Members have some good ideas for improvements, and might be interested in doing them themselves.

This would also provide a useful and constructive way for members to collaborate with each other, and build the community.

I suggest that:

1. Arfcom stand up a self-hosted git web site (GitLab, etc)
2. Integrate the authentication with the arfcom forum login (so usernames are the same), allowing paid members, and established free members
3. Use the AGPLv3 license
4. Git web site wouldn't have to be public (could be private and require a login)

Discussions would follow the same CoC as the rest of the site.

Code reviews could be shared between the forum staff and vetted members.

Might require having a 3rd party do a security review of the code first, but that's not a bad thing in and of itself.

I vote no as there's no business case for this to happen.  Arfcom is way ahead of other forum designs even though it may not have the most gucci interface.

Not everything needs to be open source.

Let's use the suggestion to have searchable tags on memes and emojis as an example.

Do you disagree that such a change would improve the forum?

If it was open source, someone could fork the code, make changes, and then make a demo site for other users to see and comment on whether they think the change is positive or negative for the forum.

The user name change feature might have come sooner if it was crowd sourced to the users also.

Here's another one that people might work on open source - disabling gif avatars.

The larger benefit I see here is that we can have a space for programmers to collaborate and build a community of like minded people, and that community may be valuable in other ways in the future.

That doesn't exist right now on places like github, because who knows who the hell you're talking to on there - could be a raging liberal that wants to add a backdoor package into a common Node.JS library to disable Russian users.

uBlockOrigin blocks all the blinky stuff on ARF - avatars, ads, emojis.  Makes ARFCOM much more enjoyable.

APIs are well and good but make sure the user experience isn't forgotten.

Make sure you have a security audit on your new APIs before they're released; hacking attempts are guaranteed and sophisticated.

I hope the suggestion to open source isn't permanently dismissed; one of the problems open sourcing this would help with is building a community/pool of libertarian/conservative engineers to work on something together, see each others abilities, and network.

If I wanted to hire libertarian/conservative friendly engineers, where would I go to find them? Linked in? lol. Where would I go to find conservative friendly general consulting vendors? Do they even exist?

Open sourcing the site would provide an additional means of community/member engagement, as we as other tangential values. Not to mention free labor.

It wouldn't solve world hunger, but I think it would be a good thing and should be considered.

Every once in a while I get bored and audit the site's security

and I'm sure you never find any issues.. right? right?

Nothing major in a while

@Foxxz

What would you charge to do white hat penetration / security testing / data xfil attempts of a web site? What's involved for a contract like that for a web site owner to get their own site evaluated?

Theres a scope of work document and documents outlining some specifics of what will and won't be done and at what levels/depth. Theres alot of non-disclosure agreements on both sides for obvious reasons. Hold harmless clauses in case theres damage to the site, downtime, or other bad effects. The number of people on the customer side who know its happening or whos doing the work is limited to prevent employee retaliation against the contractor as sometimes people are fired, disciplined, or embarrassed by the findings. If things are hosted via cloud companies that can complicate the matter.

I am not usually involved in the contract part so I'm generalizing what I know there. As I like to jokingly tell people... I'm more on the "supply" side of crime.

Subnet may have some to say here as well. And I may be able to refer you to a company that can help as I am not currently in a position to take contracts directly.

I think that's a fantastic idea. Even if none of the code was ever merged, it would work as a brainstorming/collaborating area for ideas and be a great way to coalesce and network a quickly growing sub-community of tech oriented 2A people.  

Seems like an idea that would fit right in with PSA's big, forward looking moves. You'd think Brownells would jump on this.