Comment by ashishb

14 hours ago

The real lock-in is stars, not reliability [1].

They can have weekly outages, and the FOSS products would still be forced to be on GitHub.

1 - https://ashishb.net/tech/github-stars/

5 comments

ashishb

Reply
ecshafer  14 hours ago

I have literally never looked at github stars as a measure of quality or had it affect my decision. I have looked at git logs, websites, issues, etc. But I would be genuinely worried if someone used github stars as an indication. So many honestly stupid projects have a lot of stars, and stellar ones have next to none.

https://github.com/EvanLi/Github-Ranking/blob/master/Top100/...

proof here. The top are taken by chinese educational repos. Elastic Search and Spring Boot are the only projects actually used by anyone in the top 10. But why would I trust the stars for spring boot over the fact its used in every java shop on the planet?

  • dirkc  5 hours ago

    I don't rely on stars as the main signal of quality, but very low stars could stop me from looking into the things that I do use as a signal:

       - number of contributors
   - open issues
   - merged and unmerged PRs
   - commit history
   - the code
   - project governance

    Some of these are also tied into GitHub rather than the git repo itself

  • ashishb  10 hours ago

    The hacker News crowd has always these elitist takes

      - I don't look at GitHub Stars
  - I don't use Facebook
  - I am never persuaded by advertisement
  - I can build Dropbox over a weekend

    Even if these are true, it is irrelevant. Hacker News is only a sliver of the tech world.

cedws  10 hours ago

I came to a similar conclusion - that GitHub benefits from a network effect similar to social media. I would really like to leave GitHub, but it's where stuff is happening. Any company seriously looking to replace GitHub should pay some attention the social network aspect of it.

  • ashishb  4 hours ago

    > Any company seriously looking to replace GitHub should pay some attention the social network aspect of it.

    Indeed. And I would say it is not just social signals but even non-social authority signals.

    E.g. how many other projects depend on this projects and how many downloads happen for its artifacts.

    You can see some of these on package registries like npm and pypi where their authority signals help people choose between the right libraries.