Skip to content
Revolt Team Wiki

2023-12-02 Email from Vale 'Regarding Revolt'

StatusWaiting for
OpenFurther reply

2023-12-02: Email Received

Hi Insert, I hope this finds you well. As discussed, here are our outlined concerns:

Regarding Jennifer

While there is no doubt Jennifer is a competent developer, she frequently comes off as arrogant and has very strong feelings regarding open source code. Revolt, at its core, is a FOSS project. That is what resonates with people and is arguably its largest selling point. It’s core to the platform and imperative to the platform’s success that it remains this way. Conversely, Jen holds conflicting views and disagrees with this notion, preferring to have the platform closed source.

Furthermore, she has skirted around any questions regarding the source availability of the Android app. It is understandable that she may not want people to contribute during the initial development, and I don’t think any of us take direct issue with that. What we do take issue with is the fact that she, at no point to our knowledge, has explicitly stated that she intends for it to be open source upon release or at any point thereafter. In fact, she has explicitly stated that her primary motivation for keeping code proprietary is so she can collect praise. This contravenes a fundamental principle of the project, and if the source code for her native Android app fails to become publicly available, Revolt should not endorse it as official.

We also take issue with her attitude beyond this. Feedback provided on the Android app has often been met with a dismissive or snide response, without genuine consideration for improvement. Regarding user flow, she has outright told users they are wrong for not using the app as she’d expect and made no changes as a result. She is talented, and we’d like to see her continue to work on the project, but her current attitude simply doesn’t align with the platform and, in some instances, manifests outright hostility.

Regarding Zomatree

Zoma is another talented developer, but his constant condescending remarks and insults reflect an immature demeanour. He approaches every conversation with a confrontational attitude and alienates users. Whenever conversation turns to open source projects, he is the first to be critical. He openly insults projects simply because they are open source. He can frequently be seen reacting with “chad” to mentions of closed source software, even in serious contexts, and has a habit of employing constant dismissive use of phrases such as “cope” in response to criticism. Not only is this immature, but it also illustrates a lack of regard for user concerns.

This attitude contradicts the professionalism expected of someone leading development of any project, let alone one rooted in the principles of FOSS. Despite this, he does appear to have intentions of releasing the source code of the iOS app, which is good to see.

Regarding the Contributor License Agreement

CLAs get a bad wrap. They really should not be necessary in a project such as this. Historically, CLAs have been used to abuse and manipulate open source projects into using closed source licenses. Given the existing negative influence of the two individuals mentioned above, this is a genuine threat. Beyond this, CLAs also contribute to the barrier to entry for contributions, something that should be minimised in the best interests of the project. They are also complex and take time and money (both of which Revolt has very little of) to enforce. At the very least, the contributor license agreement should be reduced in scope and explicitly prevent relicensing.

Regarding Closed Source Components

Some crucial parts of Revolts infrastructure, such as Discover and the Admin Panel, remain entirely closed source. This shouldn’t be the case. While there is a case to be made for security through obscurity, it isn’t a very good one. The project has received notable criticism regarding the lack of available information relating to the Admin Panel specifically, and there are many individuals who have expressed interest in incorporating Discover into their own clients. It is worth noting that Jen has rejected the idea of users being able to implement Discover into their projects previously. We recognise time is limited, but when the opportunity presents itself, this code should be made open source. It isn’t even entirely necessary to decouple it from the main instance.

We sincerely hope this can be resolved swiftly with an amicable solution.

Best regards,

  • Declan Chidlow on behalf of concerned Revolt users

Initial Comments

As the first non-joke email I’ve received through here, it will take a bit of trial-and-error to figure out the proper processes for sorting out concerns.

As a general outline I would probably suggest:

  • Inquiry triage: any given information is collated into one place for appropriate parties to see
  • Initial response: I have an opportunity to comment on the received inquiry and I provide an opportunity for a response to the inquiry for all relevant parties
  • Open communication / debate: discussion topics are chosen based on initial responses and we open channels for these conversations to take place between all parties where possible
  • Resolution: figure out a plan to satisfy all parties
  • Post-mortem: discuss policy changes to avoid these issues occurring again

Ideally each involved party can provide their own desired resolution too.

In regards to the points raised:

  1. I will provide an opportunity for response first from both parties.

  2. From my perspective, and I’ve discussed this with people who I’d like to think are knowledgeable in this area, the CLA provides me with the ability to:

    • Enforce the license on behalf of the contributors. Which greatly simplifies copyright disputes.
    • Provide commerical licensing options. Which allows for alternative revenue streams for supporting Revolt’s development.
    • Potentially make it easier to ship code that we can’t publish. Such as the anti-spam, but so far this has proven to not be necessary. NB. it may be possible to publish the anti-spam engine itself in the near future.

    I appreciate CLAs are off-putting but the benefits seem to outweigh the negatives at least from what I perceive them to be necessary for.

    I am more than happy to discuss this further.

  3. So this has quite a few different reasons, but in summary, it is not about security through obscurity (except for the anti-spam!)

    • Admin Panel: this has mainly not been published because the code base is a mess and it’s quite tightly coupled to the production instance so I really don’t see it being useful to anyone else but I appreciate the auditing aspect It could certainly be published as-is, but at the very least personal team member emails (currently hard-coded for permissions) would need to be removed. I would prefer to do it properly down the line and publish a proper project, but I don’t have any qualms with releasing the current panel.
    • Discover: there’s quite a few motivations here:
      • Again it would prove to be difficult for anyone to run because it’s integrated into scripts scattered around the production instance, this is something I am looking to change with the Discover rewrite though.
      • It is tied into our branding which should be kept separate from third parties, this may be trivial to sort out but must be sorted out nonetheless.
      • One of the concerns that has been brought to me is that providing Discover freely will potentially lead to further fragmentation of the community and that it should be kept as a unique feature provided by the production instance. I would agree that it makes business sense not to publish it here, but that does close off opportunity for potential contributors and I appreciate it can be off-putting as well. This isn’t a point that I’m super solid on and would love to have a general team + community discussion regarding this.
    • Anti-spam: pretty much the only reason it’s closed off right now is because all of the rules are hard-coded, just a product of the fact that I had to build a solution pretty quickly, and I haven’t had the chance to refactor it since. Publishing it as-is would prove deterimental to our service quality.

2023-12-06: Email Received

Hi, I think both parties have had ample time to consider the initial discussions. We appreciate your clear, comprehensive response and outlined approach to addressing our concerns. I’m glad we’re publishing this openly, and I have nothing to redact at this time. Now, to business…

With regard to the CLA, we understand that it does have some benefits. Accepting this, we would still like to see some improvements. I have sent in an issue regarding some changes that we think would be appropriate. (https://github.com/revoltchat/cla/issues/1). We can continue the discussion regarding it in the comments of the issue.

In reference to the Admin Panel and Discover, we’re glad to hear you’re interested in making changes. We’re well aware of the lack of time and manpower available to implement the necessary changes and the challenges that come with them.

From a business standpoint, we understand that it could be beneficial to keep code closed source. However, following that logic, no part of Revolt should be open source due to the potential business impact. I think the best way to tackle it is to simply look at other monetization options, such as those discussed internally.

We do think it would be acceptable to allow certain parts of it, such as the anti-spam, to only be accessible upon request. But only in the case of components, where there really isn’t any conceivable way to prevent exploitation without simply obscuring it.

While we understand that this is something you can’t feasibly do given the time and labour constraints at the current time, we would like it in writing that you will endeavour to open source these components (not necessarily decouple them if difficult) when feasible.

We await a response regarding Revolt’s stance on both Jennifer and Zomatree, upon which we can discuss further.

Best Regards,

  • Declan Chidlow

2024-01-04: Update Requested

Sorry I didn’t expect to be that burnt out straight after finishing university, I’m currently studying for exams but I am trying to allocate time to maintain Revolt where possible.

A couple things I want to address:

  • There haven’t been any specific proposals made to the CLA yet, please follow up on this.
  • Licensing has been discussed with both native teams, an open source license has been chosen for both.

2024-01-24: Cont.

My schedule is falling into place now, I’m currently using this block of time to try to finish this up.

  • As before, the Admin Panel / Anti-spam may be published once sensitive data has been removed from them or otherwise the tools may end up getting replaced before that happens and the replacement will be published. I have no timeline for this but I do have it tracked as something to do. At the moment I’m going to continue focusing on getting the new clients up and ready so I don’t know where this will fit in yet (probably after).
  • With Discover more considerations would have to be taken to make sure there is no conflict with our brand identity (if someone wanted to run it themselves) and that there is limited avenue for ranking abuse by analysis of the code. I’m not going to provide any guarantees here yet but I am considering how to approach this still.
  • I have been given no further comment from team members so I’ll try to provide a reasonable comment myself.
    • Jen
      • As before, an open source license has been chosen for both projects, everything will be published in due time.
      • I’m also not going to exert control over anyone’s views / beliefs / actions or remove anyone unless if it is truly detrimental to Revolt (i.e. breaks our policies). Our team conduct recommends preferring to be helpful to others but it is not a strict requirement and certainly not enforced as everything is on a volunteer basis.
      • w.r.t feedback: I would need to see some concrete examples before I can comment further. In general, I would understand not wanting to take on feedback so early in development since there’s a lot to build, especially as a solo dev. I think this would be a different situation if it was in production or public beta.
    • Zoma
      • I’ve recently spoken direct with Zoma about this (unrelated to this inquiry) and they have agreed to make an improvement in this regard.