Comment by icy
1 day ago
Yeah, GitHub is cooked. Now's a good time to consider migrating to alternative forges like Tangled (https://tangled.sh; bit of a shameless plug, I'll admit. I'm the co-founder). We've got a more advanced PR flow, jujutsu change-id support and we just launched our in-house CI! https://blog.tangled.sh/ci
Long-term, we aim to be the new social coding platform, collectively built in the open.
Tangled is a pretty cool idea, but I'm sorry to say that I'm hoping Gerrit gets a resurgence.
It fits my "do one thing, do it well" philosophy as it doesn't have opinions about CI, Issue trackers or even how you view the code online.
I'll admit that it's a nasty bastard to set up properly though, and the options for viewing repositories are universally terrible when not bundled with a code-review system (like Gitea, Github and Gitlab). Alas.
There are .rpm/.deb packages for Gerrit that make installation/upgrades pretty simple.
The fact that it stores everything in files on disk (no databases except for caches that can be regenerated) makes backup/restore and replication a breeze compared to many other more complicated systems.
Yeah, fair enough. Gerrit is solid software but it’s really just a review tool: not an alternative code forge — which we’re aiming to be.
You say "forge" and stuff like "collectively built in the open"? Do you consider the repos "public", "private" or what?
You have a very short privacy policy [https://tangled.sh/privacy], but no guarantees of AI-bot-scraping protection. What if anything is your users' expectation of privacy of their repos against third parties, including malicious ones? Really you need to set that out clearly in your privacy policy.
Not sure I understand your first comment. Repositories are currently public only since we’re built on the AT Protocol, which doesn’t yet have private data (in the works!).
Thanks for the feedback re: the privacy policy. It’s still actively being improved and we take a lot of effort to protect against AI scrapers. I’ll update the policy verbiage to include that.
You were suggesting GitHub users migrate to your forge, and historically, one of GitHub's big features was private repos. And at least historically, Github private repos claimed to provide protections against unauthorized access/scrapers.
But AT Protocol can't.
So currently, you're only suitable for non-commercial users. (Can you name any commercial org using Tangled.sh on source code?)
Does AT Protocol have any rough milestone (date?) for private data?
> we take a lot of effort to protect against AI scrapers.
Sorry that's not stating a guarantee of anything, it's an unquantifiable aspiration. I asked what you guarantee your users. IP access logs? Alerts? Response times? Blocks? IP whitelisting?
Plug or not, this is relevant and on-topic. +1 to offset this unnecessary voting behavior.
Github Pages is a must too.
We’re working on it!
Damn, why all the downvotes?
Probably "bit of a shameless plug, I'll admit. I'm the co-founder". Lots of HN users don't like feeling advertised to.
Figured it would be better to be up front about it -- and people know they can ask questions.
1 reply →
Besides the plug, calling a company with $2B+ revenue "cooked" is annoying.