gnome-passwordsafe & my involvement

It is difficult to get frustration off your chest and doing so in a constructive and non-offensive manner, so please bear with me.

The beginnings

I started my involvement in the nice gnome-passwordsafe some time ago, providing patches and merge requests, with the maintainers being rather non-responsive. But the program is nifty and works well, filling a niche on mobile phone screens. I then pondered a fork or rewrite, but after @okias (David Heidelberg) was granted maintainer role, things started to flow and I aborted any forking fantasies I had.

Recent past

Things have been working rather smoothly, and we have managed a nice 4.0 release with lots of active contributions. As openhub.net puts it “Over the past twelve months, 37 developers contributed new code to GNOME Password Safe. This is one of the largest open-source teams in the world, and is in the top 2% of all project teams on Open Hub.
@okias is a great maintainer, and msandova aka deathwish_, Jean Felder and me have worked relentlessly in our spare time to clean up the code base and pay back accrued technical debt. Nonetheless, frustration and annoyedness with regard to the project have been growing for me recently and it stopped being fun. Having a full-time job and a family, the one thing I do not want is annoyedness and frustration in my spare time.

Status Quo

Three currently active core contributors have worked to refactor the code base and improve the code architecture. All three agree on the fact there is … lots of potential for improvement and have worked to achieve it. The rub is, all three have different visions of how precisely that should look like and the code base is so small and (still) intertangled that it is hardly possible to focus on different areas without stepping on each other toes, or breaking each other merge requests.

At the same time my frustration has been growing as some of my commits in a MR have been lingering or rejected by “being out of scope” for a MR (it removed a superfluous and invisible GtkBox) while at the same time crucial files (hello main_window.py) is totally refactored in another MR without any indication of what the refactor is good for and why there was a need to do so; complaining about everybody else touching that file. Or rejecting MRs that get rid of additional threads, saying we should first methodologically analyze what they did. Well, I did not come up with a patch by randomly fuzzing the code base, so I would appreciate if the hours spent to analyze the code flow were not just discredited as unmethodologically.
I don’t want to get into personal accusations about specifics because I guess others might feel just the same about their interactions with me (and probably rightfully so).

At times, I feel I don’t fit into the culture of the project, I do like python and gtk. But I have not drunk the flatpak-CoolAid yet (I prefer my distribution as the distributor of code), and don’t think flathub.org is our user facing homepage. I don’t think “secrets” is an appropriate name for a password manager. Gtk4 will not be a panacea, and we should not focus solely on it the day it is being release (or even before). And I believe a python programm is allowed to use pythonic programming patterns rather than GObject’ifying all and everything (unless it makes sense to do so).

I would rather work in incremental steps and use defensive programming using a baby step approach. On the other hand, I am clueless when it comes to GtkBuilder ui files and I don’t appreciate the small UI papercuts with a similar level of importance as others do, so having complementary talents work on the code is certainly useful and needed.

But I do not think the code base is big and modular enough for 3-4 code architects to work on it simultanously. At the same time I don’t want my grumpiness to impede on the progress of the project. So I will be scaling down my efforts with passwordsafe and wait until the major architecture has settled down and contributions are more useful again. Nobody benefits from 30+ competing merge requests all changing the same files being proposed simultaneously.

The future

I will be back!

Best of luck to all involved, continue to rock the boat, and making passwordsafe work well on Linux phones. I am not gone from the project, but I will refrain from bigger merge requests until things have settled down a little. I am not bitter or offended and think you passwordsafe devs are all doing great work: where we had too few over the last two years, we now have a bit too many too active cooks trying their hand at the same meal. I’ll be back for dessert.