Publication Type

Journal Article

Version

publishedVersion

Publication Date

9-2024

Abstract

There is growing concern about maintainers self-sabotaging their work in order to take political or economic stances, a practice referred to as “protestware”. Our objective is to understand the discourse around discussions on such an attack, how it is received by the community, and whether developers respond to the attack in a timely manner. We study two notable protestware cases i.e., colors.js and es5-ext. Results indicate that protestware discussions are spread more quickly on the GitHub platform, while security vulnerabilities are faster on social media. By establishing a taxonomy of protestware discussions, we identify posts that express stances and provide technical mitigation instructions. We applied a thematic analysis to 684 protestware related posts to identify five major themes during the discussions: i. disseminate and response, ii. stance, iii. reputation, iv. communicative styles, v. rights and ethics. This work sheds light on the nuanced landscape of protestware discussions, offering insights for both researchers and developers into maintaining a healthy balance between the political or social actions of developers and the collective well-being of the open-source community.

Keywords

Protestware, Software Ecosystems, Open Source Software

Discipline

Software Engineering

Research Areas

Intelligent Systems and Optimization

Areas of Excellence

Digital transformation

Publication

Empirical Software Engineering

Volume

30

Issue

2

First Page

1

Last Page

27

ISSN

1382-3256

Identifier

10.1007/s10664-024-10599-6

Publisher

Springer

Additional URL

https://doi.org/10.1007/s10664-024-10599-6

Download

Share

COinS