The edit history of the announcement is quite a ride:
> [2025-11-27T02:10:07Z] it’s abundantly clear that the talented folks who used to work on the product have moved on to bigger and better things, with the remaining losers eager to inflict some kind of bloated, buggy JavaScript framework on us in the name of progress [1]
> [2025-11-27T14:04:47Z] it’s abundantly clear that the talented folks who used to work on the product have moved on to bigger and better things, with the remaining rookies eager to inflict some kind of bloated, buggy JavaScript framework on us in the name of progress [2]
> [2025-11-28T09:21:12Z] it’s abundantly clear that the engineering excellence that created GitHub’s success is no longer driving it [3]
On the previous HN article, I recall many a comment talking about how they should change this, leave the politics/negative juju out because it was a bad look for the Zig community.
It would appear they listened to that feedback, swallowed their ego/pride and did what was best for the Zig community with these edits. I commend them for their actions in doing what's best for the community at the cost of some personal mea culpa edits.
I often find we don't appreciate enough people accepting their failures and changing their mind. For some reason I see the opposite: people respecting those who "stick to their guns" or double down when something is clearly wrong. As you say, the context matters and these edits seem to be learning from the feedback rather than saving face since the sentiment stands, just in a less needlessly targeted way.
Well, it's not like it's a simple black and white situation, universally applicable to every debate in human history. Sometimes it is relatively better to be open-minded and able to change own opinion. Sometimes it is relatively better to keep pushing a point if it is rational and/or morally correct.
The reason why the latter stance is often popularized and cheered is because it is often harder to do, especially in the adverse conditions, when not changing your opinion has a direct cost of money or time or sanity or in rare cases even freedom. Usually it involves small human group or individual against a faceless corporation, making it even harder. Of course we should respect people standing against corporation.
PS: this is not applicable if they are "clearly wrong" of course.
Consider the plight of a policy-maker who changes their stance on some issue. They may have changed their mind in light of new information, or evolved their position as a result of deeper reflection, personal experience, or maturation. Opponents will accuse them of "waffling" or "flip-flopping", indicating a lack of reliability or principles (if not straight-up bribery). Elected officials are responsible for expressing the will of the people they represent, so if they're elected largely by proponents of issue X, it is arguably a betrayal of sorts for them to be as dynamic as private citizens.
This is tangential to the original topic of insider trading, where the corruption is structural / systemic -- akin to how "conflict of interest" objectively describes a scenario, not an individual's behavior.
Never understood that either. If someone was wrong and bad, and now they're trying to do right and good, we need to celebrate that. Not just because that's awesome in itself, but also to give the opportunity and incentives for others in the future to do better.
If everyone is always bad regardless if they're trying to change, what incentives would they have from changing at all? It doesn't make any sense.
I agree with the sentiment (people changing their minds), but the flipside to that is people pleasing. Someone who capitulates under even the slightest pressure is not much better than the person who is set in their ways.
The trouble there, of course, is that the motivation for changing (or not changing) one's mind is not always clear, and it's easy to score points from spinning it one way or another.
The other part of the equation is not letting bad people get away with doing bad stuff if they do good stuff after that. The return on doing bad stuff, then good stuff has to be greater than the return on only doing bad stuff, but less than the return on only doing good stuff. It should increase over time the more you don't do bad stuff again.
I think it's because when people do a 180 due to public pressure, it's hard to know to what degree they changed their mind and to what degree they are just lying about what is on their mind.
Toning down aggressive phrasing is not "doing a 180", calling the change from "only losers left at GitHub" to "the engineering excellence has left" lying seems disingenuous.
> I often find we don't appreciate enough people accepting their failures and changing their mind.
Because this plays into a weird flaw in cognition that people have. When people become leaders because they are assholes and they are wrong, then after the wind blows the other way they see the light and do a mea culpa, there is always a certain segment that says that they're even more worthy to be a leader because they have the ability to change. They yell at the people who were always right that they are dogmatic and ask "why should people change their minds if they will be treated like this?"
If one can't see what's wrong with this toy scenario that I've strawmanned here, that's a problem. The only reason we ever cared about this person is because they were loud and wrong about everything. Now, we are expected to be proud of them because they are right, and make sure that they don't lose any status or position for admitting that. This becomes a new reason for the people who were previously attacking the people who were right to continue to attack the people who were right, who are also now officially dogmatic puritans whose problem is that they weren't being right correctly.
This is a social phenomenon, not a personality flaw in these leaders. People can be wrong and then right. People can not care either way and latch onto a trend for attention or profit, and follow it where it goes. I don't think either of these things are in and of themselves morally problematic. The problem is that there are people who are simply following individual personalities and repeating what they say, change their minds when that personality changes their mind, and whose primary aim is to attack anyone who is criticizing that personality. They don't really care about the issue in question (and usually don't know much about it), they're simply protecting that personality like a family member.
This, again, doesn't matter when the subject is stupid, like some aesthetic or consumer thing He used to hate the new Batman movies but now he says that he misunderstood them; who cares. But when the subject is a real life or death thing, or involves serious damage to people's lives and careers, it's poisonous when a vocal minority becomes dedicated to this personality worship.
It's so common that there now seems to be a pipeline of born-agains in front of everything, giving their opinion. Sir, you were a satanist until three years ago.
As I see it, someone who "listened to that feedback, swallowed their ego/pride" would include a note at the end of the post about the edits. Admitting you were wrong requires not erasing the evidence of what you said.
(He did post a kind of vague apology in https://ziggit.dev/t/migrating-from-github-to-codeberg-zig-p..., but it's ambiguous enough that anyone who was offended is free to read it as either retracting the offending accusation, or not. This is plausibly the best available alternative for survival in the current social-media landscape, because it's at best useless to apologize to a mob that's performatively offended on behalf of people they don't personally know, and usually counterproductive because it marks you as a vulnerable victim, but the best available alternative might still tend to weaken the kind of integrity we're talking about rather than strengthen it.)
You mean, on a third-party website that currently happens to have a capture of the page outside of the Zig team's control, but which can go down at any time?
There is utility in indicating how surprised / concerned you are at a certain process or event. We can flatten out all communication and boil everything down to an extremely neutral "up", "down", and "nailed it to exacting precision".
I find the fact that this painting has been hung crooked by 0.00001º: down
I find torture and mass murder: down
Clearly this is a ridiculous state of affairs. There's more gradations available than this.
Possibly coloured by my dutch culture: I think this rewrite is terrible. The original sentence was vastly superior, though I think the first rewrite (newbies to rookies) was an improvement.
The zig team is alarmed, and finds this state of affairs highly noteworthy and would like to communicate this more emotional, gut instincty sense in their words.
There's a reason humans invent colourful language and epithets. They always do, in all languages. Because it's useful!
And this rewrite takes it out. That's not actually a good thing. The fact that evidently the internet is so culturally USA-ised that any slightly colourful language is instantly taken as a personal affront and that in turn completely derails the entire debate into a pointless fight over etiquitte and whether something is 'appropriate' is fucking childish. I wish it wasn't so.
In human communication, the US is somewhat notorious in how flattened its emotional range is of interaction amongst friendly folk. One can bring anthropology into it if one must: Loads of folks from vastly different backgrounds all moving to a vast expanse of land? Given that cultural misunderstanding is extremely likely and the cost of such a misunderstanding is disastrously high, best plaster a massive smile on your face and be as diplomatic as you can be!
Consider as a practical example: Linus Torvalds' many famed communications. "NVidia? Fuck you!" was good. It made clear, in a very, very pithy way, that Linus wasn't just holding a negative opinion about the quality and behaviour of the nvidia gfx driver team at the time, but that this negative opinion was universal across a broad range of concerns and extremely so. It caused a shakeup where one was needed. All in 3 little words.
(Possibly the fact that the internet in general is even more incapable of dealing with colourful language is not necessarily the fault of USification of the internet: The internet is a lot like early US, at least in the sense that the risk of cultural misunderstanding is far higher than in face to face communications on most places on the planet).
If I could upvote you, I would. I have never liked the mob of people that think we should all be super diplomatic corpospeakers who hedge everything and who think that not doing so is "offensive" or "unprofessional". I definitely didn't think anything was wrong with the original sentences or word usage, because it wasn't aimed at any specific individual with the deliberate intent of being offensive, but was aimed at Microsoft itself. And even if the intent was to be offensive, well, on the internet your always going to offend someone. You could be super nice and say all the right words and someone would still find a way to be offended by it. And were these circumstances ordinary, I would call out the word usage as well, because it would be uncalled for. But given all the evidence that the original points at, it's rather hard to say that GitHub didn't deserve it. And it is also rather difficult for me to see how this wasn't the time or place for such language. Sometimes the only way to get your point across is to be "unprofessional" (whatever that means these days).
Thanks for pointing this out! I looked at the edit history and without looking at the timestamps assumed it was in reverse chronological order. Seeing that I was wrong brought a smile to my face.
I appreciate that Andrew and the other Zig team members are really passionate about their project, their goals, and the ideals behind those goals. I was dismayed by the recent news of outbursts which do a lot to undermine their goals. That they’re listening to feedback and trying to take the high road (despite feeling a lot of frustration with the direction industry is taking) should be commended.
Zig is the language that was intentionally made to fail and error out on windows carriage returns instead of parsing them like every language ever made. They made a version for windows and then made it not work with every windows text editor. Their answer was to 'get better text editors' or 'make a preprocessing program to strip out carriage returns' or 'don't use windows' (they had a windows executable).
This is not a group with community or pragmatism from the start.
> I completely agree with this. I performed really poorly on this axis. I’m sorry to the Zig community for that. I’ll take my L and get back to working on std.Io and the rest of the roadmap. [1]
They should know that crap software is rarely intentional as they make it out to be in the initial version of the text, what you get is what they are able to build in the environment they are in (that matters too). Capability and environment.
I think the Reddit mobile website team might be the exception to that. What they make is a particular brand of unusable and from what I remember there is evidence of them talking about how that was intentional.
Reddit is trying to steer everyone into using their mobile app, which schlorps up as much personal data as it possibly can. I normally don’t go in for the whole mustache twirling thing, but given their previous actions in shutting down all third party apps, I’m fine in this case with accusing them of outright malice.
I think they recently banned people from creating their own OAuth tokens, which is a thin people were doing to enter into their third party apps to bypass the ban. Now if you want to make any app or bot, you either screen-scrape, steal an API key, or get the approval of Reddit management.
AI witch-hunts are definitely a problem. The only tell you can actually rely on is when the AI says something so incredibly stupid that it not only fails to understand what it is talking about but the very meaning of words themselves.
Eg,metaphors that make no sense or fail to contribute any meaningful insight or extrenely cliched phrases ("it was a dark and stormy night...") used seriously rather than for self-deprecating humor.
My favorite example of an AI tell was a youtube video about serial killers i was listening to for background noise which started one of its sentences with "but what at first seemed to be an innocent night of harmless serial murder quickly turned to something sinister."
which is unfortunate, because pre-AI, "but what at first seemed to be an innocent night of harmless serial murder quickly turned to something sinister." would just be a funny bit of writing.
This has always been the case in the "corporate/professional" world imo.
It's just much easier now for "laypeople" to also adjust their style to this. My prediction is people will get quickly tired of it (as evidenced by your comment)
This, I was shocked when I read the first version. I get it if you’re an influencer, but as a programming language people need to expect you can manage your emotions and be objective
At least he edited it to something more palatable. I vastly prefer someone who can admit to making a mistake and amending what they said to someone who doubles down. The latter attitude has become far too normalised in the last few years.
On the other hand some notable open source leaders seem to be abrasive assholes. Linus, Theo, DHH, just three examples who come to mind. I think if you have a clear vision of what you want your project to be then being agressively dismissive of ideas that don't further that vision is necessary just to keep the noise to a low roar.
> Makes me wonder how much to the mass strife and confusion of the internet is simply down to people not knowing what the words they use mean?
Or being intentionally misled about them. People who enjoy being awful in various ways have a vested interest in reframing the opposition as "political correctness" in order to make it easier to dismiss or ridicule. The vast majority of usage of the term "political correctness" is in dismissing or ridiculing it.
Hmm I don’t think any of the revisions are about being PC but rather not making juvenile comments. Linus has definitely made a lot of harsh inflammatory comments to others, I don’t think it’s the right thing to do and shows his character but at the same time for me at least it comes across as a smart pompous jerk who says things in the wrong way but at least usually has some kernel of a point.
The Zig comments come off has highly immature, maybe because they are comments made to unknown people, calling folks losers or monkeys just crosses some line to me. Telling someone to stfu is not great but calling groups of people monkeys feels worse.
Perhaps he should be. This idea that we should tolerate terrible things and only respond to them politely seems to produce bad outcomes, for some mysterious reason.
Any analysis of Github's functionality that begins and ends with blaming individuals and their competency is deeply mistaken while being insulting. Anyone who has ever worked at a large company knows exactly how hard it is for top performers to make changes and it's not difficult because the other people are stupid. At least in my experience, almost everyone holding this "they must be stupid" opinion knows very little about how large organizations make decisions and knows very little about how incentives at different levels of an org chart leads to suboptimal decisions and results. I would agree with you that being overly polite helps no one, but being correct does, and what they initially wrote isn't even right and it's also insulting. There's no value in that.
Because one person is judging that "terribleness" before being entitled to flame, changes to that person influence their ability to objectively make that assessment.
Say, when their project becomes popular, they gain more power and fame, and suddenly their self-image is different.
Hence it usually being a more community-encouraging approach to keep discussions technical without vitriol.
Flaming is unnecessarily disruptive, not least because it gives other (probably not as talented) folks a license to also put their worst impulses to text.
I am not convinced of this. Being rude and insulting someone’s intelligence is rarely a good trait. Linus got away with it due to the unique circumstances: leader of an incredibly popular open source project and a gatekeeper to a lot of access to it.
My argument against how he handles things has always been that while it may seem effective, we do not know how much more effective he would be if he did not curse people out for being dumb fucks.
And it doesn’t seem like this is a requirement for the job: lots of other project leaders treat others with courtesy and respect and it doesn’t seem to cause issues.
The reality is that it is easy to wish more people were verbally abusive to others when it isn’t directed at you. But soon as you are on the receiving end of it, especially as a volunteer, there is a greater than not chance that you will be less likely to want to continue contributing.
I think this is a good way to put it and I agree with it. Linus is a jerk and I would never want to work with him. Doubly so with zig maintainers who call other groups of people losers or monkeys. Shows a clear lack of maturity and ability to think.
Eh. Linus has a long history of abusive behavior towards other Linux contributors but also apparently apologized for it and started amending his ways. The Zig person I do not know by reputation, let alone in person. One post that he later chose to amend based on feedback is not enough for me to pass that kind of judgement. If anything, the fact that he updated it shows the opposite of lack of maturity. Adults can get frustrated. What they do with it is what matters.
Zero clue what your point is so please help me understand.
I was agreeing with your stance and adding my own anecdote that it’s a turnoff with the way those posts were originally formatted. Not people I would want to work with. If you do that’s fine. This is not star wars and simply my own choice as it’s everyone else.
I also cannot think of a time in my adult life I wanted to call out a group of people as losers or monkeys i n public.
Even Linus doesn’t act that way anymore. Here’s him a few years ago:
> This week people in our community confronted me about my lifetime of not understanding emotions. My flippant attacks in emails have been both unprofessional and uncalled for.
> Especially at times when I made it personal. In my quest for a better patch, this made sense to me. I know now this was not OK and I am truly sorry. The above is basically a long-winded way to get to the somewhat painful personal admission that hey, I need to change some of my behavior, and I want to apologize to the people that my personal behavior hurt and possibly drove away from kernel development entirely.
> I am going to take time off and get some assistance on how to understand people's emotions and respond appropriately.
He took time off and he’s better now. What you call “political correctness” is what I and others call “basic professionalism”. It took Linus 25 years to understand that. I can only hope that the people who hero worshipped him and adopted a similar attitude can also mature.
But you got to give it to him, he does seem to be really good at catching deficiensies early that may accumulate to become serious bugs or security vulnerabilities in the future. Sure, being an asshole is not ok, but being assertive is a must for a person in his position.
If you’ll notice, he called the code garbage, not the author. Judging by how bad the code was, I think this interaction was fine. This actually shows the progress Linus made in improving himself.
Eager to do what? If it sucks it sucks, but that's a very childish way to frame it, no one did anything on purpose or out of spite. That kind of silliness hurts the image of the project. But bad translation I suppose.
there's a big gulf between being politically correct and not being a jerk. In this case the community reps can present their concern, motivation and decision without insulting people. It's also not a smart or valid comment; give me any organization over 100 people and I can find something deeply flawed that it hase produced or a very bad decision. Do I then tag everybody who currently works for that organization as "a brain-dead idiot" or similar?
One can avoid being asshole even if it is not strictly speaking necessary. In fact, if you are an asshole when it is not necessary, then you are an asshole.
Not calling other software engineers 'losers' is not about political correctness. They're "losers" because they take their product on a path you don't like? Come on. Linus can be emotional in his posts because Linux is his "child".
I say this as someone who has been cautioning about Microsoft's ownership of GitHub for years now... but the Zig community has been high drama lately. I thought the Rust community had done themselves a disservice with their high tolerance of drama, but lately Zig seems to me to be more drama than even Rust.
I was saddened to see how they ganged up to bully the author of the Zig book. The book author, as far as I could tell, seems like a possibly immature teenager. But to have a whole community gang up on you with pitch forks because they have a suspicion you might use AI... that was gross to watch.
I was already turned off by the constant Zig spam approach to marketing. But now that we're getting pitchfork mobs and ranty anti-AI diatribes it just seems like a community sustaining itself on negative energy. I think they can possibly still turn it around but it might involve cleaning house or instituting better rules for contributors.
What makes you say that? Couldn’t it be an immature adult?
> because they have a suspicion you might use AI
Was that the reason? From what I remember (which could definitely be incomplete information) the complaint was that they were clearly using AI while claiming no AI had been used, stole code from another project while claiming it was their own, refused to add credit when a PR for that was made, tried to claim a namespace on open-vsx…
At a certain point, that starts to look outright malicious. It’s one thing to not know “the rules” but be willing to fix your mistakes when they are pointed out. It’s an entirely different thing to lie, obfuscate, and double down on bad attitude.
I do think that it was weird to focus on the AI aspect so much. AI is going to pollute everything going forward whether you like it or not. And honestly who cares, either it is a good ressource for learning or it’s not. You have to decide that for yourself and not based on whether AI helped writing it.
However I think some of the critique was because he stole the code for the interactive editor and claimed he made it himself, which of course you shouldn’t do.
> I do think that it was weird to focus on the AI aspect so much. AI is going to pollute everything going forward whether you like it or not.
The bigger issue is that they claimed no AI was used. That’s an outright lie which makes you think if you should trust anything else about it.
> And honestly who cares, either it is a good ressource for learning or it’s not. You have to decide that for yourself and not based on whether AI helped writing it.
You have no way of knowing if something is a good resource for learning until you invest your time into it. If it turns out it’s not a good resource, your time was wasted. Worse, you may have learned wrong ideas you now have to unlearn. If something was generated with an LLM, you have zero idea which parts are wrong or right.
I agree with you. It is shitty behavior to say it is not AI written when it clearly is.
But I also think we at this point should just assume that everything is partially written using AI.
For your last point, I think this was also a problem before LLMs. It has of course become easier to fake some kind of ethos in your writing, but it is also becoming easier to spot AI slop when you know what to look after right?
You can correct me if I'm wrong, but I believe the actual claim was that Zigbook had not complied with the MIT license's attribution clause for code someone believed was copied. MIT only requires attribution for copies of "substantial portions" of code, and the code copied was 22 lines.
Does that count as substantial? I'm not sure because I'm not a lawyer, but this was really an issue about definitions in an attribution clause over less code than people regularly copy from stack overflow without a second thought. By the time this accusation was made, the Zigbook author was already under attack from the community which put them in a defensive posture.
Now, just to be clear, I think the book author behaved poorly in response. But the internet is full of young software engineers who would behave poorly if they wrote a book for a community and the community turned around and vilified them for it. I try not to judge individuals by the way they behave on their worst days. But I do think something like a community has a behavior and culture of its own and that does need to be guided with intention.
> You can correct me if I'm wrong, but I believe the actual claim was that Zigbook had not complied with the MIT license's attribution clause for code someone believed was copied. MIT only requires attribution for copies of "substantial portions" of code, and the code copied was 22 lines.
Without including proper credit, it is classic infringement. I wouldn't personally call copyright infringement "theft", though.
Imagine for a moment, the generosity of the MIT license: 'you can pretty much do anything you want with this code, I gift it to the world, all you have to do is give proper credit'. And so you read that, and take and take and take, and can't even give credit.
> Now, just to be clear, I think the book author behaved poorly in response
Precisely: maybe it was just a mistake? So, the author politely and professionally asks, not for the infringer to stop using the author's code, but just to give proper credit. And hey, here's a PR, so doing the right thing just requires an approval!
The infringer's response to the offer of help seemed to confirm that this was not a mistake, but rather someone acting in bad faith. IMO, people should learn early on in their life to say "I was wrong, I'm sorry, I'll make it right, it won't happen again". Say that when you're wrong, and the respect floods in.
> By the time this accusation was made, the Zigbook author was already under attack
This is not quite accurate, from my recollection of events (which could be mistaken!): the community didn't even know about it until after the author respectfully, directly contacted the infringer with an offer to help, and the infringer responded with hostility and what looked like a case of Oppositional Defiant Disorder.
You're assuming they are a teenager but you don't know. They used code without attribution and when asked to do so, they edited the comment and mocked the requestor. And you're calling the zig community the bully? They lied about not using AI. This kind of dishonesty does not need to be tolerated.
Disservice? Rust is taking over the world while they still have nothing to show basically (Servo, the project Rust was created for, is behind ladybird of all things). Every clueless developer and their dog thinks Rust is like super safe and great, with very little empirical evidence still after 19 years of the language's existence.
Zig people want Zig to "win". They are appearing on Hacker News almost every day now, and for that purpose this kind of things matters more than the language's merits themselves. I believe the language has a good share of merits though, far more than Rust, but it's too early and not battle tested to get so much attention.
FWIW, all of those links compare Rust to languages created before 1980, and are all projects largely and unusually independent of the crates ecosystem and where dynamic linking does not matter. If you're going to use a modern language anyway, you should do due diligence and compare it with something like Swift as the ladybird team is doing right now, or even a research language like Koka. There is a huge lack of evidence for Rust vs other modern languages and we should investigate that before we lock ourselves into yet another language that eventually becomes widely believed to suck.
this Corporate Americanism is of only positivity and fake smiles is exactly how we end up with enshittified products, because no one is ever called out for it. If the feedback is too soft, it just gets swept under the rug.
No, the edits are better. The original message made unwarranted assumptions, and used intentionally inaccurate language. That's objectively bad communication.
It's not a binary choice between insults (escalates conflict, destabilizes rational decision making) vs hiding your opinions. That's what the word tact is for. It's simply, quite literally, a skill issue if someone can't find a middle ground between those two failure modes.
The Pavlovian conditioning in some US right-wing folks of 'see word transgender' -> 'brain off' is sad.
Especially since it was created just by hammering people with repeated exposure to biased media over ~5 years.
If someone would take a beat, even from that biased copy, they might think that studying the effects of hormone treatment in animal models would be scientifically productive, regardless of how one feels about human transgender rights.
IMHO, the main advantage of github is that it is an ecosystem. This is a well-thought-out Swiss knife: a pioneering (but no longer new) PR system, convenient issues, as well as a well-formed CI system with many developed actions and free runners. In addition, it is best to use code navigation simply in a web browser. You write code, and almost everything works effortlessly. Having a sponsorship system is also great, you don't have to search for external donation platforms and post weird links in your profile/repository.
All in one, that's why developers like it so much. The obsession with AI makes me nervous, but the advantages still outweigh, as for me, the average developer. For now.
I don't agree with this at all. I think the reason Github is so prominent is the social network aspects it has built around Git, which created strong network effects that most developers are unwilling to part with. Maintainers don't want to loose their stars and the users don't want to loose the collective "audit" by the github users.
Things like number of stars on a repository, number of forks, number of issues answered, number of followers for an account. All these things are powerful indicators of quality, and like it or not are now part of modern software engineering. Developers are more likely to use a repo that has more stars than its alternatives.
I know that the code should speak for itself and one should audit their dependencies and not depend on Github stars, but in practice this is not what happens, we rely on the community.
These are the only reasons I use GitHub. The familiarity to students and non-developers is also a plus.
I have no idea what the parent comment is talking about a "well-formed CI system." GitHub Actions is easily the worst CI tool I've ever used. There are no core features of GitHub that haven't been replicated by GitLab at this point, and in my estimation GitLab did all of it better. But, if I put something on GitLab, nobody sees it.
And this is the core problem with the modern platform internet. One victor (or a handful) take the lead in a given niche, and it becomes impossible to get away from them without great personal cost, literal, moral, or labor, and usually a combo of all three. And then that company has absolutely no motivation at all to prioritize the quality of the product, merely to extract all the value from the user-base as possible.
Facebook has been on that path for well over a decade, and it shows. The service itself is absolute garbage. Users stay because everyone they know is already there and the groups they love are there, and they just tolerate being force-fed AI slop and being monitored. But Facebook is not GROWING as a result, it's slowly dying, much like it's aging userbase. But Facebook doesn't care because no one in charge of any company these days can see further than next quarter's earnings call.
Github became successful long before those 'social media features' were added, simply because it provided free hosting for open source projects (and free hosting services were still a rare thing back in the noughties).
The previous popular free code hoster was Sourceforge, which eventually entered its what's now called "enshittifcation phase". Github was simply in the right place at the right time to replace Sourceforge and the rest is history.
Technically so was BitBucket but it chose mercurial over git initially. If you are old enough you will remember articles comparing the two with mercurial getting slightly more favorable reviews.
And for those who don’t remember SourceForge, it had two major problems in DevEx: first you couldn’t just get your open source project published. It had to be approved. And once it did, you had an ugly URL. GitHub had pretty URLs.
I remember putting up my very first open source project back before GitHub and going through this huge checklist of what a good open source project must have. Then seeing that people just tossed code onto GitHub as is: no man pages, no or little documentation, build instructions that resulted in errors, no curated changelog, and realizing that things are changing.
Github was faster than BitBucket and it worked well whether or not JavaScript was enabled. This does seem to be regressing as of late. I have tried a variety of alternatives; they have all been slower, but Github does seem to be regressing.
There's definitely a few phases of Github, feature and popularity wise.
1. Free hosting with decent UX
2. Social features
3. Lifecycle automation features
In this vein, it doing new stuff with AI isn't out of keeping with its development path, but I do think they need to pick a lane and decide if they want to boost professional developer productivity or be a platform for vibe coding.
And probably, if the latter, fork that off into a different platform with a new name. (Microsoft loves naming things! Call it 'Codespaces 365 Live!')
And GitHub got free hosting and support from Engine Yard when they were starting out. I remember it being a big deal when we had to move them from shared hosting to something like 3 dedicated supermicro servers.
> Things like number of stars on a repository, number of forks, number of issues answered, number of followers for an account. All these things are powerful indicators of quality, and like it or not are now part of modern software engineering.
I hate that this is perceived as generally true. Stars can be farmed and gamed; and the value of a star does not decay over time. Issues can be automatically closed, or answered with a non-response and closed. Numbers of followers is a networking/platform thing (flag your significance by following people with significant follower numbers).
> Developers are more likely to use a repo that has more stars than its alternatives.
If anything, star numbers reflect first mover advantage rather than code quality. People choosing which one of a number of competing packages to use in their product should consider a lot more than just the star number. Sadly, time pressures on decision makers (and their assumptions) means that detailed consideration rarely happens and star count remains the major factor in choosing whether to include a repo in a project.
So number of daily/weekly downloads on PyPI/npm/etc?
All these things are a proxy for popularity and that is a valuable metric. I have seen projects with amazing code quality but if they are not maintained eventually they stop working due to updates to dependencies, external APIs, runtime environment, etc. And I have see projects with meh code quality but so popular that every quirk and weird issue had a known workaround. Take ffmpeg for example: its code is.. arcane. But would you choose a random video transcoder written in JavaScript just due to the beautiful code that was last updated in 2012?
> Things like number of stars on a repository, number of forks, number of issues answered, number of followers for an account. All these things are powerful indicators of quality
I guess if I viewed software engineering merely as a placing of bets, I would not, but that's the center of the disagreement here. I'm not trying to be a dick (okay maybe a little sue me), the grandparent comment mentioned "software engineering."
I can refer you to some github repositories with a low number of stars that are of extraordinarily high quality, and similarly, some shitty software with lots of stars. But I'm sure you get the point.
having used gerrit 10 years ago there's nothing about github's PRs that I like more, today.
> code navigation simply in a web browser
this is nice indeed, true.
> You write code, and almost everything works effortlessly.
if only. GHA are a hot mess because somehow we've landed in a local minimum of pretend-YAML-but-actually-shell-js-jinja-python and they have a smaller or bigger outage every other week, for years now.
> why developers like it so much
most everything else is much worse in at least one area and the most important thing it's what everyone uses. no one got fired for using github.
The main thing I like about Github's PRs is that it's a system I'm already familiar with and have a login/account for. It's tedious going to contribute to a project to find I have to sign up for and learn another system.
I've used Gerrit years ago, so wasn't totally unfamiliar, but it was still awkward to use when Go were using it for PRs. Notably that project ended up giving up on it because of the friction for users - and they were probably one of the most likely cases to stick to their guns and use something unusual.
> You will need a Gerrit account to respond to your reviewers, including to mark feedback as 'Done' if implemented as suggested
The comments are still gerrit, you really shouldn't use Github.
The Go reviewers are also more likely than usual to assume you're incompetent if your PR comes from Github, and the review will accordingly be slower and more likely to be rejected, and none of the go core contributors use the weird github PR flow.
That seems unsurprising given that it’s the easiest way for most people to do it. Almost any kind of obstacle will filter out the bottom X% of low effort sludge.
A competent developer would be more likely to send a PR using the tool with zero friction than to dedicate a few additional hours of his life to create an account and figure out how to use some obscure.
You are making the same mistake of conflating competence and (lack of) dedication.
Most likely, dedication says little about competence, and vice versa. If you do not want to use the tools available to get something done and rather not do the task instead, what does that say about your competence?
I'm not in a position to know or judge this, but I could see how dedication could be a useful proxy for the expected quality a PR and the interaction that will go with it, which could be useful for popular open source projects. Not saying that's necessarily true, just that it's worth considering some maintainers might have anecdotal experiences along that line.
This attitude sucks and is pretty close to just being flame bait. There are all kinds of developer who would have no reason to ever have come across it.
A competent developer should be aware of the tools of the trade.
I'm not saying a competent developer should be proficient in using gerrit, but they should know that it isn't an obscure tool - it's a google-sponsored project handling millions of lines of code internally in google and externally. It's like calling golang an obscure language when all you ever did is java or typescript.
It’s silly to assume that someone isn’t competent just because you know about a tool that they don’t know about. The inverse is almost certainly also true.
Is there some kind of Google-centrism at work here? Most devs don’t work at Google or contribute to Google projects, so there is no reason for them to know anything about Gerrit.
> Most devs don’t work at Google or contribute to Google projects, so there is no reason for them to know anything about Gerrit.
Most devs have never worked on Solaris, but if I ask you about solaris and you don't even know what it is, that's a bad sign for how competent a developer you are.
Most devs have never used prolog or haskell or smalltalk seriously, but if they don't know what they are, that means they don't have curiosity about programming language paradigms, and that's a bad sign.
Most competent professional developers do code review and will run into issues with their code review tooling, and so they'll have some curiosity and look into what's out there.
There's no reason for most developers to know random trivia outside of their area of expertise "what compression format does png use by default", but text editors and code review software are fundamental developer tools, so fundamental that every competent developer I know has enough curiosity to know what's out there. Same for programming languages, shells, and operating systems.
These are all ridiculous shibboleths. I know what Solaris is because I’m an old fart. I’ve never used it nor needed to know anything about it. I’d be just as (in)competent if I’d never heard of it.
> The main thing I like about Github's PRs is that it's a system I'm already familiar with and have a login/account for. It's tedious going to contribute to a project to find I have to sign up for and learn another system.
codeberg supports logging in with GitHub accounts, and the PR interface is exactly the same
Yeah and this slavish devotion to keeping the existing (broken imho) PR structure from GH is the one thing I most dislike about Forgejo, but oh well. I still moved my project over to Codeberg.
GH's PR system is semi-tolerable for open source projects. It's downright broken for commercial software teams of any scale.
Like the other commenter: I miss Gerrit and proper comment<->change tracking.
> having used gerrit 10 years ago there's nothing about github's PRs that I like more, today.
I love patch stack review systems. I understand why they're not more popular, they can be a bit harder to understand and more work to craft, but it's just a wonderful experience once you get them. Making my reviews work in phabricator made my patchsets in general so much better, and making my patchsets better have improved my communication skills.
Maybe I have low standards given I've never touched what gitlab or CircleCi have to offer, but compared to my past experiences with Buildbot, Jenkins and Travis, it's miles ahead of these in my opinion.
Am I missing a truly better alternative or CI systems simply are all kind of a pita?
I don't enough experience w/ Buildbot or Travis to comment on those, but Jenkins?
I get that it got the job done and was standard at one point, but every single Jenkins instance I've seen in the wild is a steaming pile of ... unpatched, unloved, liability. I've come to understand that it isn't necessarily Jenkins at fault, it's teams 'running' their own infrastructure as an afterthought, coupled with the risk of borking the setup at the 'wrong time', which is always. From my experience this pattern seems nearly universal.
Github actions definitely has its warts and missing features, but I'll take managed build services over Jenkins every time.
My issue with Github CI is that it doesn't run your code in a container. You just have github-runner-1 user and you need to manually check out repository, do your build and clean up after you're done with it. Very dirty and unpredictable. That's for self-hosted runner.
> You just have github-runner-1 user and you need to manually check out repository, do your build and clean up after you're done with it. Very dirty and unpredictable. That's for self-hosted runner.
Yeah checking out everytime is a slight papercut I guess, but I guess it gives you control as sometimes you don't need to checkout anything or want a shallow/full clone. I guess if it checked out for you then their would be other papercuts.
I use their runners so never need to do any cleanup and get a fresh slate everytime.
>a well-formed CI system with many developed actions and free runners.
It feels to me like people have become way too reliant on this (in particular, forcing things into CI that could easily be done locally) and too trusting of those runners (ISTR some reports of malware).
>In addition, it is best to use code navigation simply in a web browser.
I've always found their navigation quite clunky and glitchy.
The big issue with Github is that they never denied feeding ai with private repositories. (Gitlab for example did that when asked). This fact alone makes many users bitter, even for organizations not using private repos per se.
> In addition, it is best to use code navigation simply in a web browser.
IMHO the vanilla Github UI sucks for code browsing since it's incredibly slow, and the search is also useless (the integrated web-vscode works much better - e.g. press '.' inside a Github project).
> as well as a well-formed CI system with many developed actions and free runners
The only good thing about the Github CI system are the free runners (including free Mac runners), for everything else it's objectively worse than the alternatives (like Gitlab CI).
> In addition, it is best to use code navigation simply in a web browser
How do you define "code navigation"? It might've got a bit easier with automatic highlighting of selected symbols, but in return source code viewer got way too laggy and, for a couple of years now, it has this weird bug with misplaced cursors if code is scrolled horizontally. I actually find myself using the "raw" button more and more often, or cloning repo even for some quick ad-hoc lookups.
Edit: not to mention the blame view that actively fights with browser's built in search functionality.
And now it opens... some VSCode-esque editor in the browser that asks me to sign-in? Why would I want something even more resource-hungry and convoluted just to look up a random thing once in a while?
Having used Forgejo with AGit now, IMO the PR experience on GitHub is not great when trying to contribute to a new project. It's just unnecessarily convoluted.
They have zero fees for individuals too which is amazing. Thanks to it I gained my first sponsor when one of my projects was posted here. Made me wish sponsorships could pay the bills.
Would you say Github has any significant advantages over Gitlab in this regard? I always found them to be on par, with incremental advantages on either side.
Code search over all of Gitlab (even if available) wouldn't help much when many of the interesting repos might be on Github. To be truly useful, it would need to index repos across many different forges. But there's a tension in presenting that to users if you're afraid that they might exit your ecosystem to go to another forge.
Underrated feature is the code search. Everyone starts out thinking they’ll just slap elastic search or similar in front of the code but it’s more nuanced than that. GitHub built a bespoke code search engine and published a detailed blog post about it afterwards.
Well, I guess. It's not a surprise LinkedIn and GitHub are owned by the same entity. Both are degrading down to the same Zuckernet-style engagement hacking, and pseudo-resume self-boosting portfolio-ware. If the value of open source has become "it gets me hired", then ... fine. But that's not why many of us do free software development.
GitHub's evolution as a good open source hosting platform stalled many years ago. Its advantages are its social network effects, not as technical infrastructure.
But from a technology and UX POV it's got growing issues because of this emphasis, and that's why the Zig people have moved, from what I can see.
I moved my projects (https://codeberg.org/timbran/) recently and have been so far impressed enough. Beyond ideological alignment (free software, distaste for Microsoft, want to get my stuff off US infrastructure [elbows up], etc.) the two chief advantages are that I could create my own "organization" without shelling over cash, and run my own actions with my own machines.
And since moving I haven't noticed any drop in engagement or new people noticing the project since moving. GitHub "stars" are a shite way of measuring project success.
Forgejo that's behind Codeberg is similar enough to GitHub that most people will barely notice anyways.
I'm personally not a fan of the code review tools in any of them (GitLab, Foregejo, or GitHub) because they don't support proper tracking of review commits like e.g. Gerritt does but oh well. At least Foregejo / Codeberg are open to community contribution.
Additional note on Codeberg, which I think is great as a project, but I got curious on what infrastructure they are running on and how reliable this would be for larger corporate repos.
[...] Although aged, the performance (and even energy efficiency) is often not much worse than with new hardware that we could afford. In the interest of saving embodied carbon emissions from hardware manufacturing, we believe that used hardware is the more sustainable path.
[...] We are investigating how broken Apple laptops could be repurposed into CI runners. After all, automated CI usage doesn't depend on the same factors that human beings depend on when using a computer (functioning screen, speakers, keyboard, battery, etc.). If you own a broken M1/M2 device or know someone who does, and believe that it is not worth a conventional repair, we would be happy to receive your hardware donation and give it a try!
[...] While it usually holds up nicely, we see sudden drop in performance every few days. It can usually be "fixed" with a simple restart of Forgejo to clear the backlog of queries.
Gives both early-Google as well as hackerspace vibes, which can or can not be a good thing.
To be fair, Codeberg isn’t for corporate repos, it’s for FLOSS projects. Take a look at their Terms of Use. They don’t aim to be a commercial provider, rather the opposite.
Their reliability is not great unfortunately. Currently their 24h uptime is 89% for the main site. They are partially degraded right now.
The 14 day uptime is 98% but I think that’s actually because some of their auxiliary systems have great uptime, the main site is never that great it seems.
Yeah, they were down last week too. It's hard to run an open git forge on a small volunteer team, the workload is read and write heavy with endless "customers" (or bots).
oh wow I had a larger cluster than that since I was 20 more than half a decade ago, considering that the costs appear to be so low maybe I should also pop out few free services since at the moment I pay $600+ just on power costs alone for idle hardware on my personal cluster. If anyone has any ideas feel free to email me at: news.ycombinator.com.reassure132@passmail.net
Forgejo is GPL 3, with the Github stuff apparently even running it on owned device is tied to a per user per month bill, and I have no idea if code is available and editable just having a look at https://azure.microsoft.com/en-us/pricing/details/githubente...
yes, GitHub Enterprise Server is not free. And yes you pay a license fee per user per month, billed annually, and the minimum license purchase is 10 users at something like $21/user/month. Microsoft discounts you qualify for will bring that down. You pay because you get support. You won't need it often, but when you do, you really need it.
It is easy to administer even for 15k users, and mostly it takes care of itself if you give it enough RAM and CPU for all the activity.
Downloading the virtual hard drive image from GitHub is easy and decrypting the code inside is borderline trivial, but I'm not going to help anyone do that. I've never had a need to do it.
As a server product it is good. I recommend it if you can afford it. It is not intended for private individuals or non-profits, though. It's for corporations who want their code on-premise, and for that it is quite good.
There have been complaints about it on Reddit as well. I registered an account recently and to me the annoying thing is the constant "making sure you are not a bot" check. For now I see no reason to migrate, but I do admit Forgejo looks very interesting to self-host.
3. They have a UI, but anyone can also build one and the ecosystem is shared
I've been considering Gerrit for git-codereview, and tangled will be interesting when private data / repos are a thing. Not trying to have multiple git hosts while I wait
I, too, am extremely interested in development on Tangled, but I miss two features from GitHub - universal search and Releases. the web frontend of Tangled is so fast that I am still getting used to the speed, and jj-first features like stacked PRs are just awesome. kinda reminds me of how Linux patch submitting works.
I moved (from selfhost gitlab) to forgejo recently, and for my needs it's a lot better, with a lot less hassle. It also seems a lot more performant (again probably because I don't need a lot of the advanced features of gitlab).
I've been contemplating this for almost two years. Gitlab has gotten very bloated and despite disabling a number of services in the config, it continues to require increasingly more compute and RAM; we don't even use the integrated Postgres database.
There are a few things that keep me on Gitlab, but the main one is the quality of the CI/CD system and the gitlab runners.
I looked at Woodpecker, but it seems so docker-centric and we are, uh, not.
The other big gulf is issues and issue management. Gitlab CE is terrible; weird limitations (no epics unless you pay), broken features, UX nightmares, but from the looks of it Forjego is even more lacking in this area? Despite this seeming disdain, the other feature we regularly use is referencing issue numbers in commits to tie work together easily. On this one, I can see the answer as "be the change - contribute this to Forgejo" and I'm certainly willing. Still, it's currently a blocker.
But my hopes in putting this comment out there is that perhaps others have suggestions or insight I'm missing?
Crazy. Who would have an incentive to spend resources on DDoS'ing Codeberg? The only party I can think of would be Github. I know that the normalization of ruthlessness and winner-takes-all mentality made crime mandatory for large parts of the economy, but still cannot wrap my mind around it.
Not just them. For example, Qt self hosted cgit got ddos just two weeks ago. No idea why random open source projects getting attacked.
> in the past 48 hours, code.qt.io has been under a persistent DDoS
attack. The attackers utilize a highly distributed network of IP
addresses, attempting to obstruct services and network bandwidth.
Probably some little script kiddie fucks who think they are elite mega haxors and use their mommie's credit card to pay one of the ddos services readily accessible.
DDoS are crazy cheap now, it could be a random person for the lulz, or just as a test or demo (though I suspect Codeberg aren't a bit enough target to be impressive there).
What is cheap and what are the risks of getting caught? I can understand that for a 15 yo it might be for the lulz, but I am having a hard time to imagine that this would give street creds, and why be persistent about it. AI-bots would make more sense, but these can be dealt with.
Big tech would be far more interested in slurping data than DDoS'ing them.
An issue with comments, linked to a PR with review comments, the commit stack implementing the feature, and further commits addressing comments is probably valuable data to train a coding agent.
Serving all that data is not just a matter of cloning the repo. It means hitting their (public, documented) API end points, that are likely more costly to run.
And if they rate limit the scrappers, the unscrupulous bunch will start spreading requests across the whole internet.
I think the goal is unclear, but the effect will be that Codeberg will be perceived as less of a real, stable alternative. Breaking in was not in my mind, but that will have the same effect, maybe even more damaging.
Now, if that has been the intended effect, I hope I won't have to believe that.
Story time:
I remember that back in the day I had a domain name for a pretty hot keyword with a great, organic position in Google rankings. Then someday it got all of a sudden serious boost from black-SEO, with a bazillion links from all kinds of unrelated websites. My domain got penalized and dropped of from the front page.
For threat analysis, you need to know how hard you are to break in, what the incentives are, and who your potential adversaries are.
For each potential adversary, you list the risk strategy; that's threat analysis 101.
E.g. you have a locked door, some valuables, and your opponent is the state-level. Risk strategy: ignore, no door you can afford will be able to stop a state-level actor.
I concur the question, "Who would have an incentive to spend resources on DDoS'ing Codeberg?" is a bit convoluted in mixing incentive and resources. But it's still, exactly, threat analysis, just not very useful threat analysis.
Are there standards committees with 786 voting members, of which you would have to convince at least 2/3 to betray the ideals of the association they chose to actively take part in to get the association to disband or otherwise stop it from pursuing its mission?
~800 members? That's great to hear actually. I like Codeberg and want them to succeed and be protected from outside effects.
That's said, I believe my comparison checks out. Having ~800 members is a useful moat, and will deter actors from harming Codeberg.
OTOH, the mechanism can still theoretically work. Of course Microsoft won't try something that blatant, but if the e.V loses this moat, there are mechanisms which Microsoft can and would like to use as Codeberg gets more popular.
I said e.V., not EV. Codeberg is an e.V., i.e. a "registered association" in Germany. I am not actually sure if you could technically buy an e.V., but I am 100% certain that all of the Codeberg e.V. members would not take kindly to an attempt at a hostile takeover from Microsoft. So no, buying Codeberg is not easier than DDoSing them.
What do you mean by "orgs", and what do you mean by "the codeberg"?
Sure, they could try to bribe the Codeberg e.V. active members into changing its mission or disbanding the association entirely, but they would need to get a 2/3 majority at a general assembly while only the people actively involved in the e.V. and/or one of its projects can get voting rights. I find that highly unlikely to succeed.
Part of the problem is that Codeberg/Gitea's API endpoints are well documented and there are bots that scrape for gitea instances. Its similar to running SSH on port 22 or hosting popular PHP forums software, there are always automated attacks by different entities simply because they recognize the API.
Try exposing a paswordless SSH server to outside to see what happens. It'll be tried immediately, non-stop.
Now, all the servers I run has no public SSH ports, anymore. This is also why I don't expose home-servers to internet. I don't want that chaos at my doorstep.
Yeah no need for public ssh. Or if you do pick a random port and fail2ban or better just whitelist the one IP you are using for the duration of that session.
To avoid needing SSH just send your logs and metrics out and do something to autodeploy securely then you rarely need to be in. Or use k8s :)
Yeah, I have been thinking about hosting a small internet facing service on my home server, but I’m just not willing to take the risk. I’d do it on a separate internet connection, but not on my main one.
You can always use a small Hetzner server (or a free Oracle Cloud one if you are in a pinch) and install tailscale to all of your servers to create a P2P yet invisible network between your hosts. You need to protect the internet facing one properly, and set ACLs at tailscale level if you're storing anything personal on that network, though.
This is just FUD, there is nothing dangerous in having an SSH server open to the internet that only allows key authentication. Sure, scanners will keep pinging it, but nobody is ever going to burn an ssh 0day on your home server.
A few years ago a vulnerable compression library almost got pushed out that major Linux distros linked their OpenSSH implementations to. That was caught by blind luck. I'm confident there's a lot more shit out there that we don't know about.
"opsec" includes well defined things like threat modeling, risk factors, and such. "Things I have seen" and vague "better safe than sorry" is not part of that.
GitHub uptime isn't perfect either. You will notice these outages from time to time if your employer is using it for more than just "store some git repos", e.g. using GHA for builds and deploys, packages etc.
Because they are Codeberg I'm betting they have a philosophical aversion to using a cloud based ddos protection service like Cloudflare. Sadly the problem is that noone has come up with any other type of solution that actually works.
LLMs are useful, but AI is itself a marketing term that has begun to lose its luster. It’s rapidly becoming an annoying or trendy label, not a cutting edge one.
I guarantee that in ~24 months, most AI features will still remain in some form or another on most apps, but the marketing language of AI-first will have evaporated entirely.
> AI is itself a marketing term that has begun to lose its luster. It’s rapidly becoming an annoying or trendy label, not a cutting edge one.
Where have you been the last 15 years? However, I agree with your prediction. Coke making AI advertisements may have had cache a couple years ago, but now would be a doofus move.
Have you watched broadcast TV lately? Every single advert is AI generated. Pay attention and you’ll see the telltale signs: stitched together 3 second clips with continuity problems, every showdown from a fixed set of compositions, etc. it’s just less noticeable to the average viewer than that coke ad.
I don’t remember AI being used as a widespread marketing term until 2-3 years ago. Before that it was just more of a vague tech thing you’d sometimes see, but now every single app seems to have reframed their business to be about AI agents.
Early 2010s had a lot of neural networks AI stuff going on and it certainly became a minor hype cycle as well though that kind of resulted in the current LLM wave.
There was also a small chatbot bubble around 2014-2016 (Microsoft Tay kinda blew it out of the water, and it never recovered), though companies did seem a bit skittish about using the term 'AI' at that point.
Their most most recent update replaces all this with a list of recently updated PRs and issues. I've been learning on it heavily since it came out. One of the few recent changes that really feels like a clear improvement.
Haven't used the dashboard in years. What's on it now might be more useful. The homepage for me should be set to Notifications.
At any rate, the feed is still available and you can reach it via browser autocomplete. I open GitHub by typing "not" in my URL bar and landing on the notifications page.
The main function of GitHub is really just advertising or at least broadcasting your work. I would use GitHub issues, stars, etc as an (imperfect gauge) of the quality of a library. This is not because of GitHub's features, just that it's the biggest and most well known. And yes I know buying stars is a thing, which is why it's part of the evaluation and not the whole ballgame.
Now that zig is fairly well known and trusted, it makes sense that this is less of a concern for them when migrating away.
Google workspace will have me do the same. No, I don't want to 'generate an image' I just want to use my own, thank you. They give their AI prime billing everywhere to the detriment of the products and the users.
One thing that's really nice about codeberg is how fast the pages load. Browsing GitHub often feels very sluggish. Obviously there's a difference in scale there, but I hope codeberg can keep being fast.
$ time curl -L 'https://codeberg.org/'
real 0m3.063s
user 0m0.060s
sys 0m0.044s
$ time curl -L 'https://github.com/'
real 0m1.357s
user 0m0.077s
sys 0m0.096s
I think you read that backwards. In skydhash's test, Codeberg's data was 72% cached, and GitHub's data was 28% cached. Maybe you meant that GitHub's cached 4.28MB was, in absolute terms, more than Codeberg's cached 1.41MB?
Some parts of Github are SPA island, which is why the DOM load fast, but then it has to wait for the JavaScript files and the request made by those files. Codeberg can be used with JavaScript disabled and you don’t have that much extra requests (almost everything is rendered serverside).
The transferred part is for the gzipped transfer. That makes sense if the bulk of the data is HTML (I have not checked).
That depends on location and GitHub pages generally take a while to execute all the javascript for a usable page even after the html is fetched while pages on Codeberg require much less javascript to be usable and are quite usable even without javascript.
Here are my results for what it's worth
$ time curl -o /dev/null -s -L 'https://codeberg.org'
real 0m0.907s
user 0m0.027s
sys 0m0.009s
$ time curl -o /dev/null -s -L 'https://github.com/'
real 0m0.514s
user 0m0.028s
sys 0m0.016s
Sure, it depends on your internet connection. But for Codeberg I see a blank page for 3-4 seconds until it shows something. On a big repo like Zig the delay is even worse.
On Github any page loads gradually and you don't see a blank page even initially.
GitHub frontpage is very quick indeed, but browsing repos can sometimes have load times over a full second for me. Especially when it's less popular repos less likely to be in a cache.
Our CI workflow literally just invokes a plain old shell script (which is runnable outside CI). We really don't need an overcomplicated professional CI/CD solution.
One of the nice things about switching to Forgejo Actions is that the runner is lightweight, fast, and reliable - none of which I can say for the GitHub Actions runner. But even then, it's still more bloated than we'd ideally like; we don't need all the complexity of the YAML workflow syntax and Node.js-based actions. It'd also be cool for the CI system to integrate with https://codeberg.org/mlugg/robust-jobserver which the Zig compiler and build system will soon start speaking.
So if anything, we're likely to just roll our own runner in the future and making it talk to the Forgejo Actions endpoints.
Seeing the decline of GitHub in Actions is technically correct, but Actions was always broken. We tried getting self-hosted runners to work super early before there was a proper ephemeral mode (just an officially unsupported race-condition-y --once flag). It sucked. That code can't produce a consistent status code, constantly failed to connect to its scheduler with obscure Azure error codes and had so many races with accepting and timing out jobs. Runners wouldn't get new jobs, jobs would sit there for an hour and then time out, runners would just die and need to be re-provisioned (we used ephemeral VMs in a GCP instance group). This is all because Actions is actually Azure DevOps Pipelines rebranded.
Compared to then this product is downright mature now. And also, there always were people at GitHub who delivered crappy products outside the core that most people working on FOSS got to see. Enterprise Cloud has a ton of sharp edges and things that make you ask "WHY" out loud. Notifications with SAML enabled are broken in countless ways (I have 0 out of 12 notifications right now), newly onboarded users are encouraged to click a "request copilot" button that sends emails to admins you can't disable, policy toggles that used to do one thing get split up and not defaulted properly. The last two in particular are just dark pattern hacks to get people to use Copilot. In an enterprise product.
I think once Codeberg becomes federated, it will likely attract a lot of people.
Right now github is great for discovering and tracking projects, reflecting growth via the star and fork system (although a bit broken in the last few years).
If a federated layer is applied to these github alternatives, you could have an account in Codeberg, and be able to track lots of projects wherever people want to host them. Right now, I see a lot of forgejo servers, but I don't want to register in all of them.
+1 - I also see a huge opportunity for forgejo to become a new stackoverflow if they add federation
The primary issue with SO was that it was disconnected from the actual communities maintaining the project. A federated solution would be able to have the same network effects while handing ownership to the original community (rather than a separate SO branch of the community)
Well, diversity is great but I think many people underestimate the quality and service of GitHub, especially the free services. Even commercial vendors have failed to provide such a free service over time (Docker Hub, Bintray, Sourceforge). They all have/had the power to earn money though commercial offerings and ads, but in the end had to cut down their free services. I still wonder, how codeberg plans to cover the exploding costs.
You can also run a Forgejo instance (the software that powers Codeberg) locally - it is just a single binary that takes a minute to setup - and setup a local mirror of your Codeberg repo with code, issues, etc so you have access to your issues, wiki, etc until Codeberg is up and Forgejo (though you'll have to update them manually later).
I hope Codeberg is able to scale up to this surge in interest, but
> it is just a single binary that takes a minute to setup - and setup a local mirror of your Codeberg repo with code, issues, etc so you have access to your issues, wiki, etc
is really cool! Having a local mirror also presumably gives you the means to build tools on top, to group and navigate and view them as best works for you, which could make that side of the process so much easier.
> you'll have to update them manually later
What does the manually part mean here? Just that you'll have to remember to do a `forgejo fetch` (or whatever equivalent) to sync it up?
I totally agree, Microsoft is ruining everything with AI, like all Microsoft product have been on decline for years even before the LLM era, and now they are on an even steeper decline.
it makes me sad to see that github is now going through the same shit, and people are using other random half-ass alternatives, it’s not easy to keep track of your favourite open-source projects across many source forgeries. we need someone to buy github from Microsoft and remove all the crap they have added to it.
Am I in the minority when I actually like those AI features on GitHub? The ability to interrogate any open source codebase is __amazing__, this feature alone has saved me days of work/research. The AI code reviews are nothing to write home about, but occasionally catch stuff that I would've missed, a net benefit for me. I don't really get all the outrage... Sure, having an "Ask AI" Clippy-like thing in your face everywhere gets old quick, but at least on GitHub I find it non-obtrusive and often actually useful.
...you can just clone the repository and do that interrogation locally with the AI tool of your choice.
Every single application or webpage having its own AI integration is seriously one of the dumbest ideas in computing history (instead of separating applications and AI tools and let them work together via standardized interfaces).
Is anything broken on the pure Git side of Github? From this, it's clear that actions and runners are becoming unusable. But are repositories still safe?
The outages break `git push`. I'm not a fan of the AI adoption within the UI, and the side bars when browsing code usually get in the way. Using GitHub as a dumb git backend isn't a great option either, look at the Linux kernels PRs, it's almost all spam. Why on earth can't PRs be disabled?
One problem is that GH gives you no way to disable PRs. And even if you write in BIG BOLD LETTERS that PRs should be on Codeberg not GH, people get upset and make a fuss over their "ignored" PRs and it ends up making unnecessary headaches for you over and over.
This resonates with me. Last week I got stuck on a bug where GitHub actions was pulling ARMv7 docker images when I specifically requested ARMv8. Absolutely impossible to reproduce locally either.
Maybe this is a nice chance to ask, would you move from Gitlab to Github? I would say no, but some people in my org are proposing it, it seems to me simply because the integration it has with AI tools, but my experience has been worse in Github than with Gitlab.
I don't get it, why did they allow GitHub bot to modify and merge pull request automatically? Yeah I agree that MS is ruining everything with AI, but this problem is avoidable, if they turn off the bot's auto merge feature, or turn it off completely. The reason they move to a lesser known Git provider sounds more like a marketing stunt.
> The reason they move to a lesser known Git provider sounds more like a marketing stunt.
We had technical problems that GitHub had no interest in solving, and lots of small frustrations with the platform built up over years.
Jumping from one enshittified profit-driven platform to another profit-driven platform would just mean we'd set ourselves up for another enshittification -> migration cycle later down the line.
What are you referring to? I may be missing a line from the article but it seems mostly focused around a lingering GitHub Actions bug and the direction of GitHub.
The interesting thing about Zig's move isn't really the drama - it's watching a project work through platform migration in real time.
Most open source projects talk about reducing GitHub dependency but never actually do it because the switching costs are brutal. Issues, PRs, CI integrations, contributor muscle memory - it all adds up. Codeberg is solid but the network effects aren't there yet.
Curious whether this pushes other projects to at least have contingency plans. The AI training concerns are real, but I suspect the bigger long-term risk is just platform enshittification in general - feature bloat, performance degradation, mandatory upsells.
More and more projects are moving to Codeberg, and I'm wondering; at what point will a critical mass be reached? Or will we end up with a fragmented ecosystem?
Oh no, our decentralized VCS will be… decentralized!
Seriously though the big problem to solve will be squatters, when there are three logical places for a module to be hosted. That could create issues if you want to migrate.
I would rather have this happening after a contender to git has surfaced. Something for instance with more project tracking built in so migration were simpler.
I was slightly wrong. You can manually mirror things, but they have removed a feature that allowed one to automatically mirror repositories hosted elsewhere. It was originally intended as an ease of migration tool, but ended up consuming too many resources.
From their FAQ:
> Why can't I mirror repositories from other code-hosting websites?
> Mirrors that pull content from other code hosting services were problematic for Codeberg. They ended up consuming a vast amount of resources (traffic, disk space) over time, as users that were experimenting with Codeberg would not delete those mirrors when leaving.
> A detailed explanation can be found in this blog post.[1]
That's the beauty of email-based approaches. You can just clone, do your changes and `git send-email`. Done.
I think it would've been far easier to build a decent GUI around that flow, with some email integration + a patch preview tool, rather than adding activitypub, but oh well.
> I think it would've been far easier to build a decent GUI around that flow, with some email integration + a patch preview tool, rather than adding activitypub, but oh well.
Check out Sourcehut (https://sourcehut.org/). It uses a mailing list-based workflow so contributing code or bug reports is relatively effortless and doesn't require a Sourcehut account.
Email-based approaches have far more issues than just needing to create an account. I would much rather have to create another account than deal with git send-email ever again. It's awful.
I used to submit quite a few back in the day. How many projects are still actively maintained on Sourceforge? The last time I needed to go there was to get the GPC (General Polygon Clipper) library with the last modification in 2014.
Maybe I wasn't quite clear. As an open-source author, bug reports are what makes open-source feel like a job. This is because Github has created a sense of entitlement that an open-source project is supposed to take bug reports. That its authors are its 'maintainers' and are expected to fix them.
No. You are the person with an issue. You have all the means to fix the issue -- the source code has been shared with you. Now go ahead and fix your bug yourself. Then share the source code with your users as per its license.
Notice how I don't even care much for 'pull requests'. Another detrimental notion started with Github -- that the authors of an open-source project are expected to review change requests and merge them.
Guy, open-source licenses do not require you to share the derived code with upstream. They require you to share it with your users. I, as the original author, mostly don't care as the original code I wrote works for me.
Yes, sending fixes back upstream is a courtesy and a way to thank the original authors. However it is neither required, nor one must expect that the fixes will be accepted or even looked at at all.
Hopefully one of the efforts to build distributed pull requests will take off, so that all the forges other than github can band together and interoperate.
All those different 'git forges' use git as version control system and the same issue and PR workflows. There is no fragmentation, unless you consider one git url being different from another git url 'fragmentation' ;)
I prefer a pletora of code hosting sites, that one massive hub controlled by a single one. We can see how bad is when there is a monopoly or cuasi-monopoly.
A lot of these forced "AI" integrations are essentially Clippy on steroids.
A more careful approach focusing on use cases the technology can really support would be much preferred.
I hate these constant drama posts, but I am all for seeing competition. I think it's good to have a couple of top-tier companies offering the same service, and especially with git, it's been... lacklustre outside of Github, I'd say. Bitbucket was totally nice, but Atlassian and Jira and meh... Github has (mostly) steered clear of cross-product promotions until the CoPilot era washed all over us, and I wonder for how long they can continue to thrive off the power of brand-awareness.
Same effect at play watching all the top-tier AI corps under heavy competitive fire still, trying hard to keep the audience attached while battling to stay on top of (or keep up with) the competition. This mainly (for now) benefits the user. If OpenAI were to trailblaze on their own, we'd all be paying through the roof for even the most basic GPT by now.
Lack of investment more like. There are a ton of simple and obvious bugs that have persisted well before the AI crazy, e.g. this annoying bug from 2021: https://github.com/orgs/community/discussions/6874
That said, I still think Github is fine, and you can't argue with free CI - especially on Windows/Mac. If they ever stop that I'll definitely consider Codeberg. Or if Codeberg gets support for stacked PRs (i.e. dependencies between PRs), then I'm there! So frustrating that Github doesn't support such an obvious workflow.
The evidence of AI failure is all this low hanging fruit maintenance fixes users are begging Microsoft to fix and these AI agents are not fixing them. AI was going to 10x engineers or something right? Why isn’t GitHub getting better with all this AI help?
> So frustrating that Github doesn't support such an obvious workflow.
It kind of does.
I used this a lot in several jobs to work in dependent tickets in advance. Just make another branch on top of the previous (a PR to the other PR branch).
People could review the child PR before the parent was merged. And it requires some less than trivial git knowledge to manage effectively, but nothing extraordinary. Any solution for stacked PRs based on git would also require it (or a custom tool).
I think I'm on their side on this one. From git perspective, it works just as I expect. Something else probably belongs to JIRA or project management instead.
That feels like the opposite of what I think stacked PRs are? Like someone will open PR #1 for one feature, and then PR #2 into the PR #1 branch, but it doesn't make sense without knowing the context of PR #1 so that gets reviewed first - and then when that PR gets merged, the second one gets automatically closed by GitHub?
You first send PR#1, then PR#2 on top of the first one.
The diff for PR#1 will show dough stuff. The diff for PR#2 will show toppings in relation to dough.
People can review them asynchronously. If you merge PR#1, PR#2 will automatically target main (that's where dough went) now.
In this arrangement, I use to cross-mention the PRs by number (a link will exist in both). I also like to keep the second one draft, but that depends on the team practices.
I don't understand why you would close the second PR when the first gets merged. It should lose the dependency automagically, which is exactly what happens if you branch correctly.
> The diff for PR#2 will show toppings in relation to dough.
The problem is the diff for PR#2 will show dough and toppings all mixed together. Unless you go into the commits view, but that's super tedious and it's easy to lose comments in there.
It's kind of frustrating because there's very little required to make this work. All you really need is for Github to detect `Depends on #1` like it detects `Fixes #123`, and then a) use the HEAD of #1 as the diff based for #2, and b) block merging #2 until #1 is merged.
It's really not that complicated but I'm not holding my breath.
Last week the reason for the move was MS tools being used by the baddies. Today AI is the baddie du jour. To use a great quote "either do or don't, but I got places to be".
Look, how is number to go up without constant AI bullshit? Won't somebody think of the shareholders!
MS in particular _really_ seems to be sacrificing itself on the altar of Roko's Basilisk; they appear totally incapable of doing _anything_ that isn't AI-branded anymore.
In other news today, Bun, which is one of the biggest projects written in Zig, joined Anthropic, the company behind Claude Code, and has nothing but kind words to say about AI. If Zig becomes ever more hostile to AI, I wonder if there may be some "friction" there.
Usually programming languages need that killer project to sell themselves, instead of being something only language nerds play with, Bun was one of such projects.
maybe I’m out of the loop, but what is the “obsession” with AI that’s ruining it? GitHub still works for me like it always has. How are other people using GitHub?
Zig is distributed under the MIT License. MS is completely with in their rights to clone the git repository from Codeberg and do whatever with the source code. Including feeding it to their AI algorithms. Moving it to Codeberg doesn't really fix that. I get that some people want to restrict what people can do with source code (including using it for capitalist purposes or indeed ai/machine learning). But the whole point of many open source licenses (and especially the MIT license) is actually the opposite: allowing people to do whatever they want with the source code.
The Zig attitude towards AI usage is a bit odd in my view. I don't think it's that widely shared. But good for them if they feel strongly about that.
I'm kind of intrigued by Codeberg. I had never heard of it until a few days ago and it seems like that's happening in Berlin where I live. I don't think I would want to use it for commercial projects but it looks fine for open source things. Though I do have questions about the funding model. Running all this on donations seems like it could have some issues long term for more serious projects. Moving OSS communities around can be kind of disruptive. And it probably rules out commercial usage.
This whole Github is evil anti-capitalist stance is IMHO a bit out of place. I'm fine with diversity and having more players in the market though; that's a good thing. But many of the replacements are also for profit companies; which is probably why many people are a bit disillusioned with e.g. Gitlab. Codeberg seems structured to be more resilient against that.
Otherwise, Github remains good value and I'm getting a lot of value out of for profit AI companies providing me with stuff that was clearly trained on the body of work stored inside of it. I'm even paying for that. I think it's cool that this is now possible.
> Zig is distributed under the MIT License. MS is completely with in their rights to clone the git repository from Codeberg and do whatever with the source code. Including feeding it to their AI algorithms.
MIT license requires attribution, which AI algorithms don’t provide AFAIK. So either (a) it’s fair use and MS can do that regardless of the license or (b) MS can’t do that. In any case, yeah, that’s not the issue Zig folks have with GitHub.
> Zig is distributed under the MIT License. MS is completely with in their rights to clone the git repository from Codeberg and do whatever with the source code. Including feeding it to their AI algorithms. Moving it to Codeberg doesn't really fix that. I get that some people want to restrict what people can do with source code (including using it for capitalist purposes or indeed ai/machine learning). But the whole point of many open source licenses (and especially the MIT license) is actually the opposite: allowing people to do whatever they want with the source code.
MS training AIs on Zig isn't their complaint here. They're saying that Github has become a worse service because MS aren't working on the fundamentals any more and just chasing the AI dream, and trying to get AI to write code for it is having bad results.
The edit history of the announcement is quite a ride:
> [2025-11-27T02:10:07Z] it’s abundantly clear that the talented folks who used to work on the product have moved on to bigger and better things, with the remaining losers eager to inflict some kind of bloated, buggy JavaScript framework on us in the name of progress [1]
> [2025-11-27T14:04:47Z] it’s abundantly clear that the talented folks who used to work on the product have moved on to bigger and better things, with the remaining rookies eager to inflict some kind of bloated, buggy JavaScript framework on us in the name of progress [2]
> [2025-11-28T09:21:12Z] it’s abundantly clear that the engineering excellence that created GitHub’s success is no longer driving it [3]
---
1: https://web.archive.org/web/20251127021007/https://ziglang.o...
2: https://web.archive.org/web/20251127140447/https://ziglang.o...
3: https://web.archive.org/web/20251128092112/https://ziglang.o...
On the previous HN article, I recall many a comment talking about how they should change this, leave the politics/negative juju out because it was a bad look for the Zig community.
It would appear they listened to that feedback, swallowed their ego/pride and did what was best for the Zig community with these edits. I commend them for their actions in doing what's best for the community at the cost of some personal mea culpa edits.
I often find we don't appreciate enough people accepting their failures and changing their mind. For some reason I see the opposite: people respecting those who "stick to their guns" or double down when something is clearly wrong. As you say, the context matters and these edits seem to be learning from the feedback rather than saving face since the sentiment stands, just in a less needlessly targeted way.
Well, it's not like it's a simple black and white situation, universally applicable to every debate in human history. Sometimes it is relatively better to be open-minded and able to change own opinion. Sometimes it is relatively better to keep pushing a point if it is rational and/or morally correct.
The reason why the latter stance is often popularized and cheered is because it is often harder to do, especially in the adverse conditions, when not changing your opinion has a direct cost of money or time or sanity or in rare cases even freedom. Usually it involves small human group or individual against a faceless corporation, making it even harder. Of course we should respect people standing against corporation.
PS: this is not applicable if they are "clearly wrong" of course.
Consider the plight of a policy-maker who changes their stance on some issue. They may have changed their mind in light of new information, or evolved their position as a result of deeper reflection, personal experience, or maturation. Opponents will accuse them of "waffling" or "flip-flopping", indicating a lack of reliability or principles (if not straight-up bribery). Elected officials are responsible for expressing the will of the people they represent, so if they're elected largely by proponents of issue X, it is arguably a betrayal of sorts for them to be as dynamic as private citizens.
This is tangential to the original topic of insider trading, where the corruption is structural / systemic -- akin to how "conflict of interest" objectively describes a scenario, not an individual's behavior.
Never understood that either. If someone was wrong and bad, and now they're trying to do right and good, we need to celebrate that. Not just because that's awesome in itself, but also to give the opportunity and incentives for others in the future to do better.
If everyone is always bad regardless if they're trying to change, what incentives would they have from changing at all? It doesn't make any sense.
I agree with the sentiment (people changing their minds), but the flipside to that is people pleasing. Someone who capitulates under even the slightest pressure is not much better than the person who is set in their ways.
The trouble there, of course, is that the motivation for changing (or not changing) one's mind is not always clear, and it's easy to score points from spinning it one way or another.
The other part of the equation is not letting bad people get away with doing bad stuff if they do good stuff after that. The return on doing bad stuff, then good stuff has to be greater than the return on only doing bad stuff, but less than the return on only doing good stuff. It should increase over time the more you don't do bad stuff again.
Its a thing with (online) culture - no matter what you do you're going to ruffle some feathers.
If no one hates what you are doing chances are you're not doing anything really
For me it depends heavily on context.
I think it's because when people do a 180 due to public pressure, it's hard to know to what degree they changed their mind and to what degree they are just lying about what is on their mind.
Toning down aggressive phrasing is not "doing a 180", calling the change from "only losers left at GitHub" to "the engineering excellence has left" lying seems disingenuous.
> I often find we don't appreciate enough people accepting their failures and changing their mind.
Because this plays into a weird flaw in cognition that people have. When people become leaders because they are assholes and they are wrong, then after the wind blows the other way they see the light and do a mea culpa, there is always a certain segment that says that they're even more worthy to be a leader because they have the ability to change. They yell at the people who were always right that they are dogmatic and ask "why should people change their minds if they will be treated like this?"
If one can't see what's wrong with this toy scenario that I've strawmanned here, that's a problem. The only reason we ever cared about this person is because they were loud and wrong about everything. Now, we are expected to be proud of them because they are right, and make sure that they don't lose any status or position for admitting that. This becomes a new reason for the people who were previously attacking the people who were right to continue to attack the people who were right, who are also now officially dogmatic puritans whose problem is that they weren't being right correctly.
This is a social phenomenon, not a personality flaw in these leaders. People can be wrong and then right. People can not care either way and latch onto a trend for attention or profit, and follow it where it goes. I don't think either of these things are in and of themselves morally problematic. The problem is that there are people who are simply following individual personalities and repeating what they say, change their minds when that personality changes their mind, and whose primary aim is to attack anyone who is criticizing that personality. They don't really care about the issue in question (and usually don't know much about it), they're simply protecting that personality like a family member.
This, again, doesn't matter when the subject is stupid, like some aesthetic or consumer thing He used to hate the new Batman movies but now he says that he misunderstood them; who cares. But when the subject is a real life or death thing, or involves serious damage to people's lives and careers, it's poisonous when a vocal minority becomes dedicated to this personality worship.
It's so common that there now seems to be a pipeline of born-agains in front of everything, giving their opinion. Sir, you were a satanist until three years ago.
[dead]
As I see it, someone who "listened to that feedback, swallowed their ego/pride" would include a note at the end of the post about the edits. Admitting you were wrong requires not erasing the evidence of what you said.
(He did post a kind of vague apology in https://ziggit.dev/t/migrating-from-github-to-codeberg-zig-p..., but it's ambiguous enough that anyone who was offended is free to read it as either retracting the offending accusation, or not. This is plausibly the best available alternative for survival in the current social-media landscape, because it's at best useless to apologize to a mob that's performatively offended on behalf of people they don't personally know, and usually counterproductive because it marks you as a vulnerable victim, but the best available alternative might still tend to weaken the kind of integrity we're talking about rather than strengthen it.)
No evidence was erased as the evidence exists.
You mean, on a third-party website that currently happens to have a capture of the page outside of the Zig team's control, but which can go down at any time?
The site is open source and the commits are still there. No need to be so dramatic.
https://github.com/ziglang/www.ziglang.org/commit/c8d046b288...
There is utility in indicating how surprised / concerned you are at a certain process or event. We can flatten out all communication and boil everything down to an extremely neutral "up", "down", and "nailed it to exacting precision".
I find the fact that this painting has been hung crooked by 0.00001º: down
I find torture and mass murder: down
Clearly this is a ridiculous state of affairs. There's more gradations available than this.
Possibly coloured by my dutch culture: I think this rewrite is terrible. The original sentence was vastly superior, though I think the first rewrite (newbies to rookies) was an improvement.
The zig team is alarmed, and finds this state of affairs highly noteworthy and would like to communicate this more emotional, gut instincty sense in their words.
There's a reason humans invent colourful language and epithets. They always do, in all languages. Because it's useful!
And this rewrite takes it out. That's not actually a good thing. The fact that evidently the internet is so culturally USA-ised that any slightly colourful language is instantly taken as a personal affront and that in turn completely derails the entire debate into a pointless fight over etiquitte and whether something is 'appropriate' is fucking childish. I wish it wasn't so.
In human communication, the US is somewhat notorious in how flattened its emotional range is of interaction amongst friendly folk. One can bring anthropology into it if one must: Loads of folks from vastly different backgrounds all moving to a vast expanse of land? Given that cultural misunderstanding is extremely likely and the cost of such a misunderstanding is disastrously high, best plaster a massive smile on your face and be as diplomatic as you can be!
Consider as a practical example: Linus Torvalds' many famed communications. "NVidia? Fuck you!" was good. It made clear, in a very, very pithy way, that Linus wasn't just holding a negative opinion about the quality and behaviour of the nvidia gfx driver team at the time, but that this negative opinion was universal across a broad range of concerns and extremely so. It caused a shakeup where one was needed. All in 3 little words.
(Possibly the fact that the internet in general is even more incapable of dealing with colourful language is not necessarily the fault of USification of the internet: The internet is a lot like early US, at least in the sense that the risk of cultural misunderstanding is far higher than in face to face communications on most places on the planet).
If I could upvote you, I would. I have never liked the mob of people that think we should all be super diplomatic corpospeakers who hedge everything and who think that not doing so is "offensive" or "unprofessional". I definitely didn't think anything was wrong with the original sentences or word usage, because it wasn't aimed at any specific individual with the deliberate intent of being offensive, but was aimed at Microsoft itself. And even if the intent was to be offensive, well, on the internet your always going to offend someone. You could be super nice and say all the right words and someone would still find a way to be offended by it. And were these circumstances ordinary, I would call out the word usage as well, because it would be uncalled for. But given all the evidence that the original points at, it's rather hard to say that GitHub didn't deserve it. And it is also rather difficult for me to see how this wasn't the time or place for such language. Sometimes the only way to get your point across is to be "unprofessional" (whatever that means these days).
> It would appear they listened to that feedback, swallowed their ego/pride and did what was best for the Zig community with these edits.
Indeed. The article even links to it.
https://ziggit.dev/t/migrating-from-github-to-codeberg-zig-p...
Thanks for pointing this out! I looked at the edit history and without looking at the timestamps assumed it was in reverse chronological order. Seeing that I was wrong brought a smile to my face.
I appreciate that Andrew and the other Zig team members are really passionate about their project, their goals, and the ideals behind those goals. I was dismayed by the recent news of outbursts which do a lot to undermine their goals. That they’re listening to feedback and trying to take the high road (despite feeling a lot of frustration with the direction industry is taking) should be commended.
Zig is the language that was intentionally made to fail and error out on windows carriage returns instead of parsing them like every language ever made. They made a version for windows and then made it not work with every windows text editor. Their answer was to 'get better text editors' or 'make a preprocessing program to strip out carriage returns' or 'don't use windows' (they had a windows executable).
This is not a group with community or pragmatism from the start.
Eh, it looks like they want to hide that they call people monkeys and losers.
If they would own up to it and say sorry, then your point stands. But that's not what happened here.
> I completely agree with this. I performed really poorly on this axis. I’m sorry to the Zig community for that. I’ll take my L and get back to working on std.Io and the rest of the roadmap. [1]
[1] https://ziggit.dev/t/migrating-from-github-to-codeberg-zig-p...
They should know that crap software is rarely intentional as they make it out to be in the initial version of the text, what you get is what they are able to build in the environment they are in (that matters too). Capability and environment.
I think the Reddit mobile website team might be the exception to that. What they make is a particular brand of unusable and from what I remember there is evidence of them talking about how that was intentional.
Reddit is trying to steer everyone into using their mobile app, which schlorps up as much personal data as it possibly can. I normally don’t go in for the whole mustache twirling thing, but given their previous actions in shutting down all third party apps, I’m fine in this case with accusing them of outright malice.
I think they recently banned people from creating their own OAuth tokens, which is a thin people were doing to enter into their third party apps to bypass the ban. Now if you want to make any app or bot, you either screen-scrape, steal an API key, or get the approval of Reddit management.
Anger is a mind killer. Build software out of love. Love for engineering, innovation, creation, and love of working with people who feel the same way.
to quote something I said a day ago about AI spotting in the posts of other people:
https://news.ycombinator.com/item?id=46114083
"I think that writing style is more LinkedIn than LLM, the style of people who might get slapped down if they wrote something individual.
Much of the world has agreed to sound like machines."
AI witch-hunts are definitely a problem. The only tell you can actually rely on is when the AI says something so incredibly stupid that it not only fails to understand what it is talking about but the very meaning of words themselves.
Eg,metaphors that make no sense or fail to contribute any meaningful insight or extrenely cliched phrases ("it was a dark and stormy night...") used seriously rather than for self-deprecating humor.
My favorite example of an AI tell was a youtube video about serial killers i was listening to for background noise which started one of its sentences with "but what at first seemed to be an innocent night of harmless serial murder quickly turned to something sinister."
which is unfortunate, because pre-AI, "but what at first seemed to be an innocent night of harmless serial murder quickly turned to something sinister." would just be a funny bit of writing.
This has always been the case in the "corporate/professional" world imo.
It's just much easier now for "laypeople" to also adjust their style to this. My prediction is people will get quickly tired of it (as evidenced by your comment)
Also
> More importantly, Actions is created by monkeys ...
vs
> Most importantly, Actions has inexcusable bugs ...
I commend the author for correcting their mistakes. However, IMHO, an acknowledgement instead of just a silent edit would have been better.
Anyway, each to their own, and I'm happy for the Zig community.
This, I was shocked when I read the first version. I get it if you’re an influencer, but as a programming language people need to expect you can manage your emotions and be objective
More and more people should call out bloated buggy JS frameworks lol
At least he edited it to something more palatable. I vastly prefer someone who can admit to making a mistake and amending what they said to someone who doubles down. The latter attitude has become far too normalised in the last few years.
Is political correctness necessary to have a thriving community / open source project?
Linux seems to be doing fine.
I wouldn't personally care either way but it is non-obvious to me that the first version would actually hurt the community.
How you treat others says everything about you and nothing about the other person.
In this case, the unnecessary insults detract from the otherwise important message, and reflect poorly on Zig. They were right to edit it.
On the other hand some notable open source leaders seem to be abrasive assholes. Linus, Theo, DHH, just three examples who come to mind. I think if you have a clear vision of what you want your project to be then being agressively dismissive of ideas that don't further that vision is necessary just to keep the noise to a low roar.
>Is political correctness necessary to have a thriving community / open source project?
Not at all, but this reads like childishness rather than political correctness.
What does any of this have to do with political correctness?
Not being a dick is quite a different thing than political correctness.
Makes me wonder how much to the mass strife and confusion of the internet is simply down to people not knowing what the words they use mean?
> Makes me wonder how much to the mass strife and confusion of the internet is simply down to people not knowing what the words they use mean?
Or being intentionally misled about them. People who enjoy being awful in various ways have a vested interest in reframing the opposition as "political correctness" in order to make it easier to dismiss or ridicule. The vast majority of usage of the term "political correctness" is in dismissing or ridiculing it.
Hmm I don’t think any of the revisions are about being PC but rather not making juvenile comments. Linus has definitely made a lot of harsh inflammatory comments to others, I don’t think it’s the right thing to do and shows his character but at the same time for me at least it comes across as a smart pompous jerk who says things in the wrong way but at least usually has some kernel of a point.
The Zig comments come off has highly immature, maybe because they are comments made to unknown people, calling folks losers or monkeys just crosses some line to me. Telling someone to stfu is not great but calling groups of people monkeys feels worse.
Linus famously was quite strict and cursed quite a bit when somebody pissed him off with stupidity.
He's not exactly a role model when it comes to communication.
GitHub can suck my ass, I think this is the most suitable feedback to them
I've spent more than a month trying to delete my account on GitHub, still couldn't do it
Perhaps he should be. This idea that we should tolerate terrible things and only respond to them politely seems to produce bad outcomes, for some mysterious reason.
Any analysis of Github's functionality that begins and ends with blaming individuals and their competency is deeply mistaken while being insulting. Anyone who has ever worked at a large company knows exactly how hard it is for top performers to make changes and it's not difficult because the other people are stupid. At least in my experience, almost everyone holding this "they must be stupid" opinion knows very little about how large organizations make decisions and knows very little about how incentives at different levels of an org chart leads to suboptimal decisions and results. I would agree with you that being overly polite helps no one, but being correct does, and what they initially wrote isn't even right and it's also insulting. There's no value in that.
But should you care about MS's internals?
Product is useless, you move along. Save your compassion for those actually needing it.
Because people would rather Microsoft fixed it than move.
Moving is painful but I'm sure they didn't move without asking/waiting for MS to fix it.
IDK being able to produce a good product in a corpo environment sure sounds like a competency issue.
> how hard it is for top performers to make change
then you're not a top performer anymore?
seems pretty straightforward
> they must be stupid
one can be not stupid and still not competent
The problem with that is always people.
Because one person is judging that "terribleness" before being entitled to flame, changes to that person influence their ability to objectively make that assessment.
Say, when their project becomes popular, they gain more power and fame, and suddenly their self-image is different.
Hence it usually being a more community-encouraging approach to keep discussions technical without vitriol.
Flaming is unnecessarily disruptive, not least because it gives other (probably not as talented) folks a license to also put their worst impulses to text.
I am not convinced of this. Being rude and insulting someone’s intelligence is rarely a good trait. Linus got away with it due to the unique circumstances: leader of an incredibly popular open source project and a gatekeeper to a lot of access to it.
My argument against how he handles things has always been that while it may seem effective, we do not know how much more effective he would be if he did not curse people out for being dumb fucks.
And it doesn’t seem like this is a requirement for the job: lots of other project leaders treat others with courtesy and respect and it doesn’t seem to cause issues.
The reality is that it is easy to wish more people were verbally abusive to others when it isn’t directed at you. But soon as you are on the receiving end of it, especially as a volunteer, there is a greater than not chance that you will be less likely to want to continue contributing.
I think this is a good way to put it and I agree with it. Linus is a jerk and I would never want to work with him. Doubly so with zig maintainers who call other groups of people losers or monkeys. Shows a clear lack of maturity and ability to think.
Eh. Linus has a long history of abusive behavior towards other Linux contributors but also apparently apologized for it and started amending his ways. The Zig person I do not know by reputation, let alone in person. One post that he later chose to amend based on feedback is not enough for me to pass that kind of judgement. If anything, the fact that he updated it shows the opposite of lack of maturity. Adults can get frustrated. What they do with it is what matters.
Adults don’t call people losers or monkeys in social media. I am not passing judgement, it is simply not acceptable.
Really? You can’t think of any circumstances when it would be appropriate?
More to the point, if someone does it once and then stops, should we exclude this person from society forever?
Remember that only the Siths deal in absolutes.
Zero clue what your point is so please help me understand.
I was agreeing with your stance and adding my own anecdote that it’s a turnoff with the way those posts were originally formatted. Not people I would want to work with. If you do that’s fine. This is not star wars and simply my own choice as it’s everyone else.
I also cannot think of a time in my adult life I wanted to call out a group of people as losers or monkeys i n public.
Even Linus doesn’t act that way anymore. Here’s him a few years ago:
> This week people in our community confronted me about my lifetime of not understanding emotions. My flippant attacks in emails have been both unprofessional and uncalled for.
> Especially at times when I made it personal. In my quest for a better patch, this made sense to me. I know now this was not OK and I am truly sorry. The above is basically a long-winded way to get to the somewhat painful personal admission that hey, I need to change some of my behavior, and I want to apologize to the people that my personal behavior hurt and possibly drove away from kernel development entirely.
> I am going to take time off and get some assistance on how to understand people's emotions and respond appropriately.
He took time off and he’s better now. What you call “political correctness” is what I and others call “basic professionalism”. It took Linus 25 years to understand that. I can only hope that the people who hero worshipped him and adopted a similar attitude can also mature.
Yeah, that didn’t last.
https://lore.kernel.org/lkml/CAHk-=wjLCqUUWd8DzG+xsOn-yVL0Q=...
> And sending a big pull request the day before the merge window closes in the hope that I'm too busy to care is not a winning strategy.
I wish I could say this.
But unfortunately delaying your big PR until it's affecting schedule is a good way to dodge review.
But you got to give it to him, he does seem to be really good at catching deficiensies early that may accumulate to become serious bugs or security vulnerabilities in the future. Sure, being an asshole is not ok, but being assertive is a must for a person in his position.
If you’ll notice, he called the code garbage, not the author. Judging by how bad the code was, I think this interaction was fine. This actually shows the progress Linus made in improving himself.
> "eager to inflict"
Eager to do what? If it sucks it sucks, but that's a very childish way to frame it, no one did anything on purpose or out of spite. That kind of silliness hurts the image of the project. But bad translation I suppose.
there's a big gulf between being politically correct and not being a jerk. In this case the community reps can present their concern, motivation and decision without insulting people. It's also not a smart or valid comment; give me any organization over 100 people and I can find something deeply flawed that it hase produced or a very bad decision. Do I then tag everybody who currently works for that organization as "a brain-dead idiot" or similar?
One can avoid being asshole even if it is not strictly speaking necessary. In fact, if you are an asshole when it is not necessary, then you are an asshole.
Not calling other software engineers 'losers' is not about political correctness. They're "losers" because they take their product on a path you don't like? Come on. Linus can be emotional in his posts because Linux is his "child".
That's only here, he has been doubling down on Mastodon
https://mastodon.social/@andrewrk
that attitude has and continues to approach a entire bloodless coup of the largest economy on the planet.
The normalization, in fact, has been quite successful. The entire silicon valley has tacitly approved of it.
You act like people arn't being rewarded for this type of behavior.
They didn't make any comment on effectiveness.
I say this as someone who has been cautioning about Microsoft's ownership of GitHub for years now... but the Zig community has been high drama lately. I thought the Rust community had done themselves a disservice with their high tolerance of drama, but lately Zig seems to me to be more drama than even Rust.
I was saddened to see how they ganged up to bully the author of the Zig book. The book author, as far as I could tell, seems like a possibly immature teenager. But to have a whole community gang up on you with pitch forks because they have a suspicion you might use AI... that was gross to watch.
I was already turned off by the constant Zig spam approach to marketing. But now that we're getting pitchfork mobs and ranty anti-AI diatribes it just seems like a community sustaining itself on negative energy. I think they can possibly still turn it around but it might involve cleaning house or instituting better rules for contributors.
> seems like a possibly immature teenager.
What makes you say that? Couldn’t it be an immature adult?
> because they have a suspicion you might use AI
Was that the reason? From what I remember (which could definitely be incomplete information) the complaint was that they were clearly using AI while claiming no AI had been used, stole code from another project while claiming it was their own, refused to add credit when a PR for that was made, tried to claim a namespace on open-vsx…
At a certain point, that starts to look outright malicious. It’s one thing to not know “the rules” but be willing to fix your mistakes when they are pointed out. It’s an entirely different thing to lie, obfuscate, and double down on bad attitude.
I just want to point out that even if you are correct, as a Zig outsider, none of this is obvious. The situation just looks bad.
I agree partially.
I do think that it was weird to focus on the AI aspect so much. AI is going to pollute everything going forward whether you like it or not. And honestly who cares, either it is a good ressource for learning or it’s not. You have to decide that for yourself and not based on whether AI helped writing it.
However I think some of the critique was because he stole the code for the interactive editor and claimed he made it himself, which of course you shouldn’t do.
> I do think that it was weird to focus on the AI aspect so much. AI is going to pollute everything going forward whether you like it or not.
The bigger issue is that they claimed no AI was used. That’s an outright lie which makes you think if you should trust anything else about it.
> And honestly who cares, either it is a good ressource for learning or it’s not. You have to decide that for yourself and not based on whether AI helped writing it.
You have no way of knowing if something is a good resource for learning until you invest your time into it. If it turns out it’s not a good resource, your time was wasted. Worse, you may have learned wrong ideas you now have to unlearn. If something was generated with an LLM, you have zero idea which parts are wrong or right.
I agree with you. It is shitty behavior to say it is not AI written when it clearly is.
But I also think we at this point should just assume that everything is partially written using AI.
For your last point, I think this was also a problem before LLMs. It has of course become easier to fake some kind of ethos in your writing, but it is also becoming easier to spot AI slop when you know what to look after right?
You can correct me if I'm wrong, but I believe the actual claim was that Zigbook had not complied with the MIT license's attribution clause for code someone believed was copied. MIT only requires attribution for copies of "substantial portions" of code, and the code copied was 22 lines.
Does that count as substantial? I'm not sure because I'm not a lawyer, but this was really an issue about definitions in an attribution clause over less code than people regularly copy from stack overflow without a second thought. By the time this accusation was made, the Zigbook author was already under attack from the community which put them in a defensive posture.
Now, just to be clear, I think the book author behaved poorly in response. But the internet is full of young software engineers who would behave poorly if they wrote a book for a community and the community turned around and vilified them for it. I try not to judge individuals by the way they behave on their worst days. But I do think something like a community has a behavior and culture of its own and that does need to be guided with intention.
> You can correct me if I'm wrong, but I believe the actual claim was that Zigbook had not complied with the MIT license's attribution clause for code someone believed was copied. MIT only requires attribution for copies of "substantial portions" of code, and the code copied was 22 lines.
Without including proper credit, it is classic infringement. I wouldn't personally call copyright infringement "theft", though.
Imagine for a moment, the generosity of the MIT license: 'you can pretty much do anything you want with this code, I gift it to the world, all you have to do is give proper credit'. And so you read that, and take and take and take, and can't even give credit.
> Now, just to be clear, I think the book author behaved poorly in response
Precisely: maybe it was just a mistake? So, the author politely and professionally asks, not for the infringer to stop using the author's code, but just to give proper credit. And hey, here's a PR, so doing the right thing just requires an approval!
The infringer's response to the offer of help seemed to confirm that this was not a mistake, but rather someone acting in bad faith. IMO, people should learn early on in their life to say "I was wrong, I'm sorry, I'll make it right, it won't happen again". Say that when you're wrong, and the respect floods in.
> By the time this accusation was made, the Zigbook author was already under attack
This is not quite accurate, from my recollection of events (which could be mistaken!): the community didn't even know about it until after the author respectfully, directly contacted the infringer with an offer to help, and the infringer responded with hostility and what looked like a case of Oppositional Defiant Disorder.
You're assuming they are a teenager but you don't know. They used code without attribution and when asked to do so, they edited the comment and mocked the requestor. And you're calling the zig community the bully? They lied about not using AI. This kind of dishonesty does not need to be tolerated.
Disservice? Rust is taking over the world while they still have nothing to show basically (Servo, the project Rust was created for, is behind ladybird of all things). Every clueless developer and their dog thinks Rust is like super safe and great, with very little empirical evidence still after 19 years of the language's existence.
Zig people want Zig to "win". They are appearing on Hacker News almost every day now, and for that purpose this kind of things matters more than the language's merits themselves. I believe the language has a good share of merits though, far more than Rust, but it's too early and not battle tested to get so much attention.
> very little empirical evidence
Evidence is easy to turn up and cite:
https://security.googleblog.com/2025/11/rust-in-android-move...
https://www.cisa.gov/news-events/news/urgent-need-memory-saf...
https://www.microsoft.com/en-us/msrc/blog/2019/07/a-proactiv...
https://www.chromium.org/Home/chromium-security/memory-safet...
https://hacks.mozilla.org/2019/02/rewriting-a-browser-compon...
FWIW, all of those links compare Rust to languages created before 1980, and are all projects largely and unusually independent of the crates ecosystem and where dynamic linking does not matter. If you're going to use a modern language anyway, you should do due diligence and compare it with something like Swift as the ladybird team is doing right now, or even a research language like Koka. There is a huge lack of evidence for Rust vs other modern languages and we should investigate that before we lock ourselves into yet another language that eventually becomes widely believed to suck.
What is the point of this post? To shame the author?
this Corporate Americanism is of only positivity and fake smiles is exactly how we end up with enshittified products, because no one is ever called out for it. If the feedback is too soft, it just gets swept under the rug.
we need less self censorship, not more.
No, the edits are better. The original message made unwarranted assumptions, and used intentionally inaccurate language. That's objectively bad communication.
It's not a binary choice between insults (escalates conflict, destabilizes rational decision making) vs hiding your opinions. That's what the word tact is for. It's simply, quite literally, a skill issue if someone can't find a middle ground between those two failure modes.
Fully agreed. I can't upvote yet (nto enough Karma) but corpospeak is IMO never the solution unless your in court or something.
Reads like an official White House statement[0].
[0] https://www.whitehouse.gov/articles/2025/03/yes-biden-spent-...
this seems unfair; I didn't see any terrible (both concept and execution) AI generated art accompanying their statement here.
The Pavlovian conditioning in some US right-wing folks of 'see word transgender' -> 'brain off' is sad.
Especially since it was created just by hammering people with repeated exposure to biased media over ~5 years.
If someone would take a beat, even from that biased copy, they might think that studying the effects of hormone treatment in animal models would be scientifically productive, regardless of how one feels about human transgender rights.
IMHO, the main advantage of github is that it is an ecosystem. This is a well-thought-out Swiss knife: a pioneering (but no longer new) PR system, convenient issues, as well as a well-formed CI system with many developed actions and free runners. In addition, it is best to use code navigation simply in a web browser. You write code, and almost everything works effortlessly. Having a sponsorship system is also great, you don't have to search for external donation platforms and post weird links in your profile/repository.
All in one, that's why developers like it so much. The obsession with AI makes me nervous, but the advantages still outweigh, as for me, the average developer. For now.
I don't agree with this at all. I think the reason Github is so prominent is the social network aspects it has built around Git, which created strong network effects that most developers are unwilling to part with. Maintainers don't want to loose their stars and the users don't want to loose the collective "audit" by the github users.
Things like number of stars on a repository, number of forks, number of issues answered, number of followers for an account. All these things are powerful indicators of quality, and like it or not are now part of modern software engineering. Developers are more likely to use a repo that has more stars than its alternatives.
I know that the code should speak for itself and one should audit their dependencies and not depend on Github stars, but in practice this is not what happens, we rely on the community.
These are the only reasons I use GitHub. The familiarity to students and non-developers is also a plus.
I have no idea what the parent comment is talking about a "well-formed CI system." GitHub Actions is easily the worst CI tool I've ever used. There are no core features of GitHub that haven't been replicated by GitLab at this point, and in my estimation GitLab did all of it better. But, if I put something on GitLab, nobody sees it.
And this is the core problem with the modern platform internet. One victor (or a handful) take the lead in a given niche, and it becomes impossible to get away from them without great personal cost, literal, moral, or labor, and usually a combo of all three. And then that company has absolutely no motivation at all to prioritize the quality of the product, merely to extract all the value from the user-base as possible.
Facebook has been on that path for well over a decade, and it shows. The service itself is absolute garbage. Users stay because everyone they know is already there and the groups they love are there, and they just tolerate being force-fed AI slop and being monitored. But Facebook is not GROWING as a result, it's slowly dying, much like it's aging userbase. But Facebook doesn't care because no one in charge of any company these days can see further than next quarter's earnings call.
I would say that your comment is an addition to mine, and I think so too. This is another reason for the popularity of github.
As for me, this does not negate the convenient things that I originally wrote about.
Github became successful long before those 'social media features' were added, simply because it provided free hosting for open source projects (and free hosting services were still a rare thing back in the noughties).
The previous popular free code hoster was Sourceforge, which eventually entered its what's now called "enshittifcation phase". Github was simply in the right place at the right time to replace Sourceforge and the rest is history.
Technically so was BitBucket but it chose mercurial over git initially. If you are old enough you will remember articles comparing the two with mercurial getting slightly more favorable reviews.
And for those who don’t remember SourceForge, it had two major problems in DevEx: first you couldn’t just get your open source project published. It had to be approved. And once it did, you had an ugly URL. GitHub had pretty URLs.
I remember putting up my very first open source project back before GitHub and going through this huge checklist of what a good open source project must have. Then seeing that people just tossed code onto GitHub as is: no man pages, no or little documentation, build instructions that resulted in errors, no curated changelog, and realizing that things are changing.
Github was faster than BitBucket and it worked well whether or not JavaScript was enabled. This does seem to be regressing as of late. I have tried a variety of alternatives; they have all been slower, but Github does seem to be regressing.
Mercurial was/is nice and imho smooths off a lot of the unnecessarily rough git edges.
But VCS has always been a standard-preferring space, because its primary point is collaboration, so using something different creates a lot of pain.
And the good ship SS Linux Kernel was a lot of mass for any non-git solution to compete with.
There's definitely a few phases of Github, feature and popularity wise.
In this vein, it doing new stuff with AI isn't out of keeping with its development path, but I do think they need to pick a lane and decide if they want to boost professional developer productivity or be a platform for vibe coding.And probably, if the latter, fork that off into a different platform with a new name. (Microsoft loves naming things! Call it 'Codespaces 365 Live!')
And GitHub got free hosting and support from Engine Yard when they were starting out. I remember it being a big deal when we had to move them from shared hosting to something like 3 dedicated supermicro servers.
> Things like number of stars on a repository, number of forks, number of issues answered, number of followers for an account. All these things are powerful indicators of quality, and like it or not are now part of modern software engineering.
I hate that this is perceived as generally true. Stars can be farmed and gamed; and the value of a star does not decay over time. Issues can be automatically closed, or answered with a non-response and closed. Numbers of followers is a networking/platform thing (flag your significance by following people with significant follower numbers).
> Developers are more likely to use a repo that has more stars than its alternatives.
If anything, star numbers reflect first mover advantage rather than code quality. People choosing which one of a number of competing packages to use in their product should consider a lot more than just the star number. Sadly, time pressures on decision makers (and their assumptions) means that detailed consideration rarely happens and star count remains the major factor in choosing whether to include a repo in a project.
Stars, issues closed, PRs, commits, all are pointless metrics.
The metrics you want are mostly ones they don't and can't have. Number of dependent projects for instance.
The metrics they keep are just what people have said, a way to gameify and keep people interested.
So number of daily/weekly downloads on PyPI/npm/etc?
All these things are a proxy for popularity and that is a valuable metric. I have seen projects with amazing code quality but if they are not maintained eventually they stop working due to updates to dependencies, external APIs, runtime environment, etc. And I have see projects with meh code quality but so popular that every quirk and weird issue had a known workaround. Take ffmpeg for example: its code is.. arcane. But would you choose a random video transcoder written in JavaScript just due to the beautiful code that was last updated in 2012?
You don't need to develop on Github to get this, just mirror your repo.
that's not enough, i still have to engage with contributors on github. on issues and pull requests at a minimum.
> Things like number of stars on a repository, number of forks, number of issues answered, number of followers for an account. All these things are powerful indicators of quality
Hahahahahahahahahahahaha...
OK, indicators of interest. Would you bet on a project nobody cares about?
I guess if I viewed software engineering merely as a placing of bets, I would not, but that's the center of the disagreement here. I'm not trying to be a dick (okay maybe a little sue me), the grandparent comment mentioned "software engineering."
I can refer you to some github repositories with a low number of stars that are of extraordinarily high quality, and similarly, some shitty software with lots of stars. But I'm sure you get the point.
> Maintainers don't want to loose their stars
??? Seriously?
> All these things are powerful indicators of quality
Not in my experience....
Why are you as surprised?
People don't just share their stargazing plots "for fun", but because it has meaning for them.
> People don't just share their stargazing plots "for fun", but because it has meaning for them.
What's the difference?
> a pioneering (but no longer new) PR system
having used gerrit 10 years ago there's nothing about github's PRs that I like more, today.
> code navigation simply in a web browser
this is nice indeed, true.
> You write code, and almost everything works effortlessly.
if only. GHA are a hot mess because somehow we've landed in a local minimum of pretend-YAML-but-actually-shell-js-jinja-python and they have a smaller or bigger outage every other week, for years now.
> why developers like it so much
most everything else is much worse in at least one area and the most important thing it's what everyone uses. no one got fired for using github.
The main thing I like about Github's PRs is that it's a system I'm already familiar with and have a login/account for. It's tedious going to contribute to a project to find I have to sign up for and learn another system.
I've used Gerrit years ago, so wasn't totally unfamiliar, but it was still awkward to use when Go were using it for PRs. Notably that project ended up giving up on it because of the friction for users - and they were probably one of the most likely cases to stick to their guns and use something unusual.
> Notably [go] ended up giving up on [gerrit]
That's not accurate. They more or less only use Gerrit still. They started accepting Github PRs, but not really, see https://go.dev/doc/contribute#sending_a_change_github
> You will need a Gerrit account to respond to your reviewers, including to mark feedback as 'Done' if implemented as suggested
The comments are still gerrit, you really shouldn't use Github.
The Go reviewers are also more likely than usual to assume you're incompetent if your PR comes from Github, and the review will accordingly be slower and more likely to be rejected, and none of the go core contributors use the weird github PR flow.
> The Go reviewers are also more likely than usual to assume you're incompetent if your PR comes from Github
I've always done it that way, and never got that feeling.
there's certainly a higher rejection rate for github PRs
That seems unsurprising given that it’s the easiest way for most people to do it. Almost any kind of obstacle will filter out the bottom X% of low effort sludge.
Many people confuse competence and dedication.
A competent developer would be more likely to send a PR using the tool with zero friction than to dedicate a few additional hours of his life to create an account and figure out how to use some obscure.
You are making the same mistake of conflating competence and (lack of) dedication.
Most likely, dedication says little about competence, and vice versa. If you do not want to use the tools available to get something done and rather not do the task instead, what does that say about your competence?
I'm not in a position to know or judge this, but I could see how dedication could be a useful proxy for the expected quality a PR and the interaction that will go with it, which could be useful for popular open source projects. Not saying that's necessarily true, just that it's worth considering some maintainers might have anecdotal experiences along that line.
A competent developer wouldn't call gerrit an obscure tool.
This attitude sucks and is pretty close to just being flame bait. There are all kinds of developer who would have no reason to ever have come across it.
A competent developer should be aware of the tools of the trade.
I'm not saying a competent developer should be proficient in using gerrit, but they should know that it isn't an obscure tool - it's a google-sponsored project handling millions of lines of code internally in google and externally. It's like calling golang an obscure language when all you ever did is java or typescript.
It’s silly to assume that someone isn’t competent just because you know about a tool that they don’t know about. The inverse is almost certainly also true.
Is there some kind of Google-centrism at work here? Most devs don’t work at Google or contribute to Google projects, so there is no reason for them to know anything about Gerrit.
> Most devs don’t work at Google or contribute to Google projects, so there is no reason for them to know anything about Gerrit.
Most devs have never worked on Solaris, but if I ask you about solaris and you don't even know what it is, that's a bad sign for how competent a developer you are.
Most devs have never used prolog or haskell or smalltalk seriously, but if they don't know what they are, that means they don't have curiosity about programming language paradigms, and that's a bad sign.
Most competent professional developers do code review and will run into issues with their code review tooling, and so they'll have some curiosity and look into what's out there.
There's no reason for most developers to know random trivia outside of their area of expertise "what compression format does png use by default", but text editors and code review software are fundamental developer tools, so fundamental that every competent developer I know has enough curiosity to know what's out there. Same for programming languages, shells, and operating systems.
These are all ridiculous shibboleths. I know what Solaris is because I’m an old fart. I’ve never used it nor needed to know anything about it. I’d be just as (in)competent if I’d never heard of it.
> The main thing I like about Github's PRs is that it's a system I'm already familiar with and have a login/account for. It's tedious going to contribute to a project to find I have to sign up for and learn another system.
codeberg supports logging in with GitHub accounts, and the PR interface is exactly the same
you have nothing new to learn!
Yeah and this slavish devotion to keeping the existing (broken imho) PR structure from GH is the one thing I most dislike about Forgejo, but oh well. I still moved my project over to Codeberg.
GH's PR system is semi-tolerable for open source projects. It's downright broken for commercial software teams of any scale.
Like the other commenter: I miss Gerrit and proper comment<->change tracking.
> having used gerrit 10 years ago there's nothing about github's PRs that I like more, today.
I love patch stack review systems. I understand why they're not more popular, they can be a bit harder to understand and more work to craft, but it's just a wonderful experience once you get them. Making my reviews work in phabricator made my patchsets in general so much better, and making my patchsets better have improved my communication skills.
I'd rather solve advent of code in brainfuck than have to debug their CI workflows ever again.
Surely you just need the workflow to not have embedded logic but call out to a task manager so you can do the same locally?
Well then why 99% of GH Actions functionality even exists.
To lock you in.
Ergo, I'd rather use brainfuck to program CI.
> a well-formed CI system
Man :| no. I genuinely understand the convenience of using Actions, but it's a horrible product.
Maybe I have low standards given I've never touched what gitlab or CircleCi have to offer, but compared to my past experiences with Buildbot, Jenkins and Travis, it's miles ahead of these in my opinion.
Am I missing a truly better alternative or CI systems simply are all kind of a pita?
I don't enough experience w/ Buildbot or Travis to comment on those, but Jenkins?
I get that it got the job done and was standard at one point, but every single Jenkins instance I've seen in the wild is a steaming pile of ... unpatched, unloved, liability. I've come to understand that it isn't necessarily Jenkins at fault, it's teams 'running' their own infrastructure as an afterthought, coupled with the risk of borking the setup at the 'wrong time', which is always. From my experience this pattern seems nearly universal.
Github actions definitely has its warts and missing features, but I'll take managed build services over Jenkins every time.
My issue with Github CI is that it doesn't run your code in a container. You just have github-runner-1 user and you need to manually check out repository, do your build and clean up after you're done with it. Very dirty and unpredictable. That's for self-hosted runner.
> My issue with Github CI is that it doesn't run your code in a container.
Is this not what you want?
https://docs.github.com/en/actions/how-tos/write-workflows/c...
> You just have github-runner-1 user and you need to manually check out repository, do your build and clean up after you're done with it. Very dirty and unpredictable. That's for self-hosted runner.
Yeah checking out everytime is a slight papercut I guess, but I guess it gives you control as sometimes you don't need to checkout anything or want a shallow/full clone. I guess if it checked out for you then their would be other papercuts.
I use their runners so never need to do any cleanup and get a fresh slate everytime.
Gitlab is much better
> it’s horrible, i use it every day > the alternatives are great, i never use them
Every time.
Curious what are some better options. I feel it is completing with Jenkins and CircleCI and its not that bad.
In what way? I've never had an issue other than outages.
What do you consider a good product in this space?
>a well-formed CI system with many developed actions and free runners.
It feels to me like people have become way too reliant on this (in particular, forcing things into CI that could easily be done locally) and too trusting of those runners (ISTR some reports of malware).
>In addition, it is best to use code navigation simply in a web browser.
I've always found their navigation quite clunky and glitchy.
The big issue with Github is that they never denied feeding ai with private repositories. (Gitlab for example did that when asked). This fact alone makes many users bitter, even for organizations not using private repos per se.
> In addition, it is best to use code navigation simply in a web browser.
IMHO the vanilla Github UI sucks for code browsing since it's incredibly slow, and the search is also useless (the integrated web-vscode works much better - e.g. press '.' inside a Github project).
> as well as a well-formed CI system with many developed actions and free runners
The only good thing about the Github CI system are the free runners (including free Mac runners), for everything else it's objectively worse than the alternatives (like Gitlab CI).
Github'PR and CI are some of the worst.
> In addition, it is best to use code navigation simply in a web browser
How do you define "code navigation"? It might've got a bit easier with automatic highlighting of selected symbols, but in return source code viewer got way too laggy and, for a couple of years now, it has this weird bug with misplaced cursors if code is scrolled horizontally. I actually find myself using the "raw" button more and more often, or cloning repo even for some quick ad-hoc lookups.
Edit: not to mention the blame view that actively fights with browser's built in search functionality.
Hint: Type the '.' key on any code page or PR.
And now it opens... some VSCode-esque editor in the browser that asks me to sign-in? Why would I want something even more resource-hungry and convoluted just to look up a random thing once in a while?
If you're familiar with VSCode it's quite handy. If you hate VSCode for some reason then just don't use it.
> a pioneering (but no longer new) PR system
Having used Forgejo with AGit now, IMO the PR experience on GitHub is not great when trying to contribute to a new project. It's just unnecessarily convoluted.
What do you like most about agit?
> Having a sponsorship system is also great
They have zero fees for individuals too which is amazing. Thanks to it I gained my first sponsor when one of my projects was posted here. Made me wish sponsorships could pay the bills.
Would you say Github has any significant advantages over Gitlab in this regard? I always found them to be on par, with incremental advantages on either side.
One of my favourite GitHub features is the ability to do a code search over the whole of GitHub, not sure GitLab has the same when I use to use it?
Code search over all of Gitlab (even if available) wouldn't help much when many of the interesting repos might be on Github. To be truly useful, it would need to index repos across many different forges. But there's a tension in presenting that to users if you're afraid that they might exit your ecosystem to go to another forge.
Embrace, extend, extinguish.
That's not a Victorinox you're looking at, it's a cheap poorly made enshittified clone using a decades old playbook (e-e-e).
The focus on "Sponsorship buttons" and feature instead of fixing is just a waste of my time.
Underrated feature is the code search. Everyone starts out thinking they’ll just slap elastic search or similar in front of the code but it’s more nuanced than that. GitHub built a bespoke code search engine and published a detailed blog post about it afterwards.
Well, I guess. It's not a surprise LinkedIn and GitHub are owned by the same entity. Both are degrading down to the same Zuckernet-style engagement hacking, and pseudo-resume self-boosting portfolio-ware. If the value of open source has become "it gets me hired", then ... fine. But that's not why many of us do free software development.
GitHub's evolution as a good open source hosting platform stalled many years ago. Its advantages are its social network effects, not as technical infrastructure.
But from a technology and UX POV it's got growing issues because of this emphasis, and that's why the Zig people have moved, from what I can see.
I moved my projects (https://codeberg.org/timbran/) recently and have been so far impressed enough. Beyond ideological alignment (free software, distaste for Microsoft, want to get my stuff off US infrastructure [elbows up], etc.) the two chief advantages are that I could create my own "organization" without shelling over cash, and run my own actions with my own machines.
And since moving I haven't noticed any drop in engagement or new people noticing the project since moving. GitHub "stars" are a shite way of measuring project success.
Forgejo that's behind Codeberg is similar enough to GitHub that most people will barely notice anyways.
I'm personally not a fan of the code review tools in any of them (GitLab, Foregejo, or GitHub) because they don't support proper tracking of review commits like e.g. Gerritt does but oh well. At least Foregejo / Codeberg are open to community contribution.
Additional note on Codeberg, which I think is great as a project, but I got curious on what infrastructure they are running on and how reliable this would be for larger corporate repos.
Nov 22, 2025 https://blog.codeberg.org/letter-from-codeberg-onwards-and-u...
Quotes from their website:
Infrastructure status [...] We are running on 3 servers, one Gigabyte and 2 Dell servers (R730 and R740).
Here's their current hardware: https://codeberg.org/Codeberg-Infrastructure/meta/src/branch...
[...] Although aged, the performance (and even energy efficiency) is often not much worse than with new hardware that we could afford. In the interest of saving embodied carbon emissions from hardware manufacturing, we believe that used hardware is the more sustainable path.
[...] We are investigating how broken Apple laptops could be repurposed into CI runners. After all, automated CI usage doesn't depend on the same factors that human beings depend on when using a computer (functioning screen, speakers, keyboard, battery, etc.). If you own a broken M1/M2 device or know someone who does, and believe that it is not worth a conventional repair, we would be happy to receive your hardware donation and give it a try!
[...] While it usually holds up nicely, we see sudden drop in performance every few days. It can usually be "fixed" with a simple restart of Forgejo to clear the backlog of queries.
Gives both early-Google as well as hackerspace vibes, which can or can not be a good thing.
To be fair, Codeberg isn’t for corporate repos, it’s for FLOSS projects. Take a look at their Terms of Use. They don’t aim to be a commercial provider, rather the opposite.
https://status.codeberg.eu/status/codeberg
Their reliability is not great unfortunately. Currently their 24h uptime is 89% for the main site. They are partially degraded right now.
The 14 day uptime is 98% but I think that’s actually because some of their auxiliary systems have great uptime, the main site is never that great it seems.
This isn't a great time for them: https://social.anoxinon.de/@Codeberg/115652289949965925
https://news.ycombinator.com/item?id=46131693
Yeah, they were down last week too. It's hard to run an open git forge on a small volunteer team, the workload is read and write heavy with endless "customers" (or bots).
oh wow I had a larger cluster than that since I was 20 more than half a decade ago, considering that the costs appear to be so low maybe I should also pop out few free services since at the moment I pay $600+ just on power costs alone for idle hardware on my personal cluster. If anyone has any ideas feel free to email me at: news.ycombinator.com.reassure132@passmail.net
Maybe you could reach out to the codeberg folks and loan them a server? Sounds like they could use all the help they can get.
I have sympathy for some of the GitHub complaints. otoh just went to try to signup for Codeberg and it's down ... 95% uptime over the last 2 weeks?
https://status.codeberg.org/status/codeberg
One can always host Forgejo themselves if a service level has to be kept under control. With Github that’s not even an option.
I would even consider that moving everything from one single point of failure to an other is not the brightest move.
> With Github that’s not even an option.
Github does offer a self hosted product: GitHub Enterprise Server
Forgejo is GPL 3, with the Github stuff apparently even running it on owned device is tied to a per user per month bill, and I have no idea if code is available and editable just having a look at https://azure.microsoft.com/en-us/pricing/details/githubente...
yes, GitHub Enterprise Server is not free. And yes you pay a license fee per user per month, billed annually, and the minimum license purchase is 10 users at something like $21/user/month. Microsoft discounts you qualify for will bring that down. You pay because you get support. You won't need it often, but when you do, you really need it.
It is easy to administer even for 15k users, and mostly it takes care of itself if you give it enough RAM and CPU for all the activity.
Downloading the virtual hard drive image from GitHub is easy and decrypting the code inside is borderline trivial, but I'm not going to help anyone do that. I've never had a need to do it.
As a server product it is good. I recommend it if you can afford it. It is not intended for private individuals or non-profits, though. It's for corporations who want their code on-premise, and for that it is quite good.
There have been complaints about it on Reddit as well. I registered an account recently and to me the annoying thing is the constant "making sure you are not a bot" check. For now I see no reason to migrate, but I do admit Forgejo looks very interesting to self-host.
https://tangled.org/ is building on ATProto
1. use git or jj
2. pull-request like data lives on the network
3. They have a UI, but anyone can also build one and the ecosystem is shared
I've been considering Gerrit for git-codereview, and tangled will be interesting when private data / repos are a thing. Not trying to have multiple git hosts while I wait
I, too, am extremely interested in development on Tangled, but I miss two features from GitHub - universal search and Releases. the web frontend of Tangled is so fast that I am still getting used to the speed, and jj-first features like stacked PRs are just awesome. kinda reminds me of how Linux patch submitting works.
> but I do admit Forgejo looks very interesting to self-host.
I've been self-hosting it for a few years now and can definitely recommend. It has been very reliable. I even have a runner running. Full tutorial at https://huijzer.xyz/posts/55/installing-forgejo-with-a-separ....
I moved (from selfhost gitlab) to forgejo recently, and for my needs it's a lot better, with a lot less hassle. It also seems a lot more performant (again probably because I don't need a lot of the advanced features of gitlab).
I've been contemplating this for almost two years. Gitlab has gotten very bloated and despite disabling a number of services in the config, it continues to require increasingly more compute and RAM; we don't even use the integrated Postgres database.
There are a few things that keep me on Gitlab, but the main one is the quality of the CI/CD system and the gitlab runners.
I looked at Woodpecker, but it seems so docker-centric and we are, uh, not.
The other big gulf is issues and issue management. Gitlab CE is terrible; weird limitations (no epics unless you pay), broken features, UX nightmares, but from the looks of it Forjego is even more lacking in this area? Despite this seeming disdain, the other feature we regularly use is referencing issue numbers in commits to tie work together easily. On this one, I can see the answer as "be the change - contribute this to Forgejo" and I'm certainly willing. Still, it's currently a blocker.
But my hopes in putting this comment out there is that perhaps others have suggestions or insight I'm missing?
I mean, they're battling with DDoS all the time. I follow their account on Mastodon, and they're pretty open about it.
I believe the correct question is "Why they are getting DDoSed this much if they are not something important?"
For anyone who wants to follow: https://social.anoxinon.de/@Codeberg
Even their status page is under attack. Sorry for my French, but WTF?
Crazy. Who would have an incentive to spend resources on DDoS'ing Codeberg? The only party I can think of would be Github. I know that the normalization of ruthlessness and winner-takes-all mentality made crime mandatory for large parts of the economy, but still cannot wrap my mind around it.
Not just them. For example, Qt self hosted cgit got ddos just two weeks ago. No idea why random open source projects getting attacked.
> in the past 48 hours, code.qt.io has been under a persistent DDoS attack. The attackers utilize a highly distributed network of IP addresses, attempting to obstruct services and network bandwidth.
https://lists.qt-project.org/pipermail/development/2025-Nove...
Probably some little script kiddie fucks who think they are elite mega haxors and use their mommie's credit card to pay one of the ddos services readily accessible.
DDoS are crazy cheap now, it could be a random person for the lulz, or just as a test or demo (though I suspect Codeberg aren't a bit enough target to be impressive there).
Is it because the s in iot stands for security? I'm asking genuinely. Where are these requests coming from?
I would put it down to 4 things:
- the internet's a lot bigger nowadays
- there are a lot of crappily secured iot devices
- the average household internet connection has gotten a lot faster, especially on upload bandwidth.
- there's a pile of amplification techniques which can multiply the bandwidth of an attack by using poorly-configured services.
Search for “residential proxy”.
This seems like a synonym for botnet.
What is cheap and what are the risks of getting caught? I can understand that for a 15 yo it might be for the lulz, but I am having a hard time to imagine that this would give street creds, and why be persistent about it. AI-bots would make more sense, but these can be dealt with.
Big tech would be far more interested in slurping data than DDoS'ing them.
An issue with comments, linked to a PR with review comments, the commit stack implementing the feature, and further commits addressing comments is probably valuable data to train a coding agent.
Serving all that data is not just a matter of cloning the repo. It means hitting their (public, documented) API end points, that are likely more costly to run.
And if they rate limit the scrappers, the unscrupulous bunch will start spreading requests across the whole internet.
>The only party I can think of would be Github.
I think it's not malice, but stupidity. IoT made even a script kiddie capable of running a huge botnet capable of DDoSing anything but CloudFlare.
> Who would have an incentive to spend resources
That's not how threat analysis works. That's a conspiracy theory. You need to consider the difficulty of achieving it.
Otherwise I could start speculating which large NAS provider is trying to DDoS me, when in fact it's a script kiddie.
As for who would have the most incentives? Unscrupulous AI scrapers. Every unprotected site experiences a flood of AI scrapers/bots.
I think the goal is unclear, but the effect will be that Codeberg will be perceived as less of a real, stable alternative. Breaking in was not in my mind, but that will have the same effect, maybe even more damaging. Now, if that has been the intended effect, I hope I won't have to believe that.
Story time:
I remember that back in the day I had a domain name for a pretty hot keyword with a great, organic position in Google rankings. Then someday it got all of a sudden serious boost from black-SEO, with a bazillion links from all kinds of unrelated websites. My domain got penalized and dropped of from the front page.
Actually I think that's roughly how threat analysis works though.
For threat analysis, you need to know how hard you are to break in, what the incentives are, and who your potential adversaries are.
For each potential adversary, you list the risk strategy; that's threat analysis 101.
E.g. you have a locked door, some valuables, and your opponent is the state-level. Risk strategy: ignore, no door you can afford will be able to stop a state-level actor.
I concur the question, "Who would have an incentive to spend resources on DDoS'ing Codeberg?" is a bit convoluted in mixing incentive and resources. But it's still, exactly, threat analysis, just not very useful threat analysis.
Wouldn't an AI scraper working for a huge firm have more incentive to scrape your code, than a competitor?
its easier for MS to buy codeberg and close it than to spent time and money to DDOS things
How do you buy an e.V.?
https://en.wikipedia.org/wiki/OpenAI#Transition_from_non-pro...
this only works in countries with questionable rule of law
Like how you buy a standards committee.
Just research about Office formats' ISO standardization process.
I'm not insinuating MicroSoft will buy Codeberg, but I just wanted to say that, they are not foreigners to the process itself.
Are there standards committees with 786 voting members, of which you would have to convince at least 2/3 to betray the ideals of the association they chose to actively take part in to get the association to disband or otherwise stop it from pursuing its mission?
I don't think your comparison works out.
~800 members? That's great to hear actually. I like Codeberg and want them to succeed and be protected from outside effects.
That's said, I believe my comparison checks out. Having ~800 members is a useful moat, and will deter actors from harming Codeberg.
OTOH, the mechanism can still theoretically work. Of course Microsoft won't try something that blatant, but if the e.V loses this moat, there are mechanisms which Microsoft can and would like to use as Codeberg gets more popular.
You goes to BYD dealership???
I said e.V., not EV. Codeberg is an e.V., i.e. a "registered association" in Germany. I am not actually sure if you could technically buy an e.V., but I am 100% certain that all of the Codeberg e.V. members would not take kindly to an attempt at a hostile takeover from Microsoft. So no, buying Codeberg is not easier than DDoSing them.
they can't buy the orgs but they can buy the codeberg or its member
which is basically the same thing
What do you mean by "orgs", and what do you mean by "the codeberg"?
Sure, they could try to bribe the Codeberg e.V. active members into changing its mission or disbanding the association entirely, but they would need to get a 2/3 majority at a general assembly while only the people actively involved in the e.V. and/or one of its projects can get voting rights. I find that highly unlikely to succeed.
Part of the problem is that Codeberg/Gitea's API endpoints are well documented and there are bots that scrape for gitea instances. Its similar to running SSH on port 22 or hosting popular PHP forums software, there are always automated attacks by different entities simply because they recognize the API.
That's rough ... it is a bad, bad world out there.
Try exposing a paswordless SSH server to outside to see what happens. It'll be tried immediately, non-stop.
Now, all the servers I run has no public SSH ports, anymore. This is also why I don't expose home-servers to internet. I don't want that chaos at my doorstep.
Yeah no need for public ssh. Or if you do pick a random port and fail2ban or better just whitelist the one IP you are using for the duration of that session.
To avoid needing SSH just send your logs and metrics out and do something to autodeploy securely then you rarely need to be in. Or use k8s :)
Whitelisting single IP (preferably a static one) sounds plausible.
Kubernetes for personal infrastructure is akin to getting an aircraft carrier for fishing trips.
For simple systems snapshots and backups are good enough. If you're managing a thousand machine fleet, then things are of course different.
I manage both so, I don't yearn to use big-stack-software on my small hosts. :D
Yeah, I have been thinking about hosting a small internet facing service on my home server, but I’m just not willing to take the risk. I’d do it on a separate internet connection, but not on my main one.
You can always use a small Hetzner server (or a free Oracle Cloud one if you are in a pinch) and install tailscale to all of your servers to create a P2P yet invisible network between your hosts. You need to protect the internet facing one properly, and set ACLs at tailscale level if you're storing anything personal on that network, though.
I would probably just ssh into the Hetzner box and not connect it to my tailnet.
Would tailscale or cloudflare do the trick. Let them connect to the server.
This is just FUD, there is nothing dangerous in having an SSH server open to the internet that only allows key authentication. Sure, scanners will keep pinging it, but nobody is ever going to burn an ssh 0day on your home server.
A few years ago a vulnerable compression library almost got pushed out that major Linux distros linked their OpenSSH implementations to. That was caught by blind luck. I'm confident there's a lot more shit out there that we don't know about.
> This is just FUD.
No, it's just opsec.
> Sure, scanners will keep pinging it, but nobody is ever going to burn an ssh 0day on your home server.
I wouldn't be so sure about it, considering the things I have seen.
I'd better be safe than sorry. You can expose your SSH if you prefer to do so. Just don't connect your server to my network.
"opsec" includes well defined things like threat modeling, risk factors, and such. "Things I have seen" and vague "better safe than sorry" is not part of that.
There are two golden rules of opsec:
For what I do, you can refer to my profile.this can be fixed by just using random ssh port
all my services are always exposed for convenience but never on a standard port (except http)
It reduces the noise, yes, but doesn't stop a determined attacker.
After managing a fleet for a long time, I'd never do that. Tailscale or any other VPN is mandatory for me to be able to access "login" ports.
Average big tech alternative. Doesn’t solve your problems, doesn’t scale, terrible UX, but at least it’s run by fanatics.
Forgejo does solve my problems, doesn't scale yet (I am really looking forward to ForgeFed), has fine UX, and at least it's run by people who care.
Just a reminder, Codeberg is for open source projects only, and maybe some dotfiles and such. Its on their frontpage and in their TOS.
99.95 from something I use to do work is non negotiable.
you probably wouldn't use it for work anyway, codeberg is for OSS only
GitHub uptime isn't perfect either. You will notice these outages from time to time if your employer is using it for more than just "store some git repos", e.g. using GHA for builds and deploys, packages etc.
What? It says it's up for 98.56% for the last 2 weeks.
That's probably the average. But if Codeberg Translate shines with 99.58%, it is an unnecessary entry which harms the "92.42% Codeberg.org" reality.
Because they are Codeberg I'm betting they have a philosophical aversion to using a cloud based ddos protection service like Cloudflare. Sadly the problem is that noone has come up with any other type of solution that actually works.
Probably a good time to mention fossil, an excellent SCM from the makers of SQLite with a number of github-like features built-in:
https://fossil-scm.org/
Single ~6mb executable, blazing fast. I've been a happy user for years.
Fossil is great. I'd encourage anyone to try it out on their next personal project.
"Either you have to embrace the AI, or you get out of your career," Dohmke. Dohmke left CEO position of GitHub in November.
He left to found an AI startup
LLMs are useful, but AI is itself a marketing term that has begun to lose its luster. It’s rapidly becoming an annoying or trendy label, not a cutting edge one.
I guarantee that in ~24 months, most AI features will still remain in some form or another on most apps, but the marketing language of AI-first will have evaporated entirely.
> AI is itself a marketing term that has begun to lose its luster. It’s rapidly becoming an annoying or trendy label, not a cutting edge one.
Where have you been the last 15 years? However, I agree with your prediction. Coke making AI advertisements may have had cache a couple years ago, but now would be a doofus move.
Have you watched broadcast TV lately? Every single advert is AI generated. Pay attention and you’ll see the telltale signs: stitched together 3 second clips with continuity problems, every showdown from a fixed set of compositions, etc. it’s just less noticeable to the average viewer than that coke ad.
I don’t remember AI being used as a widespread marketing term until 2-3 years ago. Before that it was just more of a vague tech thing you’d sometimes see, but now every single app seems to have reframed their business to be about AI agents.
There have been at least 3 waves of AI before the LLM generation. 70s , 80s and late 90s.
https://en.wikipedia.org/wiki/AI_winter
Early 2010s had a lot of neural networks AI stuff going on and it certainly became a minor hype cycle as well though that kind of resulted in the current LLM wave.
Yes I know that, but those were all largely confined to technology companies and academia. This recent wave seems to affect everything.
There was also a small chatbot bubble around 2014-2016 (Microsoft Tay kinda blew it out of the water, and it never recovered), though companies did seem a bit skittish about using the term 'AI' at that point.
They also made the disastrous update to the dashboard feed which made the frontpage pretty much useless.
https://github.com/orgs/community/discussions/65343
Their most most recent update replaces all this with a list of recently updated PRs and issues. I've been learning on it heavily since it came out. One of the few recent changes that really feels like a clear improvement.
oh wow. I just had to press the "Try the new experience!" button about ten times for it to finally load the new experience, but I like it
Haven't used the dashboard in years. What's on it now might be more useful. The homepage for me should be set to Notifications.
At any rate, the feed is still available and you can reach it via browser autocomplete. I open GitHub by typing "not" in my URL bar and landing on the notifications page.
The main function of GitHub is really just advertising or at least broadcasting your work. I would use GitHub issues, stars, etc as an (imperfect gauge) of the quality of a library. This is not because of GitHub's features, just that it's the biggest and most well known. And yes I know buying stars is a thing, which is why it's part of the evaluation and not the whole ballgame.
Now that zig is fairly well known and trusted, it makes sense that this is less of a concern for them when migrating away.
Google workspace will have me do the same. No, I don't want to 'generate an image' I just want to use my own, thank you. They give their AI prime billing everywhere to the detriment of the products and the users.
One thing that's really nice about codeberg is how fast the pages load. Browsing GitHub often feels very sluggish. Obviously there's a difference in scale there, but I hope codeberg can keep being fast.
Indeed. Github is a nightmare when I'm working on an unreliable 4G connection too (e.g. on a train in the UK). Half the page will load.
Night and day compared to something like Linear.
That is surprising. It is the opposite for me.
A better benchmark is done through the web browser inspector (network tab or performance tab). In the network tab I got (cache disabled)
I guess Github uses a lot of cache vs Codeberg.
I think you read that backwards. In skydhash's test, Codeberg's data was 72% cached, and GitHub's data was 28% cached. Maybe you meant that GitHub's cached 4.28MB was, in absolute terms, more than Codeberg's cached 1.41MB?
Some parts of Github are SPA island, which is why the DOM load fast, but then it has to wait for the JavaScript files and the request made by those files. Codeberg can be used with JavaScript disabled and you don’t have that much extra requests (almost everything is rendered serverside).
The transferred part is for the gzipped transfer. That makes sense if the bulk of the data is HTML (I have not checked).
I’ve disabled the cache for the network requests.
Oh, thank you for the correction. That was a dumb mistake on my part.
Yeah, that is what I meant. It looks like Github's strategy is to push all the initial data they need to cache, to optimize subsequent requests.
That depends on location and GitHub pages generally take a while to execute all the javascript for a usable page even after the html is fetched while pages on Codeberg require much less javascript to be usable and are quite usable even without javascript.
Here are my results for what it's worth
Sure, it depends on your internet connection. But for Codeberg I see a blank page for 3-4 seconds until it shows something. On a big repo like Zig the delay is even worse.
On Github any page loads gradually and you don't see a blank page even initially.
GitHub frontpage is very quick indeed, but browsing repos can sometimes have load times over a full second for me. Especially when it's less popular repos less likely to be in a cache.
To be fair this has more to do with Github Actions than Github, which from the beginning was never really going to rival any professional solution.
The people at Zig should use proper CI tools and not something that a big service provider is offering as an afterthought.
Our CI workflow literally just invokes a plain old shell script (which is runnable outside CI). We really don't need an overcomplicated professional CI/CD solution.
One of the nice things about switching to Forgejo Actions is that the runner is lightweight, fast, and reliable - none of which I can say for the GitHub Actions runner. But even then, it's still more bloated than we'd ideally like; we don't need all the complexity of the YAML workflow syntax and Node.js-based actions. It'd also be cool for the CI system to integrate with https://codeberg.org/mlugg/robust-jobserver which the Zig compiler and build system will soon start speaking.
So if anything, we're likely to just roll our own runner in the future and making it talk to the Forgejo Actions endpoints.
Which professional solution do you prefer?
Im using Jenkins, which i know is controversial here, but it has been rock solid since years for me.
And there exist a lot of specialized solutions out there, where the business model is purely CI.
Buildkite is next level
What is wrong with GitHub Actions other than the outages? I've never hit a issue myself.
Seeing the decline of GitHub in Actions is technically correct, but Actions was always broken. We tried getting self-hosted runners to work super early before there was a proper ephemeral mode (just an officially unsupported race-condition-y --once flag). It sucked. That code can't produce a consistent status code, constantly failed to connect to its scheduler with obscure Azure error codes and had so many races with accepting and timing out jobs. Runners wouldn't get new jobs, jobs would sit there for an hour and then time out, runners would just die and need to be re-provisioned (we used ephemeral VMs in a GCP instance group). This is all because Actions is actually Azure DevOps Pipelines rebranded.
Compared to then this product is downright mature now. And also, there always were people at GitHub who delivered crappy products outside the core that most people working on FOSS got to see. Enterprise Cloud has a ton of sharp edges and things that make you ask "WHY" out loud. Notifications with SAML enabled are broken in countless ways (I have 0 out of 12 notifications right now), newly onboarded users are encouraged to click a "request copilot" button that sends emails to admins you can't disable, policy toggles that used to do one thing get split up and not defaulted properly. The last two in particular are just dark pattern hacks to get people to use Copilot. In an enterprise product.
I haven't used GHES, but I imagine it's worse.
I think once Codeberg becomes federated, it will likely attract a lot of people.
Right now github is great for discovering and tracking projects, reflecting growth via the star and fork system (although a bit broken in the last few years).
If a federated layer is applied to these github alternatives, you could have an account in Codeberg, and be able to track lots of projects wherever people want to host them. Right now, I see a lot of forgejo servers, but I don't want to register in all of them.
+1 - I also see a huge opportunity for forgejo to become a new stackoverflow if they add federation
The primary issue with SO was that it was disconnected from the actual communities maintaining the project. A federated solution would be able to have the same network effects while handing ownership to the original community (rather than a separate SO branch of the community)
Well, diversity is great but I think many people underestimate the quality and service of GitHub, especially the free services. Even commercial vendors have failed to provide such a free service over time (Docker Hub, Bintray, Sourceforge). They all have/had the power to earn money though commercial offerings and ads, but in the end had to cut down their free services. I still wonder, how codeberg plans to cover the exploding costs.
previously discussed here: https://news.ycombinator.com/item?id=46064571
Migrating the main Zig repository from GitHub to Codeberg - 883 comments
Didn't know about codeberg and can't even access it... Is it https://codeberg.org/ ??
That is correct. It is down quite a bit. https://status.codeberg.org/status/codeberg
92% uptime? What do you do the other 8% of the time? Do you just invoke git push in a loop and leave your computer on?
You keep working since Git is decentralized.
You can also run a Forgejo instance (the software that powers Codeberg) locally - it is just a single binary that takes a minute to setup - and setup a local mirror of your Codeberg repo with code, issues, etc so you have access to your issues, wiki, etc until Codeberg is up and Forgejo (though you'll have to update them manually later).
I hope Codeberg is able to scale up to this surge in interest, but
> it is just a single binary that takes a minute to setup - and setup a local mirror of your Codeberg repo with code, issues, etc so you have access to your issues, wiki, etc
is really cool! Having a local mirror also presumably gives you the means to build tools on top, to group and navigate and view them as best works for you, which could make that side of the process so much easier.
> you'll have to update them manually later
What does the manually part mean here? Just that you'll have to remember to do a `forgejo fetch` (or whatever equivalent) to sync it up?
As discussed elsewhere in this thread: They're under DDoS, and have been very public about this fact.
I totally agree, Microsoft is ruining everything with AI, like all Microsoft product have been on decline for years even before the LLM era, and now they are on an even steeper decline.
it makes me sad to see that github is now going through the same shit, and people are using other random half-ass alternatives, it’s not easy to keep track of your favourite open-source projects across many source forgeries. we need someone to buy github from Microsoft and remove all the crap they have added to it.
Or create an overview that keeps track of projects across multiple source control providers, using a consistent interface.
> it’s not easy to keep track of your favourite open-source projects across many source forgeries.
Most public forge instances and web presence for open source projects have RSS feeds.
See, AI accelerate productivity, with it Microsoft is ruining its products and brand even faster!
I feel that training copilot on Github repos without maintainer consent was a betrayal - this pushed many projects over to Gitlab.
You could say the same for any content used for training.
You could and you should.
Am I in the minority when I actually like those AI features on GitHub? The ability to interrogate any open source codebase is __amazing__, this feature alone has saved me days of work/research. The AI code reviews are nothing to write home about, but occasionally catch stuff that I would've missed, a net benefit for me. I don't really get all the outrage... Sure, having an "Ask AI" Clippy-like thing in your face everywhere gets old quick, but at least on GitHub I find it non-obtrusive and often actually useful.
...you can just clone the repository and do that interrogation locally with the AI tool of your choice.
Every single application or webpage having its own AI integration is seriously one of the dumbest ideas in computing history (instead of separating applications and AI tools and let them work together via standardized interfaces).
Github Copilot review is such a simple - optional - ux, it makes sense as a feature. I enjoy it.
Is anything broken on the pure Git side of Github? From this, it's clear that actions and runners are becoming unusable. But are repositories still safe?
The outages break `git push`. I'm not a fan of the AI adoption within the UI, and the side bars when browsing code usually get in the way. Using GitHub as a dumb git backend isn't a great option either, look at the Linux kernels PRs, it's almost all spam. Why on earth can't PRs be disabled?
https://github.com/torvalds/linux/pulls?q=is%3Apr+is%3Aclose...
Luckily it's harder to enshittify something you don't own
Maintain on codeberg, mirror to GH. Tell everyone to contribute on CB
done.
One problem is that GH gives you no way to disable PRs. And even if you write in BIG BOLD LETTERS that PRs should be on Codeberg not GH, people get upset and make a fuss over their "ignored" PRs and it ends up making unnecessary headaches for you over and over.
Can do it the @torvalds/linux way and have a bot auto-answer/close PRs. And, to be honest, probably is better to ignore people making a fuss over PRs.
Glad to see codebrg getting recognition. The age of relying on for profit corps for our digital commons needs to end.
This seems workable to me. Github rose to prominence on the back of oss. What oss giveth oss can take away.
This resonates with me. Last week I got stuck on a bug where GitHub actions was pulling ARMv7 docker images when I specifically requested ARMv8. Absolutely impossible to reproduce locally either.
Maybe this is a nice chance to ask, would you move from Gitlab to Github? I would say no, but some people in my org are proposing it, it seems to me simply because the integration it has with AI tools, but my experience has been worse in Github than with Gitlab.
We are self-hosting GitLab, which you can’t with GitHub.
For me they're both about equally shitty, but with Github you get a nice commit calendar to show off to recruiters - so Github wins IMO.
I believe the exact same exists in Gitlab under each user profile.
I don't get it, why did they allow GitHub bot to modify and merge pull request automatically? Yeah I agree that MS is ruining everything with AI, but this problem is avoidable, if they turn off the bot's auto merge feature, or turn it off completely. The reason they move to a lesser known Git provider sounds more like a marketing stunt.
> I don't get it, why did they allow GitHub bot to modify and merge pull request automatically
They didn't, poor wording on Register part. The pull request was closed for inactivity by the bot.
Again, perfectly avoidable.
> The reason they move to a lesser known Git provider sounds more like a marketing stunt.
We had technical problems that GitHub had no interest in solving, and lots of small frustrations with the platform built up over years.
Jumping from one enshittified profit-driven platform to another profit-driven platform would just mean we'd set ourselves up for another enshittification -> migration cycle later down the line.
No stunt here.
What are you referring to? I may be missing a line from the article but it seems mostly focused around a lingering GitHub Actions bug and the direction of GitHub.
The interesting thing about Zig's move isn't really the drama - it's watching a project work through platform migration in real time.
Most open source projects talk about reducing GitHub dependency but never actually do it because the switching costs are brutal. Issues, PRs, CI integrations, contributor muscle memory - it all adds up. Codeberg is solid but the network effects aren't there yet.
Curious whether this pushes other projects to at least have contingency plans. The AI training concerns are real, but I suspect the bigger long-term risk is just platform enshittification in general - feature bloat, performance degradation, mandatory upsells.
More and more projects are moving to Codeberg, and I'm wondering; at what point will a critical mass be reached? Or will we end up with a fragmented ecosystem?
Oh no, our decentralized VCS will be… decentralized!
Seriously though the big problem to solve will be squatters, when there are three logical places for a module to be hosted. That could create issues if you want to migrate.
I would rather have this happening after a contender to git has surfaced. Something for instance with more project tracking built in so migration were simpler.
> Seriously though the big problem to solve will be squatters, when there are three logical places for a module to be hosted
I suspect Codeberg, which is focused on free software, will frown on them. They already disallow mirroring.
> They already disallow mirroring.
In which direction? (I'd check myself but they're down...). That doesn't sound very open to me.
I was slightly wrong. You can manually mirror things, but they have removed a feature that allowed one to automatically mirror repositories hosted elsewhere. It was originally intended as an ease of migration tool, but ended up consuming too many resources.
From their FAQ:
> Why can't I mirror repositories from other code-hosting websites?
> Mirrors that pull content from other code hosting services were problematic for Codeberg. They ended up consuming a vast amount of resources (traffic, disk space) over time, as users that were experimenting with Codeberg would not delete those mirrors when leaving.
> A detailed explanation can be found in this blog post.[1]
[1]: https://blog.codeberg.org/mirror-repos-easily-created-consum...
Ah, thanks. That’s a very sensible take from them!
That… makes squatting more of a problem not less.
> fragmented ecosystem
This sounds a bit like an oxymoron. More diversity will only help the ecosystem IMHO.
You say fragmented I say decentralized.
I say "I'm not making yet another account to report this bug". Tangled is trying to solve that problem but we'll see.
That's the beauty of email-based approaches. You can just clone, do your changes and `git send-email`. Done.
I think it would've been far easier to build a decent GUI around that flow, with some email integration + a patch preview tool, rather than adding activitypub, but oh well.
> I think it would've been far easier to build a decent GUI around that flow, with some email integration + a patch preview tool, rather than adding activitypub, but oh well.
Check out Sourcehut (https://sourcehut.org/). It uses a mailing list-based workflow so contributing code or bug reports is relatively effortless and doesn't require a Sourcehut account.
Email-based approaches have far more issues than just needing to create an account. I would much rather have to create another account than deal with git send-email ever again. It's awful.
I literally logged into codeberg using my GitHub account. It's two clicks of the mouse to do this.
Yeah that's good for Codeberg, but most sites haven't set things up to be so seamless. And how many clicks of the mouse was it to set up your SSH key?
https://news.ycombinator.com/item?id=33730417
[flagged]
Wait, how is Tangled VC controlled? As far as I Know, it's actually decentralised properly on atproto, with barely any bluesky dependencies?
Is it not backed by a registered in Finland limited liability company? Haven't they acquired pre-seed funding by Antler, a VC company?
So how many bugs did you file on sourceforge when GitHub hadn’t quite killed it off?
I used to submit quite a few back in the day. How many projects are still actively maintained on Sourceforge? The last time I needed to go there was to get the GPC (General Polygon Clipper) library with the last modification in 2014.
Maybe I wasn't quite clear. As an open-source author, bug reports are what makes open-source feel like a job. This is because Github has created a sense of entitlement that an open-source project is supposed to take bug reports. That its authors are its 'maintainers' and are expected to fix them.
No. You are the person with an issue. You have all the means to fix the issue -- the source code has been shared with you. Now go ahead and fix your bug yourself. Then share the source code with your users as per its license.
Notice how I don't even care much for 'pull requests'. Another detrimental notion started with Github -- that the authors of an open-source project are expected to review change requests and merge them.
Guy, open-source licenses do not require you to share the derived code with upstream. They require you to share it with your users. I, as the original author, mostly don't care as the original code I wrote works for me.
Yes, sending fixes back upstream is a courtesy and a way to thank the original authors. However it is neither required, nor one must expect that the fixes will be accepted or even looked at at all.
Hopefully one of the efforts to build distributed pull requests will take off, so that all the forges other than github can band together and interoperate.
That would be the single best thing that they could do, it would make moving off of github a gain in capabilities.
All those different 'git forges' use git as version control system and the same issue and PR workflows. There is no fragmentation, unless you consider one git url being different from another git url 'fragmentation' ;)
The D in DVCS working as expected.
Git itself comes out as a very decentralized tool to me.
I prefer a pletora of code hosting sites, that one massive hub controlled by a single one. We can see how bad is when there is a monopoly or cuasi-monopoly.
A lot of these forced "AI" integrations are essentially Clippy on steroids. A more careful approach focusing on use cases the technology can really support would be much preferred.
[dupe] Discussion on source: https://news.ycombinator.com/item?id=46064571
Yep, all my new stuff is on Gitlab.
And now a huge Zig user is purchased by an AI company. The tale as old as time.
I hate these constant drama posts, but I am all for seeing competition. I think it's good to have a couple of top-tier companies offering the same service, and especially with git, it's been... lacklustre outside of Github, I'd say. Bitbucket was totally nice, but Atlassian and Jira and meh... Github has (mostly) steered clear of cross-product promotions until the CoPilot era washed all over us, and I wonder for how long they can continue to thrive off the power of brand-awareness.
Same effect at play watching all the top-tier AI corps under heavy competitive fire still, trying hard to keep the audience attached while battling to stay on top of (or keep up with) the competition. This mainly (for now) benefits the user. If OpenAI were to trailblaze on their own, we'd all be paying through the roof for even the most basic GPT by now.
> I think it's good to have a couple of top-tier companies offering the same service
"top-tier" is not a term I would use to describe Microsoft
Lack of investment more like. There are a ton of simple and obvious bugs that have persisted well before the AI crazy, e.g. this annoying bug from 2021: https://github.com/orgs/community/discussions/6874
This one is almost a one-line change (technically they need an extra flag in the YAML but that's hardly difficult): https://github.com/orgs/community/discussions/12882#discussi...
That said, I still think Github is fine, and you can't argue with free CI - especially on Windows/Mac. If they ever stop that I'll definitely consider Codeberg. Or if Codeberg gets support for stacked PRs (i.e. dependencies between PRs), then I'm there! So frustrating that Github doesn't support such an obvious workflow.
Not spending on maintenance is bad.
Not spending on maintenance and spending gobs on something many people don’t want is far worse. It says we have the money, we just don’t give a fuck.
The evidence of AI failure is all this low hanging fruit maintenance fixes users are begging Microsoft to fix and these AI agents are not fixing them. AI was going to 10x engineers or something right? Why isn’t GitHub getting better with all this AI help?
Isn't this SOP of Microsoft since forever? Tons of papercuts which really hurt, and tons of features nobody wants?
I think this is the natural outcome of "chasing points" mechanic inside Microsoft.
> So frustrating that Github doesn't support such an obvious workflow.
It kind of does.
I used this a lot in several jobs to work in dependent tickets in advance. Just make another branch on top of the previous (a PR to the other PR branch).
People could review the child PR before the parent was merged. And it requires some less than trivial git knowledge to manage effectively, but nothing extraordinary. Any solution for stacked PRs based on git would also require it (or a custom tool).
I think I'm on their side on this one. From git perspective, it works just as I expect. Something else probably belongs to JIRA or project management instead.
That feels like the opposite of what I think stacked PRs are? Like someone will open PR #1 for one feature, and then PR #2 into the PR #1 branch, but it doesn't make sense without knowing the context of PR #1 so that gets reviewed first - and then when that PR gets merged, the second one gets automatically closed by GitHub?
PR#1: dough PR#2: toppings
You first send PR#1, then PR#2 on top of the first one.
The diff for PR#1 will show dough stuff. The diff for PR#2 will show toppings in relation to dough.
People can review them asynchronously. If you merge PR#1, PR#2 will automatically target main (that's where dough went) now.
In this arrangement, I use to cross-mention the PRs by number (a link will exist in both). I also like to keep the second one draft, but that depends on the team practices.
I don't understand why you would close the second PR when the first gets merged. It should lose the dependency automagically, which is exactly what happens if you branch correctly.
> The diff for PR#2 will show toppings in relation to dough.
The problem is the diff for PR#2 will show dough and toppings all mixed together. Unless you go into the commits view, but that's super tedious and it's easy to lose comments in there.
It's kind of frustrating because there's very little required to make this work. All you really need is for Github to detect `Depends on #1` like it detects `Fixes #123`, and then a) use the HEAD of #1 as the diff based for #2, and b) block merging #2 until #1 is merged.
It's really not that complicated but I'm not holding my breath.
See also people switching from windows to Linux.
MS need a stint of focusing on what users want rather than ramming stuff down their throat unasked hoping they’ll swallow
I like AI changes. Can change files from UI, will fill commit message for me. That's awesome.
Haven't noticed any AI problems or annoyances on GH.
Last week the reason for the move was MS tools being used by the baddies. Today AI is the baddie du jour. To use a great quote "either do or don't, but I got places to be".
The original post was specifically about technical grievances, “MS tools being used by the baddies” was mentioned only in passing.
https://ziglang.org/news/migrating-from-github-to-codeberg/
> Putting aside GitHub’s relationship with ICE
That was the extent of it. Six words.
Furthermore, this submission is an independent post, not from Zig, reporting on the original and adding more context.
> To use a great quote "either do or don't, but I got places to be".
What exactly is your complaint? The move had already been completed at the time of the original Zig post. They did do it.
There’s no incongruence between posts. The nature of your discontent or how it could possibly affect you isn’t clear in the slightest.
>That was the extent of it. Six words.
Like Muslims repeating the takbir.
> I got places to be
Like, reading and posting on Hacker News?
Don’t judge: we’re here too.
I very openly don't have places to be
Wait I thought they left because Github software engineers are "monkeys".
Look, how is number to go up without constant AI bullshit? Won't somebody think of the shareholders!
MS in particular _really_ seems to be sacrificing itself on the altar of Roko's Basilisk; they appear totally incapable of doing _anything_ that isn't AI-branded anymore.
In other news today, Bun, which is one of the biggest projects written in Zig, joined Anthropic, the company behind Claude Code, and has nothing but kind words to say about AI. If Zig becomes ever more hostile to AI, I wonder if there may be some "friction" there.
Why would zig care that a project written in zig is used for AI?
Usually programming languages need that killer project to sell themselves, instead of being something only language nerds play with, Bun was one of such projects.
And if they did, what could they possibly do?
maybe I’m out of the loop, but what is the “obsession” with AI that’s ruining it? GitHub still works for me like it always has. How are other people using GitHub?
The article is very hard to read, with ads on one side, links in every other sentence. I could not even figure out where Zig has gone... TLDR anyone?
Edit: Scrolling comments I see something called Codeberg but why am I getting connection refused?
Another edit: Oh because Codeberg is down. I had to look at another thread on the frontpage to find that out...
niche language does something, cool story
It's a little more than a niche language now.
Bun is made with Zig, and they just got acquired by Anthropic.
Ghostty is another notable piece of software made with Zig.
I assume the Bun acquisition is fueling most of this Zig news. There's about 4 articles on the frontpage about Zig.
Zig is distributed under the MIT License. MS is completely with in their rights to clone the git repository from Codeberg and do whatever with the source code. Including feeding it to their AI algorithms. Moving it to Codeberg doesn't really fix that. I get that some people want to restrict what people can do with source code (including using it for capitalist purposes or indeed ai/machine learning). But the whole point of many open source licenses (and especially the MIT license) is actually the opposite: allowing people to do whatever they want with the source code.
The Zig attitude towards AI usage is a bit odd in my view. I don't think it's that widely shared. But good for them if they feel strongly about that.
I'm kind of intrigued by Codeberg. I had never heard of it until a few days ago and it seems like that's happening in Berlin where I live. I don't think I would want to use it for commercial projects but it looks fine for open source things. Though I do have questions about the funding model. Running all this on donations seems like it could have some issues long term for more serious projects. Moving OSS communities around can be kind of disruptive. And it probably rules out commercial usage.
This whole Github is evil anti-capitalist stance is IMHO a bit out of place. I'm fine with diversity and having more players in the market though; that's a good thing. But many of the replacements are also for profit companies; which is probably why many people are a bit disillusioned with e.g. Gitlab. Codeberg seems structured to be more resilient against that.
Otherwise, Github remains good value and I'm getting a lot of value out of for profit AI companies providing me with stuff that was clearly trained on the body of work stored inside of it. I'm even paying for that. I think it's cool that this is now possible.
> Zig is distributed under the MIT License. MS is completely with in their rights to clone the git repository from Codeberg and do whatever with the source code. Including feeding it to their AI algorithms.
MIT license requires attribution, which AI algorithms don’t provide AFAIK. So either (a) it’s fair use and MS can do that regardless of the license or (b) MS can’t do that. In any case, yeah, that’s not the issue Zig folks have with GitHub.
> Zig is distributed under the MIT License. MS is completely with in their rights to clone the git repository from Codeberg and do whatever with the source code. Including feeding it to their AI algorithms. Moving it to Codeberg doesn't really fix that. I get that some people want to restrict what people can do with source code (including using it for capitalist purposes or indeed ai/machine learning). But the whole point of many open source licenses (and especially the MIT license) is actually the opposite: allowing people to do whatever they want with the source code.
MS training AIs on Zig isn't their complaint here. They're saying that Github has become a worse service because MS aren't working on the fundamentals any more and just chasing the AI dream, and trying to get AI to write code for it is having bad results.
Why does ever HN thread read like a churlish blogger review of the latest installment of <popular-scifi-franchise>?
Github is great. It barely changes at all and yet it's still too much for this originalist crowd.