Ask HN: Have you ever regretted open-sourcing something?

Open source is usually seen as a win - for learning, visibility, and the community. But have you ever regretted it?

Maybe it became a burden to maintain, attracted the wrong users, or got used in ways you didn’t expect.

Would love to hear your experience - good or bad.

6 points | by paulwilsonn 11 hours ago

4 comments

acheong08 6 hours ago
I regret open sourcing my reverse engineering of Obsidian Sync. I did it mostly for personal use but thought it might be useful for others. After a bit of cat and mouse, they fixed all the "vulnerabilities" that let you change the sync and publish endpoints and now I'm still stuck using a very outdated version. I recently found another way to get it working on IOS again but definitely not publishing it.
[-]
- al_borland 1 hour ago
  I always just stick my Obsidian vault in iCloud and called it a day. No additional sync service required.
- josephcsible 6 hours ago
  Why do they consider it a "vulnerability" that you can change configuration of software running on your own computer? I've heard a lot of good things about Obsidian before, but hearing that basically burns it all up and means I'm going to strongly recommend nobody buy anything from them anymore.
  [-]
  - dtkav 6 hours ago
    Obsidian distributes their software for free, and makes money on a core plugin called Obsidian Sync (note that it is not open source). Obsidian Sync relies on their cloud to offer e2ee file sync.
    Obsidian also has a rich plugin ecosystem with lots of open source plugins that are available and serve the same purpose (and you can use gdrive, dropbox, etc too).
    It makes sense to me that they released a proprietary privacy and security focused plugin (that is their core business) and they don't want other plugins to be able to arbitrarily change the server that their plugin is pointed at.
    Suppose they have a government customer who is using Obsidian Sync and the sync URL can be changed easily via configuration changes -- now the customer believes they are using Obsidian Sync, but actually their data is going somewhere else.
    I don't think you would be surprised to find that e.g. a dropbox daemon has protections to make sure it is pointing at dropbox.com. Why would you expect Obsidian to be different?
    (disclaimer: I work on a different plugin that adds file sync and collaboration features to Obsidian)
    [-]
    - acheong08 4 hours ago
      My opinion is that they should have a rule such that plugins from the official list can't modify the sync url to prevent abuse and phishing but the user should still be able to do whatever they want. The process for manually adding a plugin is already enough friction for users to be aware what they're doing is not "safe"
incomingpain 10 hours ago
>Maybe it became a burden to maintain,
This is literally why i think AI coding cant touch dev jobs.
In theory you can code LOADS of projects. Want a panel widget on your desktop environment, dont even know what language its in? ask ai to produce it.
but when you have open source projects, people from all over the world bring their requests and problems to you. Some are great to just merge, others you have no clue what they are doing wrong but it's totally them; and you get paid in github stars? Now there's a bunch of open source projects that are just working for me every day, but i havent modified in years and they look stagnant.
but even in the non-open source realm, no dev wants to forever maintain a project. Its not a regret, just 1 dev can probably only be responsible for a handful of codebases/projects and ai coding isnt going to super expand this.
[-]
- al_borland 1 hour ago
  Isn’t this the thing AI is going to claim to solve? A project exists, a user writes a feature request, the AI codes up the changes, pushes a new release, and everyone is happy. That’s the sales pitch.
  The big issue with this, even if it works perfectly every time, is that there is no one at the core of the project with some vision and taste, who is willing to say “no” to bad ideas or things outside the scope of the project. We’d end up seeing a lot of bloat over time. I’m sure AI will claim to solve that too, just have it code up a new lightweight project. The project sprawl will be endless.
pestatije 8 hours ago
i was asked for a third party lib exemption licence, i asked for a sweetener...no, they couldn't even answer me after that
sexyman48 10 hours ago
Steve Ballmer nailed it when he said GPL is a cancer. No professional programmer wants to open source anything, but once one competitor does it, he must follow suit to stay competitive.