Here are Hacker News discussions on the topic:
Would like to highlight that what happened here is very interesting from the perspective of #socialcoding too. One of the challenges to tackle.
I agree with the solution you mention. But it is only trivial in theory, and mostly in that the solution can be mentioned in a single sentence. In the case of Linux there are a unique set of circumstances that led to such a strong ecosystem. There’s also a concrete goal: Packaging an OS environment and apps. Which is a bit different than validating libs for general-purpose use anywhere.
What we don’t know is how many OS’es fail to gain traction because they cannot get such a vibrant packaging ecosystem in place, while maybe they are much more innovative and potentially more user-friendly.
Well, that depends. Not in a federated universe that can only do Microblogging well. But forge federation on the other hand provides foundational building blocks to build a rich ecosystem on top of [cross-referencing “United Software Development” where we first started to discuss this].
A dev’s long-term maintenance is still part of the project development lifecycle. And the maintainer burning out, getting mental issues, or become otherwise unavailable or untrustworthy (e.g. selling their project to an ad-tech or malware company) is a risk that must be managed. A challenge to deal with.
Being part of the lifecycle I think of FSDL. And on the ecosystem side I see a fedi-supported crowdsourced community that dedicates to reviewing libraries as soon as a new release is checked into a federated forge. Together offering a service that you include in your project and that gives you a label and metrics report on the health of your dependency trees.