Can responsibility be unilaterally placed in a person? I would say no. Power can be given, but responsibility must be taken - an active choice. Specifically, I think when you act upon a situation, you sometimes implicitly assume responsibility for the outcome, such as traffic accidents; but when you merely make a product or service available (without misrepresenting its state of quality!), then the responsibility lies with those who decide to take advantage of it. I don’t believe that releasing a piece of software on the internet for others to use carries an implicit assumption of responsibility for the consequences, nor do I believe it would be good for software if it did. If I had responsibility for every bad choice people could make with my code, I would probably never put anything on Github!
“Supererogatory” is an enjoyable word, so I’m glad for this opportunity to use it: I think taking responsibility for the consequences of releasing software unpaid is supererogatory. It marks you as a good person if you do it, but there is no obligation, nor should there be. I think there is a negative duty to not misrepresent your software - sweep issues under the rug, silence criticism, denigrate competitors, suggest it’s supported when you stopped working on it years ago - but there is no positive duty to support or manage consequences beyond that.
Also, I find the politicization of technical decisions deeply offensive, so there’s that too.
edit: Just saw a comment of mine from three days ago where I said “Morally, when you invite users to sink time into your software, you have to treat that time with at least a minimum of respect.” Why did I feel differently about that? I think it comes down to misrepresentation - you assume some amount of responsibility by advertising your software as fit for a purpose. For instance, if your software has known bugs that destroy data, I think there’s a positive duty to at least mention that. Similarly, if you’re running a webservice, while there’s no moral obligation to keep running it I think there’s a demand of courtesy to inform people before you delete their stored data. Likewise, I take a dim view on “entrapment” - offering a feature, then hiding it behind a paywall when users are locked into your ecosystem. In other words, I don’t think there is any moral obligation to support your users, customize your application for your users, or provide a service in perpetuity - but I do think there’s a positive obligation to accurately represent the limits of your offering.
The choice and responsibility is the user’s only inasmuch as the information you have given them to form their expectations is accurate.
protobuf supports circular references? huh TIL