GitLib destroys all credibility with open source maintainers worldwide in one fell swoop:
https://www.theregister.com/2022/08/04/gitlab_data_retention_policy/
@brion they're probably doing it for money reasons, but I really hate all of the stuff on GH that has been dead for year and years but still shows up in searches and people's dependencies.
Feels like telling projects that are no longer being used helps to clean up the ecosystem.
@ted code search *is* a hard problem, true, and doesn't get easier when there's lots of stuff. ;)
but sometimes... the 10-year old abandoned project is *exactly what I need* to solve my problem, either reviving it or learning from it.
my professional experience as an open source software developer really makes me shy away from the idea of making search easier by simply deleting things permanently ;_;
@brion sure, that does happen.
I have to wonder the number of cases of it being successful vs. the number of times that people take on an unmaintained security vulnerability though.
Not a clear answer either way. But I think things need to get off the "easy to use" list somehow. Where you have to revive it and realize you're agreeing to maintain it to bring it back as a dependency.
@ted now that I'll agree with :D
there's a real role for curation
@brion It was always a good idea to choose a centralized service, right guys?
@trevdev i heard y'all like decentralization so i centralized your decentralization :D
Why can't they simply archive the repos to disk, and not host it? And prepare a download if user asks
@brion haha holy shit.
@brion It still had any credibility before this?
@brion A bunch of python, go, rust, and nodejs stuff is about to not compile anymore.
@brion because refusing to say anything about working with ICE wasn't enough...
@brion welp, that's a project that needs to move
@brion Oh that's double plus ungood. Like, shocking.
Ugh ugh ugh.
@brion Obvious points aside, I find it interesting how this challenges our notion that everything on the Internet will be available forever.
@samgai *nod*
perhaps rather than demanding permanence we should embrace impermanence
"cool uris don't change" but real uris do -- we need to live in a world where that happens without our tools breaking :D
@brion Where do I begin to unpack this...
1. Software forges are ostensibly for collaboration; in practice they're social networks for programmers, but either way they're not archives.
2. Codeberg also deletes inactive projects.
3. Check your addiction to dependencies.
@brion But mostly, no kidding! When GH was bought out, many people, myself included, pointed out that GitLab was only marginally more trusty. Nobody listened. Enjoy.
of course, this is really gitlab's fault for offering a free service tier without actually backing it up with explicit support, which would've forced them to define a function for what sorts of projects can use the free tier with an expectation of ongoing availability for the software commons.