And it made me think: why did someone down vote the package? I have no idea. What did they not like about the package? I have no idea. Who was it? I have no idea. Can I contact them to discuss? No. Did they leave a comment? Not that I got.
What can I do to improve that rating? I don't know.
Others perhaps think that I can actively do something to improve that rating, but I can't.
For me as a developer, the star rating isn't very useful or am I missing something? How do other developers deal with star rating?
Perhaps add a comment in your read me near the top saying something like: "If you have any suggestions or feedback, please contact me via...."
From my POV, the license is a bit odd - I know there are folk who will shy away from odd-ball licences (preferring well known, much used, MIT or Apache 2.0)
Perhaps people should also have an open mind about these things: if the software is free of charge and the license tells them to be friendly and nice, then obviously, that's too much payment. Too bad.
I don't like evil people and my code isn't for them and I definitely don't want my work to help them be evil. As I've said before: I'm hardly in a position to enforce that license but at least - potentially - it makes people think about what is evil and what is not evil.
But that's purely speculation, I don't know. And that's the core of my question - what does the star rating help me?
Before that, the JSLint license[3] was a derivative of the MIT License.[4] The sole modification was the addition of the line "The Software shall be used for Good, not Evil.
I dont like evil in any form (though defining evil is not something to answer here) but it is an odd license and I am just stating that some users, perhaps those (good, non evil users) who have been burned or know someone who has been burned prefer to use a well known and trusted licence. Just saying. And yes just speculation.
It is mostly for users (to gauge the comunities opinion of the node) but I agree, it is somewhat lacking. There are no comments (enterable or retrievable) and no means of a developer accessing who marked it up/down.
Until something is proposed, agreed & implemented all I can suggest is nice friendly welcoming instructions on your README that requests the user contact you either via the forum, GH issues, email or some other means.
For me, i would prefer a bit richer staring that scores various aspects (like does it work, is it easy to use, does it have built in docs, is it internationalised etc) - but without a public comments (they are hard to manage, hard to curate).
.. or those users who happen to work for "Big Corp" with "big internal compliance departments" that say "thou shalt not install software that isn't MIT or Apache" who can't (or shouldn't) even install said package even if it looks like the best thing since sliced bread.
All the more reason to use my license, I certainly won't be doing evil (at least within my moral codec). The trusted license don't help people who have been burnt unless you mean by closed source licenses (which mine isn't) then only using open source software might help but even then (or arguably especially then) there are risks. (See the poisoning of the well that has been happening to registry such as npm or PyPi why I say "especially then".)
True that. I use giscus to have comments on my blog - not that there have been any comments! Which does take away the management pain, if not the curation pain.
Btw I can star my own packages Which did improve the above rating from 4 to 4.3 - wait, was that being evil? Well at least I'm being honest ... hm, perhaps I should change my license to "be honest and not too evil" ...
not evil at all... politicians can vote for themselves... so you should have at least one 5 star rating for each of your nodes.... in fact if not then I would count that as not doing due diligence/maintenance.
What I just tried was adding the giscus JS into a <script....> tag into my README.md - that would have created a comment box in my readme on flows.nodered.org - but of course, <script> tags aren't allowed, so nothing got rendered.
Just as background, giscus uses github logins to allow people to comment. These comments are stored as discussions on repositories (of ones own choosing) - so the discussion feature has to be activated on the corresponding repository. It's nice since no - paid - storage is required, no payments and users have to be logged into GitHub - no spam. But also no comments because which user is going to be logged into GitHub
It would be a simple solution to the comment part of this discussion but it would require flows.nodered.org to allow the rendering of third party scripts. Or perhaps some "meta" YAML at the top of a readme.md files would automagically trigger the rendering of giscus comments...
It is disheartening when that happens, however I think that sometimes you just have to take the rough with the smooth, and suck it up, otherwise it drains your enthusiasm.
I've had the same happen to me, despite fixing every issue promptly, and implementing all feature requests except one...Hmm??
I don't know how the score is rounded, and whether due to more positive voting over time we may eventually reach the magic 5, or stuck at 4.9 forever
Indeed, that license precludes its use from many commercial and public bodies I'm afraid.
Of course, but many organisations have rules and legal constraints which would prevent the use of such a license as it would put the organisation at risk.
Personally, I would much rather that anyone adding a star rating should have to also contribute a comment. But unfortunately, there is no mechanism for that right now.
A call to action to encourage folk to also add an issue or discussion on GitHub is the best that can be done right now.
No that's not the point, the point is that there is little constructive feedback. When feedback comes, it tends to be "hey I need this feature in addition to XYZ, why haven't you done it yet"?
I would love to hear from people who actually use my code and tell me for what they use it. Or why they used it and then stopped using it. Or how it could be improved to meet their needs.
How does a license put an organisation at risk? That someone sues them if they do do evil? I can't make the connection between the "don't do evil" license and "risk". Risk of what? Opening minds and reflecting about what is evil? Either way, I don't quite see why I should bend to the needs of "organisations" that are unable to provide feedback or sponsorship or encouragement for my work.
Perhaps it's a case of the "organisation" looking out of their walled-gardens and seeing something they can't have because they believe it would be a "risk" to their precise garden. This is also the idea behind the GPL (which forces "organisations" to open source their changes to GPL software) but that has dropped out of favour for the same reasons: the "organisation" don't get absolute freedom of free-of-charge, free-of-strings software, and hence can't turn a nice profit with that software.
Perhaps the next step will be that GitHub will begin to charge developers if they don't use a free-of-charge and free-of-strings license so that large mega-corporations can incorporate that software into their closed-source fee-based subscription software to turn a mega profit each month.
A large organisation is not going to pay a legal expert to look at a non-standard license and decide whether it is ok for them to use the s/w. They have rules that say they can use s/w if it has license A or license B.
You don't need to, but why are you developing nodes in the first place? Personally it makes me feel good if lots of users use one of my nodes. So I use a standard license that allows the maximum number of users to access it.
Sorry, not the place to go into details about legal liabilities and risk management I'm afraid. I've been doing this stuff for a looong time.
And that is entirely your call of course.
I'm just saying that few commercial organisations would be happy to accept such a license - heck, even a some of the open source licenses such as GPL are seen as risks they won't take. This gets even harder when looking at government and regulated industries.
Your "license" isn't recognised legally which means that organisations can't know their legal liability under the license. It is a fine sentiment, it just has no legal standing.
No, that's not it at all. This is about legal liabilities.
That would be entirely a call they could legally make if they wanted to. However, it would kill them off quickly.
The problem with your "license" is that it isn't legally enforceable and it does not give organisations a legally enforceable standard to work to.
I've only recently become aware of this and I'll probably be building into my new website rather than Disqus that I used on my old blog.
The only downside being that it requires, I believe, a GitHub login for people to respond.
That's the risk I meant, the legal uncertainty is the risk. Or perhaps creating the risk. And again: the legal liabilities of a mega-corp is not my problem or concern. And I don't see why it should be.
That is the whole point. I guess when talking to a bunch of lawyers, morality has no value. I don't consider it a "problem", I consider it a sentiment that raises - at least - two important questions a) why is it not legal enforceable b) why is "evil" so hard to define?
After all, we live in societies that preach/teach/claim that evil is bad and being good is good. Yet, at the same time, we have such a problem defining what evil is. Evil cannot be legally defined. Weird really.
Now normally I should be on a soapbox in Hyde Park (or wherever those soap boxes are) and ranting about this, I choose to do it in a different way.
Clarification: this is not about taking sides, pointing fingers or complaining about the state of the world or the people who lead us, this is purely philosophical.
I guess a philosophical programmer is a rare species.
Outside of the scope of this forum. You should consult a lawyer for that.
Well human kind has been trying to define that since we became sentient I suspect. And much of the definition comes down to societal conventions and expectations. What is evil in 1 society may not be in another - the source of a great many wars throughout history.
But this too is nothing to do with Node-RED and so outside of the scope of this forum I think.
Which did improve the above rating from 4 to 4.3 - wait, was that being evil? 
Well at least I'm being honest ... hm, perhaps I should change my license to "be honest and not too evil" ...
