this post was submitted on 16 May 2024

161 points (86.4% liked)

Open Source

31188 readers

234 users here now

All about open source! Feel free to ask questions, and share news, and interesting stuff!

Useful Links

Rules

Posts must be relevant to the open source ideology
No NSFW content
No hate speech, bigotry, etc

Related Communities

Community icon from opensource.org, but we are not affiliated with them.

founded 5 years ago

MODERATORS

[email protected]

161

Why FOSS projects are using proprietary, privacy invasive infrastructure? (lemmy.ml)

submitted 6 months ago by [email protected] to c/[email protected]

126 comments fedilink hide all child comments

As you can easily notice, today many open source projects are using some services, that are… sus.

For example, Github is the most popular place to store your project code and we all know, who owns it. And not to forget that sketchy AI training on every line of your code. Don't we have alternatives? Oh, yes we have. Gitlab, Codeberg, Notabug, etc. You can even host your own Gitea or Forgejo instance if you want.

Also, Crowdin is very popular in terms of software (and docs) translation. Even Privacy Guides and The New Oil use Crowdin, even though we have FLOSS Weblate, that you can easily self-host or use public instances.

So, my question is: if you are building a FLOSS / privacy related project, why using proprietary and privacy invasive tools?

(page 2) 50 comments

sorted by: hot top controversial new old

[–] [email protected] 41 points 6 months ago (1 children)

Because most oss maintainers are more afraid of their work disappearing due to service shutdowns than they are being profiled by data miners.

Everyone has seen some example of a tool or resource hosted on a persons private server end up taken down because they couldn’t afford it, the isp or university stopped offering hosting or because they simply couldn’t keep doing it due to death or old age.

That’s what people who create software are afraid of. The loss of that creation, not the loss of the privacy of people who contribute to it or download it.

load more comments (1 replies)

[–] [email protected] 61 points 6 months ago (1 children)

Network effect.

Using GitHub as an example, choosing any alternative (as a small project) will reduce the amount of contributions and will make the project less discoverable. Especially if you consider projects where the technical barrier for contribution is lower, it is much more likely for a potential contributor to have an account on a "mainstream" platform.

I used to think that this was less of an issue in more niche communities, but a recent post by an Emacs package developer (Protesilaos Stavrou, won an FSF award a few years ago) changed my mind: https://protesilaos.com/codelog/2024-04-30-re-emacs-github-freedom-microsoft/

[–] [email protected] 2 points 6 months ago* (last edited 6 months ago) (2 children)

That makes sense. But what about big ongoing projects/ Couldn't they easily migrate to a FOSS service? I'd imagine people will look out for them specifically no matter where they're hosted.

[–] [email protected] 4 points 6 months ago

They often host on multiple platforms.

load more comments (1 replies)

[–] [email protected] 22 points 6 months ago* (last edited 6 months ago) (1 children)

I see Github as a mere tool. As I could use a proprietary operating system like Windows on my development computer, I can use Github to distribute the code. It doesn't have that severe consequence to the open source project itself and works well. And it's relatively transparent. Users can view issues etc without submitting to Microsoft. And it's been the standard for quite some time.

I'm far more concerned with FLOSS projects using platforms like Discord, which forces their users to surrender their privacy and that actively contribute to the enshittification of the internet. I wouldn't want to be part of that.

[–] [email protected] 7 points 6 months ago (2 children)

yuzu? suyu? does that ring a bell?

[–] [email protected] 4 points 6 months ago (1 children)

Idk, a plant? a nintendo emulator? enlighten me...

[–] [email protected] 9 points 6 months ago

be careful. otherwise nintendo may even copyright claim the fruit

load more comments (1 replies)

[–] [email protected] 64 points 6 months ago (2 children)

There's been a general trend towards self-hosted GitLab instances in some projects:

Small projects tend to not want to spin up infrastructure, but on GitHub you know your code will still be there 10 years later after you disappear. The same cannot be said of my Cogs instance and whatever was on it.

And overall, GitHub has been pretty good to users. No ads, free, pretty speedy, and a huge community of users that already have an account where they can just PR your repo. Nobody wants to make an account on some random dude's instance just to open a PR.

[–] [email protected] 0 points 6 months ago (1 children)

You can host a git repo with little effort on any Linux machine you can ssh to. You don’t need to host a git lab instance unless you want some web gui.

load more comments (1 replies)

[–] [email protected] 18 points 6 months ago (2 children)

GitHub (since the Microsoft acquisition) is good to users because that's their MO, it's called Embrace, Extend, Extinguish, and the whole point is to centralize users and projects and make them dependent on the Microsoft ecosystem.

Of course now there's also the whole issue of Copilot, which means any code you put on GitHub could very well show up piecemeal in someone's AI-generated code. If it wasn't for that novel avenue of monetization, you can bet your ass GitHub would have already made the free user experience a lot shittier.

[–] [email protected] 8 points 6 months ago

Wouldn’t code hosted anywhere on the open internet be potentially susceptible to AI scraping?

load more comments (1 replies)

load more comments