seek permission can certainly be upsetting for the person who put in the effort. However, I am new here and would like to ask a question—please do not perceive me as ill-intentioned. If a developer provides the source code of an application as open source, does that not inherently mean they are allowing us to access it and make thousands of changes? Of course, it should be asked as a matter of courtesy, but if they want to prevent this, shouldn’t they release it under closed source? If it is open source, everything is transparent; is there something I am misunderstanding here?

Additionally, as a second question: I noticed while discussing in a Telegram group and examining stores like Chum that many applications received their last updates in 2020 or 2021. They have remained untouched for a long time, which suggests to me that the creators no longer support them. Therefore, rather than waiting for an expert coder to arrive, I would expect someone enthusiastic about that app to take it and fix it using AI. After all, it hasn’t been updated in years and is no longer being maintained. In your opinion, where are the flaws in my reasoning, and where am I mistaken?

No, you are not mistaken. If its open source and the license permits the code to be used by others for any or particular purposes then using it to base your own app on is fine. There should be guidelines about how you do this though (e.g. crediting the original author(s), etc). However, it is difficult to know if an app has been abandoned by its creator or they are just taking a long hiatus for whatever reason, so perhaps reaching out to that person before you ‘take it over’ or whatever would be courteous.

I think there is also clearly an emotional attachment that a developer has with their work and, perhaps, on occasion a feeling that some stranger is unfairly benefiting from the hard work of the original author when they use their code to base their own project on. Perhaps if there is a very strong feeling like this they should make their app code closed source.

What is it with the “contact the previous author” mindset? Like, if you don’t want people to fork your code don’t make it open source?

There are source available licenses. I personally wouldn’t contact the old author the same way I don’t contact the author of every library I use.

I didn’t contact Bitwarden whether they’re okay with me using their CLI in BitSailor, nor did I contact Spliit to check whether they’re okay with me creating a client (just to name two of my recent apps).

I’d argue most of you creating 3rd party clients did not ask the authors of the OG software.

Yes, I agree, but another question arises here. I have also read your previous lengthy article; for instance, when you mentioned that Pandora’s box has been opened, I assume you mean that artificial intelligence is now evolving rapidly—and I believe you are right. In a year or two, we will likely possess a stable AI capable of writing code even better than a human programmer. On one hand, this means that any deficiencies within SFOS will inevitably be completed. On the other hand, the opening statement of the thread makes a valid point: it could start to take an intimidating turn.

My question is this—and I apologize for the length: New users today might not necessarily know the rules. I personally do not think they are ill-intentioned because, after all, they are not making money or exploiting the situation for other gains. Perhaps they were simply unaware of the etiquette and are just now learning that this can be a distressing situation for the original creator. To give an example: we cannot know exactly what the future holds. If 10,000 or 20,000 people arrived, all eager to use AI to renew various infrastructures, what would happen? Which one of them could we possibly stop?

In my opinion, rather than just imposing forum rules, app stores like Chum or OpenRepos need to take responsibility for auditing these submissions. We could then draw the following conclusion: if a newcomer develops an app and offers it to a store like Chum, the store should inspect it. If there is stolen code, they should either mandate a description stating it was ‘Made with AI’ or, as Rick suggested, not allow it at all. I hold stores like Chum and OpenRepos responsible here; after all, we exist as conscious consumers, so why should we not expect the applications in stores like Chum to be managed with the same level of consciousness?

If you are going to make what is substantially a copy or fork, this is common courtesy - yes. Libraries are really rather different.

But it is indeed no hard requirement in any way. For the particular cases at hand it probably would have helped ground the “developer” some - but that can be achieved in a number of ways. However, if someone thinks they are god’s gift to humanity and completely infallible, that perhaps it takes more than that. The main problem i see is all the implicit back-talking of the original author. Wave the slop-wand over their code-base for a week or two and you are all of a sudden some sort of expert, having reached heights that they could never do. This really grinds my gears.

This is why i’m carefully pessimistic with writing “rules”. People will bend, subvert, misinterpret or over-interpret them - and argue needless details.

Last time around there was a call for donations…

I thinks there are differences here - more in etiquette than anything else.

A library is designed and developed by its author from the outset to be used by others in their apps, generally in an unmodified form. TDLib, presumably used by both Fersnschriber and Yottagram, is a good example - I’m sure the Telegram folk don’t expect to be contacted by every app developer who uses their library in their Telegram client.

A third party app accessing a cloud service, or some other service, is not really reusing the service provider’s code (other than maybe accessing a library as above), they’re just accessing the service through an API. Service providers, like Telegram, either encourage or discourage 3rd party clients, but even if they encourage them they have no stake in the 3rd party client code - so there is nothing really for them to be thanked or acknowedged for.

Reusing a developer’s app code directly for another app doing the same thing (improved or otherwise) is, I suggest, different. Here you are directly taking someone’s work and modifying it to create something different for your benefit (which may not be monetary, but simply for your pleasure of using). Here I think it is right and proper to (a) acknowledge the work of the original author formally, and (b) consider if forking or contributing is the right approach to take.

If you’re saying that AI coding can be used for bad things or have a bad end result - then, yes, absolutely. But just about any construct can be used for bad as well as good - Social Media, Free speech, propaganda, laws, rules, guidelines, and so on.

But that doesn’t mean the answer is to ignore them, or ban them, or not use them, or hope that they go away. There are some that say AI shouldn’t be regulated as it would stifle innovation, others say that we shouldn’t use it at all because it either creates rubbish or something malevolent, yet more want it regulated so tightly it would effectively be useless as a tool. You could say exactly the same about Social Media, Free speech, propaganda, laws, rules, guidelines, and so on.

As with all things the answer lies in the middle ground, not at the extremes. I often think these things are a bit like a pendulum. They come into existence and then swing too far in one direction. They are then ‘over corrected’ and swing too far in the other direction. Eventually they settle into a happy swing around the centre position - a compromise, but a workable one.

That would be an ideal solution, but these stores are run by a small number of unpaid enthusiasts in their spare time. There just wouldn’t be the capacity for them to review or inspect the code of every app, or library or Al code generation that got submitted. If they did it might take months, or even years for apps to be published. With things like the Apple store for IOS apps it is different. Here they have thousands of paid employees to do this work.

Being a lawyer, there is also the issue of liability. If an SFOS volunteer enthusiast running Chum or Storeman (Openrepos) inspected an app and, for example, certified it as safe because they had checked some AI generated code in the app, and then later on it was found that that app was malicious and had caused harm, then that volunteer would be legally liable for damages. For Apple, no problem, they have stacks of money and good insurance policies. But for the volunteer?

So, a good thought, but not really achievable at the moment.

I’m with @ric9k here and you just proved their point. That said, I don’t necessarily ascribe bad intentions or general obnoxiousness to such behaviour. It’s mostly generational I guess.

Isn’t this usually part of the particular open source license that is used, you are free to use the code provided that recognition of original author is maintained? I guess it is a little murky when one feeds a codebase into an LLM (I hate the term AI because these things are far from intelligent!) for use in creating another codebase, however the GPL or BSD license should still be applicable.

I agree with @Steve_Everett on this, it isn’t practical for these sites to provide that level of inspection, and frankly I personally wouldn’t want it. If you have suspicions towards an app, you can always review the code yourself or simply not use it.

However, I 100% agree that there should be an AI disclaimer on any app distributed on CHUM or Openrepos that utilises the assistance of an LLM in development.

I certainly understand; in short, the solution you propose is logical, but unfortunately, it requires funds, and we do not have investments on the scale of Apple. However, you might have overlooked one of my examples: we cannot predict what the future holds. Perhaps Jolla will partner with a different mobile company or suddenly gain traction, leading to an influx of 10,000 to 20,000 new users. All of them might strive to create new versions without concern for outdated applications. In such a scenario, the rules Rick is trying to enforce might not only be broken but completely ignored. Therefore, someone must take charge of this; otherwise, Rick’s efforts will remain futile. People will not see Rick’s perspective; driven by enthusiasm, they will take the code of an application, adapt it to their needs, and publish it. New users have already started doing this now. Now, imagine if 10,000 more new users arrived? In this hypothetical situation, unless audits and inspections become more stringent, you cannot prevent the outcome you are concerned about.

I understand your point; essentially, you are suggesting that since there is no formal oversight, everyone should personally inspect the application’s infrastructure and codebase to ensure it is reliable. However, you are directly overlooking—or even disregarding—the fact that when new users are involved, we are trying to create an operating system that is more of a user-friendly, controlled environment rather than one that requires writing code. Think of it this way: when a new user arrives—or even for many knowledgeable people—how can they possibly review the entire codebase just to download an app, or check if there is any problematic issue? This is an incredibly time-consuming process that everyone would find tedious; frankly, one might even say, ‘Oh well, I’ll download it even if I get hacked.’ Therefore, your suggestion of ‘do not download without inspecting’ becomes a very daunting task. Personally, I wouldn’t want to deal with that either.

I do see your point, but my take on a large influx of new users is that only a small percent would be interested in developing for the Jolla environment. Storeman or Chum aren’t available in the Jolla Store (as far as I can tell), so it takes a bit of know-how and effort to install and utilise them.

If someone has made it that far then I assume (possibly wrongly) they would conduct a little due diligence before installing random applications. But you’re right, it is a big (t)ask to review a codebase, no doubt. I suppose it boils down to the credibility, character and honesty of developers submitting to these platforms, since it is difficult to oversee and regulate.

Correct me if I am wrong, but do applications submitted to the Jolla Store go through a more rigorous review process before being accepted? If this is the case, a new user coming to Jolla with the release of the J2 would be pretty safe.

It’s a difficult topic to navigate and bound to become more difficult as AI slop drowns us all!

I believe the Jolla Store has strict security because they do not let just anyone in; I trust their auditing process for this reason. Your point is logical—you are saying that a user experiencing the J2 for the first time will remain safe within the Jolla Store, which is certainly a correct assumption. However, let’s not forget: how many applications do we actually have in the Jolla Store today that we can truly use on a daily basis? When we compare this to app stores like Storeman or Chum, I believe that if you personally wanted to choose stores with a genuinely wide range of applications for SFOS, you would also lean toward these types of platforms. To give another example, just as we feel the need for Android applications, stores like Chum and OpenRepos inevitably remind us of their necessity within SFOS. In other words, when a new user wants to use their phone with a bit more freedom and variety, they will eventually resort to these stores.

Yes, this is not an easy subject where one can simply make a decision and impose rules; however, I have given it some thought. Rick has a point from his perspective, but new users are also justified in theirs. It seems that without strict oversight, we will likely find ourselves warning one another in the future, saying things like, ‘Be careful when downloading apps from stores like Chum and OpenRepos, you might get hacked,’ and so on. These questions will probably be asked incessantly on the forums, such as, ‘Is this app reliable?’ Personally, I think it would be sufficient if they implemented an auditing process as rigorous as the Jolla Store’s; however, another friend is right—those who maintain these app stores are volunteers. They do not have investments like the Apple App Store, which makes everything much more difficult

Well, I’m willing to be educated, but I’ve been around for a while and haven’t ever encountered this requirement/recommendation in any community I’ve been part of.

The single worst thing about the Linux world is that way too many people refuse to look beyond the tip of their nose. Just because you can make a fork, doesn’t mean you always should. This mindset is what keeps leading to projects splintering off due to differences in opinion about the most mundane things. It’s what keeps leading to people starting forks of the only two-three browsers that really exist because the tab corners are too rounded or whatever - and almost without fail, those projects die out and whoever got tricked into using them has to move everything over to the big bad main project again (just look at what happened to all of those community browsers on Sailfish, like Webcat, Webpirate, etc). It’s what led to thousands of Linux “distributions” that are all just Ubuntu with a custom wallpaper and what leads newcomers to “distro hop” - a word for constantly reinstalling everything to change a bit of flavour text here and there without realising you can just change that flavour text without going through all that trouble. It’s what puts people off even considering Linux because they’re presented with way too many options so they feel like they need to invest far too much time constantly having to research the best option every step of the way - and the worst thing is that they’re right.

For us nerds who’ve been using GNU/Linux for a longer time, it doesn’t register as much because we already know that there’s really only a handful of distributions and everything else is window dressing. We already know the handful of applications that work well and have received consistent updates and support over the years. But absent the presence of ‘official’ applications for popular software, what are new users going to see? A bunch of different applications for the same thing, all claiming to be the best. Which one should they pick? And how well will they take having to switch to something different a while later, because they happened to pick a ‘bad’ one that was outdated, buggy, bloated, …?