Dear OTRS AG, dear Christopher, dear Manuel,
it’s been a while since we talked. That might be deplorable. But meanwhile we used our resources to push the OtterHub infrastructure (namely the registered association OtterHub e.V.) . That is to provide the community with the chance to collaborate and help each other.
In your statement about the packageverification you talk about OtterHub as “detached community members”. That hurts a little. The community project OPAR is where community members spend a lot of time to voluntarily contribute to the OTRS project.
Obviously your statement is a direct reaction to the critique that emerged from different parties (including individual members of OtterHub) on the new package verification.
Package Verification – Why bother?
Review and verification of packages is a reasonable and appropriate way to secure a certain standard. Our concern therefore isn’t about the verification itself. It’s all about the implementation, the ambiguous verification conditions, and the lack of communication ahead.
Renée Bäcker published a broad to-the-point analysis at http://reneeb-perlblog.blogspot.de/2013/06/otrs-und-die-paketverifizierung.html (German only).
From our point of view this leads to the following conclusions:
- The silent transmission of system data of any kind to servers of OTRS AG is not acceptable. Users must have the choice if such verification is wanted or not.
- If a package is not verified the wording of the “error” message must be non-discriminating to other vendors.
- The criteria for verification must be public.
- A verification of commercial packages by the OTRS AG must include an NDA. An implicit transfer of rights is not acceptable.
- Non-commercial packages should be verified for free if possible. Transfer of rights would be okay if limited to non-commercial usage (such as in the OTRS standard).
- Third party vendors must be allowed to verify their own packages.
Contributions to the standard
Your statement also brings in the explicit accusation OtterHub would willingly not contribute to the OTRS standard.
It’s a fact that concerning contributions there’s still a lot of unanswered question (see https://github.com/OTRS/otrs/pull/42, also Renée’s article). It’s also a fact that code snippets, mechanisms and ideas from packages made by OtterHub members were taken and put into the standard.
A lot of us would be eager to contribute more and more directly to the project. It’s on you to provide acceptable conditions for that. That includes providing an official contributors file to honor the people who put their effort into the code.
A closing word
OTRS is a great project and there are many people out there putting a lot of effort and passion into making it even better. Part of those people are you at the OTRS AG. Another part of them chose to organize themselves at OtterHub to consolidate activities and develop together. OtterHub is your chance to get in contact with the community. We’d be happy if you follow our invitation to discuss topics like that earlier and – that’s the main point – in corporation with us.
Obée OtterHub e. V.