upvote

points

by obsidianbases119 hours ago |
comments
upvoteby presbyterian19 hours ago|
next
[-]
"there is no lock-in" is a thing that's said a lot about Obsidian and, as an Obsidian fan, I feel like isn't totally true. Yes, Obsidian just stores markdown files, but it has unique syntaxes, especially if you're using plugins, that aren't transferable. So while I can get my files out, I still have to go through the annoying process of fixing them and getting it working in whatever new system I switch to when I leave. It's still far better than a lot of other proprietary tools, absolutely, but it's also not trivial to drop Obsidian if/when you stop using it
reply
upvoteby PokerFacowaty3 hours ago|
parent|
next
[-]
You're right that it's not totally true, because it's not a universal Markdown flavor, but at the same time their additions are well-documented in their docs (they have to be for people to use them), so migration tools can just keep up with that.
reply
upvoteby joemi16 hours ago|
parent|
prev|
[-]
Doesn't seem remotely fair to consider lock-in caused by plugins to be an Obsidian lock-in. If the plugin is storing data in such a way that it's not usable in a tool other than Obsidian, that's 100% the plugin's fault, not Obsidian's no matter which way you look at it.

Also, more generally, any software that has unique features will require "the annoying process of fixing them and getting it working in whatever new system I switch to when I leave", whether it's open source or not. So you're not actually looking for open source, you're just looking for something with perfect feature parity to another program.

reply
upvoteby sprinkly-dust18 hours ago|
prev|
next
[-]
There are still free as in freedom software hardliner folks out there. The idea that every piece of revoked source code is an affront to computing rights might be less applicable in Obsidian's case since the files are still portable, and the system may be sufficiently extensible through custom plugins (you can load anything you want through the developer plugins option) that source code itself is not necessary. Though perhaps one might want to re-assure themselves that there is nothing 'malicious' happening in the software, that's only achievable with auditing it oneself and using reproducible builds. Perhaps the freedom to fork is also not as thoroughly infringed since the files are portable and reverse engineering is not impeded.
reply
upvoteby kid6416 hours ago|
prev|
next
[-]
In what universe is it trusted? This blog post is an admission that they've been lying to their userbase about their review process for years, with updates receiving no review whatsoever. Enjoy your mass exfiltration.
reply
upvoteby kepano15 hours ago|
parent|
[-]
Huh? The old review process has always been well-documented and occurred via PRs on GitHub completely in the open. It was a known limitation and something that we set out to revamp with the new system.

From the docs:

> The Obsidian team is small and unable to manually review every new release of community plugins. Instead, we rely on the help of the community to identify and report issues with plugins.

https://github.com/obsidianmd/obsidian-help/blob/master/en/E...

reply
upvoteby kid6414 hours ago|
parent|
[-]
I realize you're just doing your job as CEO to shape perceptions here, but this is your best effort? The docs should have correctly stated "we don't review ANY new community plugin release". Hint: This is where you would admit the review process itself was meaningless theater intended to provide a false sense of security to users that trusted you.
reply
upvoteby kepano14 hours ago|
parent|
[-]
That would not have been accurate though.
reply
upvoteby kid6413 hours ago|
parent|
[-]
For those that aren't aware, this is all meant to distract/confuse you in light of this story: https://cyber.netsecops.io/articles/obsidian-plugin-abused-i...
reply
upvoteby kepano11 hours ago|
parent|
[-]
We've been working on the project for nearly a year, so no.

https://github.com/obsidianmd/eslint-plugin/commits/

reply
upvoteby kid6411 hours ago|
parent|
[-]
Just say "I think my users are stupid" and be done with it. The timing of your announcement is obviously not a coincidence. You are genuinely terrible at this.
reply
upvoteby kepano10 hours ago|
parent|
[-]
I certainly feel that I am losing brain cells here :)
reply
upvoteby kid646 hours ago|
parent|
[-]
https://news.ycombinator.com/item?id=48088576

What, no smiley face in those comments? Maybe a silly shrug would have been appropriate.

reply
upvoteby doginasuit18 hours ago|
prev|
[-]
I don't think it makes any sense given the history of tech companies to count any of them as a trusted source. Open source doesn't ask for your trust, and it is the only way to get off on the right foot.
reply
upvoteby kepano17 hours ago|
parent|
next
[-]
Speaking as someone who spends most of his time making open-source software, open source still requires trust. Almost all Obsidian plugins are open source, yet the reason for this new review system is that people don't have the time or ability to vet every line of code of every piece of software. Open source software is only as reliable as the maintenance infrastructure around it. It makes promises that can't be guaranteed about its dependencies, its maintainers, the formats it uses, etc.

See also: https://stephango.com/self-guarantee

reply
upvoteby joemi16 hours ago|
parent|
prev|
[-]
> Open source doesn't ask for your trust

And yet, I'd wager my life savings that almost no one using open source software actually verifies that it's not malicious in a different way than one would closed source software (ie. reputation), and instead almost everyone just trusts it.

reply