OpenOffice could shutter due to lack of volunteer developers
OpenOffice, one of the most prominent free alternatives to Microsoft Office, is in big trouble. Dennis E. Hamilton, its volunteer vice president, has recently sent out a message to the project mailing list to inform members that its “retirement… is a serious possibility” due to lack of volunteer developers. According to Ars Technica, many of its contributors moved to LibreOffice after it launched, which you might know as that other free alternative that’s been publishing updates more frequently. This lack of manpower has been affecting the team’s ability to deal with security vulnerabilities. “In the case of Apache OpenOffice,” he wrote, “needing to disclose security vulnerabilities for which there is no mitigation in an update has become a serious issue.”
For instance, OpenOffice informed people about a vulnerability in July, but it never issued an updated version with a fix. Instead, the team suggested switching to either Microsoft Office or LibreOffice and issued a hotfix you have to install manually a month later. Hamilton detailed how a shutdown would go, including the termination of the project’s social media accounts. Not everyone has lost hope, however. One contributor named Phillip Rhodes replied to the email thread that he’d rather the team think of how to attract more contributors instead of planning for the project’s shutdown.
Here’s a longer version of Hamilton’s mail, but you can read the whole thing on the team’s mailing list archives:
“I have regularly observed that the Apache OpenOffice project has limited capacity for sustaining the project in an energetic manner. It is also my considered opinion that there is no ready supply of developers who have the capacity, capability, and will to supplement the roughly half-dozen volunteers holding the project together. It doesn’t matter what the reasons for that might be.
The Apache Project Maturity Model (PMM), identifies the characteristics for which an Apache project is expected to strive.
Recently, some elements have been brought into serious question:
QU20: The project puts a very high priority on producing secure software.
QU50: The project strives to respond to documented bug reports in a timely manner.There is also a litmus test which is kind of a red line. That is for the project to have a Project Management Committee (PMC) capable of producing releases. That means that there are at least three available PMC members capable of building a functioning binary from a release-candidate archive, and who do so in providing binding votes to approve the release of that code.
In the case of Apache OpenOffice, needing to disclose security vulnerabilities for which there is no mitigation in an update has become a serious issue.
In responses to concerns raised in June, the PMC is currently tasked by the ASF Board to account for this inability and to provide a remedy. An indicator of the seriousness of the Board’s concern is the PMC been requested to report to the Board every month, starting in August, rather than quarterly, the normal case. One option for remedy that must be considered is retirement of the project. The request is for the PMC’s consideration among other possible options. The Board has not ordered a solution.
I cannot prediction how this will all work out. It is remiss of me not to point out that retirement of the project is a serious possibility.
There are those who fear that discussing retirement can become a self-fulfilling prophecy. My concern is that the project could end with a bang or a whimper. My interest is in seeing any retirement happen gracefully. That means we need to consider it as a contingency. For contingency plans, no time is a good time, but earlier is always better than later.”
(14)