-
Notifications
You must be signed in to change notification settings - Fork 71
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Registering with tidelift. #127
Comments
I haven't reviewed the agreement, but for at least IPython, it seems worth it. |
Yeah, I have been told that below $100 it might not be worth it. |
Given that genutils isn't supposed to get updates and just be dropped over time, it doesn't feel right to me to accept funding for it. |
Devil advocate, It depends how you see it, tidelift is computing package funding based on dependencies. Users are likely not asking for ipython_genutils funding directly, so we could see funding of Plus tidelift is already getting money from it, as far as I understand, we are just not claiming it. |
This seems fine to me - I think the main question in terms of whoever accepts this funding is: what responsibilities are they taking on in accepting this funding, and what mechanisms for accountability do we have to make sure that the funding is being used properly? |
I am fine with this - for IPython though, I think this should be discussed
in the kernels subproject council as those are the folks that are signing
up for the work.
…On Mon, Mar 28, 2022 at 9:39 AM Chris Holdgraf ***@***.***> wrote:
This seems fine to me - I think the main question in terms of whoever
accepts this funding is: what responsibilities are they taking on in
accepting this funding, and what mechanisms for accountability do we have
to make sure that the funding is being used properly?
—
Reply to this email directly, view it on GitHub
<#127 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AAAGXUHBDB6CU4OUJTC3F6DVCHOFLANCNFSM5R2XJPHQ>
.
You are receiving this because you are subscribed to this thread.Message
ID: ***@***.***>
--
Brian E. Granger
Senior Principal Technologist, AWS AI/ML ***@***.***)
On Leave - Professor of Physics and Data Science, Cal Poly
@ellisonbg on GitHub
|
that is mostly why I brought up to something broader than just the kernel team. also I think that if it should be discuss by a council it should be foundation, not kernel. |
I tried to find a list of tasks/responsibilities that you end up agreeing to when accepting the money from tidelift for a project. The best I could find is https://support.tidelift.com/hc/en-us/articles/4406288074260-Lifter-tasks-overview, but it doesn't seem that great. The reason I was trying to find out was that I thought "is there an economy of scale here which would make it 'worth it' to claim every project no matter how small the amount is?" - it sounds like tidelift is collecting this money right now and it is sloshing around their coffers because for small amounts it isn't worth the hassle to claim it. Many small amounts make a bigger amount. Say the task you have to perform once a month is to generate a report about the project you claim for, then it seems like doing that for 3, 5 or 10 projects is about the same amount of work (because you'd largely automate it). All of this made me curious what tasks need performing. Does anyone know/have experience with that? |
My main idea is to start with IPython, which I already maintain. And build expertise on how difficult and worth it it is. I'm also assuming that the $ amount we'll get will not be the current sum of all the subprojects as value is funneled to dependencies, and I think that part of the unclaimed money is likely funneled down. TO I believe that once we claim IPython, and traitlets, other dependencies will be lower. I don't want to "start" by claiming all the projects. |
See also the numpy discussion a couple of years ago: |
Thank you for the pointers. Starting small, learning and then deciding what to do next sounds like a smart plan. |
FYI, I registered, and I expect NF to start receiving some funds soon. |
Some time ago Ralf Gommers pointed out to me that some of Jupyter packages are available on tidelift with subscriptions.
I got a response from tidelift, and for this process one of the devs need go with the tidelift agreement.
I would be happy to sign this agreement, still need to make sure I can as I'm in europe, but mostly for the involved packages this adds a bit of overhead on maintaining the projects as there might be some communication that needs to happen with tidelift on new releases/security. So while accepting legally bind one person, it affects a bit all the maintainers. So I'd like to have the approval of the jupyter communities and subgroups.
It is also something that is not well defined for a particular subprojects, if it is please let me know which one.
As most of the tidelift requirements are around security I am suggesting that funds we would get for tidelift would be deposited to NumFOCUS mostly into a security specific funds that may be touched only for security related work and workshops.
The three main packages that seem to be worth it are:
Others don't seem to be worth it:
(I haven't checked all packages, search on tidelift is a pain, feel free to tell me if I missed some).
And other I have no clue how to maintain them
It is not clear if conda refer to conda-forge of anaconda base channel, in which case we would need anaconda involvement.
Assuming I sign the agreement, I'd like some of the fund to be usable by me to actually reserve some of my time to do tidelift related task and manage some of the security process.
This may be one of the source that may help to fund @choldgraf #125.
cc @rpwagner and @rcthomas as it impacts some of the security work.
I also need to read the agreement and the list of things to do for tidelift more carefully, but according the the discussion I had with others it should be worth it for the project.
The text was updated successfully, but these errors were encountered: