@dimitrisk @rysiek for me, it's discoverability: I use shitty GH code search a lot. I think I'd get a lot less contributors in a private Gitea instance. I hope that these impediments will be solved in the future.
@astro @dimitrisk but you are also the flipside of your own reason to be on GitHub: the reason more contributors are present on GitHub is because there are more projects there.
Network effect.
@rysiek @dimitrisk I am missing a code search service that works across sites.
The search experts at Google offered that once but canned it like they always do with actually useful products.
@astro
I actually pulled my code off of GitHub (and archived it there) since I got no contribution whatsoever.
Not surprisingly when you consider that the median number of maintainers is 1.
Working across different Gitea instances is an interesting subject.
I was wondering whether WebMention or so could be used for the communication part.
Or we go back to classical mailing lists with all their downsides.
@dimitrisk @rysiek
@rysiek @RyunoKi @astro @forgefriends @forgefed
Wrt discoverability, I suppose that large projects do not desperately need #github to be discoverable.
Small and single-person projects may benefit from the community culture present in non big-tech, #foss #git platforms as well, instead of being lost in the github crowd.
@dimitrisk @rysiek @RyunoKi @astro @forgefriends @forgefed I tend to agree: knowing the vast majority of internet search go through Google, it would be surprising that discovering software projects is predominantly dependent on GitHub.
@dachary @dimitrisk @rysiek @RyunoKi @forgefriends @forgefed codesearch could be a neat niche for every search provider, eg duckduckgo
@astro
I was about to suggest writing an Instant Answer plugin for it:
https://help.duckduckgo.com/open-source/opensource-overview/
But it appears DuckDuckHack switched to maintenance mode for the time being
@dachary @dimitrisk @rysiek @forgefriends @forgefed
@lwriemen
Actually npm appears quite prominent (acquired by GitHub before they in turn were bought up by Microsoft)
@astro @dachary @dimitrisk @rysiek @forgefriends @forgefed
@dimitrisk @rysiek @RyunoKi @astro @forgefriends @forgefed Discoverability? Who just wanders around GitHub looking for projects? I've literally never done that and can't imagine why I'd bother.
@be @dimitrisk @RyunoKi @astro @forgefriends @forgefed that's kind of my internal reaction too, but I've learned that my lack of imagination is not a great proof that something isn't a thing. 😉
@be @dimitrisk @rysiek @RyunoKi @astro @forgefriends @forgefed i do, occasionally 😬
@malte @be @dimitrisk @RyunoKi @astro @forgefriends @forgefed
I do that too sometimes, i.e. to find new #ActivityPub projects to add to the #delightful lists at https://codeberg.org/fediverse
Wrt network effects mentioned by @rysiek I want to call on everyone, technical-minded or not to check out #forgefriends community. It is co-shared by multiple projects, open and welcoming.
With federation we can open the ecosystem for the entire Free Software Development Lifecycle, where Github is so dominant.
@malte @be @dimitrisk @RyunoKi @astro @forgefriends @forgefed @rysiek
Oh, I'll place a link to the #forgefriends community:
https://forum.forgefriends.org
Dedicated to bringing code forges to the #Fediverse and with 2 free software projects working on that currently:
Also note that @gitea will be working on federation, hopefully in close collaboration and maybe see themselves as part of "forge friends" movement to grab the opportunities that exist.
@be I'm not too fond of it, but it works for me. I'd be happy to know alternatives, if they exist.
Personally I host all my code on my own gitea and GitHub and they link to each other.
Regarding the reporting I would advocate for SECURITY.md files, e.g. https://snyk.io/blog/add-a-security-md-file-to-your-azure-repos
Mass scan would require some kind of @MetaGer but for code.
Some way to register one's search.
@moparisthebest
Try doing that, privately.
We know people don't like to hear this but if a project is exclusively on Github (or CloudFlare GitLab) then its not ethical.
Thankfully, Gargron is fairly easily contactable from outside Github. Thankfully many BTC devs are easily contactable, this is **not** the case for all projects — and big ones.
Some have really created a #unwelcoming and we argue unethical #walledGarden on those platforms.
@be @dimitrisk @rysiek @RyunoKi @astro @forgefriends @forgefed You know where I do wander around in. AptGet!
At least then I know there's enough curation to assure me those projects are alive and still functional on the latest systems!
If it's not in Debian, I like asking whether anyone would actually recommend the project.
@rysiek @RyunoKi @astro @dimitrisk
@forgefriends @forgefed both seem to be dead.
@snailerotica @RyunoKi @astro @dimitrisk @forgefriends @forgefed what? ForgeFriends has activity on their account on Feb 6th.
@rysiek @RyunoKi @astro @dimitrisk ah, my bad. posts weren't federating.
regardless, there doesn't seem to be any actual progress being mentioned on the @forgefriends account, and what we said earlier remains true for @forgefed, so the point still stands.
@snailerotica @RyunoKi @astro @dimitrisk @forgefriends @forgefed well then it's dead 🤷♀️
@rysiek @snailerotica @RyunoKi @astro @dimitrisk @forgefriends @forgefed the forgefriends activity report was published today. It is making progress and I'm happy about it 😃
@dachary
Woah, that article touches so many points I had in mind that I will go over it and follow the links.
Thanks for sharing!
@rysiek @snailerotica @astro @dimitrisk @forgefriends @forgefed
@RyunoKi @astro @dimitrisk @rysiek #gitea got funding last month to work on federation, so that Gitea instances can communicate with each other.
@astro @dimitrisk @rysiek
@dimitrisk The majority of people has a github account, if you want to get them involved, you need to be there.
@gcrkrause I get your point. However, we have this discussion on the fediverse instead of twitter or facebook, after having found an instance and created a new account here, while most people just use the big social platforms.
Let's say now that you are a #foss contributor and you feel that there is a contradiction between making foss and using github. How much of a burden is to create a new account?
@dimitrisk lets imagine users want to file an issue. They are pretty diversive, some might just not understand how another platform works, some might rely on special accessibility tools... Now imagine some devs, who earn some money each month with github sponsors, who cannot effort to rent their own infrastructure... I guess the effort is quite low in the average but high in the median
@gcrkrause @dimitrisk Honestly? There is also new account fatigue for some of us. Like, I get it that this part of the web is decentralized, but I'm also tired of creating new accounts. An ideal would be to pipe the 2 together while encouraging others use more ethical alternatives. And, of course, accessibility needs. Big tech is far, far, better about that than most would care to admit.
@weirdwriter yes, this is an important thing as well, thank you for the addition! Real decentralisation requires using of a service without creating an account there. I guess mailing patches kind of solves this issue, but its a workflow barely anyone supports and is slightly harder to lern than filing a merge request. @dimitrisk
@gcrkrause @dimitrisk granted, it’s much easier to delete accounts over here than it is on the mainstream, but just the sheer notion of keeping up with multiple accounts, really does not appeal to me at all like it used to. Maybe this comes from weeks of me trying to delete myself from the mainstream web, and old services I used to use but no longer use. It’s really made me change my view on having multiple accounts just to use a new service.
@astro Which platform do you prefer?
@albert_magellan I like gitea a lot.
@dimitrisk I moved all my repositories from Github to a gitlab. It's some work, but it's doable. So, even if you choosed Github in the past, it is not forever.
I documented the migration (in french) https://www.bortzmeyer.org/github-to-gitlab.html
@dimitrisk In what way is GitHub unethical? I now lots of people dislike the M$ ownership, but is there something more sinister which I've missed?
@underlap @dimitrisk People often cite its proprietary nature, the increasing commercialization of it, and the fact that it has worked with ICE.
I personally avoid it because it's a walled garden situation.
@josias @dimitrisk Thanks. What's ICE?
Not sure about GitHub being a walked garden as I can fork a repo freely. But maybe GitHub actions etc. are thought to impede this by creating build-time dependencies.
@underlap @dimitrisk ICE is the United States Immigration and Customs Enforcement, i.e. the enforcement behind the US border and those considered responsible for the what happens there (I'm not comfortable discussing this further here).
Regarding the walled garden:
You can fork and clone repos from GitHub freely, but issues and other GitHub-specific features (organizations, discussions, teams, etc.) are not portable or standardized.
(@forgefriends is trying to fix this with Gitea, etc)
@dimitrisk Until we have federation for the others, the network effect is still too strong. You don't want to register on a new instance every time you just intend to comment on some issue somewhere. You need to be able to do that with either the existing account of your home instance, or via some portable identity/DID.
@dimitrisk Oh man, I love Github. What did they do that was unethical?
1. Develop LFS, which relies on a central server, instead of building on the pre-existing git-annex, which allows you to sync data between multiple git hosts with annex support
2. Promote Releases over tags, where Releases live on github instead of in the repo
3. Promote github in a way that makes newcomers believe it is synonymous with git
4. Manage issues outside git and put rate limiters that are preventing e.g. gitea from migrating their project off github to their own hosting with issues intact
5. Only allow PRs from repos that were github-forked from the upstream repo, once again promoting github-chokepoint workflows over git-native workflows
@clacke @dimitrisk @calligraffiti And I think only one of those I would naturally fall into (4), and I'd be happy to abandon issue history to move if it made sense.
@clacke @dimitrisk @LovesTha You should write an article, 'Steps to Insuring Your Repo Stays Portable'
Thank you! Very good to know. What do you use for your git repos? And do you still maintain Github repos? Seems like Github has become a code search engine on top of everything else.
@dimitrisk @LovesTha
@dimitrisk how does the lock in work? Just that moving issues etc is hard?
@dimitrisk I believe it's primarily about ease of use, discoverability and features. it'd be nice if something like a federated Git existed. Gitea is planning to implement that, but unfortunately it uses the heavy Matrix protocol and I don't think that'd be viable at all
@clacke @dimitrisk @forgefed @gitea @forgefriends I did see something about using Matrix for discussions/issues though
@dimitrisk I’m having this debate recently with folks starting new projects, and their arguments are:
- to get the biggest audience/community they want to go with the “standard” where most other popular projects are
- (from managers) when using open source to recruit, again there is a desire for the visibility of GitHub, because most candidates will look at the company’s presence there.
Not saying I agree but that’s where people are.