Wednesday, 22 January 2014

Keeping your GitHub project maintained

God bless Python Social Auth, it is useful, providing OAuth/OpenID type functionality to various Python frameworks including Django and Flask, it is laid out in a very useful way for people like myself looking to extend it and most importantly IT IS MAINTAINED.

I am the CTO for PixelPin, we replace passwords with pictures and one of the most important things for any add-on technology is to be compatible with web frameworks to make it as easy as possible for people to integrate. Despite the fact that we could potentially save some companies a LOT of money, if it seems hard to do then it smells like an amateur company and it 'feels' like it will be more of a hassle than a benefit.

One of my jobs therefore is to oversee the creation of various plugins and modules to suit different languages and frameworks. .Net, not a problem, PHP not too bad (although frameworks are more different than I would have thought) but Python? I am not a Python programmer but we really needed a plugin of some sort and I was pointed to Python Social Auth which had a very large and impressive list of providers. This implied it was widely used and widely useable so I spent some time setting up a Django site and downloaded the examples then by modifying the code for a PixelPin provider, managed to get it to work with minimal effort. I was already pleased. What pleased much more however was that once I had pushed my change to Github and created a Pull request, Matias Aguirre contacted me within a few hours, asked for some documentation and then merged the code into his project for everyone to use.

So what? Isn't that how it is supposed to work? Well yes, however, compare this with my experience of HybridAuth. This also looked impressive for PHP frameworks, indeed, it was already supported on many frameworks so adding a PixelPin provider would be straight-forward since the code was also laid out in a friendly manner. I made the changes, pushed and then created a Pull request but - nothing. The project has been dormant for almost a year. The forums are frequented by a few helpful people and lots of people complaining or asking questions, many of which are not answered including my question, "how can I add a new provider". Nothing has happened. This means that for all the HybridAuth based plugins I provide, I have to provide detailed instructions including how to patch the downloaded library with the changes needed for the PixelPin provider. I also have to create various patched versions of the library to provide on the PixelPin web site and all of this becomes very burdensome. Compare with Python Social Auth where the instructions are: Follow the instructions on the Python Social Auth site.

It is sad that the community has these projects which start well and then just stop dead. Will it need another project to carry on where it left off? Is the developer in prison? Did he just get fed up with maintaining it? Presumably others could also be making changes in Github but.....

Ah well. C'est la vie.
Post a Comment