Sign In

Forgot your password? No account yet?

Weasyl goes open source

Posted by skylerbunny

Hello everyone,

When you register an account with Weasyl, you provide an email address to us. We'd like to ask you to take a moment to verify that yours is still current, and if not, to change it to one that is. Please do so, to maintain the security of your account. If you get locked out of your account, we won't be able to assist you if you cannot access the email address on file. You can check your email address here: Weasyl: Edit Password and Email Address

A big part of Weasyl has always been about giving back to our community, and today we're doing just that: We are pleased to announce that we are now open source! You can grab a copy of the code over on GitHub, right here. We understand that there may be concerns about us releasing our code to the wild, where it will be under scrutiny from various people, so we have prepared a small Q&A to help answer some questions and hopefully alleviate any concerns:

Q: Will the site be less secure if anyone has access to the source code?
A: The practice of security through obscurity is not great; it's the equivalent of crossing your fingers that no one will discover an exploit. Like many open source projects, we believe that following best practices for security and acting quickly on any issues is a much better way to go. We'll work hard to be worthy of your trust.

Q: Does this mean anyone can see my personal information, private messages or my password?
A: There is no personal information in the code itself. To help with development, the install process does download a small database containing sample content pulled and scrubbed from Weasyl staff accounts. No content is included from non-staff users or those who haven't otherwise explicitly given permission to use their account so unless we've spoken to you directly, nothing of yours is available. Even for the accounts included, hidden submissions, private messages, journals, hidden favorites, notifications, and similar things have been removed and passwords have been reset.

Q: Can I submit code to Weasyl to help improve the site?
A: Absolutely! In fact, we encourage anyone who wants to help improve the site to submit patches and fixes as they see fit. We'll be developing primarily through GitHub in the future, so if you're already familiar with it, submitting a change is as easy as forking the repo, making your changes, and issuing a pull request. If your code is included in a release, we'll be sure to give you credit.

Q: What license are you releasing the code under?
A: We are releasing under Apache License 2.0.

Q: How does Weasyl run? What language(s) does it use and what are the technical details?
A: It's a mix of four large eggs, Python, SQLAlchemy, Twisted, sanpera, (although that might change), and many other libraries (see the requirements.txt). Our deployments use nginx, PostgreSQL, and memcached. It's nothing too exotic.

If you have any further questions or concerns, please let us know and we'll be happy to answer them. We've opened a thread on our forums for questions specifically around the open source release which you can find here. For development questions, we also have a new Gitter room and our Development Twitter. As always you can contact us for general inquiries on Twitter, our Forums, or our Support Email.

Thank you and happy Weasyling!