I understand that many #foss projects have been locked in #github as a result of a choice made in the past.

However, it makes little sense to me to see new, interesting #foss projects to opt for #github while there are less unethical code hosting platforms out there.

@dimitrisk @rysiek for me, it's discoverability: I use shitty GH code search a lot. I think I'd get a lot less contributors in a private Gitea instance. I hope that these impediments will be solved in the future.

Follow

@astro
I actually pulled my code off of GitHub (and archived it there) since I got no contribution whatsoever.

Not surprisingly when you consider that the median number of maintainers is 1.

Working across different Gitea instances is an interesting subject.
I was wondering whether WebMention or so could be used for the communication part.

Or we go back to classical mailing lists with all their downsides.
@dimitrisk @rysiek

@rysiek @RyunoKi @astro @forgefriends @forgefed

Wrt discoverability, I suppose that large projects do not desperately need #github to be discoverable.

Small and single-person projects may benefit from the community culture present in non big-tech, #foss #git platforms as well, instead of being lost in the github crowd.

@dimitrisk @rysiek @RyunoKi @astro @forgefriends @forgefed I tend to agree: knowing the vast majority of internet search go through Google, it would be surprising that discovering software projects is predominantly dependent on GitHub.

@dachary @dimitrisk @rysiek @RyunoKi @forgefriends @forgefed codesearch could be a neat niche for every search provider, eg duckduckgo

@astro
I was about to suggest writing an Instant Answer plugin for it:
help.duckduckgo.com/open-sourc

But it appears DuckDuckHack switched to maintenance mode for the time being
@dachary @dimitrisk @rysiek @forgefriends @forgefed

@RyunoKi @astro @dachary @dimitrisk @rysiek @forgefriends @forgefed I wouldn't be surprised if Microsoft GitHub shows up more in DuckDuckGo, since it uses Microsoft Bing as it's engine.

@lwriemen
Actually npm appears quite prominent (acquired by GitHub before they in turn were bought up by Microsoft)
@astro @dachary @dimitrisk @rysiek @forgefriends @forgefed

@dimitrisk @rysiek @RyunoKi @astro @forgefriends @forgefed Discoverability? Who just wanders around GitHub looking for projects? I've literally never done that and can't imagine why I'd bother.

@be @dimitrisk @RyunoKi @astro @forgefriends @forgefed that's kind of my internal reaction too, but I've learned that my lack of imagination is not a great proof that something isn't a thing. 😉

@malte @be @dimitrisk @RyunoKi @astro @forgefriends @forgefed

I do that too sometimes, i.e. to find new #ActivityPub projects to add to the #delightful lists at codeberg.org/fediverse

Wrt network effects mentioned by @rysiek I want to call on everyone, technical-minded or not to check out #forgefriends community. It is co-shared by multiple projects, open and welcoming.

With federation we can open the ecosystem for the entire Free Software Development Lifecycle, where Github is so dominant.

@malte @be @dimitrisk @RyunoKi @astro @forgefriends @forgefed @rysiek

Oh, I'll place a link to the #forgefriends community:

forum.forgefriends.org

Dedicated to bringing code forges to the #Fediverse and with 2 free software projects working on that currently:

forgefriends.org

forgeflux.io

Also note that @gitea will be working on federation, hopefully in close collaboration and maybe see themselves as part of "forge friends" movement to grab the opportunities that exist.

@be I'm not too fond of it, but it works for me. I'd be happy to know alternatives, if they exist.

@be @dimitrisk @rysiek @RyunoKi @astro @forgefed Just the other day I searched GitHub for a particular vulnerability and mass opened issues on all of their repos that way, the few projects that didn't use GitHub were much harder to track down the vulnerability and figure out how to report it.

Personally I host all my code on my own gitea and GitHub and they link to each other.

@moparisthebest

Regarding the reporting I would advocate for SECURITY.md files, e.g. snyk.io/blog/add-a-security-md

Mass scan would require some kind of @MetaGer but for code.
Some way to register one's search.

@forgefed @dimitrisk @rysiek @be @astro

@moparisthebest
Try doing that, privately.

We know people don't like to hear this but if a project is exclusively on Github (or CloudFlare GitLab) then its not ethical.

Thankfully, Gargron is fairly easily contactable from outside Github. Thankfully many BTC devs are easily contactable, this is **not** the case for all projects — and big ones.

Some have really created a #unwelcoming and we argue unethical #walledGarden on those platforms.

@forgefed @dimitrisk @RyunoKi @rysiek @be @astro

@be @dimitrisk @rysiek @RyunoKi @astro @forgefriends @forgefed You know where I do wander around in. AptGet!

At least then I know there's enough curation to assure me those projects are alive and still functional on the latest systems!

If it's not in Debian, I like asking whether anyone would actually recommend the project.

@rysiek @RyunoKi @astro @dimitrisk ah, my bad. posts weren't federating.

regardless, there doesn't seem to be any actual progress being mentioned on the @forgefriends account, and what we said earlier remains true for @forgefed, so the point still stands.

@dachary
Woah, that article touches so many points I had in mind that I will go over it and follow the links.

Thanks for sharing!
@rysiek @snailerotica @astro @dimitrisk @forgefriends @forgefed

Want to do a small audio message about it?... 

@dachary @RyunoKi @astro @dimitrisk @rysiek Hey all, Happy to do a small audio message about it (I do all the work, run it by you first as usual)

More examples here (all personal chats, relaxed no big thing in 20mins and you get audio)

freeschool.0id.org/?s=audio

Sign in to participate in the conversation
Layer8 in Space

Welcome to the 8th Layer of Madness

Most topics are related to Linux, Anime, Music, Software and maaaany more