Aggiornare 'README.md'

This commit is contained in:
Filippo DB 2020-11-05 11:09:33 +01:00
parent 23e3d94b1a
commit aab9058f21
1 changed files with 46 additions and 0 deletions

View File

@ -46,6 +46,35 @@ This is why gitlab.com should be listed as a service to avoid, like MS [Github](
### Perchè non usare GitHub
This is not directly related as it could happen on other hosting platforms as well, but just a few hours after I wrote this the youtube-dl repository was taken down from GitHub by RIAA due to a [DMCA request](https://github.com/ytdl-org/youtube-dl/).
It is no news that [Microsoft purchased GitHub in 2018](https://it.wikipedia.org/wiki/GitHub), everyone knows that. Yet despite that fact thousands of the worlds most important Open Source projects continue to host their code on GitHub. People seem to have forgotten just how rotten Microsoft really is and how dangerous that situation is.
It is not so much the fact that many projects host their projects on GitHub, it is the fact that many projects haven't secured the code outside of GitHub! They rely fully on GitHub to maintain and protect the code.
Microsoft is very actively purchasing important projects related to Open Source and in April 2020 it was announced that they had now also acquired [npm](https://it.wikipedia.org/wiki/Npm_(software)), a JavaScript packaging vendor, for an undisclosed sum of money.
Perhaps the younger generation don't know anything about the past "evils" of Microsoft and naively believe that Microsoft is now the good friend to Open Source, but the truth is that all these acquisitions of Open Source projects is a business tactic that is put in place to improve Microsoft's loosing position to Open Source. It is a matter of control.
[Microsoft announced](https://www.minecraft.net/en-us/article/java-edition-moving-house) that Minecraft will require a Microsoft account to play in 2021 and that owners of the classic version will be forced to migrate.
While this is not related to Open Source, it is a really good example of how bad it can get if Microsoft sometime in the future decides that projects on GitHub are required to do something which goes against these projects interests.
I will not name any names, because that is not important, but how in the world can any Open Source project that regards their code base as valuable not make sure that they have a completely up to date copy of every single line of code outside of GitHub!?
Some project developers only keep parts on the code in personal repositories, others haven't even got a backup but trust fully that GitHub will always have a working and current release of the latests commits.
For years people have warned about the position GitHub had in the world of Open Source because it concentrates too much of the power to make or break the community in a single entity. Having Microsoft behind the steering wheel makes the situation a thousand times worse.
Nobody in their right mind would ever have imagined uploading Open Source code to Microsoft servers just a decade ago. Microsoft where the archenemy of Open Source in the nineties and they deployed all kinds of dirty tactics to keep other operating systems out of the market, especially dirty tactics against Linux. In the early 2000s the then CEO Steve Ballmer said, Linux is a cancer that attaches itself in an intellectual property sense to everything it touches. And for many years they tried to gain control over Linux and manipulated the market in different ways in order to "crush the competition". When they realized they couldn't do that and that the battle was lost, they deployed a new tactic in which they instead try to make money of Linux, which is what that are doing now in a lot of areas, and which is why they seem "friendlier" to the Open Source community.
I myself do have some code residing on GitHub, but of course I also have multiple up-to-date clones and backups elsewhere. However, having the worlds largest repository of important Open Source code reside in the hands of Microsoft is just madness. Why haven't all the major projects migrated? Running a self-hosting Git server isn't that difficult and there even exists several solutions that are pretty solid.
More and more of all the good stuff about Open Source and community driven development and sharing of resources, code and experience is slowly getting either gobbled up or ruined and massacred by big corporations or economically based foundations. Why is it that as soon as money enters into the picture so many things are turned into "crap"? Of course, greed is the answer, but an even more important question than that is: Why is it that we have stopped caring?
#### Privacy problems with Microsoft Github service
@ -84,6 +113,23 @@ Many Github refugees fled to Gitlab when Microsoft acquired Github. It's a bad i
#### Alternative
Large projects should self-host their repositories in order to stay completely independent, but some alternative solutions to the more popular services such as GitHub, GitLab and BitBucket does exist (not an exhaustive list):
[Codeberg](https://codeberg.org/)
Codeberg is a registered German non-profit organization and I think it is the best alternative. Codeberg does not depend on external services. No third party cookies, no tracking. Hosted in the EU.
Relevant discussion on Hacker News. Relevant Privacy Policy
[NotABug](https://notabug.org/)
NotABug.org is run by Peers, a group of people interested in free software and free society. It is mostly for small projects though. Relevant Privacy Policy.
[sourcehut](https://sourcehut.org/)
sourcehut is currently considered alpha and it is not going to stay free, but it does not have any tracking or advertising. All features work without JavaScript. Relevant Privacy Policy. Relevant discussion on Hacker News. After signing up you get the following message: Payment is optional during the alpha, but be aware that it will become mandatory later. This service is funded by its users, not by investors.
A few good solutions for self-hosting (not an exhaustive list):
[Gogs](https://gogs.io/) - old discussion at Hacker News
[Gitea](gitea.io/) a community-managed fork of Gogs - discussed at Hacker News
[OneDev](https://github.com/theonedev/onedev) - discussed at Hacker News
Other relevant reading: [What is wrong with Microsoft buying GitHub](https://jacquesmattheij.com/what-is-wrong-with-microsoft-buying-github/)
self-hosting Gitea
(+) avoids the "shake-up" problem of shrinking the community each time the project moves (there is no risk that the privacy factors would later take a negative turn).
(+) Gitea.it could host other privacy-focused projects and become part of the support structure for them. Centralizing privacy-focused projects would increase Gitea.it visibility and establish a place where developers with the same high-level goals could develop in a more united way. Poaching privacy-focused projects from GH and GL would solve the hypocrisy problem those projects are facing as well.