GitHub bans organizations without warning or explanation
All organizations on my account have now been hidden from public view with no explanation, no response from Github after over a week and a massive red banner on every page I visit that says "Several of your organizations have been flagged.
Because of that, these organizations are hidden from the public. If you believe this is a mistake, please contact support to have your organizations’ statuses reviewed."
It doesn't even state which organizations are problematic and why.
What is this shit Github? Have other people encountered this? I have literally no controversial organizations on my profile.
https://x.com/RyanSchachte/status/1757417511451259350?s=20
65 comments
[ 3.2 ms ] story [ 69.6 ms ] threadhttps://twitter.com/defunkt/status/1754610843361362360
Once I'd seen that, I doubled down on my self hosted GitLab and never looked back. GitHub can be a mirror for public good, but it's no castle I want to be a prisoner of.
Running my own gitea server since then but I heard there was some drama around it so it got forked to forgejo.
Gitlab was just too unfriendly when I wanted some help and wanted too many resources vs gogs at that time.
Because too many are on github it's too big to fail and if you want to report a big you need an account there. I wish I could go completely without it.
I just haven't experienced that until now.
I've been trying out sr.ht and codeberg.org.
Sadly the product is nowhere near GitHub.
https://www.cvedetails.com/vulnerability-list/vendor_id-1918...
I don't think that a modern git web front-end needs to either look ugly and lack basic features, or be a security vulnerability, or be run by a gigantic corporation.
It just happens that you can only choose between those right now.
I really wish there were something as nice as GitHub, self-hosted, with a better security model.
That is a misunderstanding: sr.ht only costs money if you host your projects there.
Since the official supported workflow is email-based, you don't even need a sr.ht account (paid or otherwise) to submit patches.
If there exists some Gitea features that are not available open source ("open core")... how does having Forgejo help? Unless they provide those features, the situation remains unchanged. Until they do, what is there to applaud, and what's the point of switching?
[0]: https://forgejo.org/2024-02-forking-forward/
Gitlab is really designed to run on kubernetes, and while there's plenty of self hosters willing to run overkill infra locally, has proved to be enough of a pain for enough people to run that it limited its growth in that space.
I want to see all this data for all of the forks that are relatively close together from a single pane of glass. This would make collaborating and uplifting code back to the main branch much easier for small free software projects.
I like to self-host, but I don't want to be sysadmin to a public service, and deal with account deletion, password resets, ...
Edit: Better link
Merging your patch even comes built-in with Git. The place hosting your Git repo doesn't need anything special to support this. You email the author, they merge your patch and then git push.
Some other federation method through centralized platforms like Github would have to be bolted on to git, email is just the built-in and very much intended method that already exists.
A "merge request" or "pull request" is a specificb thing on those platforms (GitHub/GitLab/Gitea/...) and are definitely not federated.
In the same way, Twitter is not federated just because it runs on phones where you could send your message via SMS instead. That makes no sense. Even if SMS is built into your mobile text editor.
You can push a commit to Gerrit for the webui, you can email it to someone for manual code review and merging, you can (maybe) do it in Phabricator, so on and so forth.
This is inherently federated in a way that GitHub's pull request system does not. A commit in GitHub requires context in the form of a "pull request" provided by their proprietary interface and so the raw git commit doesn't have everything you need to perform the review.
Apologies for not communicating this better in my original comment.
HN seems to becoming more and more of a help desk.
I miss the old days where companies had actual support
The problem comes when social engineering spammers are investigated. They blame others, and get those others delisted from GitHub.
I suspect that, like eBay, CraigsList, SpamHaus, and (R)eddit, GitHub's spam fighters are now completely coned by the spammers so that they only shut down honest people.
I recently encountered this with Apple (https://skogsbrus.xyz/dont-put-all-your-apples-in-one-basket...). After 2 months I'm still fighting them to recover some of my devices.
Apparently the cause was that I interacted with code that GH detected as malicious. The weird thing was that GH left this supposedly malicious code as publicly visible in multiple personal repos while hiding my unrelated organizations. These organizations were home to highly used scholarly software, research projects, and datasets. I started getting emails from users like:
> I was looking at a manubot issue and found out that the repo vanished from the internet. What happened?
I got the situation resolved through my contact at GitHub, but still no response via the GH support ticket after 2 weeks. Seems like GitHub is shooting themselves in the foot. Strange.