One of the nice things about switching to Forgejo Actions is that the runner is lightweight, fast, and reliable - none of which I can say for the GitHub Actions runner. But even then, it's still more bloated than we'd ideally like; we don't need all the complexity of the YAML workflow syntax and Node.js-based actions. It'd also be cool for the CI system to integrate with https://codeberg.org/mlugg/robust-jobserver which the Zig compiler and build system will soon start speaking.

So if anything, we're likely to just roll our own runner in the future and making it talk to the Forgejo Actions endpoints.

Companies with heaps of cash are (over)paying "software engineers" to create and maintain it

Millions of people, unable to disable it, are "active users"

When I use Github servers I only use them to download source code, as zipballs or tarballs. I don't run any JS

The local forward proxy skips the redirects when downloading

   http-request set-path %[path,regsub(/blob/,/raw/,g)] if { hdr(host) github.com }
   http-request set-path %[path,regsub(/releases/tag/,/releases/expanded_assets/,g)] if { hdr(host) github.com }

GitHub's evolution as a good open source hosting platform stalled many years ago. Its advantages are its social network effects, not as technical infrastructure.

But from a technology and UX POV it's got growing issues because of this emphasis, and that's why the Zig people have moved, from what I can see.

I moved my projects (https://codeberg.org/timbran/) recently and have been so far impressed enough. Beyond ideological alignment (free software, distaste for Microsoft, want to get my stuff off US infrastructure [elbows up], etc.) the two chief advantages are that I could create my own "organization" without shelling over cash, and run my own actions with my own machines.

And since moving I haven't noticed any drop in engagement or new people noticing the project since moving. GitHub "stars" are a shite way of measuring project success.

Forgejo that's behind Codeberg is similar enough to GitHub that most people will barely notice anyways.

I'm personally not a fan of the code review tools in any of them (GitLab, Foregejo, or GitHub) because they don't support proper tracking of review commits like e.g. Gerritt does but oh well. At least Foregejo / Codeberg are open to community contribution.

It would appear they listened to that feedback, swallowed their ego/pride and did what was best for the Zig community with these edits. I commend them for their actions in doing what's best for the community at the cost of some personal mea culpa edits.

https://news.ycombinator.com/item?id=46114083

"I think that writing style is more LinkedIn than LLM, the style of people who might get slapped down if they wrote something individual.

Much of the world has agreed to sound like machines."

> More importantly, Actions is created by monkeys ...

vs

> Most importantly, Actions has inexcusable bugs ...

I commend the author for correcting their mistakes. However, IMHO, an acknowledgement instead of just a silent edit would have been better.

Anyway, each to their own, and I'm happy for the Zig community.

Code folding is buggy. Have some functions that have inner functions or other foldable stuff like classes with methods and inside the method maybe some inner function? It will only show folding buttons sporadically, seemingly without pattern.

Also standard text editing stuff like "double click and drag" no longer properly works without issues/has weird effects and behavior. The inspection of identifiers interferes with being able to properly select text.

The issue search is stupid too, often doesn't find the things one searches for.

You must be logged in to search properly too.

Most of the functionality is tied to running that JavaScript.

In short, it shows typical signs of a platform that is more and more JavaScriptianized with bloated frameworks making things work half-assed and not properly tested for sane standard behavior.

But there is more. Their silly AI bots closing issues. "State bot". "Dependabot". All trash or half thought out annoying (mis-)features. Then recently I read here on HN, that apparently a project maintainer can edit another person's post! This reeks of typical Microsoft issues with permissions to do things and not properly thinking such a thing through. Someone internally must be pushing for all this crap.

I appreciate that Andrew and the other Zig team members are really passionate about their project, their goals, and the ideals behind those goals. I was dismayed by the recent news of outbursts which do a lot to undermine their goals. That they’re listening to feedback and trying to take the high road (despite feeling a lot of frustration with the direction industry is taking) should be commended.

Indeed. The article even links to it.

https://ziggit.dev/t/migrating-from-github-to-codeberg-zig-p...

Have people already forgotten that the ReactJS port made github slow ? https://news.ycombinator.com/item?id=44799861

The revised, politically-correct, sanitized re-framing that you apparently insist on does not convey this very important point of information.

We have freedom of speech for a reason - blunt honesty conveys important information. Passive language does not.

They sugarcoated the truth to a friendlier but less accurate soundbite is what they did.

It feels to me like people have become way too reliant on this (in particular, forcing things into CI that could easily be done locally) and too trusting of those runners (ISTR some reports of malware).

>In addition, it is best to use code navigation simply in a web browser.

I've always found their navigation quite clunky and glitchy.

IMHO the vanilla Github UI sucks for code browsing since it's incredibly slow, and the search is also useless (the integrated web-vscode works much better - e.g. press '.' inside a Github project).

> as well as a well-formed CI system with many developed actions and free runners

The only good thing about the Github CI system are the free runners (including free Mac runners), for everything else it's objectively worse than the alternatives (like Gitlab CI).

Then I think the larger point I'd make is that it's impossible to get anyone to care. We've let tech giants like MS become so large they can essentially just ignore problems with their service, and as a customer, it does not matter that you are paying for it, or how much you pay, you're essentially nothing to MS. You pay not only in the direct cost of the product, but in the indirect costs of any problem with the product will hit you; e.g., here, with VMs just spinning due to really basic bugs. But you're right, nobody ever got fired for using Github.

The big "pro" of moving to a smaller platform to me, I hope, is that they're at least incentivized to help you succeed.

One reason I think most CI scripts should just be — as much as possible — scripts, in the literal sense, is that not only promotes running them locally, it also promotes moving to other CI platforms.

Sorry to be blunt, but you've said nothing of substance. To address the actual criticism you need to explain why these specific "inexcusable bugs" they cite are excusable from your perspective. Otherwise if the whole website doesn't function for months your statement "bugs exist, fixed slower than we'd like" would also apply and be just as meaningless

On the other hand "personalized ads" is still going strong despite the entire concept being offensive.

At any rate, the feed is still available and you can reach it via browser autocomplete. I open GitHub by typing "not" in my URL bar and landing on the notifications page.

Night and day compared to something like Linear.

The primary issue with SO was that it was disconnected from the actual communities maintaining the project. A federated solution would be able to have the same network effects while handing ownership to the original community (rather than a separate SO branch of the community)

(He did post a kind of vague apology in https://ziggit.dev/t/migrating-from-github-to-codeberg-zig-p..., but it's ambiguous enough that anyone who was offended is free to read it as either retracting the offending accusation, or not. This is plausibly the best available alternative for survival in the current social-media landscape, because it's at best useless to apologize to a mob that's performatively offended on behalf of people they don't personally know, and usually counterproductive because it marks you as a vulnerable victim, but the best available alternative might still tend to weaken the kind of integrity we're talking about rather than strengthen it.)

I find the fact that this painting has been hung crooked by 0.00001º: down

I find torture and mass murder: down

Clearly this is a ridiculous state of affairs. There's more gradations available than this.

Possibly coloured by my dutch culture: I think this rewrite is terrible. The original sentence was vastly superior, though I think the first rewrite (newbies to rookies) was an improvement.

The zig team is alarmed, and finds this state of affairs highly noteworthy and would like to communicate this more emotional, gut instincty sense in their words.

There's a reason humans invent colourful language and epithets. They always do, in all languages. Because it's useful!

And this rewrite takes it out. That's not actually a good thing. The fact that evidently the internet is so culturally USA-ised that any slightly colourful language is instantly taken as a personal affront and that in turn completely derails the entire debate into a pointless fight over etiquitte and whether something is 'appropriate' is fucking childish. I wish it wasn't so.

In human communication, the US is somewhat notorious in how flattened its emotional range is of interaction amongst friendly folk. One can bring anthropology into it if one must: Loads of folks from vastly different backgrounds all moving to a vast expanse of land? Given that cultural misunderstanding is extremely likely and the cost of such a misunderstanding is disastrously high, best plaster a massive smile on your face and be as diplomatic as you can be!

Consider as a practical example: Linus Torvalds' many famed communications. "NVidia? Fuck you!" was good. It made clear, in a very, very pithy way, that Linus wasn't just holding a negative opinion about the quality and behaviour of the nvidia gfx driver team at the time, but that this negative opinion was universal across a broad range of concerns and extremely so. It caused a shakeup where one was needed. All in 3 little words.

(Possibly the fact that the internet in general is even more incapable of dealing with colourful language is not necessarily the fault of USification of the internet: The internet is a lot like early US, at least in the sense that the risk of cultural misunderstanding is far higher than in face to face communications on most places on the planet).

This is not a group with community or pragmatism from the start.

Things like number of stars on a repository, number of forks, number of issues answered, number of followers for an account. All these things are powerful indicators of quality, and like it or not are now part of modern software engineering. Developers are more likely to use a repo that has more stars than its alternatives.

I know that the code should speak for itself and one should audit their dependencies and not depend on Github stars, but in practice this is not what happens, we rely on the community.

having used gerrit 10 years ago there's nothing about github's PRs that I like more, today.

> code navigation simply in a web browser

this is nice indeed, true.

> You write code, and almost everything works effortlessly.

if only. GHA are a hot mess because somehow we've landed in a local minimum of pretend-YAML-but-actually-shell-js-jinja-python and they have a smaller or bigger outage every other week, for years now.

> why developers like it so much

most everything else is much worse in at least one area and the most important thing it's what everyone uses. no one got fired for using github.

Man :| no. I genuinely understand the convenience of using Actions, but it's a horrible product.

Their reliability is not great unfortunately. Currently their 24h uptime is 89% for the main site. They are partially degraded right now.

The 14 day uptime is 98% but I think that’s actually because some of their auxiliary systems have great uptime, the main site is never that great it seems.

I would even consider that moving everything from one single point of failure to an other is not the brightest move.

I believe the correct question is "Why they are getting DDoSed this much if they are not something important?"

For anyone who wants to follow: https://social.anoxinon.de/@Codeberg

Even their status page is under attack. Sorry for my French, but WTF?

That's more of a you problem really.

> I'd expect a proper discussion before deciding to move

And you know the discussion did not happen?

Where have you been the last 15 years? However, I agree with your prediction. Coke making AI advertisements may have had cache a couple years ago, but now would be a doofus move.

  $ time curl -L 'https://codeberg.org/'
  real    0m3.063s
  user    0m0.060s
  sys     0m0.044s

  $ time curl -L 'https://github.com/'
  real    0m1.357s
  user    0m0.077s
  sys     0m0.096s

MS training AIs on Zig isn't their complaint here. They're saying that Github has become a worse service because MS aren't working on the fundamentals any more and just chasing the AI dream, and trying to get AI to write code for it is having bad results.

https://www.gnu.org/philosophy/rms-nyu-2001-transcript.txt

Eg,metaphors that make no sense or fail to contribute any meaningful insight or extrenely cliched phrases ("it was a dark and stormy night...") used seriously rather than for self-deprecating humor.

My favorite example of an AI tell was a youtube video about serial killers i was listening to for background noise which started one of its sentences with "but what at first seemed to be an innocent night of harmless serial murder quickly turned to something sinister."

It's just much easier now for "laypeople" to also adjust their style to this. My prediction is people will get quickly tired of it (as evidenced by your comment)

Thus spake zarathustra etc etc..

You need that middle-finger-to-everyone, "let me show you how it's really done" energy to build anything meaningful. Pretty much all the great builders I can think of in tech history are/were deeply angry people.

Linux seems to be doing fine.

I wouldn't personally care either way but it is non-obvious to me that the first version would actually hurt the community.

The normalization, in fact, has been quite successful. The entire silicon valley has tacitly approved of it.

You act like people arn't being rewarded for this type of behavior.

Hahahahahahahahahahahaha...

https://mastodon.social/@andrewrk

I think developers here are probably perfectly innocent about these changes. The product mangers have to push for this integration or get replaced. This has been a theme at Microsoft for quite a while.

Not to say their implementation doesn't suck. I just wouldn't know because even a non-buggy one would probably still be a subpar experience.

I don't think there's really an obligation to announce to newcomers, "hey, an earlier version of this post was overly inflammatory." But you should be forthright about your mistake to people who confront you about it, which is what's happening in the forum thread you linked. I think this is all fine.

If everyone is always bad regardless if they're trying to change, what incentives would they have from changing at all? It doesn't make any sense.

The reason why the latter stance is often popularized and cheered is because it is often harder to do, especially in the adverse conditions, when not changing your opinion has a direct cost of money or time or sanity or in rare cases even freedom. Usually it involves small human group or individual against a faceless corporation, making it even harder. Of course we should respect people standing against corporation.

PS: this is not applicable if they are "clearly wrong" of course.

If no one hates what you are doing chances are you're not doing anything really

Because this plays into a weird flaw in cognition that people have. When people become leaders because they are assholes and they are wrong, then after the wind blows the other way they see the light and do a mea culpa, there is always a certain segment that says that they're even more worthy to be a leader because they have the ability to change. They yell at the people who were always right that they are dogmatic and ask "why should people change their minds if they will be treated like this?"

If one can't see what's wrong with this toy scenario that I've strawmanned here, that's a problem. The only reason we ever cared about this person is because they were loud and wrong about everything. Now, we are expected to be proud of them because they are right, and make sure that they don't lose any status or position for admitting that. This becomes a new reason for the people who were previously attacking the people who were right to continue to attack the people who were right, who are also now officially dogmatic puritans whose problem is that they weren't being right correctly.

This is a social phenomenon, not a personality flaw in these leaders. People can be wrong and then right. People can not care either way and latch onto a trend for attention or profit, and follow it where it goes. I don't think either of these things are in and of themselves morally problematic. The problem is that there are people who are simply following individual personalities and repeating what they say, change their minds when that personality changes their mind, and whose primary aim is to attack anyone who is criticizing that personality. They don't really care about the issue in question (and usually don't know much about it), they're simply protecting that personality like a family member.

This, again, doesn't matter when the subject is stupid, like some aesthetic or consumer thing He used to hate the new Batman movies but now he says that he misunderstood them; who cares. But when the subject is a real life or death thing, or involves serious damage to people's lives and careers, it's poisonous when a vocal minority becomes dedicated to this personality worship.

It's so common that there now seems to be a pipeline of born-agains in front of everything, giving their opinion. Sir, you were a satanist until three years ago.

much better to put a colon in a filename, or call part of your toolchain "aux.exe"

https://help.interfaceware.com/v6/windows-reserved-file-name...

works like a treat

He represented his community with insulting words to the world. In higher ranks of IT it is all about communication. With his lack of proper words he showed these leaders, who decide about the adoption of Zig, that they do not want to communicate with him/the Zig community.

As a project/tech leader he is in the business of communications. He recognized this. See link in the article.

https://news.ycombinator.com/formatdoc

Eager to do what? If it sucks it sucks, but that's a very childish way to frame it, no one did anything on purpose or out of spite. That kind of silliness hurts the image of the project. But bad translation I suppose.

It is almost like getting someone else to proofread it since my mind isn’t as good at filling in the blanks like it is when looking at the code in the editor I wrote it in.

   1. Free hosting with decent UX
   2. Social features
   3. Lifecycle automation features

And probably, if the latter, fork that off into a different platform with a new name. (Microsoft loves naming things! Call it 'Codespaces 365 Live!')

You can donate here: https://donate.codeberg.org/

Setup recurring donations on liberapay: https://liberapay.com/codeberg/donate

Or join as a member here: https://join.codeberg.org/

There are a few things that keep me on Gitlab, but the main one is the quality of the CI/CD system and the gitlab runners.

I looked at Woodpecker, but it seems so docker-centric and we are, uh, not.

The other big gulf is issues and issue management. Gitlab CE is terrible; weird limitations (no epics unless you pay), broken features, UX nightmares, but from the looks of it Forjego is even more lacking in this area? Despite this seeming disdain, the other feature we regularly use is referencing issue numbers in commits to tie work together easily. On this one, I can see the answer as "be the change - contribute this to Forgejo" and I'm certainly willing. Still, it's currently a blocker.

But my hopes in putting this comment out there is that perhaps others have suggestions or insight I'm missing?

An issue with comments, linked to a PR with review comments, the commit stack implementing the feature, and further commits addressing comments is probably valuable data to train a coding agent.

Serving all that data is not just a matter of cloning the repo. It means hitting their (public, documented) API end points, that are likely more costly to run.

And if they rate limit the scrappers, the unscrupulous bunch will start spreading requests across the whole internet.

I think it's not malice, but stupidity. IoT made even a script kiddie capable of running a huge botnet capable of DDoSing anything but CloudFlare.

On Github any page loads gradually and you don't see a blank page even initially.

Check out Sourcehut (https://sourcehut.org/). It uses a mailing list-based workflow so contributing code or bug reports is relatively effortless and doesn't require a Sourcehut account.

might just do it federated way of "here is my domain, here is DNS entry pointing to my identity server to talk with", that way it isn't even tied to single identity service, but a given user will need to use only single login for all of the servers.

It's been years through and the ease of doing simple things is not always indicative of difficult things. Often quite the contrary...

Facebook has been on that path for well over a decade, and it shows. The service itself is absolute garbage. Users stay because everyone they know is already there and the groups they love are there, and they just tolerate being force-fed AI slop and being monitored. But Facebook is not GROWING as a result, it's slowly dying, much like it's aging userbase. But Facebook doesn't care because no one in charge of any company these days can see further than next quarter's earnings call.

The metrics you want are mostly ones they don't and can't have. Number of dependent projects for instance.

The metrics they keep are just what people have said, a way to gameify and keep people interested.

And for those who don’t remember SourceForge, it had two major problems in DevEx: first you couldn’t just get your open source project published. It had to be approved. And once it did, you had an ugly URL. GitHub had pretty URLs.

I remember putting up my very first open source project back before GitHub and going through this huge checklist of what a good open source project must have. Then seeing that people just tossed code onto GitHub as is: no man pages, no or little documentation, build instructions that resulted in errors, no curated changelog, and realizing that things are changing.

That's not accurate. They more or less only use Gerrit still. They started accepting Github PRs, but not really, see https://go.dev/doc/contribute#sending_a_change_github

> You will need a Gerrit account to respond to your reviewers, including to mark feedback as 'Done' if implemented as suggested

The comments are still gerrit, you really shouldn't use Github.

The Go reviewers are also more likely than usual to assume you're incompetent if your PR comes from Github, and the review will accordingly be slower and more likely to be rejected, and none of the go core contributors use the weird github PR flow.

codeberg supports logging in with GitHub accounts, and the PR interface is exactly the same

you have nothing new to learn!

I get that it got the job done and was standard at one point, but every single Jenkins instance I've seen in the wild is a steaming pile of ... unpatched, unloved, liability. I've come to understand that it isn't necessarily Jenkins at fault, it's teams 'running' their own infrastructure as an afterthought, coupled with the risk of borking the setup at the 'wrong time', which is always. From my experience this pattern seems nearly universal.

Github actions definitely has its warts and missing features, but I'll take managed build services over Jenkins every time.

  Tangled (2024, ATP)
  Radicle (2019, IPFS) 
  Codeberg (2018, Gitea fork which supports decentralized protocols)

> in the past 48 hours, code.qt.io has been under a persistent DDoS attack. The attackers utilize a highly distributed network of IP addresses, attempting to obstruct services and network bandwidth.

https://lists.qt-project.org/pipermail/development/2025-Nove...

That's not how threat analysis works. That's a conspiracy theory. You need to consider the difficulty of achieving it.

Otherwise I could start speculating which large NAS provider is trying to DDoS me, when in fact it's a script kiddie.

As for who would have the most incentives? Unscrupulous AI scrapers. Every unprotected site experiences a flood of AI scrapers/bots.

Now, all the servers I run has no public SSH ports, anymore. This is also why I don't expose home-servers to internet. I don't want that chaos at my doorstep.

https://en.wikipedia.org/wiki/AI_winter

Early 2010s had a lot of neural networks AI stuff going on and it certainly became a minor hype cycle as well though that kind of resulted in the current LLM wave.

You can also run a Forgejo instance (the software that powers Codeberg) locally - it is just a single binary that takes a minute to setup - and setup a local mirror of your Codeberg repo with code, issues, etc so you have access to your issues, wiki, etc until Codeberg is up and Forgejo (though you'll have to update them manually later).

From their FAQ:

> Why can't I mirror repositories from other code-hosting websites?

> Mirrors that pull content from other code hosting services were problematic for Codeberg. They ended up consuming a vast amount of resources (traffic, disk space) over time, as users that were experimenting with Codeberg would not delete those mirrors when leaving.

> A detailed explanation can be found in this blog post.[1]

[1]: https://blog.codeberg.org/mirror-repos-easily-created-consum...

The problem is the diff for PR#2 will show dough and toppings all mixed together. Unless you go into the commits view, but that's super tedious and it's easy to lose comments in there.

It's kind of frustrating because there's very little required to make this work. All you really need is for Github to detect `Depends on #1` like it detects `Fixes #123`, and then a) use the HEAD of #1 as the diff based for #2, and b) block merging #2 until #1 is merged.

It's really not that complicated but I'm not holding my breath.

I wish I could say this.

But unfortunately delaying your big PR until it's affecting schedule is a good way to dodge review.

I've spent more than a month trying to delete my account on GitHub, still couldn't do it

I was thinking of things like AI-generated patches submitted by Bun to the Zig project, or feature requests by Bun for AI-specific use cases... that could create a really bad atmosphere between Zig and Bun people if the Zig Foundation continuously rejects their contributions/requests/discussions.

The big reason I recall was that GitHub provided free public repos and limited private, while BitBucket was the opposite.

So if you primarily worked with open-source, GitHub was the better choice in that regard.

But VCS has always been a standard-preferring space, because its primary point is collaboration, so using something different creates a lot of pain.

And the good ship SS Linux Kernel was a lot of mass for any non-git solution to compete with.

And yes "we can't be arsed to patch it till it's problem" is pretty much standard for any on-site infrastructure that doesn't have ops people yelling at devs to keep it up to date, but that's more SaaS vs onsite benefit than Jenkins failing.

You can take this a setup furthur and use an environment manager to removing the installing of tools from CI as well for local/remote consistency and more benefits.

Is this not what you want?

https://docs.github.com/en/actions/how-tos/write-workflows/c...

> You just have github-runner-1 user and you need to manually check out repository, do your build and clean up after you're done with it. Very dirty and unpredictable. That's for self-hosted runner.

Yeah checking out everytime is a slight papercut I guess, but I guess it gives you control as sometimes you don't need to checkout anything or want a shallow/full clone. I guess if it checked out for you then their would be other papercuts.

I use their runners so never need to do any cleanup and get a fresh slate everytime.

I'm more interested in gerrit/git-codereview for stacked commits than jj. A couple extra commands for new folks, not a completely new tool and lexicon

It is easy to administer even for 15k users, and mostly it takes care of itself if you give it enough RAM and CPU for all the activity.

Downloading the virtual hard drive image from GitHub is easy and decrypting the code inside is borderline trivial, but I'm not going to help anyone do that. I've never had a need to do it.

As a server product it is good. I recommend it if you can afford it. It is not intended for private individuals or non-profits, though. It's for corporations who want their code on-premise, and for that it is quite good.

Story time:

I remember that back in the day I had a domain name for a pretty hot keyword with a great, organic position in Google rankings. Then someday it got all of a sudden serious boost from black-SEO, with a bazillion links from all kinds of unrelated websites. My domain got penalized and dropped of from the front page.

> it is just a single binary that takes a minute to setup - and setup a local mirror of your Codeberg repo with code, issues, etc so you have access to your issues, wiki, etc

is really cool! Having a local mirror also presumably gives you the means to build tools on top, to group and navigate and view them as best works for you, which could make that side of the process so much easier.

> you'll have to update them manually later

What does the manually part mean here? Just that you'll have to remember to do a `forgejo fetch` (or whatever equivalent) to sync it up?

PR#2 will show only what changed between dough and toppings.

If you merge it, it will become part of PR#1. You turned the dependency into a single block.

So, if you don't want to mix, you should merge the dependency (dough) first to main (or whatever is your target).

Codeberg probably also supports the same thing, it's a git thing not a GitHub thing. That's why I'm saying it works exactly as expected. Git alone already supports dependencies, and GitHub just follows it.

To block the merge, you can make a workflow that turns PRs with dependencies into drafts. However, as it is a merge from one PR into another, I don't see the reason to. You can easily de-merge them if you need.

From the looks of it, it seems that you are branching at the wrong point, and creating two PRs to main, one of them containing duplicates. That's not what I suggested.

All these things are a proxy for popularity and that is a valuable metric. I have seen projects with amazing code quality but if they are not maintained eventually they stop working due to updates to dependencies, external APIs, runtime environment, etc. And I have see projects with meh code quality but so popular that every quirk and weird issue had a known workaround. Take ffmpeg for example: its code is.. arcane. But would you choose a random video transcoder written in JavaScript just due to the beautiful code that was last updated in 2012?

I've always done it that way, and never got that feeling.

A competent developer would be more likely to send a PR using the tool with zero friction than to dedicate a few additional hours of his life to create an account and figure out how to use some obscure.

I can refer you to some github repositories with a low number of stars that are of extraordinarily high quality, and similarly, some shitty software with lots of stars. But I'm sure you get the point.

GH's PR system is semi-tolerable for open source projects. It's downright broken for commercial software teams of any scale.

Like the other commenter: I miss Gerrit and proper comment<->change tracking.

To avoid needing SSH just send your logs and metrics out and do something to autodeploy securely then you rarely need to be in. Or use k8s :)

all my services are always exposed for convenience but never on a standard port (except http)

Because one person is judging that "terribleness" before being entitled to flame, changes to that person influence their ability to objectively make that assessment.

Say, when their project becomes popular, they gain more power and fame, and suddenly their self-image is different.

Hence it usually being a more community-encouraging approach to keep discussions technical without vitriol.

Flaming is unnecessarily disruptive, not least because it gives other (probably not as talented) folks a license to also put their worst impulses to text.

Most likely, dedication says little about competence, and vice versa. If you do not want to use the tools available to get something done and rather not do the task instead, what does that say about your competence?

I'm not in a position to know or judge this, but I could see how dedication could be a useful proxy for the expected quality a PR and the interaction that will go with it, which could be useful for popular open source projects. Not saying that's necessarily true, just that it's worth considering some maintainers might have anecdotal experiences along that line.

hopefully codeberg can build on it, and have an "advanced" option

- the internet's a lot bigger nowadays

- there are a lot of crappily secured iot devices

- the average household internet connection has gotten a lot faster, especially on upload bandwidth.

- there's a pile of amplification techniques which can multiply the bandwidth of an attack by using poorly-configured services.

After managing a fleet for a long time, I'd never do that. Tailscale or any other VPN is mandatory for me to be able to access "login" ports.

Kubernetes for personal infrastructure is akin to getting an aircraft carrier for fishing trips.

For simple systems snapshots and backups are good enough. If you're managing a thousand machine fleet, then things are of course different.

I manage both so, I don't yearn to use big-stack-software on my small hosts. :D

My argument against how he handles things has always been that while it may seem effective, we do not know how much more effective he would be if he did not curse people out for being dumb fucks.

And it doesn’t seem like this is a requirement for the job: lots of other project leaders treat others with courtesy and respect and it doesn’t seem to cause issues.

The reality is that it is easy to wish more people were verbally abusive to others when it isn’t directed at you. But soon as you are on the receiving end of it, especially as a volunteer, there is a greater than not chance that you will be less likely to want to continue contributing.

For each potential adversary, you list the risk strategy; that's threat analysis 101.

E.g. you have a locked door, some valuables, and your opponent is the state-level. Risk strategy: ignore, no door you can afford will be able to stop a state-level actor.

Just research about Office formats' ISO standardization process.

I'm not insinuating MicroSoft will buy Codeberg, but I just wanted to say that, they are not foreigners to the process itself.

No, it's just opsec.

> Sure, scanners will keep pinging it, but nobody is ever going to burn an ssh 0day on your home server.

I wouldn't be so sure about it, considering the things I have seen.

I'd better be safe than sorry. You can expose your SSH if you prefer to do so. Just don't connect your server to my network.

The transferred part is for the gzipped transfer. That makes sense if the bulk of the data is HTML (I have not checked).

I’ve disabled the cache for the network requests.

> how hard it is for top performers to make change

then you're not a top performer anymore?

seems pretty straightforward

> they must be stupid

one can be not stupid and still not competent

Product is useless, you move along. Save your compassion for those actually needing it.

Lowest common denominator way will always get worst quality

I don't think your comparison works out.

    1. Never tell everything you know and seen.
    2. 

I'm not saying a competent developer should be proficient in using gerrit, but they should know that it isn't an obscure tool - it's a google-sponsored project handling millions of lines of code internally in google and externally. It's like calling golang an obscure language when all you ever did is java or typescript.

That's said, I believe my comparison checks out. Having ~800 members is a useful moat, and will deter actors from harming Codeberg.

OTOH, the mechanism can still theoretically work. Of course Microsoft won't try something that blatant, but if the e.V loses this moat, there are mechanisms which Microsoft can and would like to use as Codeberg gets more popular.

which is basically the same thing

I think another big "moat" is actually that Codeberg is composed of natural people only (those with voting rights, anyway). Real people have values, and since they have to actively participate in Codeberg in some way to get voting rights those values are probably aligned with Codeberg's mission. I don't actually now the details of the standardization process you cite, but I think this is a big difference to it.

Additionally, from skimming the bylaws of Codeberg I'd say they have multiple fail-safes built in as additional protection. For one, you can't just pay ~1600 people to sign up and crash a general assembly, every membership application has to be approved first. They also ask for "support [for] the association and its purpose in an adequate fashion" from its members, and include mechanisms to kick people out that violate this or are otherwise acting against Codeberg's interests, which such a hostile attack would surely qualify as.

Of course it's something to stay vigilant about, but I think Codeberg is well positioned with regard to protecting against a hostile takeover and shutdown situation, to the point that DDoS is the much easier attack against them (as was the initial topic).

Sure, they could try to bribe the Codeberg e.V. active members into changing its mission or disbanding the association entirely, but they would need to get a 2/3 majority at a general assembly while only the people actively involved in the e.V. and/or one of its projects can get voting rights. I find that highly unlikely to succeed.

Is there some kind of Google-centrism at work here? Most devs don’t work at Google or contribute to Google projects, so there is no reason for them to know anything about Gerrit.

You didn't confront anything I wrote and instead just made up something no one said. All I did say was that zig is intentionally hostile to their own users, which they are.

If you could actually deal with what I wrote I think you would have done it already.

More to the point, if someone does it once and then stops, should we exclude this person from society forever?

Remember that only the Siths deal in absolutes.

Most devs have never worked on Solaris, but if I ask you about solaris and you don't even know what it is, that's a bad sign for how competent a developer you are.

Most devs have never used prolog or haskell or smalltalk seriously, but if they don't know what they are, that means they don't have curiosity about programming language paradigms, and that's a bad sign.

Most competent professional developers do code review and will run into issues with their code review tooling, and so they'll have some curiosity and look into what's out there.

There's no reason for most developers to know random trivia outside of their area of expertise "what compression format does png use by default", but text editors and code review software are fundamental developer tools, so fundamental that every competent developer I know has enough curiosity to know what's out there. Same for programming languages, shells, and operating systems.

I was agreeing with your stance and adding my own anecdote that it’s a turnoff with the way those posts were originally formatted. Not people I would want to work with. If you do that’s fine. This is not star wars and simply my own choice as it’s everyone else.

I also cannot think of a time in my adult life I wanted to call out a group of people as losers or monkeys i n public.

I would definitely classify the tiki torch wielding white nationalists as losers publicly, for example. In fact I have a hard time thinking of a better term for them. It could also apply to the fairly famous liar and criminal, the disgraced Congressman George Santos. Or any person who decides to flash kids at a playground, or beats his wife and children.

I think the Zig guy was a little over-dramatic with his initial post. He did change his mind, so in my book that's better than not. Linus did too, just after many years of bad behavior. My point is that your replies were painting the world with only black and white and there is a lot of gray area in between. Sometimes public shame is a valid way to do discourse. Often times it isn't. But it's not a "always" or "never" thing.

You're personally aggrieved because someone dared release a compiler that runs on windows but doesn't accept non-standard line endings. I've already addressed what you've said but you've responded with a bunch of handwaving because you're merely making an emotional argument.

If you'd like me at address what you wrote again:

  it takes longer to write an error message than it does it just split a line correctly

Nope

doesn't accept non-standard line endings

It is standard on windows.

I've already addressed what you've said

No you haven't. You haven't addressed anything I've said, like legitimate reasons for doing it or what you would think if other languages did the same thing on other OSs.

you're merely making an emotional argument.

Seems like projection. I wrote things that actually happened.

It takes longer to write your tantrums

I know it would be convenient to frame things this way but if you could confront what I'm saying you would have done it with all the chances you had.

Why won't you respond to what I'm saying? I think it's because there is no real defense and you know that.

> I also cannot think of a time in my adult life I wanted to call out a group of people as losers or monkeys i n public.

I guess that makes this your first time:

> Sure folks like that I can see people using descriptions like that.

All in all I think we generally agree that being respectful is better than being rude. And that some people who do not have respect also do not deserve respect. Shall we just leave it at that?

My opinion, I have no desire to work with people that write comments calling other engineers monkeys or losers. I have seen that behavior before and it’s not people I like to work with.