I get offers almost every day from recruiters looking for Drupal talent. I appreciate these offers, but most fail in ways that are obvious to me as a candidate. I used to write a response to every offer, but that took too much time. Now I delete most offers as soon as I receive them. If you are a recruiter, this may baffle you. Why would I ignore your offer if I’m open to work? For recruiters who have been waiting to hear back from me, consider this my response. For recruiters who want to do better, here are some suggestions.
At the DrupalCon Portland community summit, we discussed how local meetup organizers could support each other by maintaining a shared slide show for meetups. I have started a slide show and am looking for volunteers to join me in building it. Leave a comment on the issue in the Event Organizers Working Group if you can help.
Last week, I wrote about how free software has to break out of the customer-vendor mindset. The customer-vendor mindset doesn’t work with free software because users don’t pay and developers don’t provide customer service. The free software community works on a build-what-you-use model. I ended by saying that the build-what-you-use model is not enough to sustain hero developers—people who contribute at a level that cannot be sustained by their own use of free software.
I was able to spend some time in the DrupalCon Community Summit yesterday. One of our topics was how a paid ecosystem could align with Drupal core values. We have developers who are not getting paid for the work they do to support their projects, and users who complain about the support they are given as if they had paid for it. Developers feel like users are bad customers because they don't pay, and users feel like developers are bad vendors because they don’t provide support.
Yesterday I had my fears confirmed about the Drupal Automatic Updates initiative. It requires sites to be able to modify core Drupal files. While this makes it easier to fix vulnerabilities, it is not something you want when your site is actually being attacked. The best way to protect against someone exploiting a vulnerability to modify your Drupal core files is to change the file permissions so that your site cannot modify them.
Today I was listening to Talking Drupal #168. The topic was how to ensure that open source project developers can afford to provide updates to their users. As an open source developer myself, I have to disagree with the premise that we should support a distinction between users and developers. The projects that I develop for are the projects that I use. As a user-developer, I do not care how many users a project has. I care how many user-developers it has.