52
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
this post was submitted on 05 Mar 2024
52 points (77.1% liked)
Fediverse
17854 readers
2 users here now
A community dedicated to fediverse news and discussion.
Fediverse is a portmanteau of "federation" and "universe".
Getting started on Fediverse;
- What is the fediverse?
- Fediverse Platforms
- How to run your own community
founded 5 years ago
MODERATORS
With time, perhaps, but why is someone going to do that as a prerequisite for a spare-time FOSS contribution? People tend to contribute to the projects they already have the skills for.
Knowing the minimal syntax of a language to get past compilation errors is not even remotely close to being "competent" in it. You need to learn the language's structures, you need to learn how the compiler works, you need to learn the libraries that the FOSS project is using, you need to learn the security pitfalls for the language... The language used can be a HUGE hurdle to overcome.
"You know Python and Javascript, so you can write competent C++ code that is FOSS-contribution-acceptable if you take a week to learn!" (inb4 memory management and pointers and templates and 'oh no every input field I wrote is a trivial buffer overflow'...)
People also tend to pick up new skills when they have a driving incentive to do so, like supporting a project they have a vested interest in seeing improved.
Most of the bread and butter ones have analogues in other languages you should readily understand. More language-unique structures are rare; the more niche they are, the lower the odds your ability to contribute in a meaningful way hinges on your understanding of them.
You really don't, though? Modern compilers, particularly the Rust compiler, are designed to abstract away as much of the details of compilation as possible. If the project really does need to tickle the compiler a certain way to get it to build, it will almost certainly have a buildscript and/or a readme.
This is true regardless of the language in use. I'm not sure why you brought it up.
I would imagine most of these language-specific security footguns are either A) so specific that you will never hit the conditions where they apply, B) are so blazingly obvious that code review will illuminate what you did wrong and you can learn how to fix it, or C) so obscure that even the project owner doesn't understand them, so you'd be at minimum matching the rest of the codebase quality.
Mind, I am not insinuating that one can simply bang out a whole new submodule of a project in an unfamiliar language with minimal learning time. Large contributions to large projects can be hard to make even when you're a veteran of the language in use, as the complexity of the project in and of itself can be its own massive barrier. But not every contribution needs to be big. And for most contributions, I don't believe the language is the most significant barrier to entry. It's a barrier, sure. But not the biggest one.
I'd wager it's not having a significant impact on the volume of contributions to Lemmy in particular.
Because if you know Python, you know
requests
already. Or flask, or configparser, or itertools, or maybe even pyqt.Languages all have their own 'most common libraries', which add to the time it takes to learn how to be competent in that language. If a python dev tells me they know all the syntax, but have no clue what itertools or requests are, my eyebrows go up.
There's a lot of language-specific knowledge that needs to be learned before you'll be competent in it, that people don't even think about.