This weekend I attended the Mentor Summit that winds up the Google Summer of Code. It’s an event where up to 2 mentors from each organization involved are invited to hang out at the GooglePlex for a weekend, mingle with folks from other open source projects and see what happens. We discussed all sorts of things related to the Summer of Code program, in addition to a variety of other, generally open-source topics. It was operated as an unconference, so we made up the majority of the schedule as we went, and modified it as required.
I was at BizTechDay on Friday afternoon at the WordPress table, after which Raanan was kind enough to drop me off down in Mountain View at the Wild Palms Hotel, where everyone was staying for the event. That night there was food provided and some drinks, general mingling/networking etc. The next morning we were all shuttled over to the GooglePlex (although I got a ride with the guys from TYPO3, thanks!) where we could grab breakfast, and up to the main room where we started the process of figuring out a schedule for the next day and a half. People suggested topics on large sheets of paper and each mentor had 8 stickers which were used to vote on sessions to indicate their relative popularity, and thus which room they should use.
Once sessions were decided, we scheduled them in on a giant grid which was provided, and then we could break out and start attending sessions which interested us. I tried to go to something in every time slot, and here are a few general notes from the 3 most interesting sessions I attended:
- WordPress has a relatively bad reputation for security, particularly amongst open source folks (who admittedly tend to have a more heavy-handed view of those sorts of things)
- A few people (specifically Jake Applebaum of Tor and Dan Collis-Puro of the Berkman Center for Internet & Society) thought that specifically doing security-only patches for WordPress, and doing them for “old” versions would be a way to increase the number of users who applied them
- Doing security-only patches would also potentially allow us to do fully-automated core updates.
- Getting designers involved in open source projects is really difficult
- Breaking down small, bite-sized projects is a better way to get designers involved (one small module, one form, *something*)
- Designers need to be involved from the ground up where possible. It helps build respect and trust, and it means they understand what they’re designing better, so they avoid coming across as “coming down from on high” with their opinions
- All the major CMSs (WordPress, Drupal, Joomla,TYPO3, even MediaWiki to an extent) are coalescing around some similar problems/approaches, and are generally becoming application “frameworks” with a “default mode”.
- There is a LOT of potential to pool/combine development skills across these platforms to build common, core libraries (for things like Open ID, OAuth, Feed parsing, etc) where it makes sense
- There’s a lot to be learned from each other, yet we all felt like there was a culture of not wanting to publicly acknowledge/interact with each other for some reason (everyone is a zealot?)
- Below is a photo of the board of notes from a discussion on why the number of women involved in open source projects is so low:
For more detailed notes on all sessions, you can visit the mentor summit wiki.
All in all it was a great event, and I met some really cool people who I hope to maintain some connection with over time. I’m also hoping that perhaps from this we can start some sort of cross-pollination of ideas (and maybe even code) between some of the popular CMSs where it makes sense, and perhaps implement the idea of security-only patches in WordPress. We’ll see what happens.