Where's the controversy? A maintainer and a contributor disagreeing about a bug report, and it gets a bit heated. Nothing important to see there, and nothing we haven't seen a thousand times in public bug trackers.
The submitter was pretty civil for the most part, and Kovid ended with:
> Something answering posts from fools like you over the years should have taught me a long time ago.
And submitter is correct - he does this often. I recall a security bug that he refused to fix as fixing it would break some convenient feature. That one got really heated, and only when distributions declared they will stop carrying calibre in their package management system did he cave in and fix it.
Nevertheless, I don't see these as obvious reasons not to support him in Patreon.
I stumbled into that git issue and couldn't stop reading. He was immediately dismissive of the security suggestion, even when that person had gone out of their way to provide verifiable examples of the vulnerability. I ended up not installing the software.
You mean you didn't install Calibre because of a bug report where the author allegedly misbehaved? That's odd. A lot of open source software is riddled with ego and personality clashes, and because they play out in public forums, mailing lists and bug trackers for everyone to see, these flamewars tend to be very visible (also see: Linus Torvalds' outbursts). Do you also not use these programs?
Did you need Calibre in the first place? If so, what did you end up using instead?
There are many other such instances in which the lead dev immediately responds to bug reports with 'works on my machine' without even asking for details to reproduce the bug. Any further words from the bug reporter are met with sarcasm or words worse than I would term "a bit heated".
How much, exactly, are any of these people reporting bugs paying for this software?
You use open source software that is made by one guy and offered to the world for free, you kind of have to deal with the possibility that that guy has better things to do than fuss over every bug report.
I have no way of knowing how much these people paid, if anything, to the dev's Patreon or Liberapay or Donate to PayPal. What they did do was spend their time reporting serious issues for zero payment. Bugs are important to fix, some bugs can be critically important to fix. If the dev chooses to fix these bugs, it is the dev that will receive all credit for doing so. The person who made the effort (albeit minor in comparison) of reporting the issue will not be credited or acknowledged in any way.
Also, I think a vulnerability that allows unprivileged users to gain root on a system on which Calibre is installed is worth fussing over.
