Is it right to auto-notify authors, if there aren't many?

Alias on 2009-07-13T04:02:57

Dear LazyWeb.

The FAIL 100 list has been working reasonably well, but one crucial downside at the moment is the need for people to actively monitor it (both those that are aware that it exists, and those that don't know it exists).

While I certainly agree that it is a bad idea to spam authors in general (I'm certainly for opt-in CPAN Testers summaries and emails) does this still hold true when you are identifying only a small number of authors.

Would it be ok to auto-email the Top 10 positions on the FAIL 100 list, say, each week to let them know their module is considered to be important to fix quickly?

What if it's just the first time it appears, and on subsequent sequential appearances we don't email you.

What if it was the top 5? Or the top 2? Or top 1? Or only if you met a certain threshhold of FAILure score? Or it was at a wider interval, say, monthly?

When is it ok for a whole-CPAN process to judge that an author needs to be nudged?


Never

LaPerla on 2009-07-13T07:04:31

FAIL100 is a really nice tool to indicate that something might be important but it's not suited to prove that something is important.

Re:Never

Alias on 2009-07-23T03:09:00

Is there any way at all that is suitable to proving that something is important?

Re:Never

LaPerla on 2009-07-23T04:50:44

Is this a rhetorical question? Human judgement of course, on a case by case basis. When you send the automatically generated emails all to yourself and read them and do the best of all possible efforts to judge the situation and only then forward those manually that have passed all possible filters. I mean permanently adjusting filters according to gained insights during the review process. Then you will still find people who disagree with you but that's just fair because you have done your very best effort. And that's the only thing that counts.

I'm with chromatic here because I'm probably 10000 times more annoyed by spam than you are. My tolerance against self appointed importance sheriffs is quite limited. Why can't you just publish your wonderful statistics and let people subscribe who care enough? You should rather deny the right to email authors on the basis of being on the list. Prevent spam instead of asking for the right to spam.

Other readers may wonder what I'm talking about: I looked at the list twice and both times the number one hit was obvious nonsense. I mean the formula is really pretty weak. It gives a good guidance when you have plenty of tuits and don't know where to invest them. That's what I recommend these lists for. The hope that the false positives will vanish has not much reason.

Can you hook CPAN Testers preferences?

dagolden on 2009-07-13T10:57:48

Unhelpful answer: if you personally write each email, and it's not automated, then I don't think of it as spam, because there's a built in scale limit.

Helpful answer: CPAN Testers has a preferences website: https://prefs.cpantesters.org/ I would suggest talking to Barbie about how you can hook into that and find author contact preferences. Since FAIL 100 is really CPAN Testers data weighted by a dependency graph, it would make sense to use the same set of contact preferences.

Bonus: authors who complained historically before the preferences were set up had the contact bit switched off so you'll start off without annoying anyone.

-- dagolden

Re:Can you hook CPAN Testers preferences?

Alias on 2009-07-15T03:19:15

And if I hardcoded in the scale limit to the automated system? (being, say, only 10 modules)

I think it's okay

xsawyerx on 2009-07-13T10:58:47

Especially if we're talking about only a few. Emailing 100 people that their distros are immensely used and still fail quite a lot sounds reasonable, but I think it's more than fair to email 10 people.

FAIL 100 can really help us focus efforts on bug resolution. Imagine a group in the community (composed of the community) that helps weave out bugs in CPAN/DarkPAN/whatever. Now, if they could only know which distros need the most hand... oh wait! Now they do!

At any case, how hard can it be to email back and say "don't send me this email again, please, I don't care that it fails often or that you think it's important, it isn't!

Re:I think it's okay

chromatic on 2009-07-13T17:29:28

At any case, how hard can it be to email back....

You don't get to decide that for other people receiving automated bulk mail.

Re:I think it's okay

xsawyerx on 2009-07-14T08:36:09

True. I don't get to decide it, but I can reply to Adam's request for anyone's opinion, and per my opinion, I think that receiving one little measly email that you can just press the "Reply" button and say "no more for me" isn't the worst thing.

I thought we're talking about some heavy-weight programmers (in a matter of skill, not body weight) that can write extremely useful modules. I would like to think that they can read an email and that they probably have some program that has a "reply" function or can send an email to Adam saying "hey, could you not send it to me no more? Thanks [possible curseword]!"

Re:I think it's okay

chromatic on 2009-07-14T18:22:00

There is no general purpose agreement that by uploading something to PAUSE you grant permission for anyone with spare time and the desire to analyze what you uploaded has the right to send you automated e-mail as he or she sees fit.

That fails the categorical imperative test. You may not be a Kantian (I'm not), but it's still a useful gauge for behavior.

Re:I think it's okay

Aristotle on 2009-07-14T21:22:42

There is no general purpose agreement that by uploading something to PAUSE you grant permission for anyone with spare time and the desire to analyze what you uploaded has the right to send you automated e-mail as he or she sees fit.

Can we agree that uploading to CPAN is an act of publishing, ie. that it means that the author expects other people to take notice of the existence of the code, at a bare minimum? Can we further agree that reasonable people who upload code to CPAN will expect that other people may even go so far as to use it if the uploaded code turns out to be useful to them? If so, then when should agree that we can assume that authors would not be surprised that there may be users who come to depend, possibly even for their livelihood, on those uploaded things.

We should, then, agree that by virtue of the licence on those published uploads, if not for any other less technical reason, these users have the right to pursue their interests as far as the thing they have downloaded is concerned – and note here that I am not saying this implies any obligation to support this on the author’s end, merely a right on the user’s end.

Then if we want to get really serious about authors having no obligations, we would have to get really serious about being able to relieve them of obligations where they intersect with users’ own rights: it needs to be trivially easy to fork and fix their crap in place.

Because either you keep social control of your work and then you accept the social obligations, or you give up social control and avoid the social obligations. It is your right to refuse the obligations. You cannot have one without the other, though. **

(When I talk about social control, I mean effective control. Eg. you could upload your code with a disclaimer saying that no one should use it and you should not expected to conform to the common implications of the act of uploading code to the CPAN. This is merely a form of shedding social control ahead of time, because licence permitting it merely means any interested and able party will fork your code as soon as they realise that doing so will save them enough trouble compared to alternative strategies.)

Now, as an author I can tell you that it would be a far bigger offence to me if someone dangled the fix-it-or-lose-it hammer in front of me than would be the possibility that I may be one of the 10 out of 6,000 authors who receive one an automated mail every once in a very long while.

And Adam has already said he is even going to seed the notifier with the existing CPAN Testers prefs database.

** This, btw, is exactly the point of contention between the GPL and the BSDL.

Re:I think it's okay

chromatic on 2009-07-14T23:42:14

[You] could upload your code with a disclaimer saying that no one should use it and you should not expected to conform to the common implications of the act of uploading code to the CPAN.

There are two problems with this reasoning.

First, I've chosen a license which already disclaims any express or implied warranties of merchantability and fitness for a particular purpose. (The Artistic License in /usr/share/apps/LICENSES/ARTISTIC misspells "merchantability".)

Second, we're discussing a so-called "common implication" that came into existence only recently. If the act of uploading to PAUSE implies that I implicitly agree to all community expectations from today until the point at which my code is no longer available from the CPAN, I need to upload new versions of every distribution I maintain to disclaim that, explicitly.

I'm not sure that argument is compatible with this utilitarianism:

Now, as an author I can tell you that it would be a far bigger offence to me if someone dangled the fix-it-or-lose-it hammer in front of me than would be the possibility that I may be one of the 10 out of 6,000 authors who receive one an automated mail every once in a very long while.

That's why I invoked the Categorical Imperative.

Maybe it's more useful for humanity as a whole if Steven Hawking litters because he has more important things on his mind than picking up his candy wrappers. Yet I'm sure some people could find better things I could do with my time than pick up candy wrappers in the park, if you check my bug queues.

It might even be good for the Internet as a whole if you wrote a spider program to email webmasters when their links go out of date. I'm sure some of them would be glad to hear about it.

Your motives may be on the side of the angels. Yet I'm sure when they published those sites they had no idea you were going to write such a spider -- and without that knowledge, how could they have consented to receive your automated bulk messages?

Anyone reading this has the technical acumen to render every email address under my control completely useless with a modest amount of CPU time and a tiny Perl program. Anyone reading this has the imagination to produce a CPAN service which, when squinted at from a certain angle, absolutely requires automated bulk notifications of CPAN authors. Anyone reading this is human enough to make mistakes now and then.

(One might idly wonder why such systems prefer email as a notification mechanism over an existing and public notification system, namely rt.cpan.org.)

Re:I think it's okay

Aristotle on 2009-07-15T00:30:34

We’re discussing a so-called “common implication” that came into existence only recently.

That is news to me. You mean until only recently, the CPAN was regarded as a place were you upload backup copies of your code for your personal use?

I think the idea of the CPAN from the very beginning was that it was a place where you could publish code for others if you felt like it. And I dare say it would be a sensible assumption to make that every author is perfectly well aware of and shares this conception of what the CPAN is.

If the act of uploading to PAUSE implies that I implicitly agree to all community expectations from today until the point at which my code is no longer available from the CPAN, I need to upload new versions of every distribution I maintain to disclaim that, explicitly.

So when you put stuff on CPAN, you actually want nobody to use it in their own code, much less depend on its continued function?

It might even be good for the Internet as a whole if you wrote a spider program to email webmasters when their links go out of date.

That analogy isn’t just not right, it isn’t even an analogy.

That’s why I invoked the Categorical Imperative.

I struggle to see how raising the conception of a service like Adam’s outlined proposal to a universal law can even make a perceptible impact on anyone’s inbox, let alone render their address useless, unless you only generalise it as sloppily as in your dead link spider example.

Re:I think it's okay

chromatic on 2009-07-15T07:23:06

You mean until only recently, the CPAN was regarded as a place were you upload backup copies of your code for your personal use?

The context of this discussion is automated bulk emails regarding a specific external analysis of CPAN uploads which did not exist in 2000 when I uploaded my first distribution to the PAUSE. How do you generalize from the fact that in no way could I have agreed to a very specific case of receiving automated bulk email from a tool that would not exist for eight years that I object to every community implication of the CPAN which existed in 2000?

See also CPAN Testers. See also the next idea built on all of the metadata exposed by the CPAN.

These ideas may be great. These ideas may be useful. I may happily use some of the implementations of these ideas.

Just don't tell me that I agreed to them implicitly in 2000 or that I have to choose between either not uploading to PAUSE or permitting anyone with a good idea to write a robot to send me email I never consented to. That's a false dilemma.

Re:I think it’s okay

Aristotle on 2009-07-15T08:04:20

Just don’t tell me that I agreed to them implicitly in 2000

You never put a “please don’t use this” sign on your code (which is not the same as an “I’m not making any promises about what the code does” sign AKA the licence). By the act of uploading itself, you implicitly declared that your intent was in fact the opposite of such a sign. If it were forbidden to attempt a reasonable non-literal interpretation of the extent of what such an intent might allow for, and instead everyone had to consent to every specific treatment, then that would make questions of ethics very simple as they would not come up in the first place; it would also make the world a lot simpler, as nothing would ever get done.

This is especially true if the question is how to ask consent of someone who never consented to be asked for consent, and who did not consent to things that they couldn’t know about because they weren’t yet invented or even conceived. At that point you don’t need Kant, you need a time machine.

permitting anyone with a good idea to write a robot to send me email I never consented to

It’s hard to even call this robot-generated mail when the scale of the entire system is so limited that Adam could do the whole process by hand in two minutes per day. It’s certainly not bulk mail by any reasonable definition of bulk. And the rate of invention of such systems is infinitesimally low, so that angle won’t support a Categorical Imperative argument against it either. I contend that any credible Categorical Imperative case against this proposal would inherently be even more valid as a case against the human-operated use of email by me.

Re:I think it’s okay

chromatic on 2009-07-15T08:36:40

You never put a “please don’t use this” sign on your code...

Why do you persist in attempting to equate allowing the use of code I've uploaded under a DFSG-compatible license with implicit permission to send me unsolicited, automated email?

One important difference is that your use of code I have written consumes no resources on systems under my control. Unsolicted, automated email consumes resources on my mail server. This is not the only difference, but it is a stark difference.

By the act of uploading itself...

... I never opted in to automated bulk email, not once, no way, no how, and especially not one piece from systems which did not exist at the time of my first upload to PAUSE.

If you disagree, can you point to any written explanation (outside of this discussion) of the community expectations such that third parties have the right to send unsolicited, robot-generated mail to people who have uploaded distributions to the CPAN?

May I suggest that such services all consider following the Messaging Anti-Abuse Working Group Senders Best Communications Practices (PDF link)?

It’s hard to even call this robot-generated mail when the scale of the entire system is so limited that Adam could do the whole process by hand in two minutes per day.

I take that (implied subjunctive) litotes as agreement that it is robot-generated mail.

Re:I think it’s okay

Aristotle on 2009-07-15T10:16:39

I take that (implied subjunctive) litotes as agreement that it is robot-generated mail.

I was going to propose a thought experiment here, but as per below I’m not going to bother.

Why do you persist in attempting to equate allowing the use of code I’ve uploaded under a DFSG-compatible license with implicit permission to send me unsolicited, automated email?

I’m not. The situation has far more qualifying circumstances than your narrow (in my view) portrayal would suggest, and either I am unable to convey this or you are unwilling to entertain the consequences of those compounding factors. Since my position depends on those, we are not going to converge, no matter how long we go in circles.

We disagree, and I have nothing further beyond that to say.

Re:I think it's okay

Alias on 2009-07-15T02:20:28

There is likewise no agreement that by uploading something to PAUSE you grant permission for non-automated emails either. Or to judge your code, or to index it for searching, or to do anything else.

I don't have the fancy book learning, so I had to look up most of your second paragraph on wikipedia, but I think it's total hyperbole to suggest my proposal imposes some kind of categorical imperative.

I've suggest nothing of the kind.

Re:I think it’s okay

Aristotle on 2009-07-15T02:36:27

The idea of the Categorical Imperative is essentially to guide your actions by asking the question, “would/could I want the action I’m going to take next to be raised to a universal law?” (ie. everyone has to do it all the time). So the question in your case would be, would/could you want everyone to constantly invent email notification services such as the one you are about to build? As in, how would that affect you, your inbox, and your email address?

And in this case, if these notification services actually follow all the same constraints as the one you proposed (incl. implicit ones; too many to bother to list them here – I wrote a paragraph and still wasn’t done when I stopped and deleted it), I would say the answer is: sure, why not?

when? when they opt in.

particle on 2009-07-13T13:52:01

send out a message to the top 100 cpan module authors, explaining that this module is used by a number of other cpan modules. ask if they'll opt in to receive error reports via email. if they do not opt in, they may track the reports via the web page at the link provided.

also, you may suggest that authors (especially of these modules) write and release a release policy and a support policy to clarify what (if any) structure there is to the module release process and what (if any) support is available by the module author or the community for the module.

~particle

"if there aren't many" is the wrong qualifier

dug on 2009-07-13T19:55:24

"If they have agreed to receive this communication" is the right one, and the one that the answer is "yes" to.

-- Douglas Hunter

Monthly

frew on 2009-07-14T01:08:40

I'd say make it monthly. Especially if their module isn't failing, but you didn't make it clear if you meant always or just when it was failing.

I think it's OK to email them

drhyde on 2009-07-14T10:30:42

It's fine to email the top few every so often, but only *ever* email a given author *once*. The first email is enough to notify them of the existence of the service and I'd leave it up to them to follow it themselves afterwards.

Re:I think it's OK to email them

Alias on 2009-07-15T12:27:33

And yet if the entire purpose of the service is to notify you of situations you may have missed because you weren't paying attention.

Should we expect authors to be continuously monitoring the monitoring system?

For typical monitoring systems like Nagios, the reverse is the normal situation.

Re:I think it's OK to email them

drhyde on 2009-07-15T12:44:30

Maybe a per-author RSS feed would be useful then. That way, my computer keeps an eye on it for me, and emails me any changes, but it's my choice to receive those emails so you won't get whining little gits calling you a spammer.