Alternatives to GitHub · community · Discussion #49869
github.com
Since GitHub continues introducing antifeatures and enforcing an own vision of software development, like mandatory 2FA (I don't need such mandatory imitation of security when I'll have to bear its...

Just finished writing out a lengthy comment,
with the up/downsides I can see
on each of the code forges I currently deem promising,
on the Github Discussion “Alternatives to GitHub

And I was wondering, out of following 2,
which code forge would you guys prefer and why?

  • poVoq@slrpnk.net
    422·
    4 months ago

    Radicle is a solution is search of a problem, while Forgejo is already a solid alternative to Github and once it federates via ActivityPub it will be really awesome.

          • mke@lemmy.world
            15·
            4 months ago

            That might be overly optimistic? Someone please correct me if I’m wrong, here.

            From my understanding, the main drive behind adding AP federation is to allow users of separate code forges to collaborate on each other’s projects, much like how users of lemmy can interact with communities of other lemmy instances. This is big because it could break the “but everyone is on GitHub” problem.

            Currently, it’s difficult to justify completely leaving GH, since those that do leave behind countless users and developers who won’t follow them and create yet-another-account on one-more-website. Federated code forges have the potential to bring easier decentralization to an ironically centralized land.

            Keyword here being easier. Because even though Git is already decentralized by design and some think git-send-email is plenty for collaboration (e.g. many Linux maintainers, sourcehut users), it turns out way more people prefer doing their work in pretty web UIs.

            But just like lemmy and mastodon aren’t great at showing their users content from the other platform because it’s not a priority, I don’t see why forgejo would prioritize letting lemmy users interact with projects.

              • mke@lemmy.world
                3·
                4 months ago

                My bad, I wasn’t sure! Figured it’d be better to waste a little time typing than risk people misunderstanding the context behind the tech.

            • Handles@leminal.spaceEnglish
              4·
              4 months ago

              I agree it shouldn’t be the main focus to ensure cross-platform interactions but the beauty of a shared protocol is that they are possible. Like, I use Mastodon and Lemmy but I’m not super fond of either — the fediverse is another deal though. I love the (sometimes hypothetical) interconnectedness of different softwares.

              Now, is it going to be a hot mess if/when all fedi users can jump in source repo issues? Absolutely! 🤣

  • ubergeek77@lemmy.ubergeek77.chat
    172·
    4 months ago

    I don’t need or want replication of my private projects to a peer to peer network. That’s just extra bandwidth to and from my server, and bandwidth can be expensive. I already replicate my code to two different places I control, and that’s enough for me.

    I’m not sure who Radicle is for, but I don’t think the casual hobbyist looking to self host something like Forgejo would benefit at all from Radicle.

    Loading the source code for Radicle on Radicle also seems fairly slow. It seems this distributed nature comes at a speed tradeoff.

    With the whole Yuzu thing going on, I can see some benefit to Radicle for high profile projects that may be subject to a takedown. In that respect, it’s a bit like “Tor for Git.”

    I suspect that over time, pirate projects and other blatantly illegal activities will make use of Radicle for anti-takedown reasons. But to me, these two projects solve two different problems, for two different audiences, and are not really comparable.

    Edit: There is already enough controversy surrounding Radicle, that, if I were someone looking to host a takedown-resistant, anonymous code repository, I would probably be better served hosting an anonymous Forgejo instance on a set of anonymous Njalla domains and VPSes. The blockchain aspect was already a bit odd, and what I’m now seeing from Radicle does not exactly inspire confidence. I don’t think I’ll ever use this.

    • onlinepersona@programming.devEnglish
      22·
      4 months ago

      There is already enough controversy surrounding Radicle

      LMAO!

      Please get rid of: node.js, npm, packages from npm, Electron, svelte. Cargo and crates are also not good. #1469

      Are you seriously calling this “controversy”? One dude saying npm is backdoored? 🤣 And he wants them to remove JS from the project as well as rust. My sides. What should they be using? The almighty C?

      Amazing. I literally was wheezing while reading the “issue”. Thanks for giving me a good laugh.

      CC BY-NC-SA 4.0

      • ubergeek77@lemmy.ubergeek77.chat
        11·
        4 months ago

        I’m not talking about that. I’m talking about this:

        I agree with the sentiment here, but all the technologies mentioned allowed us to ship a working application in a timely manner. I think that should always be the first goal. Now that this is out of the way, we can start looking at improving efficiency, security, resilience etc.

        “Security Second” is not good messaging for a project like this.

        But I’m glad my comment was hilarious to you.

  • toastal@lemmy.ml
    6·
    4 months ago

    Either is a step in the right direction & it’s weird AF that the author is writing this on Microsoft GitHub to begin with. The pull request model is garbage & wastes a lot of time, but both forges copy it instead of offering better review options (specifically those based on patches). My preference would be not even Git which would be in the neither category. Patch models are good & patch order shouldn’t matter which eliminates an entire class of bugs in dealing with version control. Folks should give Darcs & Pijul a look over their DVCS capabilities even if the forges aren’t too polished.

      • 7heo@lemmy.ml
        1·
        4 months ago

        They’re on Zulip, not discord: https://radicle.zulipchat.com/

        I wrote that the community was on discord. And open that link, you will see, discord is literally at the top of the page, the first 3rd party thing that you can see…

        Although I will admit that their “radicale” project has no mention of discord, and has a couple links to zulip, discord is likely going to be the preferred platform for many, given how relatively niche zulip is (I never heard of it before, and I have had accounts on matrix, signal, and simplex for years - or months for the latter. To illustrate my point, the zulip app on f-droid is barely more than one year old, while the element app is much older, especially as it was preceded by RiotX before that, which was a rewrite of the original Riot client).

        So, while I salute them promoting zulip on the project page, the criticism still stands, as anyone searching for anything a bit more widespread to contact them will only find discord.

        They’re DAO-funded but there’s no crypto in the code

        DAOs have nothing to do with funding. It is all about governance. This type of organisation is based on “smart contracts”, that are entirely a “blockchain” centric concept, and (AFAIK) rely entirely on ethereum. Aside from the fact that this type of organisation is as fragile as the underlying cryptocurrency, the summary of this video disagrees with you (emphasis mine):

        […] to create Radicle and how it fits into the DAO ecosystem

        I hardly see how one can make software “fit into an ecosystem” without a single line of code integrating it with said ecosystem.

        install by sh is shit

        I think you mean “install by piping the internet to sh”. If so, yep. That’s a wild understatement, but yep.

        If not, well, " install by sh" is literally what the overwhelming majority of package managers do… So… Nope.

        that’s a red flag for a bunch of things: nix, rust, nvm, and a bunch more

        Yep. Although in the case of rust, fortunately, any sane developer will use their OS’s package manager, but yep.

  • onlinepersona@programming.devEnglish
    5·
    4 months ago

    Radicle in theory. It’s P2P with optional larger nodes. Practically, the interface isn’t Github 2017, but it’s missing continuous integration (which they’re working on, I think). The downside I see with radicle is that getting it on nix isn’t easy. The version there is outdated and the radicle team kind of works in its own little bubble. They are on Zulip (where Rust is too), but… who uses Zulip? They aren’t on the fediverse and don’t do any kind of promotion.

    However, forgejo is working towards federation with activitypub which should enable it to talk to the rest of the fediverse. However they have been working on it for years now. In some status update I read they were aiming to have something quite stable by the end of the year. Forgejo is more active with regular blog updates, a wellknown host (codeberg) and funding from NGI.

    I’d prefer radicle, but realistically, forgejo is going to have a much bigger userbase in 2025 (if things go smoothly).

    CC BY-NC-SA 4.0

  • Gooey0210@sh.itjust.works
    3·
    4 months ago

    Radicle sounds really fun

    I’m currently using forgejo, and loving it. But my server’s config is stored on the server, so in case my server fails my git is not available to recover the server easily

    And radicle looks like a solution