cross-posted from: https://lemmy.ml/post/15691030
As you can easily notice, today many open source projects are using some services, that are… sus.
For example, Github is the most popular place to store your project code and we all know, who owns it. And not to forget that sketchy AI training on every line of your code. Don’t we have alternatives? Oh, yes we have. Gitlab, Codeberg, Notabug, etc. You can even host your own Gitea or Forgejo instance if you want.
Also, Crowdin is very popular in terms of software (and docs) translation. Even Privacy Guides and The New Oil use Crowdin, even though we have FLOSS Weblate, that you can easily self-host or use public instances.
So, my question is: if you are building a FLOSS / privacy related project, why using proprietary and privacy invasive tools?
Self-hosting is right out for most people. It’s pretty expensive to even get started without compromising your home network (router with VLAN, switch, multiple servers (at least thinclients)), and then on top of that you need to maintain it, and can’t really ever max out your download/upload speeds because people are depending on your internet to interact with the repo.
Gitlab is also for-profit, but also has blackouts and devs going
rm -rfon the production DB. It’s often in the news for bad things, so I’ve generally avoided it.Codeberg is great for personal repos, but most smaller git hosting services have horrible SEO. Like I’ve had issues finding repos when searching for their exact name, if I had to use general search terms I’d only see github repos.
All I found about that gitlab incidence sounded like it was one single event and more importantly that they’ve learned from it. So I don’t get the critique there. But yeah, apparently they’ve had a security hole a few days ago.
Sure, but if you do that, and then follow it up with often outage and security issues, I’m going to seriously rethink using your services.