[email protected]

  • Content count

  • Joined

  • Last visited

About [email protected]

  • Rank
    Level 1 Stud
  1. The downloads page claims: But this is pretty ambiguous. Some countries have no concept of "public domain", for example. You may wish to add a creative commons license to the page to be clear about what you intend. I'm going to guess CC0 may be what you want. Thanks for the great work! Chris
  2. Hi, I wanted to just throw this out there. There's much more to Rebrickable than just its software, or database. Rebrickable wouldn't be very useful if it didn't have an active community: MOC builders, moderators, those adding new parts and maintaining the database, etc. Given the number of active participants on Rebrickable, it seems highly unlikely that a "clone" site would gain any traction. So, then, why not open Rebrickable's source? As Linus Torvalds wrote, "given enough eyes, all bugs are shallow". Contributors could fix bugs, work with maintainer(s) to add enhancements, improve site performance, etc. The site's security would be analyzed, and potential holes could be plugged. The build process could be streamlined--you'll never know what kind of great ideas contributors with different perspectives might have. I can't help but think that an open-source Rebrickable would have resulted in an easier transition to the new site, by reducing the load on Nathan and whoever else may have worked on it. I know a few reasons developers might not want to open their codebases. Here are some, and my responses: "The code's isn't ready" There's no time like the present. Getting to "ready" is often an exercise in spinning wheels or overengineering--especially if that code has been written in a silo. Perhaps file X will be opaque to a new developer. If it is, that developer will ask about it. The author won't know what questions people will ask, so there's a temptation to clean up areas that don't actually need it, or even worse, everything. "I'm not proud of this code; it's a mess" You are not your code. Nobody actually cares that you wrote code that sucks. They just want to help improve it. In my years of working on OSS, I've never been personally attacked for the code I've written. It just doesn't happen--and I'm no brilliant engineer. Instead, constructive criticism is the norm. Yes, there are heated conversations about project direction and technical solutions--but this is expected in any project with multiple developers. Other perspectives are invaluable; feedback is a gift! "It could expose the software to attacks" Security through obscurity is not security. Open-sourcing code will result in more closed holes than new open ones. There are more contributors interested in responsibly disclosing vulnerabilities than bad actors looking to cause damage. I don't know the % of Rebrickable's users who would be interested in contributing. There's much more to OSS than simply writing code--there are many ways to contribute to a project. Writing documentation, design work, community management, issue triage, etc. An option could be to open source a portion of the site's code--specifically, the core and the "free" featureset. The "pay" features would be extracted from the main codebase, and remain the "secret sauce". Likewise, opening up the codebase to individual contributors (some time before making it public) could allow you to test the waters, or prepare the repository (or repositories) for public access. If you remain unconvinced, The Cathedral and the Bazaar is a great book that could change your mind. Even if Nathan or others are complely opposed, I hope to hear concerns. I maintain the most depended-upon project for Node.js (Mocha); I'm no stranger to this stuff, and am happy to talk more about it. thanks Chris
  3. Hi, I noticed navigating to http://rebrickable.com allowed me to login with my password sent in cleartext. Some--but not all--links to the "login" page will redirect to the https site. I can't think of any reason to continue to support http traffic. It's going the way of the dodo. Can Rebrickable please redirect the site's http traffic to https? Attached is the warning Chrome will give users in the location bar. thanks, Chris
  4. Hi, On other sites, and in the forums, I can use a "gesture" a two finger swipe to the left to do a "back" command in the browser. In the new Rebrickable, I cannot do this. Instead, the site tries to scroll a bit. The event(s) must be getting gobbled up for some reason. If you would like help debugging further, I'm pretty good at JavaScript, and could help out. Chris