Open source is such a wild west at times.
You have your gatekeepers like Linus Torvalds who will call you a fucking moron if you submit something that looks remotely off.
You have your committees that you can submit a MR, but it has to go through the council of experts before it gets merged.
But the vast majority, it’s a one or two person project and this was a side project because you had an issue you wanted solved. No financial reward, no acknowledgement. And so when someone gives it a iota of attention, you fall head over heels and hope they are like-minded and want to support this dream too.
Theo is even more strict than Linus.
Honestly that should go for all transactions. someone calls you to fix an issue or pressure you into buying something. Just hang up and call the company back. one thing I have learned from many years of support is the person calling always has power over the person being called. So flip the dynamic. same goes for car sales just walk away. hell go look at cars when you don’t want one and practice just walking away and see how much power you get.
Regardless of flipping the dynamic, that’s a good way to avoid scammers. It’s easy to spoof an incoming number, but near impossible to intercept an outgoing call. If your “bank” calls and starts asking funny questions, just hang up and call the real bank to check.
I’ve always been a fan of “pull requests welcome” when someone asks me for something.
The problem is when people then open huge PRs and expect you to take time to review them, then eventually merge them.
Especially when it’s something you don’t want in your codebase because it introduce a big unnecessary “refactoring” or a feature that you don’t want to have to maintain forever.
It’s a hard call at end of day. If you want it to all be privacy respecting and open source and decentralised then you’re almost guaranteeing you won’t make money from it.
The alternative is ad based software that’s free which is also garbage.
Hard to find the balance between the two, can’t think of many examples if any that actually work besides just making a paid product that’s very good and hope it’s better enough than the rest to be successful. But even then you likely will have to cross lines because you’re just relying on viral luck at that stage.