this post was submitted on 28 Mar 2025

2249 points (99.2% liked)

Technology

68441 readers

3147 users here now

This is a most excellent place for technology news and articles.

Our Rules

Follow the lemmy.world rules.
Only tech related news or articles.
Be excellent to each other!
Mod approved content bots can post up to 10 articles per day.
Threads asking for personal tech support may be deleted.
Politics threads may be removed.
No memes allowed as posts, OK to post as comments.
Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
Check for duplicates before posting, duplicates may be removed
Accounts 7 days and younger will have their posts automatically removed.

Approved Bots

founded 2 years ago

MODERATORS

L3s@lemmy.world

enu@lemmy.world

technopagan@lemmy.world

L4s@lemmy.world

L3s@hackingne.ws

L4s@hackingne.ws

2249

Organic Maps migrates to Forgejo due to GitHub account blocked by Microsoft. (programming.dev)

submitted 1 week ago* (last edited 1 week ago) by Tea@programming.dev to c/technology@lemmy.world

312 comments fedilink hide all child comments

Post
New Git Repo.

you are viewing a single comment's thread
view the rest of the comments

[–] lemmydividebyzero@reddthat.com 52 points 1 week ago* (last edited 1 week ago) (11 children)

We need something like Forgejo, but decentralized and federated, like Lemmy. I don't want to create a new account for every Forgejo instance, just to be able to report a bug...

Edit: Added "and federated"

[–] hoppolito@mander.xyz 45 points 1 week ago (1 children)

Forgejo is in fact working on being decentralized, just like the underlying git structure is. There are some first federation things in there, but the full implementation is still pretty far out.

[–] endofline@lemmy.ca 1 points 1 week ago

Git is decentralized itself... You don't even need forgejo to host your changes

[–] ftbd@feddit.org 25 points 1 week ago (1 children)

Git is already decentralized, nothing is stopping you from adding multiple remotes to your repo.

[–] twice_hatch@midwest.social 29 points 1 week ago (2 children)

The issue tracker is usually the concern

[–] lemmydividebyzero@reddthat.com 4 points 1 week ago (1 children)

Yeah, that was my point in the first comment... But not only that...

The development with multiple people is decentralized, yes...

But even, if I add 3 remotes to my repo (1 to GitHub, 1 to Forgejo instance A and 1 to Forgejo instance B), guess what happens, if you don't have an account on each of these... Try pushing code or making a pull request and see how it fails, because you are not authenticated...

[–] xigoi@lemmy.sdf.org 0 points 1 week ago* (last edited 1 week ago)

SourceHut encourages an e-mail–based workflow that does not require anyone but the repository owner to have an account. In fact, that’s how Git originally worked before GitHub enshittified it.

[–] xigoi@lemmy.sdf.org 2 points 1 week ago (2 children)

How would decentralization work for an issue tracker? The issues have to be stored somewhere.

[–] WhyJiffie@sh.itjust.works 4 points 1 week ago

naturally on the instance that hosts the repo

[–] pinball_wizard@lemmy.zip 2 points 1 week ago

The issues should be central, but it would be nice for my reputation as a contributor to migrate between instances.

[–] pathief@lemmy.world 20 points 1 week ago* (last edited 1 week ago)

Federation is on their roadmap

https://forgejo.org/faq/#is-there-a-roadmap-for-forgejo

[–] kaidezee@lemmy.ml 12 points 1 week ago* (last edited 1 week ago)

You know, git initially was that kind of thing where people would send diff commits on mailing lists. Git is perfectly decentralized already. And there's no need for federation.

Forgejo is already decentralized too. You could host your own instance right now, if you'd want.

[–] passenger@lemm.ee 8 points 1 week ago

There is this, havent tried

https://radicle.xyz/

[–] DasSkelett@discuss.tchncs.de 5 points 1 week ago (1 children)

Gitea has basic federation, I believe

[–] wewbull@feddit.uk 1 points 1 week ago

Gitea is where Forgejo forked from.

[–] karthie@lemm.ee 5 points 1 week ago* (last edited 1 week ago) (1 children)

if you are looking for decentralised vcs you can try radicle, I tried a while ago pretty good. FYI Forgejo supports mastodon login

[–] lemmydividebyzero@reddthat.com 1 points 1 week ago* (last edited 1 week ago)

FYI Forgejo supports mastodon login

That's interesting. Did not even know, Mastodon supported doing something like this...

There is still a difference: There is no profile in the end. I might create 2 bug reports, bit they won't be linked to each other.

[–] Valmond@lemmy.world 3 points 1 week ago* (last edited 1 week ago) (1 children)

Have you heard of ... Git?

:-)

Edit: I was jesting, got interesting responses!

[–] lemmydividebyzero@reddthat.com 10 points 1 week ago (1 children)

There is no command git issue create [hostname] [title] [description] and if there was such a command, it'd require authentication on the specific instance to prevent spam.

You still need to create an account on each Forgejo instance to report a bug there...

And even, if you commit code or make a pull request... Git might be decentralized (you can develop with your friend independently from each other and merge it), but try to commit code to a GitHub project, GitLab instance or Forgejo instance without having an account there to authenticate yourself... It won't work.

[–] prettybunnys@sh.itjust.works -3 points 1 week ago (2 children)

You mean git inherently requires you to identify yourself?

Huh, shock

[–] lemmydividebyzero@reddthat.com 8 points 1 week ago

I'm not sure what you are trying to say.

My point was from the beginning that I don't want to create 2 accounts when I report a bug a bug on Forgejo instance 1 and on instance 2.

The suggestion whether I have heard about git does not solve anything about that...

Some one else here mentioned that it's possible to login with Mastodon on each of the instance, which is the correct direction (allows to report a bug on both instances via an external account). Disadvantage is still: My 2 bug reports are not linked to each other, because there is no shared Forgejo profile, which would actually require something like federation.

[–] WhyJiffie@sh.itjust.works 5 points 1 week ago

git identification has nothing to do with authentication, as any sane person with git experience knows

[–] elrecoal19_1@lemmy.world 3 points 1 week ago (1 children)

Wouldn't it be the other way around, having someone centralized so with one account you can report bugs in any public project?

[–] BoJackHorseman@lemm.ee 4 points 1 week ago (2 children)

Do you know how lemmy works?

[–] elrecoal19_1@lemmy.world 7 points 1 week ago (1 children)

I do, what I don't know is how Forgejo works. Doesn't having to make an account for every project mean it's already decentraliced, but just doesn't communicate between instances?

[–] lemmydividebyzero@reddthat.com 4 points 1 week ago (1 children)

I agree that it's already kind of decentralized, so I also added the word "federated" to my original post.

[–] elrecoal19_1@lemmy.world 1 points 1 week ago

Okay, that makes it way more clear ;b

[–] LemonBreezes@lemmy.world 3 points 1 week ago (6 children)

I think that's bad (for my personal use) because if I accidentally commit a secret key, how do I claw it back? Basically, how would I claw anything back if it's on a blockchain aka on thousands/millions of computers already (you can't).

[–] holdstrong@lemm.ee 11 points 1 week ago (2 children)

If you push a secret key you should definitely generate a new one. Way to many bots out there that scan new commits for exactly that reason

[–] tehfishman@lemmy.world 2 points 1 week ago

Yeah please just rotate the secret if that happens. Doesn't matter what platform it is, this is true of GitHub as well. Secrets that are accidentally published are no longer secret.

[–] LemonBreezes@lemmy.world 1 points 1 week ago

Yeah it's not an insurmountable problem but it has happened to me where I push some commits and I realize "oh lemme remove this code because it leaks a little info about me personally" etc

[–] fallingcats@discuss.tchncs.de 5 points 1 week ago* (last edited 1 week ago)

Obviously you go and change the key instead?

[–] lemmydividebyzero@reddthat.com 3 points 1 week ago

I did not mean decentralized hosting of the projects (e.g. your project will be on all instances).

I meant decentralized account usage (e.g. you can use your example.com forgejo account to create an issue on otherexample.org)... Just like Lemmy... I could use my reddthat.com lemmy account to create a post on your instance lemmy.world without having to register there.

[–] zarkanian@sh.itjust.works 3 points 1 week ago

You are correct in principle, but Lemmy isn't on a blockchain. It's much less permanent.

[–] JuxtaposedJaguar@lemmy.ml 2 points 1 week ago

You can make commits on your system without pushing them to the remote server, and that’s the default behavior.

[–] WhyJiffie@sh.itjust.works 2 points 1 week ago

that's already a concern. what if someone just cloned your repo? there's also plenty of people that mirror public repos to their personal forgejo server. forgejo makes it very easy.

the only solution to mitigate such a mistake is to
1) invalidate the token
2) remove the commit

In that order.

[–] MonkderVierte@lemmy.ml 1 points 1 week ago

Rather have it on IPFS or something like OrbitDB, so no one can just lock/delete stuff.