I don't think his characterization of this interaction is accurate. A plain reading of is question is he was just asking when the next released was planned, and without knowing more about what their native language is, and how they normally speak, I don't think you can really read anything more into it, especially over text.
And frankly from their perspective, your response does kind of read like extortion, e.g. "shut up or pay me". The thread already indicated that this was fixed and waiting for the next release [1] so I don't see how your response is appropriate to the asking when that was planned.
I can certainly understand why this guy is frustrated as an open source maintainer, but snapping like this doesn't help anything.
From the IBM employee's perspective it should seem reasonable that if he's asking for specifics that take time to figure out and for answers to questions while not contributing anything to the project, that he should pay for those answers in a timely fashion for his benefit. He's treating the Github like a support page so I don't see anything wrong with the maintainer offering a support contract in response to that. It would be beneficial to both parties.
If the maintainer said "I'm not releasing this until you grant me a support contract", maybe that would be extortion. Until then, he's simply getting the service he pays for.
There was nothing OP could have done here. The fix was already merged. He's just asking for a tagged release. You cannot submit a PR or contribute to the project in a way to make this happen.
If you think any business will go through a multi-week procurement and contract negotiation process valued at multiple thousands of dollars just to get a release tagged on Github, I have bad news for you.
The work was already done per messages that the Twitter author/maintainer conveniently did not screenshot. The only thing they were waiting on was a release which something only the maintainer can do. Maybe it's just me, but I think it's unreasonable to be expected to paid to do the basic tasks of a project maintainer.
You do realize you're capable of maintaining internal company release right? It just costs money (to IBM), dishing out "thinly veiled demands" is free though.
The work is presumably publicly available in a branch at that point. Nothing is stopping that person from forking the repo, and bundling their own release.
They should fork the entire project and launch a competing project rather than ask for a ballpark for the next release so they can inform their stakeholders?
You seem to be incapable of understanding that it is quite possible and not at all unusual to internally carry patches to dependencies on which your commercial product is built. In this case, the patch merely involves changing two bytes[1], three if you include the pyOpenSSL bump, something a company like IBM should easily be able to do.
Which is why paid licenses have an "Enterprise license" where response times is hours or max a day. I feel all FOSS projects should stop being fully FOSS (yes even if I get hate for saying this so be it) and adopt a mixed model where it is free up until revenue X$ and then commercial. Commercial would automatically entail fast response times (including fixing bugs, tagged releases etc).
The revenue X$ can be something reasonable. Have slabs for various revenue levels starting from something decently high: million dollars and up.
The answer was completely reasonable. The commenter (IBM) required timeline and resolution for business critical reasons - the way to get that is to sponsor the work or do it yourself. The commenter should know that, and businesses know that.
Offering to do it for money when a company asks is helpful, as the option is not a given. Declining is also fine, in which case you can either wait till it happens or get a full refund.
The response was fine, in the same tone as the original request even if the first one was offensive by accident. A kind, functioning human would be puzzled at the slightly blunt response and re-evaluate the whole conversation.
They would not go to a private channel, knowing that they would get blasted for such a response in a public forum, and get even more offensive. Plus, any non-native that has an advanced enough understanding of English to use the phrase 'thinly veiled extortion' can also control the tone of their requests. No need to defend IBM here.
You can hardly say that they switched to a private channel because they knew "that they would get blasted for such a response in a public forum" when the comment they were responding to was the one that suggested the switch to email.
The comment suggested email for payment, not an extortion accusation (i know accusation is bit too much of a strong word, i couldnt find anything better)
Plus, they did get blasted just because the email was made public. To me, that shows that they wanted a more private channel.
I agree it would have been more civil to take this initially as a simple request for a schedule estimate. But regardless, how on earth is “you’ll need to pay me to work for you” extortion? Using that word is a bright red flag to me.
I don't think so. It's fair to ask for a timeline and even "slightly demand" from the author if they can speed up. (like "Can we please have this by ...). However, mentioning your clients as such (highly regulated industries) seems to me (I might be wrong) to imply a certain kind of coercion and responsibility for the author (hey look there are some very important people here using this.). It's not the responsibility of the author, and he shouldn't be stressed about it.
Your definition of extortion, withholding labour in the absence of payment, is the bedrock of our economic system. I have no idea how workers sleep at night.
Anyway, someone who maintains an open source project for free does so for his own satisfaction and is not obliged to do anything. This guy was very reasonable in suggesting the other guy pay if he wants something, given he's being paid and so is his company. Neither did he snap, since he was polite and constructive.
I often respond "shut up or pay me". It works pretty frequently for niche technical software and I land some contract work which I get to open source. The alternative of just fixing their issue never works.
So, if it sounds fun I just fix it. If it sounds boring, pay me
The original interaction is not unreasonable tbh. I have in the past have posed questions on issues of OS projects to ask about timelines. Sometimes it is important for you to know that because you have to either fix it yourself, find alternatives or wait for the fix, but with a timeline laid out for regulatory purposes. Getting offended by a question like that would be a red flag for me. I do understand the frustration of OS devs, but a polite we can’t fix it rn and we don’t know when we’d be able to, is often sufficient.
And frankly from their perspective, your response does kind of read like extortion, e.g. "shut up or pay me". The thread already indicated that this was fixed and waiting for the next release [1] so I don't see how your response is appropriate to the asking when that was planned.
I can certainly understand why this guy is frustrated as an open source maintainer, but snapping like this doesn't help anything.
[1] https://github.com/mitmproxy/mitmproxy/issues/6051#issuecomm...