alt.hn

5/13/2026 at 12:54:00 PM

Leaving GitHub for Forgejo

 https://jorijn.com/en/blog/leaving-github-for-forgejo/

by jorijn

5/13/2026 at 1:10:58 PM

Everyone seems to be leaving GitHub, and forgetting the entire spirit of what git is in my eyes. Git was always meant to be decentralized, the problem here is that all the tooling around git was centralized to GitHub because it was a cleaner experience, they scaled nicely, and were properly maintained. I would prefer to still see mirrors on GitHub that are auto-synched because I've seen projects for years either self-host or go somewhere niche, then the GitHub mirror dies or is removed, and said projects go poof to the sands of time for one reason or another, completely gone. Everyone seems to be picking some random git host alternative, and some of them are really simple to use.

Git is decentralized, GitHub is just another place you can host your code in, but you can push your code to multiple remote servers.

by giancarlostoro

5/13/2026 at 1:18:30 PM

While I'm not forgetting the spirit of what Git is, I'm also remembering how GitHub used "all open repositories" to train their first Copilot without telling anyone.

So, no thanks. I'll not be committing any personal code there anymore.

And no, I don't care for the social aspects either. Discoverability, stars, and AI bot powered issue bombardment.

I'm fine like this.

Also, remember, "Open Source is not about You".

by bayindirh

5/13/2026 at 3:36:51 PM

I completely share your sentiment about feeling irked about open source code being used to train commercial AI models. However, I think the battle is already lost - the nature of copyright and open source code philosophy (currently) means that there isn't any real way of preventing your code being used to train AI. Look at the legal precedents being set in courts where many of the BigTechs have actually pirated copyrighted media to train their AI, and the court has said "that's acceptable". (Ofcourse, the actual act of piracy - like Facebook did by downloading copyrighted material through torrents - may not be legal, but the courts may be lenient here too as there seems to be an undercurrent of government approval to do anything to win the "AI Race").

And, even if you move your repository somewhere else, can you really prevent anyone from uploading it to Github? To do so, you may have to create your open source license.

by thisislife2

5/13/2026 at 3:57:27 PM

> However, I think the battle is already lost - the nature of copyright and open source code philosophy (currently) means that there isn't any real way of preventing your code being used to train AI.

Laws should make it a double-edged sword, make distillation explicitly legal.

Not much else they can do.

by lelanthran

5/13/2026 at 4:46:23 PM

> Laws should make it a double-edged sword, make distillation explicitly legal.

Knowledge-distillation is already legal. Current case law says none of outputs of any model are protected by copyright, so one could use model outputs for whatever they want - including distillation. That is why AI companies resort to ToS clauses to block distillation and/or training competing models.

by overfeed

5/14/2026 at 8:20:53 PM

Its completely 100% legal, to ask LLM to write detailed spec of any closed source project based on the code. Then ask another LLM to implement it to make it public domain.

Its already proven based on previous specification laws.

Hilarious as it sounds its true. We can make “any” code a public domain woth LLMs.

by pojzon

5/14/2026 at 12:40:29 PM

Make all LLM output licensed as AGPLv3 - the license is viral, right ? ;-)

Unless you can actually prove what your model has ingested & if you have the license for it in court.

by m4rtink

5/14/2026 at 3:42:30 AM

Distillation is totally legal and I highly encourage it

by bloppe

5/18/2026 at 8:57:57 AM

Even if you cannot do anything to prevent it you don't have to make it easy - and you can make it clear that you don't approve by boycotting GitHub over this.

by account42

5/13/2026 at 3:05:36 PM

What exactly did they train? Copilot is powered by claude, gemini, or ChatGPT these days.

Did they train autocomplete? I mean the code is open source so anyone can scrape it and train it too. I'm kind of glad they did train it because otherwise we'd still be stuck with Apple level AI models right now.

The whole reason we have so many models, including open weight models, that are all competitive with each other is because the data is free and anyone can be training off it. If the goal was to monetize the source code I guess the authors shouldn't make it open source.

by chrischen

5/13/2026 at 3:21:36 PM

> "GitHub Copilot is powered by generative AI models developed by GitHub, OpenAI, and Microsoft. It has been trained on natural language text and source code from publicly available sources, including code in public repositories on GitHub."

https://azure.microsoft.com/en-us/products/github/copilot#fa...

by skinfaxi

5/13/2026 at 4:19:18 PM

Yeah have to agree here, Github Copilot itself doesn't have any first party models they use the frontiers. So, they didn't "train" using public repos but they probably allowed (or didn't prevent) the frontiers from pulling the repos along with the rest of the internet when creating their models.

by chris_money202

5/13/2026 at 5:38:20 PM

Is y'alls collective memory so short? Copilot just a few years ago was auto complete on steroids that was entirely first party and trained by GH on users' code.

by ramblurr

5/13/2026 at 7:15:50 PM

It used OpenAI's Codex model (see: https://en.wikipedia.org/wiki/GitHub_Copilot?wprov=sfla1)

OpenAI did train the model on GitHub repos. The next question is whether this was enabled by Microsoft's investment in / partnership with OpenAI. I suspect yes, but I haven't gone searching for this yet.

by Leynos

5/15/2026 at 1:50:24 PM

I guess it doesn't matter if they allowed OpenAI to do it or not because it seems other models were allowed to train off it too. I guess we should probably be giving kudos to GitHub and Microsoft for not trying to charge for access to this data.

by chrischen

5/13/2026 at 6:00:26 PM

It was even returning some code verbatim with the correct prompts.

by bayindirh

5/13/2026 at 2:43:09 PM

It did so in direct violation of the licenses of the code held there as well and then sold code snippets they had no rights to and still do.

by PaulKeeble

5/13/2026 at 5:32:17 PM

How did you draw those conclusions? They don't seem to be in line with court rulings (i.e. Anthropic), which hold that training is fair use. Code is being treated the same as any other copyrighted content that is used for training, from blog posts to PR announcements from companies and everything in between. Of course the blog posts are PR announcements have their copyright held by their authors, with no license provided at all, so if OSS code being used in training is a violation, then so would everything being trained on (to a first approximation...public domain works excepted). But no court has every taken that position to my knowledge.

There's just so much confusion around this. In this thread alone:

* Distillation is legal under copyright; the violations would come as ToS violations, which is contract law, not copyright law.

* Training is legal as well, so long as the original material was obtained legally.

* Moving code off of GitHub doesn't change any of this: AI companies are free to download your git repo no matter where it is hosted, just like they can any other content on a publicly accessible website.

* Liability comes into the picture when the models are used to infringe copyright in their output. We'll have to see the outcome of the NYT case here, but that is proceeding at a glacial pace.

I am not a lawyer; I'm an interested amateur that's been following the saga for years. I wish the discussion here on HN were more nuanced.

If anyone has legal updates that render any of the above incorrect, I'd love a pointer to the decisions. One area I'm particularly weak is the legal status in countries that are not the US: I don't follow those laws nearly as carefully, nor the court cases brought.

by rpdillon

5/14/2026 at 12:42:59 AM

>> * Moving code off of GitHub doesn't change any of this: AI companies are free to download your git repo no matter where it is hosted, just like they can any other content on a publicly accessible website.

C'mon, I'm not even apart of the movement to move away from GitHub, but that's not really a valid argument. Sure, they CAN download the source code, but its not nearly as automatic. They don't get to download it all, en masse, from copying hard drives/databases they already own. They have to go over the internet. They don't get automatic notifications when new code gets pushed. And finally, if one wanted, they can make it harder for bots.

I certainly believe that these companies do get away with a lot more than the average Joe - see: Facebook downloading Anna's Archive, every pirated eBook - but that doesn't mean you have to hand it to them on a silver platter.

Plus, even if your code is private on GitHub, you can guarantee that they can't train there models on it anyway; unlike if you host it yourself, or somewhere else.

Does anyone else find it ironic when closed-source GitHub claims it's some super hero for open source?

by mkhalil

5/13/2026 at 5:55:06 PM

I have written about this numerous times, so I won't repeat myself with the long form writing. Maybe I need to keep a list of comments somewhere, so I can reference them. I digress...

In short:

- GPL code requires attribution and sharing of code. Models strip license, so GPL is effectively violated.

- Source available licenses are "for your eyes" only, so training on source available code is also violates said code's licenses.

- MIT requires attribution, but forgetting it has no consequences, so it's a more gray area.

About moving from GitHub:

- Some public repositories provide visible and invisible anti-scraping protections. So it's not always that easy.

- GPL says I need to share code to the people who downloads the application itself, so I can move to cathedral model.

Moreover:

- US Government has a stance of "If we need to take permission for everything, AI industry will die". Hence, as an outsider, the court rulings have no weight in my eyes. They are taking stance to enable and not hinder the industry. If one reads Fair Use doctrine, it's very possible to rule otherwise. OpenAI's whole non-profit research arm was an instrument to circumvent Fair Use doctrine's "earn money from copyrighted works" clause and support "we only do research pinky promise" requirement of the said doctrine.

When courts said "go ahead, we're not looking", people started to torrent e-books (ahem Meta ahem) to train models or buy/cut/scan/ocr books to train their models (Anthropic).

So the situation is left murky to allow Silicon Valley to thrive. Not to protect people's blood, sweat and tears. These works are provided by peasants anyway, so why bother.

Addenda: Courts said models' outputs can't be copyrighted. So, copyrighted code gets in, non-copyrightable code gets out. It's effectively license-washing.

by bayindirh

5/13/2026 at 7:48:07 PM

I don't think your understanding of Fair Use matches mine, but it is important, since it invalidates the concern about licensing.

I wrote a nearby comment giving some resources on the current state of Fair Use for training, but in short: it depends.

https://news.ycombinator.com/item?id=48125071

> Hence, as an outsider, the court rulings have no weight in my eyes.

My only focus in on legality, so this doesn't track for me. If we're not talking about what courts are ruling, then there's nothing to talk about legally, since the copyright office is waiting on courts to rule here.

by rpdillon

5/14/2026 at 1:57:01 AM

The GitHub terms of service has always granted GitHub additional rights. If you put up code with a license incompatible with those rights, then you are the responsible party for the violation, again as per GitHub's terms of service.

This was true before AI, and the ToS now explicitly includes AI training to avoid confusion.

In short: it has never been a good idea to put anything with a copy left or strong license up on GitHub if you wanted them to abide by it.

by zdragnar

5/18/2026 at 9:11:03 AM

> If you put up code with a license incompatible with those rights, then you are the responsible party for the violation, again as per GitHub's terms of service.

This is not how copyright law works or any other law for that matter. The issue is foremost between the copyright author and GitHub. The ToS may or may not allow GitHub to sue the uploader for damages for a ToS does not magically give them rights that the uploader isn't legally able to give.

by account42

5/14/2026 at 12:44:03 PM

IP law is a farce, and the open source licenses are built upon that farce. If a single good thing comes out of LLMs, it will be forcing society to recognize “intellectual property” for the dystopic stupidity that it is. I doubt it though.

by NeutralCrane

5/18/2026 at 9:12:48 AM

That is a pipe dream. The current direction is the opposite of that - knowledge becomes even more centralized and only rented out to individuals.

by account42

5/18/2026 at 3:00:47 PM

Knowledge being rented out to individuals is the status quo. Already there are court rulings dictating that “training” on data is legal, but model weights also are non-copyrightable, which seems like a step in the direction of sanity.

by NeutralCrane

5/13/2026 at 3:45:01 PM

> (...) I'm also remembering how GitHub used "all open repositories" to train their first Copilot without telling anyone.

This is a silly opinion to hold, isn't it? I mean, you release projects under a license with the express purpose of freely distributing your code among anyone in the world that may have any interest whatsoever, and even allow they themselves to share it with anyone they feel fit. But you are somehow outraged if people actually use said code?

Please make it make sense.

by locknitpicker

5/13/2026 at 4:04:34 PM

> This is a silly opinion to hold, isn't it? I mean, you release projects under a license with the express purpose of freely distributing your code among anyone in the world that may have any interest whatsoever, and even allow they themselves to share it with anyone they feel fit. But you are somehow outraged if people actually use said code?

You're making things up: the outrage is not that people used it, it's that the licence requires attribution at least, and opening the derivative product at worst. Token providers that trained on open source did neither.

> Please make it make sense.

I am skeptical that you didn't know the reason for the outrage because it's been repeated in every single thread where this was discussed.

I myself repeated it multiple times each time this feigned confusion you display appears.

Like I am doing now, yet again.

by lelanthran

5/13/2026 at 8:28:36 PM

idk, all the code i've seen produced by an llm doesn't appear to be derived from anything. Also, the source code they were trained on does not exist in the model, it's impossible for the llm to return a code snippet from some other code base. The code snippet doesn't exist in the model in the first place. I guess another way to put it is show your code in the output of an llm that isn't being attributed correctly.

by chasd00

5/13/2026 at 9:09:17 PM

At least on GitHub there was a special flag to exclude code that matches publicly available source code. Thus the chance is higher than 0. Which matches my experience last year when multiple Copilot chats got redacted for that reason.

by mhitza

5/14/2026 at 4:19:00 PM

> Also, the source code they were trained on does not exist in the model, it's impossible for the llm to return a code snippet from some other code base.

So? Just because a piece of output data is encrypted or compressed and does not resemble the input, does not mean that the process did not take the input.

We have decades of law that regards zipped files as infringment, lossy compression (MP3's) as infringment, etc.

> guess another way to put it is show your code in the output of an llm that isn't being attributed correctly.

Well, a better way of putting it is answering the question "Will that model have existed had none of the code used as input existed".

IOW, can that model be generated or created without first having all that copyrighted code used as input?

by lelanthran

5/13/2026 at 3:48:16 PM

Because there's no way the code is distributed properly according to any of the OSS licenses. In fact, it claims authorship with nonsense bylines saying the LLM wrote it.

by dylan604

5/13/2026 at 5:45:18 PM

They key issue is whether the training is considered to be fair use; but this can only be determined in court. We have some preliminary indications that it definitely can be, but also may not be, depending on four factors, but predominantly the first and fourth factor (how transformative, how it affects the market for the original works).

National Law Review covered some of those nuances last year: https://natlawreview.com/article/federal-courts-issue-first-...

US Copyright Office has a substantial document discussing each of the four factors, and making it clear this is an unanswered question, and details of the particular case will decide which way courts go. It is a prepublication version, and it's over 100 pages, but it covers the issues well, citing arguments on all sides.

https://www.copyright.gov/ai/Copyright-and-Artificial-Intell...

by rpdillon

5/18/2026 at 9:21:44 AM

No, the key issue is whether the training is socially acceptable and sustainable. Court decisions based on pre-existing laws are only a small part of that discussion.

by account42

5/13/2026 at 3:52:01 PM

> Because there's no way the code is distributed properly according to any of the OSS licenses.

What are you talking about? There is no distribution, only read access.

by locknitpicker

5/14/2026 at 12:48:15 AM

Reading means downloading. Downloading is equivalent to making a copy. To make a copy of a copyrighted work, you need a license, unless your activity is fair use. Licenses have terms and conditions that must be followed, such as retaining attribution in all derivative works.

That said, FOSS licenses are non-exclusive. Regarding the original upthread topic of GitHub's copilot training, iirc GitHub's terms and conditions involve granting them a license in order to host your code. Depending what else is in those terms, they may have had the ability to use all hosted code for LLM training through that license, instead of the FOSS licensing on any given Open Source repo. But that would only apply to GitHub/Microsoft, not third party scrapers.

by evanelias

5/13/2026 at 7:08:12 PM

What is the difference?

by CyberDildonics

5/13/2026 at 4:20:24 PM

The training on "all open repositories" is the only training we heard about. I wouldn't be surprised if it wasn't beneath these greedy companies to train on other data, and respond "oops! we didn't that would happen" (by which they mean get found out).

Leaving is still the right move. But this applies to all centralized large services: Our use of Google and Google Drive, any Microsoft products, Adobe products, etc.

by mannanj

5/13/2026 at 2:22:16 PM

Don't forget a achievement badges.

by dandellion

5/13/2026 at 2:46:14 PM

I mean, I never put my code on GitHub, but other people put it there, as they use GitHub: you can't not use GitHub. (Hell: even closed source projects, even ones that were never distributed even as a binary, if the code leaks, end up mirrored on GitHub.)

by saurik

5/13/2026 at 9:40:07 PM

> While I'm not forgetting the spirit of what Git is, I'm also remembering how GitHub used "all open repositories" to train their first Copilot without telling anyone.

As long as your code is out in the open anywhere the slop factories can train their models at it, regardless of whether it's on GitHub or your private server. So you might as well keep using GitHub at least as a gratis mirror. My reasoning is that if I'm going to be milked anyway I might as well freeload off GitHub.

by HiPhish

5/18/2026 at 9:33:31 AM

Just because they technically can grab it doesn't mean you have to make it easy.

by account42

5/13/2026 at 5:03:45 PM

Agreed

by onesandofgrain

5/13/2026 at 1:14:24 PM

Yes, but GitHub is more than just git. The most important aspect of the platform that everybody seems to forget is the social component and how easy it made to create a persistent, off-site repository and collaborate across repos.

by gchamonlive

5/13/2026 at 1:21:20 PM

The "social component" is a big problem in actual FOSS.

by MrFurious

5/13/2026 at 1:31:32 PM

People forget what FOSS is, and you get a world of unclear expectations. FOSS is code + a copyright license. How the code is created is an entirely different matter, and where FOSS projects often fall short. As FOSS projects come Forgejo is well-organized around a community governance model.

by rapnie

5/13/2026 at 2:49:09 PM

Indeed, the fact that maintainers didn't have until only recently the control for disabling Pull Requests tab in a GitHub repo, is what drove a lot of issues in FOSS collaboration over the past decade.

FOSS and open source licenses never ever granted entitlement for contributors to have their proposals reviewed/merged by maintainers. Neither it ever offered entitlement for users to ask for free support.

FOSS is about giving people access to source code so they can do with it whatever they want, and maintainers/authors should have always had the ability to "publish and forget" the source code, without having to deal with those "entitlements".

by brunoborges

5/13/2026 at 3:50:24 PM

> The "social component" is a big problem in actual FOSS.

You're confusing things. The "social component" refers to people interacting with each other. Such as two developers working on a bug or a feature. Or a tester reporting a bug.

This is a big part of actual professional software development work.

by locknitpicker

5/15/2026 at 2:23:01 AM

To be generous to OP, none of this is intrinsic to FOSS.

I write a library. I put it up online, for other people to use, if they like. At what point did I assume any responsibility to play nice with others? Or work with others at all?

There's FOSS licenses, and then there's the social expectations around collaborative online development, and the latter is nowhere implied in the former.

FOSS was not historically weighed down with all these social expectations. Forking was not seen as some community failure, but the basic purpose of FOSS. Sites like GitHub were a major part of this shift.

by troad

5/18/2026 at 9:36:44 AM

Spot on. And with the slop pull request currently plaguing the open collaboration model I foresee more projects moving (back) to the take-it-or-leave-it model.

by account42

5/29/2026 at 6:09:45 PM

Late to the party, but you can also do KYC on contributors, no need for black and white take it or leave it return to the dark ages.

by gchamonlive

5/13/2026 at 6:34:00 PM

What do you mean? Why is the social component a problem in FOSS?

by nozzlegear

5/13/2026 at 7:57:03 PM

I assume they are referring to the large number of open source users and developers that are particularly bad at people skills and acting calm and rational.

Or maybe they mean there aren't good collaboration platforms in general, not sure.

by majorchord

5/13/2026 at 3:59:37 PM

Yes, what's one more reason to abandon the largest platform.

by marcosdumay

5/13/2026 at 3:23:29 PM

IDK, it's hard to criticize the community too much given how wildly, absurdly successful it is. If I arrived on Earth yesterday and you tried to tell me how much software is Free/free in an otherwise-capitalist economy, I wouldn't believe you!

I really really am not trying to start a political argument, but just as food for thought: this is exactly why I have faith in socialism (read: 'prosocial institutions and norms'). And whether socialism is eu- or dys-topian, it certainly cannot happen in the first place without a "social component"!

by bbor

5/13/2026 at 4:58:56 PM

What on earth is the social component of GitHub? I assume I’m missing what’s useful to people here as it keeps getting brought up, but what is it? Is it the stars on a repo? Are people doing something else big with all of this?

by IanCal

5/13/2026 at 5:11:14 PM

https://news.ycombinator.com/item?id=48123524

by gchamonlive

5/13/2026 at 7:09:38 PM

The vast majority of that doesn’t require anything like GitHub though, that’s just having multiple users.

At a push you could have the same thing massively more spread out using GitHub purely as auth.

by IanCal

5/13/2026 at 10:36:17 PM

https://news.ycombinator.com/item?id=9224

by gchamonlive

5/14/2026 at 5:59:53 AM

Totally different thing, and if you don’t want to engage don’t, this is simply rude.

by IanCal

5/14/2026 at 10:38:21 AM

> this is simply rude

Look, you are the one that opened with "What on earth is the social component of GitHub?". What's the semantic function of that specific construction if not being completely ironic, like you decided I was wrong before engaging?

> if you don’t want to engage don’t

I am engaging, you just don't like that I'm not spelling it out. This is perfectly within the community guidelines.

> Totally different thing

It's just the same thing, you both are ignoring how important convenience is.

by gchamonlive

5/14/2026 at 11:23:30 AM

I'm not sure how to make it clearer. I do not understand what the "social" component of github is that people are using so heavily that it's a big thing to break from and requires huge centralisation, that it is the "most important aspect of the platform". I said that I assume I am missing something because I don't see much that really ties all these things together, and nothing like the network effects of, say, X or facebook.

All you've pointed to is devs working together and people filing bugs. All that requires is auth, no? Is that it? Is an SSO button really this enormous hurdle?

> It's just the same thing,

Saying dropbox is irrelevant because all end users could just "build such a system yourself quite trivially by getting an FTP account, mounting it locally with curlftpfs, and then using SVN or CVS on the mounted filesystem." is not the same as saying "what is the social aspect of github?".

Closer is what I've argued elsewhere, which is that multiple different hosts running (something like) gitea selling cloud based storage as a service would be extremely close to github for end users. And it would be identical for what you've talked about wouldn't it?

> you both are ignoring how important convenience is.

The convenience of what, specifically? Not having to click an SSO button on a new website?

by IanCal

5/14/2026 at 11:43:33 AM

> All you've pointed to is devs working together and people filing bugs. All that requires is auth, no?

Collaboration is a form of socialization. GitHub made a social network on top of a SVN to create a forge that people can interact with each other creating issues, pull requests, reviewing and commenting on them, engaging in discussions, forking and improving upon each others works... These are not "just auth" and it's not something git solves by itself. I really don't know how to make this clearer either, sorry. Maybe it's this is the kind of thing that you see it and you get it or you don't, I don't know. For me and apparently for lots of people in this thread that makes sense.

by gchamonlive

5/14/2026 at 5:14:29 PM

I know git doesn't do this by itself, but then we're not talking about github vs raw git - perhaps that's where you're confused by what I'm saying.

All these other services have what you're talking about, and the only cross-repo/org work I can see here is:

* Aligned accounts (person X on one service is person Y on github), if you want that continuity across services

* Forking

And the whole forking/branching/merging side is handled by raw git.

That's why I've been asking what githubs huge centralisation gets us. It has a UI and features that are useful, great, those exist in other projects too, so what is the stickiness?

by IanCal

5/14/2026 at 5:29:55 PM

Either you understand or you don't understand the value of UAC in social networks, I can't explain it anymore than I had. Sorry.

by gchamonlive

5/15/2026 at 12:06:13 PM

That’s literally the thing I called out as being cross repo, auth.

by IanCal

5/15/2026 at 4:58:43 PM

Auth isn't UGC. And it's not enough to have a GitHub clone, you need people there doing work, therefore the value of the social component.

Edit: I've written UAC in both my posts by accident, but I actually meant UGC: User generated content.

by gchamonlive

5/16/2026 at 6:42:23 AM

Good lord. Yes, people adding the content is important. What is the social component bringing people there? I’m repeatedly asking and you’re never covering this. Please try and actually read what I’m saying and engage with that because at no point are you covering the question I’m asking. I am not asking why people use GitHub. I am asking why there needs to be a single central place everyone goes, like social networks, because the vast majority of interaction is so focused within projects that if they were all isolated and you had one sso provider I’m not sure what you’d lose (and this is the extreme case).

I find repos because of search engines, links from project pages, links from package managers, hn, all external sources. If it’s from linked issues that’s user generated and can easily link off site (and often do).

Are you following users and finding repos like that by seeing that they commit to? Having GitHub recommend repos?

by IanCal

5/16/2026 at 2:33:22 PM

Why so impatient? Do you think opening up with "good lord" will make people more interested in helping you?

> What is the social component bringing people there?

We've answered that again and again, pull requests, discussions, comments, following people. These bring people value. There isn't much more to it. And these aren't "just auth over cross repos". You reached the ocean here and you are still thinking it's just water, expecting it to be something greater. This is just it. That's the social component and the value it brings to the community.

by gchamonlive

5/13/2026 at 6:47:31 PM

Before everyone started plopping their one-off AI bullshit[†] onto Github 40 times per day, I used to love going to Github's homepage feed to see what people I follow were interacting with on Github (contributing to, forking, opening issues on, and yes, starring). It was a great way to discover new projects and tech that I might want to use. I'd found many open source dotnet packages that way, which made their way into my projects' dependencies. I've sponsored some and contributed to others as well, all thanks to Github's discovery.

[†] I occasionally have AI write one-off bullshit too, so I'm not casting stones. It's just overwhelmed the discovery signal with noise.

by nozzlegear

5/13/2026 at 11:15:27 PM

Issue tracker, code reviews

by nijave

5/14/2026 at 5:57:19 AM

Is that what people mean? Just the multi user side of it?

by IanCal

5/15/2026 at 2:34:25 AM

Issue trackers and discussions on FOSS projects are effectively a public forum, and on any public forum people start building brands and identities. Add comment reactions and GitHub stars into the mix and you have a vicarious karma system whereby people's projects jostle in popularity and people try to build reputations. For some people, GitHub is more of a social network than a VCS tool.

GitHub is also somewhat entangled with junior hiring in compsci, meaning there's a tangible economic incentive in building a hireable profile that a recruiter might like. (Or at least that is a widespread belief.)

None of this has much to do with git, the VCS tool, nor is GH-as-a-social-network objectively very important, but it's natural to place outsized importance on a community in which one is active, and there's a significant overlap in the HN commentariat and GH users. So you'll probably hear more about the claimed social utility of GH here than in the real world.

Hope this helps clarify what people are talking about. :)

by troad

5/13/2026 at 1:14:01 PM

Forgejo is doing a lot of work to make the tooling decentralized, too. They are using open protocols and standards to link self hosted forges together.

by limagnolia

5/14/2026 at 2:21:37 AM

Plus as TFA notes, they went full copyleft:

> As of v9.0 in August 2024 the project relicensed from MIT to GPLv3+, with the explicit goal of staying copyleft and resisting future commercial capture of the codebase.

The value of copyleft for decentralization is too often overlooked.

by spopejoy

5/13/2026 at 1:49:38 PM

I can’t wait for federation in Forgejo. With that, there’s honestly no reason not to host your own forge.

by hperrin

5/13/2026 at 2:18:49 PM

The reason will be that not everyone wants to deal wit maintaining a self-hosted box.

by Ritewut

5/13/2026 at 2:54:25 PM

my eyes have been glazing over it feels like our infra/devops dudes have proverbially given up and they're just looking to buy cloud services to do everything now. security guy looks like he wants to jump off a bridge and i keep trying to nudge them into waking up to not needing 99.9% uptime we'll settle with 95% uptime and no one needs to be on call, and you can go to sleep at night knowing all the code lives behind your damn fort knox firewall company intranet and 75 layers of authentication.

it's interesting because the more paid services these guys bring on board the more complex the security shit gets for them. the head of our IT is a fucking lunatic though and he is steering shit towards utter disaster, he's obsessed with being the guy who picks the next cloud service that "makes things so much better".

my small team is actually considering just getting some mac minis and making a cluster of servers. we decided we don't need infinite uptime for hosting m-f office tools and we can just ... not interface with our infra/devops guys who have lost their damn minds and say no to everything now. they're supposed to be the compute tower under the tragedy known as TBM and they haven't approved a single VM in like 2 years.

by trueno

5/13/2026 at 5:23:12 PM

It's about offloading blame. If a server nukes, it's on infra to get a guy to unscrew it. If a service nukes, infra guy says "welp it's down", keeps on clicking.

It doesn't matter what happens 6m-2y down the road, your odds of being laid off or job hopping are high in the current regime so this all makes sense. You pay some amount of your budget to make your life "easier" in the now.

The trouble comes 2-5y down the line when the service is bought out by <insert MEGACORP here>, and you have to scramble to replace it or hold your nose and pay up.

(tbh, migration is not that hard, but the org will act like it is)

The matrix of authentications, compliances, and intranets will only go up as your company grows and often are enforced by people who do not suffer them daily.

by anarticle

5/18/2026 at 9:42:03 AM

> tbh, migration is not that hard, but the org will act like it is

It actually would be hard to impossible if done properly - meaning no lost information and no dead links.

by account42

5/18/2026 at 2:22:28 PM

Not your problem under the hot potato model. It's not impossible and here's the other thing: it often doesn't matter if things get broken to your megacorp as long as you keep up appearances with clients.

Sorry if this sounds really grim / cynical, I've simply seen enough of these kinds of migrations to know that it is fundamentally opposite of my perception of engineering philosophy. It often becomes more of a question of business rather than correctness. (Can we simply fire the smaller customers? -> yes.)

by anarticle

5/13/2026 at 4:08:26 PM

What would you use a cluster of mac minis for?

I mean, if you're going that far, a couple of refurbished servers gives you far more compute and far more capacity and much better maintainability.

by lelanthran

5/13/2026 at 4:21:49 PM

I would love to see it happen, but an internal service vs something exposed to the internet can be challenging.

I think services like Cloudflare could play a role if they were able to provide some kind of forward auth and preferential treatment of core users during overload. My self hosted systems would have to be the source of truth and Cloudflare would have to be replaceable for me to consider using it.

Think along the lines of automated pre-auth that coordinates with the origin based on some standard.

by donmcronald

5/13/2026 at 7:59:00 PM

There is already federation support in radicle and vervis.

by ranger_danger

5/13/2026 at 6:06:43 PM

Not everybody uses git because they're infatuated with "the spirit of git". Only a tiny minority have ever even used it with the patches-by-email model it's intended for, and I would guess the vast majority of the rest have no interest in learning. People use git basically because it's what github uses, or slightly more generously because it works well when paired with a centralized host like github. The model of developing code locally and dicussion issues and patches via a web portal is the model people are taken with. Only a small portion of that is provided by git proper.

by f33d5173

5/14/2026 at 6:02:13 AM

Although that only requires a centralised host per repo.

by IanCal

5/13/2026 at 4:21:32 PM

Something nobody's really calling out: Forgejo is genuinely hackable. I just added a "showcase" mode to my instance: private repos can show their README and root file listing publicly (so I can advertise that a project exists and what it does), but viewing actual code, cloning, issues, PRs are all locked behind group membership.

About an hour of work, small and frankly trivial diff: https://peoplesgrocers.com/code/forks/forgejo/pulls/1

I didn't have to fight the architecture at all, the seams were right where I needed them. Added migration adding a boolean column to the repo config table, a few tweaks in permission middleware, and voila, it just worked. Really excellent decoupling in the Forgejo codebase [1]

You can't do anything like this with GitHub. That's the actual freedom! Separate from the where-do-I-host-my-git question. There is a big difference between software that "sure technically I can change it since I have access to the source" vs software that's been constructed specifically to be customized and changed.

[1] Permission checks live in obvious places, the template system let me modify UI without touching unrelated code. Someone (many someones) clearly cared a lot about keeping this codebase modifiable by outsiders, and it shows. That's hard to do and should be more celebrated.

by marxism

5/13/2026 at 1:55:17 PM

I agree with this. Moving the git repo is easy, moving the whole project surface is the hard part.

Issues, releases, CI, docs, security advisories, search and discoverability all tend to get coupled to GitHub over time.

For open-source projects, I like the idea of self-hosted as the source of truth, but still keeping a read-only GitHub mirror so people can actually find it.

by perkovsky

5/13/2026 at 3:26:42 PM

The ideal situation is to eliminate thinking that the thought process for "actually finding" a project == GitHub.

We let Microsoft parasitize our brains with this. The software community has long had alternate forums. GitHub isn't even a particularly good one, and it's recently just become a swamp of generated content, fake stars, and mining your content.

In the last couple months at least once a week I get some LLM generated phishing spam from some bot that "found your projects on GitHub and want to collaborate" etc.

And it's well documented now how you can just go out and "buy" GitHub stars.

Please. Cut the umbilical.

by cmrdporcupine

5/13/2026 at 1:59:26 PM

...Maybe that's the answer, we need a "hub" for the smaller missing things to start, you pop in your git repository when you join, and it can sit as a thin layer over your repo with issues, releases, etc... Sounds like a lot of work, but doing it piecemeal would do it.

I think trying to re-host git itself might be more trouble than its worth. My kingdom for someone to build this so I don't have to use ADO boards anymore.

by giancarlostoro

5/13/2026 at 2:54:24 PM

Like some kind of UI over a database scraped by code which understands Github, Forgejo, Gitlab, sr.ht, etc?

One issue is that issues tend to be monotonically increasing numbers, and references to old issues vs. new issues get confusing over time.

by radlad

5/13/2026 at 1:58:21 PM

GitHub centralizes 2 things: Authentication, as well as Repository Hosting.

Does the code really need to be hosted in a central location like this? (Clearly not, which is why people are leaving GitHub in the first place)

But the one part GitHub provides that's genuinely valuable is the social aspect, and when you get a PR from a user named torvalds you can trust that this is in fact Linus. This isn't the case with more distributed systems.

That's why I'd really like to see some entity handle just the auth/identity providing. Forgejo/ Gitea/ Gitlab instances can then choose to use that. Then, for example if you want to take on another contributor and they have their own forgejo instances, you can invite them through this provider, when they fork your repo it ends up in their own forgejo, and they can easily create PR's into your repo.

by pixlmint

5/13/2026 at 2:20:19 PM

Tangled is working on something like that. I believe they are federating on the @protocol.

https://tangled.org/

by Ritewut

5/13/2026 at 3:04:31 PM

I am very active on bsky and I also use some other ATProto applications like tangled. I think this is the first time I have seen anyone refer to ATProto with an '@'

by Zambyte

5/13/2026 at 4:30:22 PM

It's less used but the @ is the atproto logo. I default to saying aye-tee instead of at though. It just sounds better.

by hooverd

5/13/2026 at 2:39:18 PM

GitHub also centralises abuse detection. I'm not thinking about sophisticated attacks here so much as dealing with plain old spam. That's fairly easy to deal with on a tiny scale, and possible on a huge scale, but it's a great pain at a medium scale.

by mjw1007

5/18/2026 at 9:46:51 AM

Do they though? Slow PRs have been a consistent pain point for GitHub hosted projects lately.

by account42

5/13/2026 at 4:23:16 PM

I would argue GitHub does a lot more centralization than just those two. It's an entire developer platform centered around Git. It does hundreds of other things that some developers use, and some don't.

by chris_money202

5/13/2026 at 5:09:22 PM

GitHub really doesn't have hundreds of additional working features beyond git.

by SpaceNoodled

5/13/2026 at 7:57:22 PM

Collaboration, issue tracking, Actions (CI/CD), Codespaces, Security, AI, Identity, social, hosting. Those are like broad categories I can think of off top of my head too you could fit probably 10-15 "features" into each of those.

by chris_money202

5/14/2026 at 5:17:58 PM

Lots of those aren't centralisation/decentralisation issues though - codespaces, actions, issue tracking, multiple users, all that is repo/org level.

by IanCal

5/14/2026 at 7:08:20 PM

GitHub is centralizing all those features. If GitHub was just for repo hosting, then you would need to link your repo to another platform to do CI, another platform for issue tracking relative to the code, etc.

by chris_money202

5/15/2026 at 12:05:09 PM

They have those features but those aren’t decentralisation issues, as far as I’d understand the term, but those already can be done elsewhere right now. They’re purely tied to one repo really, it’s only the user accounts that I can see being more of a cross repo concern.

And global search but I don’t feel like that even really works.

by IanCal

5/13/2026 at 2:01:35 PM

> That's why I'd really like to see some entity handle just the auth/identity providing. Forgejo/ Gitea/ Gitlab instances can then choose to use that. Then, for example if you want to take on another contributor and they have their own forgejo instances, you can invite them through this provider, when they fork your repo it ends up in their own forgejo, and they can easily create PR's into your repo.

Agree, I feel like a true alternative should focus on this missing piece to bridge the gap.

by giancarlostoro

5/13/2026 at 2:17:25 PM

The "missing" piece is just everyone implementing OAuth Dynamic Client Registration. Then kernel.org could be its own OAuth provider, and Linus could log into someone's Forgejo with his kernel.org login.

Just like "log in with Google", you should be able to do "log in with OAuth", you type your email or domain (or your browser fills it), and it triggers a redirect flow for login. Then people can use GitHub or Google or Apple or their own provider, just like email. Every email provider could also be an OAuth provider.

by ndriscoll

5/13/2026 at 2:10:05 PM

GitHub is to git like Reddit was to forums. Centralized usernames and such were very nice, but it also has downsides that we’re now living with.

GitHub is still really, really nice in that it’s five seconds to throw up a repo that’s accessible worldwide (98% of the time lol) and everyone’s on there. Whatever replaces it (just like whatever replaces twitter) may be better in many ways, but it will be “worse” in others, even if just in splintering.

by bombcar

5/13/2026 at 2:08:37 PM

Signed commits could solve this in a more decentralized way if people post their public keys on their own domains.

by lorecore

5/13/2026 at 2:36:32 PM

Own domains is the real deal. My preffered model is tarball releases with checksums, or better yet, with signatures (like remind[0] or msmtp[1]). Such pages are trivial to host properly and loads quickly.

[0]: https://dianne.skoll.ca/projects/remind/

[1]: https://marlam.de/msmtp/download/

by skydhash

5/18/2026 at 9:50:14 AM

I was confused for a bit what those two projects have to do with signatures but I guess you are just using them as examples of having (PGP) signatures for downloads?

by account42

5/13/2026 at 3:59:58 PM

This was the original model of launchpad.net, it was supposed to be a hub of Foss that pulled in from the decentralised VCS's, and provide them all via bzr.

But bzr lost the battle, Canonical was slow to adopt Git, lack of investment in the platform, so it was another lunch that got taken from them.

by Daviey

5/18/2026 at 9:51:22 AM

Canonical should just rename themselves to Not Invented Here. Their inability to work with others and instead reinventing the same thing badly is beyond comical at this point.

by account42

5/18/2026 at 10:08:34 AM

Interesting, got some examples of things they reinvented?

by Daviey

5/13/2026 at 4:51:06 PM

Nobody’s forgetting anything. People want tooling around git bare repos. GitHub was cool because of forks and instant forked repos. That’s how they’ve established their moat.

by throw1234567891

5/13/2026 at 5:47:03 PM

That "everyone" is just a small, vocal community if you look at the total numbers of repos on GitHub (which is still climbing)[1]

Yes, I understand that people are upset about the Copilot issues and maybe even the "frequent" outages (which usually only affect fringe parts of the site not everyone uses daily)

It's good that there are other solutions (forge, sourcehut, whatever) but most projects are still alive and very well on GitHub and my guess is that this will stay for a while.

Also, personally I have no issues with GitHub training AI on my (badly-coded and bug-ridden) code if they really want to :)

[1] https://www.reddit.com/r/github/comments/1snqyj3/is_there_an...

by dark-star

5/18/2026 at 9:53:46 AM

Why do you think total numbers of repos is a relevant metric here? If anything, the slop spam on GitHub is a problem and a core part of why people are leaving.

by account42

5/18/2026 at 6:06:44 PM

that might be true, yes, but still: the burden of proof (that "github is dying") lies with the original poster. A statement like "last week, these 3 big projects left GitHub" is not that

by dark-star

5/13/2026 at 1:16:37 PM

I think you're forgetting issue tracking and CI.

by _flux

5/13/2026 at 1:31:33 PM

Forgejo has both these things, I'd even argue Forgejo has a better runner than GitHub actions as it's less resource heavy and easier to debug when issues arise (only ran into one, and it was self inflicted).

by shimman

5/13/2026 at 2:15:53 PM

I have no trouble believing it is better :), but it is not as easy to mirror a Github issues, or CI configuration, to Forgejo or back as it is to handle the git side.

I think Radicle is interesting. It doesn't solve the CI bit, at least not yet, but I suppose it's possible to hook up some local runner for it.

There's also a bug tracker which I believe was called bug, but I can't find it ;), that tries to bridge different issue trackers and providing offline mode for working with them.

People of course also love free CI capacity where they can run even untrusted code, so in that sense Microsoft resources might be difficult to compete against.

by _flux

5/13/2026 at 4:45:38 PM

Radicle CI does exist but it is admittedly fairly early on in development

by amusingimpala75

5/13/2026 at 2:26:42 PM

I really wish people would drop the GHA model because it's so bad and insecure by design. GitLab's CI is miles better and easier to use.

by treyd

5/13/2026 at 2:32:04 PM

True but GitLab is going to run into the same issues as GitHub, maybe even worse because GitLab doesn't have a trillion dollar multinational benefactor. Public corporation and developer tooling has never boded well, a current look at GitLab reflects this sentiment perfectly.

Which is why we should always champion FOSS for dev tooling as it's the only way a community can have a say in an industry dominated by unregulated tech behemoths.

by shimman

5/13/2026 at 4:57:58 PM

> True but GitLab is going to run into the same issues as GitHub

Will they? Has Gitlab doubled down on "Agentic AI" and thus require 30x capacity to support current users, while being kneecapped by Azure?

by overfeed

5/13/2026 at 6:41:17 PM

Well GitLab has to deal with a board that hasn't seen exactly great returns since they went public and the situation is unlikely to get better if they continue being a public corporation. Recent leadership statements instill zero confidence on their plans to do anything meaningful.

Same problem, capitalism, but different constraints.

by shimman

5/13/2026 at 4:44:08 PM

Is the tooling really centralized around Github? I use TortoiseGit, and that doesn't seem to care which service you are using. Although it does seem to have special authentication features specifically made to help you log in to Github.

by Dwedit

5/13/2026 at 4:22:18 PM

I do not mean for this to come across as a nit, but think it's worth stating explicitly:

> Everyone seems to be leaving GitHub

A small minority is leaving Github; this group is more likely to write articles about the choice than those who still use Github.

by the__alchemist

5/18/2026 at 10:13:09 AM

It always starts with a small minority. In this case, it already includes some very well known projects.

by account42

5/13/2026 at 9:46:04 PM

> Git is decentralized, GitHub is just another place you can host your code in, but you can push your code to multiple remote servers.

That's precisely what I have been doing for years, I still get to keep one foot in the GitHub ecosystem. I still get most contributions on GitHub, and that's fine by me. When a PR comes it I check it out locally, review it, and when it's done I merge locally to master, push to origin, and then origin pushes to GitHub which then automatically closes the PR and gives the author attribution. I never actually have to interact with GitHub after the initial pull.

by HiPhish

5/13/2026 at 11:16:58 PM

Where do review comments go? What if changes are needed?

by nijave

5/13/2026 at 6:34:10 PM

Everyone knows git is decentralized. What people are searching for is a space for the social component of development such as issue tracking. Being able to reference lines of codes in issues is a killer feature of github. Gitea and gitlab do it too but not as well.

Also "just use multiple remotes" doesn't solve the problem. If you don't trust GitHub you shouldn't be pushing code there to begin with. So the ideal platform for hosting an equivalent platform as Github needs to be a trusted one as well.

by midtake

5/15/2026 at 4:27:57 PM

I will not put anything on GitHub for a couple of reasons.

1) MSFT is using our free labour to train its AIs.

2) Being Canadian, I do not want any dependence on a US-based company, seeing as the US can no longer be considered a trustworthy ally.

by dskoll

5/13/2026 at 1:39:00 PM

I don't think anyone is forgetting that, but most people don't care that much about the decentralized part. They care about it being user friendly, free and for companies if it has all the enterprise features / SSO etc. that they need.

by dewey

5/14/2026 at 12:42:48 AM

While that is true, the real power of git being decentralized is that you have a local repo and a remote repo. Typically, you’ll have a dozen local repositories from developers cloning the project

by hk1337

5/13/2026 at 3:38:46 PM

> Everyone seems to be leaving GitHub, and forgetting the entire spirit of what git is in my eyes.

And here lies your misconception: services such as GitHub are really not about git. That's a red herring. It's not about tooling either. People use services such as GitHub because of things like issue management, access control, release management, project pages, and CICD integration. You click on a button and you create a repository that's automatically added to your organization, with all access controls sorted out. You click on a button and you grant read access to someone. You click on a button and you onboard a whole team.

Underneath it all, it's completely irrelevant if you are even using Git. Some people even use github's CLI interface instead. Does it matter if it's git or not? Do you even care?

I have personal projects hosted and mirrored across GitHub, Gitlab, and BitBucket. That works, but only as far as backups are concerned. Even in projects that onboarded onto a third party CICD system, git is really not the reason for picking one service over another.

by locknitpicker

5/13/2026 at 4:44:09 PM

A lot of the complains in the blog post would still be there, though, even if GitHub was just a mirror (the AI training stuff, the US jurisdiction concerns).

by cortesoft

5/13/2026 at 2:10:53 PM

"Git is decentralized"

Because is a kind of filesystem.

How a TEAM operate IS NOT.

And that is the point of Github.

There is no escape to the coordination problem!

(And if you say mails, patches, and other asynchronous ways: same thing, more complex)

by mamcx

5/13/2026 at 8:06:26 PM

github's draw is the community and exposure.

by tonymet

5/13/2026 at 4:53:43 PM

[dead]

by mattlutze

5/13/2026 at 6:35:29 PM

The real game changer would be completed Federation[1] support. This is why I am donating both Forgejo[2] and Codeberg[3] and urge everyone doing the same, to give more time and resources for the Forgejo team to implement it properly.

Another good contender is the Radicle[4][5] which is completely decentralized on top of the Git.

[1] https://codeberg.org/forgejo-contrib/federation/src/branch/m...

[2] https://liberapay.com/forgejo

[3] https://donate.codeberg.org/

[4] https://radicle.dev/

[5] https://radicle.network/nodes/seed.radicle.dev

by xvilka

5/13/2026 at 7:28:24 PM

Federations are the worst decentralization model, they're too loosely cooperative.

by tempaccount420

5/13/2026 at 7:53:50 PM

federations are the only decentralization model that scales, the issue is that most "federated" systems are actually just "distributed centralization" eg mastodon.

by afiori

5/13/2026 at 10:39:32 PM

There's a technical difference between a "distributed" system and a "decentralized" system.

by AlienRobot

5/13/2026 at 10:02:38 PM

What is federation if not ‘distributed centralisation’?

by F3nd0

5/13/2026 at 10:12:19 PM

[dead]

by dickywad

5/13/2026 at 1:38:04 PM

I have also moved my git repositories to a self-hosted NUC. I have not yet bothered with a HTTP frontend to share it with the world, mostly because I don't want to provide AI scrapers with content and don't want to put the work in to block them.

It's a shame that all these companies that benefited from open source have poisoned the industry like this

by sc68cal

5/13/2026 at 5:53:40 PM

I use Gitea in my NUC, hardware was used and cost like 50 quids. Has been running for 3 years! If you lock it down so that it is just available in LAN and no internet, it is a solid, timeless experience.

by mawadev

5/13/2026 at 2:06:46 PM

I also have a self hosted Foregejo on a Pi (but probably not much longer) that acts as a mirror of my GitHub. The main issues I keep facing are:

- Repositories seem to mirror fine for a few weeks and stop. Pretty useless. I have a PAT token for it that does not expire, and yet it seems to claim otherwise, despite the token working elsewhere when I test it.

- Sometimes there is nothing in the logs, sometimes it's the database being locked for some reason. The only thing that uses the database is Forgejo.

- So far I haven't been able to tell if this is Forgejo, crappy SD IO on the Pi causing database locks, or Forgejo sucking at being a mirror.

by lloydatkinson

5/13/2026 at 2:08:46 PM

Probably the mirror? I have zero problems like that on my Forgejo Pi setup. I am not mirroring

by huijzer

5/13/2026 at 2:48:04 PM

SD card seems the likeliest culprit. Some of them are really bad quality.

by jurgenburgen

5/14/2026 at 9:24:32 AM

Could be yes. I’m using a M.2 SSD with USB adapter and that seems to work well with my RPi 4. Wasn’t that expensive plus should last way longer than SD card.

by huijzer

5/13/2026 at 1:46:35 PM

> It's a shame that all these companies that benefited from open source have poisoned the industry like this

Open Source and the OSI are an industry plant. Look at who sponsors it.

The monopoly hyperscaler conglomerates get free labor and use it to build the world we despise: tracking panopticons, phones we can't install things on, device attestation, browser monoculture with no adblock, etc. etc.

Google made people fall in love with BSD/MIT, and look what it did.

Just a few of the classic plays:

"That Belongs to Us Now" - (1) vendors build stuff like Elasticsearch and Redis, (2) the hyperscalers yoink it into their proprietary offerings and take all the profits, (3) original authors and their companies starve.

"Embrace, Extend, Extinguish" - (1) vendors take an open source project like KTHML or Linux and build their version, (2) they flood the market with their offering, pushing out the competitors, (3) they use anti-competitive means to get their thing in front of all eyeballs, (4) once they have marketshare, they do evil things like add tracking and remove freedoms

Open Source needs to replaced with "freedom for the people, companies must pay". Source available shareware with anti-hyperscaler teeth.

Even Richard Stallman's licenses are not strong enough. CC BY-NC-SA is better.

"Pure" Open Source is corporate welfare. It was a mistake. It enabled giants to hang us with our own rope.

by echelon

5/13/2026 at 2:00:16 PM

> Open Source and the OSI are an industry plant. Look at who sponsors it.

This is ignorant to the history of Open Source software. Software has been open long before it was subsidized by large corporations.

"Computer software was created in the early half of the 20th century.[2][3][4] In the 1950s and into the 1960s, almost all softwares were produced by academics and corporate researchers working in collaboration,[5] often shared as public-domain software." https://en.wikipedia.org/wiki/History_of_free_and_open-sourc...

by nathanielks

5/13/2026 at 2:19:57 PM

You're talking about a different thing to OP. OP is talking about the OSI and the specific incarnation of 'open-source' that came with it, you are talking about the more general social pattern of open collaboration.

by zesterer

5/13/2026 at 6:48:45 PM

> Software has been open long before it was subsidized by large corporations.

Software then was also rather different from software now. It's not a government-funded research project these days.

by tbrownaw

5/13/2026 at 1:59:24 PM

One problem with all of these licenses is that however the code is available, we can’t practically prevent the LLM companies from training on it (especially given that they don’t respect IP laws anyway). No idea what to do about this. Wonder if communities will have to move to some kind of fractured system where source is gated behind a login.

Rough times out there for transparent organizations.

by bee_rider

5/18/2026 at 2:16:14 PM

> No idea what to do about this.

Same thing book writers did when the printing press brought the possibility for others to copy their books for free.

There are also other options that have been used historically but they tend to be a lot more bloody.

by account42

5/13/2026 at 1:50:37 PM

Why can't others just be "Others I disagree with"? Why it has to be some grand conspiracy?

I'm all for open source, most of what I do is released as MIT, almost never "Free Software", still doing the same thing since LLMs appeared, regardless of everything else.

I'm a real person, have nothing to do with OSI but willing to explain my position, as long as you take it as real opinions held by a real person, instead of going into conspiracy theory land. Ask me anything, I'll give you my honest perspective.

by embedding-shape

5/13/2026 at 1:52:47 PM

When you come into a convo saying even Stallman isn't extreme enough, it's probably a good time to take a step back and evaluate your life.

by wutwutwat

5/13/2026 at 2:02:18 PM

I don't see a reason anyone needs to stop and evaluate their life for this reason.

Is it a danger to anyone, or damaging in any way? I think not.

by grim_io

5/13/2026 at 2:04:21 PM

Does one have to be a danger before they should evaluate their life? I sure hope not.

by wutwutwat

5/13/2026 at 2:11:12 PM

I don't feel comfortable telling anyone they should evaluate their life for such a silly reason.

Can? Sure. Should? Very questionable.

I'd call your statement more "extreme" than any of the stallman's statements on software.

by grim_io

5/13/2026 at 2:13:38 PM

surethingderbud

by wutwutwat

5/13/2026 at 2:02:21 PM

I'm actually a capitalist.

But our 25 year lax regulatory environment has created a world where the largest players abuse consumers and the competitive ecosystem.

Open source is one of the many strategies these companies have abused to create grave harm to our society. It's let them get further with our support and with less expenditure. It's given them an ethical smoke screen.

- Social media algorithms are the tobacco products of our century. Kids are growing up with a distorted sense of self worth, people are getting angrier and more polarized, and all of it is highly addictive - all to fuel corporate profits.

- The most popular and important computer form factor is controlled by a duopoly and we can't even own / repair / install / have rights to our devices.

- All hardware is becoming locked to device attestation, meanwhile companies are lobbying for "age verification" (read: full-on identity tracking).

- Distribution is being locked to monopolies. 92% of "URL bars" are owned by one company, and typing something into a computer goes through a bidding war protection racket.

I can go on and on about it. I shouldn't even have to. You know this.

A lot of this is because of a lack of proper competition. Since the DOJ / FTC / EU / ASEAN are being toothless (the latter are slowly waking up), the next best thing we can do is take away their open source abuse. Stop letting them use our work against us and the rest of the population.

by echelon

5/13/2026 at 2:22:31 PM

I share your worries, but I don't blame open source for it. They would have done the same (or worst) without it.

Also, open source is one more justification on why we need to increase taxes on the very rich. At this point all of them have built their fortunes on it. Just like they do on the rest of public infrastructure.

by MyHonestOpinon

5/13/2026 at 2:11:26 PM

I hope you find your peace.

by wutwutwat

5/13/2026 at 2:20:13 PM

This is all expected in capitalism as these are mechanisms to extract more profit.

We need more socialists in power...

by master-lincoln

5/13/2026 at 3:10:52 PM

I think you should take many steps back and seriously reevaluate your life.

by cyclopeanutopia

5/13/2026 at 2:15:51 PM

I find non-commercial licenses too extreme. People selling your free software or using it in a commercial way so long as they respect the license is a good thing

by mghackerlady

5/13/2026 at 2:17:15 PM

Why would someone gladly provide their work as open source but draw the line at AI reading it and using that knowledge to help more programmers later? It makes no sense to me. I actively want all of my code to be read by AI.

by jimmaswell

5/13/2026 at 2:29:04 PM

A couple of valid reasons:

+ they don’t want to pay the bandwidth costs

+ they don’t want to help train a model that might ultimately put them out of work.

I don’t personally agree that AI are taking out jobs, but I do think it’s still a reasonable concern others have so I would sympathise if that were the rationale.

by hnlmorg

5/13/2026 at 2:31:54 PM

Doesn't seem inconsistent to me. I may want my code to be open source so that other humans can read it, understand it, build on it, and contribute to it.

I may also have a philosophical opposition to generative AI at the same time - there are plenty of environmental, societal, and intellectual-property costs that some may find unconscionable.

by antonyt

5/13/2026 at 3:03:19 PM

It's kind of breaking the social contract. Licences were drafted, conferences were held, and endless flamewars tried to codify what it means to collaboratively build, distribute, own and use open software.

Then came the model trainers, ignoring the entire discourse, reasoning: "if I can download it, it's mine too use". And then basically selling the resulting tech back to the community.

Not unlike big tech extracting money from open source, but at least the latter usually (somewhat maliciously) complied with the license.

by repelsteeltje

5/13/2026 at 6:33:31 PM

Consider a couple similar situations:

1. Many teachers don't publish, and those that do publish often still reserve their best for their students.

2. OS development sometimes operates like esoteric societies: you publish enough that people with the desire and insight become interested and engaged - both a filter and an invitation. So you can tailor the community you like.

Both depend on people really valuing these mutually-constitutive relationships.

My observation is that the generations raised on social media and gaming are happy enough with those substitutes, and view publishing their best work as a kind of self-promotion and participation in a larger, diffuse community (without a real role in governance). And they're right: expecting more personal communities now is a severely limiting factor, and AI removes most of the incentives to participate in someone else's project.

by w10-1

5/13/2026 at 8:36:02 PM

Open source is not necessarily about helping any programmer, for any endeavor. Actually, my code targets the end users, not fellow programmers.

I don't want my code to be used to build proprietary software. I want code built on top of mine to respect its users. I choose the AGPL for this reason.

I also don't mind the attribution.

The LLMs don't care about all that, and do that by hogging the resources, y creating a lot of waste and pollution and disrupting society for unclear benefits. No thanks.

by jraph

5/18/2026 at 10:17:49 AM

Why would someone volunteer at a soup kitchen but not want to donate free labor to the canning factory? I'm pretty sure you know the answer to both questions.

by account42

5/13/2026 at 9:25:11 PM

When AI respects my license, sure.

by parliament32

5/13/2026 at 2:29:35 PM

[dead]

by deaton

5/13/2026 at 1:19:55 PM

In "What I gave up" section author mentions his social graph. It is possible to take your social graph and collaboration history using GitSocial. It also allows cross-forge pull requests between any git hosts. All without 3rd party dependencies.

by delf

5/13/2026 at 1:51:57 PM

Thank you for this, GitSocial is a very cool piece of software!

by bigfishrunning

5/13/2026 at 2:01:39 PM

github is a social network. git hosting is just a minor feature. thats why none of these alternatives ever take off .

by dominotw

5/13/2026 at 2:11:53 PM

People keep saying this, but I’ve never used the social aspects of GitHub beyond not having to create a new user for a new project.

If the projects I am interested in are elsewhere I’ll meet them where they are.

by bombcar

5/13/2026 at 9:17:38 PM

Happened to me twice (a decade ago, though) that I had some niche project (one a serial terminal, another a laser cutter firmware) that was on github with users left but the maintainer long gone.

I was able to pull the graph and collect patches and bugfixes from forks, like from a fablab somewhere using the same hardware, pushing to their fork with all their other location-specific stuff. In one case I discovered like four different forks with a different fix for the same problem.

Now you could argue the "social" part wasn't working if people fixed the same issue multiple times without knowing about each other. But at least github made it possible for me to collect everything there is, review and merge it into my own repo, and then drop a comment at the original issue tracker. (Which would have gone 404 had it been self-hosted, or with registrations closed due to spam.) In both cases I eventually got feedback from other people who found my branch and used it.

by Matumio

5/13/2026 at 1:24:57 PM

TIL. Thanks!

by jorijn

5/13/2026 at 1:29:50 PM

You're welcome! I'm the creator of GitSocial, happy to answer any questions.

by delf

5/13/2026 at 1:58:56 PM

I'm very interested.

I run my own public instance of forgejo. Is this software I run on my own that syndicates other users' commits? GitHub *was* good for discovery; does GitSocial offer something similar? Are there ways I can push more of my contributions into GitSocial, or does that happen automatically when I start using it?

I think the GitSocial website would benefit from a "features and benefits" section rather than just a timeline view and demo, and I advise you to emphasize the benefits. I can see a TUI and a timeline of commits, but it seems like GitSocial is MUCH more exciting than just that.

To me, GitSocial offers freedom from corporate control and surveillance of my open source work, and that's really intriguing.

by xrd

5/13/2026 at 2:37:28 PM

Discovery is still in the works, but the core idea is that all collaboration data is stored in git itself (be that the project or a fork). It's git all the way down :)

by delf

5/13/2026 at 2:05:56 PM

I've also heard of Tangled [0] which is decentralized and built on the AT Protocol like Bluesky but also has some genuinely useful features that GitHub has been dragging its heels over in implementing, like PR stacking, such that entire companies have sprung up to add that feature in GitHub.

Has anyone tried this?

[0] https://tangled.org/

by satvikpendem

5/13/2026 at 4:20:17 PM

Yes -- it's definitely alpha software, but usable for open source. There are interesting experiments like tack[1] to wire in custom CI. I imagine they'll be able to support private repos eventually once ATProto supports private data, but that may take some time.

[1]: https://tangled.org/mitchellh.com/tack

by tao_oat

5/13/2026 at 6:45:13 PM

I recently set up my own self-hosted "Knot", but haven't spent much time with other features:

https://tangled.org/h14h.com/knot

Overall, I think the platform looks really promising. The AtProto separation between Personal Data Servers, Relays, and AppViews seems like the appropriate set of trade-offs, IMO.

Being able to host my git repos as a headless, data-only server is about as painless as self-hosting can get. Compared with ActivityPub solutions (like Forgejo), it's great that I get to side-step the tedium of hosting and scaling an entire webapp when all I really care about is controlling my data.

Since the initial setup, the only ops maintenance I've had to do is bump the knot-server version and redeploy (tangled.org displays a banner warning notifying me when it's outdated).

Excited to spend some more time with Tangled on other projects and test out their other features! I'm particularly interested in their native support for jj and stacked PRs.

by h14h

5/13/2026 at 5:52:04 PM

They just got a big VC funding. There is still no mention about the business model. I really wonder what it will be.

by nicce

5/13/2026 at 7:51:02 PM

Damn, there goes my interest.

by satvikpendem

5/13/2026 at 9:13:38 PM

The same as it always is, rug pull the community at the first sign of hardship and fuck over any worker that stands in front of your potential monetary gains.

by shimman

5/13/2026 at 2:24:39 PM

I would love to use it, mostly for the jj compatibility and the nice CI implementation, but I need private repos so sadly this is not yet for me.

by mgrandl

5/13/2026 at 3:42:38 PM

It's too decentralized for my taste IMO.

I like using radicle.xyz instead.

by rirze

5/14/2026 at 1:13:17 PM

can you expand on what makes you think being too decentralised is a negative?

by KolmogorovComp

5/16/2026 at 2:43:36 AM

Didn’t GitHub add PR stacking recently…?

by Klonoar

5/13/2026 at 3:09:52 PM

> The CTO publicly apologised and said capacity needs to scale 30x to keep up with AI-driven load.

I hope they don't start charging for regular use of GitHub, but when I see how some of the vibe coders make thousands of commits a day, I'm becoming more and more skeptical. Would be a real shame if we can't share and cooperate on code for free.

by l5870uoo9y

5/13/2026 at 3:30:39 PM

I feel like LLMs will help solve this problem they've created, TBH -- any human expert can tell in seconds when a repo has this problem, so it should be doable by a system that's tweaked over. The tricky part is writing a legal agreement that lets them apply vibe quotas!

This is what Anthropic is already doing with CC, and tbh GitHub and GitLab are probably doing the same. The cost is some hate from devs on Twitter and random small subreddits ofc, but I bet that's well worth it!

OTOH, it does kinda blow my mind how often I see people (on /r/vibecoding and elsewhere) paying for a $200/mo subscription to produce what amount to hobby projects and toy sites. I've been known to make some silly money decisions when I can afford it, but this feels different.

I guess it's a $2400 annual subscription to a service providing Meaning and Purpose? If you're around 40 and realizing that you'll never be rich or famous, this might actually affordable compared to the alternatives!

by bbor

5/13/2026 at 6:58:42 PM

> it does kinda blow my mind how often I see people (on /r/vibecoding and elsewhere) paying for a $200/mo subscription to produce what amount to hobby projects and toy sites

People spend more than that on their (non-vibecoding) hobbies. Think of folks who do woodworking, 3D printing, sailing, car racing, etc. So $200/mo is not excessive if they get their enjoyment out of it.

by warkdarrior

5/13/2026 at 10:45:09 PM

Just charge for commits per day after a certain number. Problem solved.

by AlienRobot

5/13/2026 at 11:36:20 PM

"Claude, squash all commits on this branch before pushing"

by satvikpendem

5/14/2026 at 1:13:12 AM

that might genuinely solve the problem though

by cush

5/13/2026 at 1:24:45 PM

People constantly cry out for decentralization. In reality, however, most systems eventually end up centralized. Perhaps when people ask for decentralization, they are actually seeking a new center where they can become the new pioneers. It seems that when they feel they have no chance of winning under the existing rules, they use decentralization as a pretext to overturn the board.

by jdw64

5/13/2026 at 1:27:52 PM

If only you bothered to read the first line of the article, directly under the title:

>I moved my code from GitHub to a self-hosted Forgejo

by ses1984

5/13/2026 at 1:47:13 PM

My ponit was not against self-hosting.

It was more about the symbolism. If the goal is decentralization, “I moved to a personal forge I control” is the post's core idea. But framing it as “leaving GitHub for Forgejo” inevitably creates a new flag to gather around.

That may be useful and even necessary, but it also shows that decentralization movements often produce new centers, names, and identities.

by jdw64

5/13/2026 at 2:33:42 PM

It's software, which can be infinitely and freely copied, people are going to copy it, and they should, because not everyone should write their own service from scratch (on top of an scm they wrote from scratch (on top of a language and operating system they wrote from scratch too)).

by ses1984

5/13/2026 at 3:08:03 PM

I never suggested building everything from scratch. However, Forgejo is ultimately just a new dependency. Does abandoning GitHub Actions for Forgejo Actions eliminate lock-in? No, it’s merely a shift in dependency.

If the Forgejo core team announces tomorrow that their 'philosophy has changed' and overhauls the architecture, tens of thousands of 'independent' home servers will grumble, but they'll inevitably run git pull to update anyway. And eventually, they might migrate again. That cycle is inevitable, and I have no intention of denying it.

The issue in the context of this post is that it rejects dependency on GitHub while presenting Forgejo as the escape. If your defense is 'why reinvent the wheel,' you are essentially proving my point: we are just choosing a new center to depend on.

Beyond that, we might just be talking past each other at this point. I don't think you are wrong, and I have no intention of twisting your words. Your underlying point is likely this: GitHub's service quality has degraded, and with their aggressive AI strategies driving users away, it is strange to view the act of leaving negatively. I fully respect our difference of opinion there.

I honestly just got a bit annoyed earlier because you framed your reply as if I hadn't even read the article. Anyway, let's leave it at that. There is no reason to misrepresent your views, and no reason for us to argue further.

by jdw64

5/13/2026 at 5:23:30 PM

> If the Forgejo core team announces tomorrow that their 'philosophy has changed' and overhauls the architecture, tens of thousands of 'independent' home servers will grumble, but they'll inevitably run git pull to update anyway.

This is a hilarious - and empirically wrong - thing to say considering Forgejo's raison d'être[1] and lineage.

If users just grumbled and ran git pull anyway, Forgejo would not exist, and neither would its fork-parent project (Gitea); everyone would be using Gogs under duress. Forgejo's past shows that people care about the philosophy, which is why this particular fork of a fork is thriving.

1. https://news.ycombinator.com/item?id=33749757

by overfeed

5/14/2026 at 5:58:32 AM

I am sorry. I should not have said that. Your reply was very generous. I was a jerk for no reason. No one should ever act that way here or anywhere.

People may converge on a new node like forgejo, so from that point of view things are not decentralizing, the dependency graph stays roughly the same shape, but it’s a step in the right direction. It’s marginally better than github hosting everything.

That’s what I should have said originally instead of being an asshole.

by ses1984

5/14/2026 at 6:26:38 AM

metoo,I admit I was a bit harsh earlier as well. You make a fair point. Ultimately, everyone has the freedom to leave if they choose to. Have a nice day.

by jdw64

5/13/2026 at 1:36:36 PM

I did read it. What I meant is that trying to isolate oneself using alternative platforms often looks like chasing a new trend. The ultimate irony is that the sheer complexity of the author's setup—KVMs, weekly rebuilds, isolated networks—is exactly the kind of burdensome infrastructure people were running away from in the first place. To clarify, my point was that specifically mentioning 'Forgejo'rather than just a generic personal 'home server'makes it come across as acting like a trendsetter

by jdw64

5/13/2026 at 5:19:43 PM

People do want the advantages of decentralization, but they don't want to pay the price for it. Even worse, centralized systems are great for most of the time, the pain generally happens only in a short span, but then very intensely (imagine a merger and a sudden price spike). Decentralization is a little bit of pain all the time, for a lot of happiness only in the rare case where the centralized alternative collapses.

by LinXitoW

5/13/2026 at 10:48:55 PM

They only say decentralization because they're nerds. The normal term for this is a "boycott." You don't see people saying "snacks are too centralized on Nestlé, we need to decentralize snacks."

by AlienRobot

5/13/2026 at 3:26:27 PM

Decentralized means no single center. Of course people want it because the single centralized management is insufficient for some reason or another.

There is no difference between what you say people cry for and what you say they actually want.

by jayd16

5/13/2026 at 1:30:21 PM

I think decentralization is the wrong answer for what people really need: portability.

by zsoltkacsandi

5/13/2026 at 1:34:11 PM

What's the portability blocker with git? It's pretty easy to pull your repo and clone it to a new server, and you keep your history and everything I thought.

by nemomarx

5/13/2026 at 1:36:25 PM

Nothing. That’s why SaaS providers like GitHub start to build up features like GitHub CI to lock people in. You can easily move the repo, but moving your full CI has a real cost that businesses will take into account when they are considering to move anything.

What do you think, what is the business for GitHub in providing limitless private and public repo hosting?

by zsoltkacsandi

5/13/2026 at 1:33:28 PM

I think some people are mentally ill, and think decentralization is a libertarian ideal where they can have all benefits of society, but they don't have to pay for the roads, the fire department, etc. That some how, those things will spontaneously appear because of <free market babble>.

Others recognize there's some kind of more comfortable middle ground where decentralization means the same as a town/city/state type of social good that is independent and capable of working without larger centralized structures. Having to work towards it, pay money into it, etc, are expected but because the work that goes into maintaining the infrastructure has a clear line of derivation (taxes clearly go to X, Y, Z) would be a benefit.

It's typically the first class tho that dominates all conversations regarding decentralization, and that class includes the Epstein billionaires who just dont want laws to apply anywhere they want to do unethical, immoral and whatever. eg, money is the only law.

by cyanydeez

5/13/2026 at 1:43:01 PM

It could be a strategy, or it could be a sense of ethics. And your point makes sense, and I also agree with you. The first part of your comment is a bit harsh, but if you soften your reply a bit, it matches my thoughts. I'm giving you an upvote because I agree with your idea.

by jdw64

5/13/2026 at 1:48:08 PM

The first paragraph comes from the Epstein files. https://www.theguardian.com/technology/2026/feb/09/jeffrey-e...

by cyanydeez

5/13/2026 at 1:53:21 PM

Thank you for taking the time to commen. It's great to see someone who shares a similar mindset. Have a wonderful day, and I'll make sure to read the article you linked.

by jdw64

5/14/2026 at 1:27:03 AM

Audrey-Balaji-Glen-Vitalik blog about how to liberate society from the hamster wheel of centralisation-decentralisation. (Moksha from samsara? )

https://archive.ph/2024.08.23-032320/https://vitalik.eth.lim...

It doesn't necessarily mean we should immediately suspect them of raising a flag for its own sake.

https://archive.ph/2024.08.23-032320/https://vitalik.eth.lim...

Epstein files remind me of the first line from《삼국지연의》or Pan-Asianists who raise the Universalism flag..

>The Himalayas divide, only to accentuate, two mighty civilisations, the Chinese with its communism of Confucius, and the Indian with its individualism of the Vedas. But not even the snowy barriers can interrupt for one moment that broad expanse of love for the Ultimate and Universal, which is the common thought-inheritance of every Asiatic race, enabling them to produce all the great religions of the world, and distinguishing them from those maritime peoples of the Mediterranean and the Baltic, who love to dwell on the Particular, and to search out the means, not the end, of life.

https://youtu.be/qOcHgDIFrW0

by oliculipolicula

5/14/2026 at 3:59:36 AM

I always feel this, but your writing is quite challenging—not because of the readability, but because the content itself is deeply complex for me to grasp.

I spent about two hours reading your writings. Your arguments, such as those regarding the Taiwanese digital democracy movement and how to break the endless cycle of centralization and decentralization, are quite profound. If I were to summarize what you are trying to tell me, it seems to boil down to: "Your previous point was too generalized, and the attempt itself [at building alternatives] should not be dismissed."

Also, your Romance of the Three Kingdoms analogy confirms we are definitely both East Asians: "The empire, long divided, must unite; long united, must divide."

Overall, if I have understood your work correctly, your core message is this: while historical attempts at universalism or a 'new order' may eventually turn into new centralized powers, we shouldn't look at them only through that cynical lens. Instead, we must simply remain constantly vigilant.

I hope I understood you correctly.

by jdw64

5/14/2026 at 3:24:13 PM

Hey. It's hard not to be a bit envious of how many points you, jdw, can rack up with one or two comments while I languish at negative :)

No need to learn nuance, you seem to be doing better than most of the natives here just by being yourself (with the help of modern tools)

I just wanted to get more people to read the vitalik.eth articles along with me. Hope you got something out of 2hours! I had been nibbling at them and steeping in their diagrams for weeks, your centralisation comments provoked me (in a good way)

Vitaliy Buterin and Balaji Srinivasan are both based in SEAsia, Audrey Tang is in Taiwan, Glen Weyl from California is the only Westerner--- but UCBerkeley is like 80% East Asians? Surely they also know about the lore.

I don't know if "staying vigilant" is the mood I was going for. Maybe "being aware of emerging centralising entities and be prepared to engage fruitfully with them"?

These days, "emerging centralising entities" might even be old programming languages like APL that have become popular again..

In the context of the links above, such entities need to provide an "exit option" in order to gain wider traction. For example, APL is clearly an escape from C-like syntax, but there might be new directions that that such "array languages" can take from Python or even natural language:

https://news.ycombinator.com/item?id=16247365

by oliculipolicula

5/13/2026 at 2:34:19 PM

Consider Fossil[1], which packages the entire repository state—code history, wiki, tickets, forum—into a single file, and that state gets cloned.

When/if you need to change hosting providers, you get to lose zero data in Fossil because of it.

[1] https://fossil-scm.org/

by chungy

5/13/2026 at 2:48:36 PM

I considered Fossil several years ago and while it's really cool (everything being integrated is awesome), I don't like Fossil from a philosophical perspective. There's no way to clean up history, it preserves everything as is. If that's what you want, great, but as part of my git workflow I like to mess around and then go back and clean up and organize my commits before pushing them.

by booleandilemma

5/13/2026 at 4:06:20 PM

I love fossil. Something about it's opinionated workflow that matches what I think. But

network effects. I just can not bring my team to use fossil. They have to share code with others. Other departments. And everyone (99%+) uses git. It just feels like a disservice to force them to use fossil. It is a catch-22.

It is similar to so many other things in the tech space. Trying to get fellow developers to use functional style idioms. Trying to enforce immutability. It is like something big (like a facebook or google project) has to force the community to get on board.

by hackthemack

5/13/2026 at 1:21:55 PM

I’ve moved to self hosted gitea a year ago running in my homelab and not publicly accessible. No https, registrations disabled and repos are not public.

I’m thinking about making public instance and use it with https, but minimize the attack surface, any recommendations especially about gitea/forgejo?

by import

5/13/2026 at 1:35:10 PM

Yup, I’ve done this. I use a fly.io proxy that runs nginx, fail2ban, and that forwards to my tailnet where Caddy resolves to the actual instance. It’s critical that you disable local registration - I have authentik (only available on the tailnet) as an IdP but you can also just disable reg after making your own account of course. I also have a robots.txt that disables some stuff like all the individual rendered git commit views otherwise scrapers get stuck in an endless loop and also I strictly forbid access to the forgejo package repository since I have some private packages and the permission granularity there is not what I want it to be, still dialing that in. I’m keeping an eye on it and so far nothing terrible has happened. docs.eblu.me if you would like details… I could also link straight to the infra code if you like.

by eblume

5/13/2026 at 1:42:51 PM

Hey thanks for the answer and link to docs. I don’t use tailscale, it’s running in a NUC, accessible with wireguard for now. (Docker + 4 runners)

I try to keep things simple in the homelab and thinking only using fail2ban and caddy reverse proxy and expose it.

Package registry isn’t private by default and accessible with PAT. Or am I mistaken?

by import

5/13/2026 at 1:52:47 PM

You’re welcome! I only ran in to this last week and I might not have this straight yet because I haven’t had time to sit and untangle it. I have a private repo that has a release workflow that publishes a Python package to the forgejo package repository using my public user profile. I mistakenly assumed that because the repo was private the package would be as well but that link is not enough to set public/private and it is instead fully public. Listable and everything, no PAT needed. This is where I’m less clear: I think I could make my user profile private and this would hide the packages, but I want my profile public. So I just black-holed the entire packages api outside of the tailnet.

by eblume

5/13/2026 at 2:10:12 PM

When I adopted Foregjo I did so because I didn't like the sound of some political arguments across threads about some alleged security issues Foregjo raised with Gitea who allegedly ignored them.

What keeps you using Gitea? I'm wondering if I should try it over Foregejo now.

by lloydatkinson

5/13/2026 at 9:15:44 PM

I'm one of the project leads of Gitea (and am paid for some of my work on Gitea), and here are some more details around the specific incident you are talking about: We were alerted to an issue, and investigated provided a patch, and then waited until the end of the embargo to release the next version with the fix. It turns out they had sent a follow up after our response to them that, due to their usage of an email relay that gets blocked for spam often, went into the spam box for all of the maintainers on the security team (across multiple mail providers). We informed them of this and they still haven't corrected the record on their blog post. This is after previously giving us 10 and 2 day "embargoes" on "severe" issues and a multi-hundred line patch that rewrote core portions of the codebase and introduced issues in itself, we notified them of this and provided them with out patch. In our interactions with them we have also followed our documented approach, that we have followed with codeberg previously (that we were thanked and applauded), but they have changed their stance and claimed we are now acting improperly (and when we asked for how we could adjust our approach to something that works for their adjusted expectations we never received a response, even after receiving multiple emails from multiple non-company maintainers and even messages in multiple chatrooms).

Disclaimer: I was also previously an elected member of Codeberg's board (presidium), where before the company that was founded to support Gitea's community maintainers was created, I had asked for assistance with multiple matters to aid in project development and was denied.

by techknowlogick

5/14/2026 at 11:46:49 AM

Thanks for the write up. This makes me consider Gitea again. That sounds like a frustrating and absurd situation.

by lloydatkinson

5/14/2026 at 1:52:14 PM

[dead]

by techknowlogick

5/14/2026 at 2:23:40 PM

Note that Gitea has embraced AI code, and Forgejo refuses it - if that's a criterion for you.

by davidgerard

5/13/2026 at 3:28:50 PM

Nothing special. I am aware of the discussions for so long. I mostly spend my time making music with modular synths and migration to forgejo is not a priority right now, I don’t want to touch the setup. If you’re on forgejo I don’t think there’s any reason to try the gitea.

by import

5/13/2026 at 5:40:20 PM

As someone who uses gitea, honestly it’s because I set it up a while ago and foregjo hasn’t offered anything compelling to force a switch, nor has gitea “enshittified” like the concerns around the fork raised.

Honestly, stay where you are

by deeebug

5/13/2026 at 1:45:49 PM

> I’m thinking about making public instance and use it with https, but minimize the attack surface, any recommendations especially about gitea/forgejo?

I've done this too in the past, I'm still running the internal/lan Forgejo instance, but not any public instance at the moment. But in the past, I've setup a public read-only instance, which mirrors my internal one, then one reverse-proxy connection from the internal to the public instance, which the public one uses for getting the git data. Then it mostly just kept on working by itself, whenever I changed anything in the internal Forgejo, the public one got updated, yet I could keep all issues, CI and more completely private and on lan.

by embedding-shape

5/13/2026 at 4:57:40 PM

Did you use some sort of intrusion prevention system? I'm using cloudflare's anti ddos service + crowdsec, but I'm still getting bombarded with hundreds of thousands of requests per month

by Myzel394

5/14/2026 at 1:08:22 PM

Besides rate-limiting with Caddy + fail2ban, not really. It's the public internet, anything gets bombarded almost as soon as it's public, but all requests are read-only requests so doesn't really impact anything beyond filling the access logs. Trivial to filter away when you want to do analytics too, so isn't really a problem.

by embedding-shape

5/13/2026 at 1:43:07 PM

I'm making my jump over to Tangled, which is built on the AT Protocol (so it uses the same account as Bluesky and others). I'm finding it lovely.

https://vale.rocks/micros/20260511-0440

by OuterVale

5/13/2026 at 1:27:21 PM

One of my friends made fremforge.com (an EU-sovereign CI/CD with Git included). It's currently in closed beta but goes live next week (tm). It is built upon Forgejo and EU-based services using T-Cloud as the underlying hyperscaler. Have a look! I don't make any money from it, by the way. And yes, it will cost a little bit, but rest assured: because you are paying for it, you will not be the product.

by finegrainlabs

5/13/2026 at 11:13:12 PM

Website says €30 per seat/month, which is significantly more than Sourcehut and slightly more than GitLab.

by F3nd0

5/13/2026 at 1:53:33 PM

What if you don't want to self host? Who offers low feature git hosting for a small price? Something like the old $7 account before github was bought by MS?

All I want is hosting and a read only web interface, plus access control in case I have collaborators.

All the offerings are enterprise priced because they offer "minutes of CI", "AI assistants" and other icing on the cake.

by nottorp

5/13/2026 at 1:54:47 PM

SourceHut sounds very close to what you describe: https://sr.ht/

by epicide

5/13/2026 at 3:59:11 PM

I’ve had my eye on this platform. Generally like their design and ethos too. However I find their code viewer/navigation a little hard for my eye. But maybe I’m just too used to GitHub.

by nickzelei

5/13/2026 at 5:45:07 PM

Sure. If you really wanted to, I think the pages are simple enough that you could add your own CSS tweaks via a basic browser plugin (or whatever is the current go-to plugin for doing this).

For me, I only use a forge's viewer/navigation for cursory glances or sharing links to others. If I need to spend any real time digging, I'll clone the repo.

by epicide

5/14/2026 at 7:13:20 AM

No one notices the part about private repos and access control...

by nottorp

5/14/2026 at 8:56:32 AM

You didn't mention private repos in your comment, but I guess that was implied in the $7 thing.

That said: SourceHut has private repos and access control.

by jorams

5/14/2026 at 9:18:28 AM

> SourceHut has private repos and access control

... but not on the sr.ht link you gave. That's a list of projects like your average open source hosting landing page.

You have to click on the tiny sourcehut link at the top to see the real site.

by nottorp

5/14/2026 at 5:48:53 PM

Right, I always forget that the sr.ht link is to the application itself.

For anybody else who needs it, the page with info about the service is here: https://sourcehut.org/

by epicide

5/13/2026 at 2:18:25 PM

SourceHut is good, and despite you not wanting to self host, self hosting a git repo is one of the easiest things to self host

by mghackerlady

5/13/2026 at 6:29:15 PM

Oh if you don't do the web interface thing you can just git init and set up a few ssh keys or fcgiwrap.

I'd pay a bit so I don't have to back it up. But not 20 per friend who might make a commit next year.

by nottorp

5/14/2026 at 9:06:42 AM

I have been using Framagit for a few years now. it has been online since 2016, it's the public Gitlab instance of Framasoft, a french non profit organization. RocketGit has been online since 2015 and relies on its own software, i have never used it but i have heard about it regularly.

https://framagit.org/

https://en.wikipedia.org/wiki/Framasoft

https://rocketgit.com

by CodeArtisan

5/13/2026 at 1:57:37 PM

This is literaly just a bare repo over ssh, and a gitweb interface.

It's too trivial for anyone to be selling that. And I don't think there's a large market for $5-$10 barebones setup when GH is free and you can self host.

by senko

5/13/2026 at 2:15:27 PM

Just like pikapods supports running things like actual budget for you - https://actualbudget.org/docs/install/pikapods

Something similar from them or digital ocean or linode or Hetzner would be a win.

Pika does offer Forgejo and Gitea.

by bombcar

5/13/2026 at 2:34:46 PM

I've used Pikapods to host my Forgejo instance for about a year and have had absolutely no complaints. I use it for small Godot projects and have used the Git plugin in the Godot asset store to connect to it, so I don't even have to leave the editor to make commits or branches.

by kryllic

5/14/2026 at 2:28:37 AM

I pay DigitalOcean $6/mo for a VM that started out as just that - a bare repo and ssh. If it was available at the time, I'd probably have paid $10 for the same if I didn't have to set up and administer the thing. I lost interest in administrating web servers in the early Apache 2.0 days so a private "mini-githib" would be tempting.

(I use that VM as my primary public nameserver now and I don't really need a web front end for git so I'll be keeping my current setup. But if it had been available back then, I'd probably have gone for it.)

by spauldo

5/13/2026 at 1:56:45 PM

I think Gitlab is probably the best option, or gitea. Personally I'm not a fan of Codeberg - I think their licensing is a mess.

by maccard

5/13/2026 at 2:49:44 PM

Which licensing?

by kstrauser

5/13/2026 at 3:23:29 PM

Their filter for projects being on their site is "we'll know it when we see it",

by maccard

5/13/2026 at 1:57:41 PM

There are multiple alternatives to Github for example Gitlab, Codeberg or sourcehut

by that_lurker

5/13/2026 at 2:02:14 PM

Just hosting the code is hard now, right? The hosting company is signing up for a battle against infinite-appetite scraping organizations.

by bee_rider

5/13/2026 at 10:46:04 PM

Are you talking about something like source forge?

by AlienRobot

5/13/2026 at 1:55:12 PM

Unfortunately all the current managed offerings aren't very good. I'm still wondering why nobody starts a new startup

by 0xbadcafebee

5/13/2026 at 5:53:21 PM

just put gitweb and slap cloudflare in front of it

by karel-3d

5/13/2026 at 1:13:37 PM

I have been self-hosting Forgejo for some time now. It is impressively easy to maintain and operate. I can highly recommend giving it a spin.

by hosteur

5/13/2026 at 1:13:43 PM

“It’s not because of outages” - goes on to complain about outages.

The outages might be due to AI load, but that’s to relevant because your leaving isn’t due to outages. Even though the article is primarily about outages.

If you have a problem with your code being scanned for AI training, then write that article.

But this article is about outages.

by jagged-chisel

5/13/2026 at 3:02:01 PM

I think a lot of people within the US don't realize how badly US is seen from the outside, especially from "allies".

Illegal tariffs, threatening tariffs, NATO sabotage, threatening invasion, abandoning Ukraine, supporting Russia. It's not just one guy doing this, he has a whole party behind him that could reel him in any second.

by felooboolooomba

5/13/2026 at 4:58:54 PM

I feel bad for Europe. They are pining for a world that no longer exists and lack the power (and, more importantly, the will) to do anything about it.

I can imagine an alternate history in which Tim Berners-Lee founds an internet giant in Europe that dominates the 21st century. Imagine a European Google with a search monopoly, a smartphone (from Nokia), and a social network (Xing? Mastodon?). But of course, Sir Timothy never wanted that.

Alas, we're on a different timeline. I wish I were a young man so I could live to see how it all turns out.

by GMoromisato

5/13/2026 at 3:28:25 PM

it's about GitHub's issues in general, including outages. every section gets somewhat equal amount of attention

by bpavuk

5/13/2026 at 5:18:40 PM

The section named “Why outages aren't actually the reason” never tells me why outages aren’t the reason. It just continues taking about outages.

I’ll admit I got tired of reading about outages and didn’t absorb the remainder of the article well.

by jagged-chisel

5/13/2026 at 11:30:07 PM

the article is strongly triggering my LLM writing detector, which makes me question if any of it is accurate or genuine

by mh2266

5/13/2026 at 6:04:26 PM

Of course not. It's trendy and a great way to virtue signal right now. GitHub is the target of the latest "go woke, go broke" "decentralization!" cycle. Their recent issues dealing with 30x load just made them a highly visible target.

Just skimming the comments on the internet and you see the same flavor of dumb, false narratives like "everyone is leaving GitHub" "too bad GitHub is in decline".

Meanwhile the vast, vast majority of people using GitHub for "getting shit done", while maybe impacted and unhappy with the outages, are not clamoring to move to Web3.0 forge-bro tech.

by Rapzid

5/13/2026 at 1:39:22 PM

"The Dutch government's choice of Forgejo, not GitLab, was deliberate."

And since Gitlab seems to have looked over at what is happening at Github and decided, we want some of that, that was probably the right choice.

by Finnucane

5/13/2026 at 2:15:03 PM

I wish Microsoft would treat GitHub a little differently. Leave it alone and let it be it's own thing. Maybe if enough customers leave they will backtrack.

As a long term GitHub customer, I see many practical and personal reasons to move away from the platform. I've seen a handful of similar posts lately. A few years ago this would have felt totally fringe, but now all of a sudden it really doesn't. For now, for me and many others GitHub still works great, and is very convenient. But the alternatives are getting even easier to self implement all the time.

by chknkachunga

5/13/2026 at 2:16:39 PM

Microsoft did that for a lot longer than I expected honestly. Historically they would take a year or so before giving up on the "you're an independent company" bit and merge the team into MS orgs.

GitHub pulled it off for 5ish years before that began to change, and it was only last year when they stopped having their own "CEO".

by _heimdall

5/14/2026 at 9:38:36 AM

Related: GitLab's CEO post in Twitter[1] doesn't inspire confidence as well. A direct quote: "generational rebuild of git, the monolith giving way to composable, monetized services with agent-first APIs".

Can you imagine /usr/bin/git rewritten into a set of composable, monetized services with agent-first APIs?

[1] https://twitter.com/bstaples/status/2054227448204754963

by egorfine

5/14/2026 at 9:48:40 AM

You are missing some context. Full quote below.I believe it is just a fancy way to say that the are rebuilding their backend to make it more scalable

>>>5a/ Machine-scale infrastructure.

>>> Others are bolting AI onto platforms built for human-rate commits. Git itself wasn't designed for agent-rate work.

>>> We're rebuilding the underlying infrastructure for machine scale: a generational rebuild of git, the monolith giving way to composable, monetized services with agent-first APIs.

by fasteo

5/14/2026 at 11:08:00 AM

> Git itself wasn't designed for agent-rate work

/bin/ls wasn't designed for agent-rate work either.

by egorfine

5/14/2026 at 9:45:52 AM

As obvious as it is that Microsoft is a predator never to be trusted, I believe that trusting a government-run web service is a choice even worse.

We know that Microsoft at least acknowledges that GitHub being down is something they are ashamed of and aims to fix. At the same time, I feel like having an EU government-run service down over a weekend because there is no one to fix it outside business hours is something that should be expected, not frowned upon.

It is actually down right now as I am writing this comment.

by egorfine

5/14/2026 at 9:48:14 AM

Depending on the government. USA government? Yes, I'd trust that even less than Microsoft. Most EU governments? I'd trust a hell of a lot more. Especially my own (Estonian).

by askonomm

5/14/2026 at 11:09:41 AM

Trust is twofold.

Will EU government service steal my data? Absolutely not, here the trust is at the highest.

Will EU government screw up a commercial service? Absolutely yes. I fully trust EU governments to regulate itself to a full halt.

by egorfine

5/13/2026 at 1:45:31 PM

I have been using my self hosted forgejo in May, and liking it just fine, I recommend it for anybody who is curious. I don't really trust GitHub to keep things private anymore.

The hardest parts of switching to forgejo: 1) coming up with a comfortable way to pronounce "forgejo" in my head, and 2) adapting to not having the same GitHub v3 API and needing to switch to a different CLI for PR creation, repo creation, etc.

The pronunciation thing is probably the more difficult of the two.

by epistasis

5/13/2026 at 1:52:13 PM

They make it rather easy by providing an audio pronunciation: https://forgejo.org/static/forgejo.mp4

With my American accent, I don't quite say it exactly like the recording, but pretty close: "for-JAY-oh"

by epicide

5/13/2026 at 5:19:48 PM

This is probably a personal problem, honestly. The spelling is hardwired to short-circuit away from that pronunciation in my head, meaning every time I have to type it out I have a pretty big mental split.

It would actually be easier for me if it was in Cyrrilic or Greek letters, Форджеьо or Форджеджо or Φορτζέγιο don't have the blockers on pronunciation that Forgejo does.

by epistasis

5/13/2026 at 10:02:05 PM

The name ‘Forgejo’ is derived from the Esperanto word ‘Forĝejo’ (a forge), but alters the spelling while leaving the original pronunciation. The result is a kind of a Frankenstein’s monster, so confusion is in order.

by F3nd0

5/16/2026 at 9:27:07 AM

I'll just keep rhyming it with Jorge (-o).

by a96

5/13/2026 at 1:59:45 PM

Apparently it's pronounced (phonetically) as for-JAY-oh, an audio sample is here: https://forgejo.org/faq/

You piqued my curiosity :)

edit: Ah, I was beaten to the punch :(

by baggachipz

5/13/2026 at 4:29:41 PM

I'm kind of baffled why everybody is suddenly hating on github? I use it just fine. I'm actually impressed how well codex is able to interact with it. I virtually do not need to fret about git commands or managing github to respond to issues anymore.

I don't see an alternative and its a bit of a stretch to expect people to follow you unless you are famous or have that audience reach already which many of us do not.

by zuzululu

5/13/2026 at 4:38:12 PM

Frustration from the outages, anti-AI sentiment, and the anti-hosted-software sentiment are converging.

On the positive side, HN has gone through multiple periods of enthusiasm for new code forges. There was even excitement for GitHub at one point. :) It’s good because all the forges generally add each other’s features if one takes off.

by 1123581321

5/13/2026 at 5:10:31 PM

I think your second paragraph alludes to the disconnect expressed in the first one.

The people "hating on github" and leaving it today, regardless of their (lack of) fame do not mind not being followed to the new forge, which may be a dealbreaker for you (an educated guess, from your phrasing). Conversely, you use GitHub "just fine" under terms the leavers consider dealbreakers.

What you are baffled by are differences in value judgements.

by overfeed

5/13/2026 at 4:58:07 PM

There's a wide variety of reasons, so I can only describe my own, but it comes down to supply chain risk.

Just as with the COVID supply chain problems reconfigured trust and assumptions, the actions of Microsoft and other large US software companies have become erratic and untrustworthy. In particular the sanctions against the ICC prosecutor in Europe have made it imperative to have zero dependence on Microsoft with easy exit paths at any given moment.

Similarly, one cannot trust Google as they can disable your account one day, with zero recourse, zero ability to appeal, zero accountability to Google for disabling your email and SSO. Except maybe posting on HN and causing enough bad PR to get Google to act to suppress the bad PR.

The US is no longer a nation of laws, it's a nation of whatever the president wants, and even impartial courts are likely to be overturned by an extremely partisan Supreme Court that has said that the president can not break the law while doing "official acts", whatever the heck that means.

Audience is not a factor for me at all, if GitHub is a social network for you then it definitely makes sense to use it still.

But I don't know anybody that needs the social aspects of GitHub. That's just the people I know and work with, however.

by epistasis

5/13/2026 at 5:50:09 PM

> I'm kind of baffled why everybody is suddenly hating on github? I use it just fine.

For past two weeks I haven't been really able to browse repositories; some parts will not get downloaded. Issues not appearing after creating. Pull requests missing. All kinds of issues.

by nicce

5/13/2026 at 8:33:00 PM

Primarily anti AI. Also doesn't feel like my private repositories are both truly private, nor safe there anymore

by ost-ing

5/13/2026 at 4:29:52 PM

I'm quite happy with Forgejo. I've moved all of my projects to my own instance and keep it accessible from Tailscale only.

by cdrnsf

5/13/2026 at 1:50:12 PM

At this point I really don't think this needs to be justified. I'd be more curious as to why people are staying on GitHub.

by pluc

5/13/2026 at 1:53:03 PM

> I'd be more curious as to why people are staying on GitHub

Vanity metrics.

GitHub initially tried to shy away from this, I remember conversations with early GitHub engineers trying to make sure "Stars" and "Followers" numbers were going into the direction of being just for vanity and popularity.

Then eventually the profile READMEs appeared, which people now use for showing even more vanity metrics and brag about how much code they can produce in how little days.

Since employers also ask you for a GitHub profile, it ends up being needed for new developers to make an entry into the industry, without it companies will basically ignore you. Unless you're really, really good, which to be honest, most of us aren't.

by embedding-shape

5/13/2026 at 2:31:03 PM

I wish it offered a windows binary as well, since the original project gitea from which it was forked, does so.

Sometime you need to go where many customers ahem enterprise are.

As a developer of an engineering application, windows is the way to go 1st hand. It would have been easier to adopt one more application on the daily driver enviornment. Till than, I am on GitHub only.

by ramshanker

5/13/2026 at 2:57:15 PM

Wasn't gitea a fork of forgejo?

by dboreham

5/13/2026 at 3:02:54 PM

The other way around; Forgejo is a fork of Gitea.

by mfenniak

5/13/2026 at 4:20:54 PM

I really like forgejo. I selfhosted it too, but then I go back to codeberg. Probably I will selfhosted it again. I really want a descentralized internet and https://forgefed.org/ gives me hope.

by achayala

5/13/2026 at 2:06:54 PM

GitHub Actions is indeed the hard one to replace. I need Windows, Linux, Linux-ARM, macOS ARM, and macOS Intel runners. How do you guys using Forgejo and/or Codeberg do to get a similar matrix, hopefully at a low cost?

by jviotti

5/13/2026 at 3:25:41 PM

How much utilization do you have? For low scale, it's hard to beat GitHub Actions as they offer free runners for public repos and include a bunch of free hours for private repos.

Once you start paying for it, GitHub Actions runners are very expensive. I've used both Jenkins and GitLab before to self-host CI/CD, and you save so much using on-demand (or at higher scale, reserved) cloud instances. I do freelance DevOps work and I've helped clients with these sorts of challenges.

by 8organicbits

5/13/2026 at 6:22:31 PM

I use it pretty heavily on C++ stuff at GitHub.com/sourcemeta. i.e. take https://github.com/sourcemeta/blaze and this example recent run: https://github.com/sourcemeta/blaze/actions/runs/25751796502.

12 jobs per PR for up to 30 minutes running Linux, macOS, and Windows jobs on LLVM, GCC, and MSVC in static and shared builds with also some sanitiser configurations.

And consider across projects we might send dozens of PRs per week.

Right now it's somehow all fully free on GitHub Actions. I wonder what the same would cost on i.e. CircleCI

by jviotti

5/13/2026 at 2:12:31 PM

Can you push from Forgejo to GitHub for actions until you can find a replacement?

by bombcar

5/13/2026 at 2:57:54 PM

Use gitea which has github actions compatibility.

by dboreham

5/13/2026 at 2:08:38 PM

CircleCI?

by mamcx

5/13/2026 at 8:01:27 PM

I do not need a new shiny code hosting platform. I just need a better way for managing merge requests/pull requests. Stuff that does not suck, especially a better diff, like semantic diff that is more clever than before. I do not care if my formatter changed stuff from 6 to 4 spaces because an html element was dropped. I want to have a more sane workflow for splitting things. I want to scale up reviews… its still so awkward to do it and ai makes it even worse

by merb

5/13/2026 at 8:08:51 PM

Being a shiny new code hosting platform is not really the point of forgejo though, it's at best a nice side effect.

I suppose forgejo is meant to be a lightweight, low maintenance, feature-rich, self-hostable otherwise GitHub-like free software.

But I suppose you could open issues to propose your ideas.

by jraph

5/13/2026 at 1:35:24 PM

I now use syncthing for the .git directory, excluding HEAD file and a few others, between my few devices and a vps on hetzner.

Most of git is append only immutable blobs - just sharing these between devices just works for me. "users" and authentication is handled by syncthing.

I have pre and post hooks to make sure no device tries to change HEAD of branch owned by another device, just to be safe, be it hasn't been activated once yet.

by henrydark

5/13/2026 at 1:39:17 PM

If you have a VPS that's always running, you can just use it as a git remote through SSH without moving things around or any third party software, just put the Git repo on the VPS and clone it via "git clone ssh://user@host/path". You get authentication, encryption and synchronization out of the box with just ssh/git.

by diath

5/13/2026 at 1:47:23 PM

Had to vouch for your comment, not sure why it was marked as dead.

Definitively the easiest way to approach this, and the most standard way too. If you already have ssh, which I'm guessing you do if you managed to setup syncthing on it in the first place, then you can literally just point git to host+path and it'll use whatever ssh authentication you already have in place.

Can hardly get simpler :)

by embedding-shape

5/13/2026 at 11:18:29 PM

I don't put ssh keys on all devices. With syncthing, in contrast to git, I don't have too.

Also syncing is automatic and immediate, I don't have to initiate push and pull.

by henrydark

5/13/2026 at 1:41:02 PM

Super interesting, mind sharing your exclusions and hooks?

by j-bos

5/13/2026 at 2:40:32 PM

Why not Gitea mind me asking? Anything in particular?

by onesandofgrain

5/13/2026 at 3:04:59 PM

Last I looked, Forgejo had more activity and more contributors than Gitea. Also, Forgejo eats its own dogfood: Codeberg runs on it, and hosts it, while Gitea runs on GitHub.

It’s easy to make the case that Forgejo is good enough for public hosting. Gitea probably is, too, but there’s less direct evidence.

by kstrauser

5/13/2026 at 3:32:43 PM

gitea runs on github u mean the source or the hosting?

by onesandofgrain

5/13/2026 at 6:13:22 PM

Gitea uses GitHub to host the Gitea source code.

In contrast, Forgejo hosts its code on Codeberg, and Codeberg is running the Forgejo software.

by kstrauser

5/16/2026 at 11:06:21 AM

Dont see a problem with hosting gitea on github and codeberg I dislike for numerous reasons.

by onesandofgrain

5/14/2026 at 12:42:07 PM

Have just switched my org to self-hosted forgejo. Handful of devs and users. Been great so far. Storage need be tamed, it's using minio S3 for the big items like artifacts.

Auth using OpenID Connect working well, would recommend good security hardening.

Runners are in EC2 auto scaling groups. Don't have to be though, there is also a K8s based solution out there I believe.

by yesnomaybe

5/13/2026 at 8:15:47 PM

Github is more than a UI and remote storage, it's a community and discovery tool for open source repos.

Federating to self-hosted means you are depending on google for discovery, which will never rank.

If you need a backup remote, just backup to Google Drive / iCloud. Private team collab? run a server.

While I understand the frustration with github, the prescription to self host seems like cutting off your nose.

by tonymet

5/14/2026 at 4:01:59 AM

I am very happy to discover this.

Given the trending-to-zero software writing cost, a local self-contained source code management tool would be natural for delivering software, i.e., software becomes an agent with specialized code as its harness (in addition to its default ones) source control would be one default tool for the agentic software to manage its own evolution.

by bigcat12345678

5/13/2026 at 2:13:45 PM

I do mostly enjoy all this moving to European tech because the thing being replaced is usually owned by Microsoft.

I do kind of worry though: there's a broad trend of countries trying to become less reliant on eachother, and in my mind the long period of peace we've had in much of the west this past half century has partly been because we're all in business together.

by Fraterkes

5/13/2026 at 2:25:58 PM

They said that the First World War was impossible due to increasing trade dependencies between the European powers, and look how that turned out. ‘This is a terrible idea,’ is sadly not the deterrent to starting a war that it ought to be.

by cjs_ac

5/13/2026 at 4:27:18 PM

I think this article is great, but it doesn't focus on the open source aspect. GitHub still has effective monopoly on open source, simply because of how much free resources they provide, let alone higher chances of getting your project discovered and fewer barriers for people reporting issues.

by andrewzeno

5/13/2026 at 2:46:00 PM

I just recently moved a couple tiny projects from GitHub to Codeberg. My review: really easy to set up and get going with. I noticed Codeberg isn't as snappy as GitHub, but it's barely noticeable and I'm not paying any money for it anyway so I can't complain.

by booleandilemma

5/13/2026 at 1:46:30 PM

I moved all my repos (well, I have two left to move) to https://forge.sciactive.com which is also a self hosted Forgejo instance. It was a really easy process, and I’m really impressed with Forgejo.

by hperrin

5/13/2026 at 2:43:23 PM

https://sharemygit.com/ let's you share forgejo repos privately through read-only share links for those that need an alternative to the github gitshare fei

by onesandofgrain

5/14/2026 at 3:23:26 PM

Left GitHub for a self hosted Forgejo + mirrors on Coderberg for community access.

At this point I just need to finish cleaning up my GH profile by deleting the few repos I still have there.

GH was fun while it lasted…

by DanieleSalatti

5/13/2026 at 5:22:37 PM

Microsoft is losing the war here. It'll take a long time before GitHub will tumble, but the cracks are now noticeable for everyone. AI is killing AI-Hub I mean GitHub.

by shevy-java

5/14/2026 at 9:23:03 AM

Forgejo based https://code.overheid.nl/ seems to be broken

by sshrajesh

5/14/2026 at 9:39:51 AM

It is a government-ran web service. Of course it is broken.

by egorfine

5/13/2026 at 3:29:41 PM

I really like Forgejo, I just wish the wiki was a bit better. I even tried sponsoring work on it, but apparently it's a challenging thing to improve.

by sandebert

5/13/2026 at 1:37:51 PM

Didn’t realize the Dutch government was rad until I read this.

Frankly, the modern internet as a whole is scary. Google has so much power, Github, Meta, etc., they all control such fundamental parts of society now and get to run free since they’re private companies. Not saying they should be government owned, that would drastically worse, but some more detailed oversight would be nice.

by ninjahawk1

5/13/2026 at 1:38:05 PM

Question for anyone, why do people use GitHub or an alternative rather than just spinning up your own Gitea docker container or similar?

by luxuryballs

5/13/2026 at 1:47:27 PM

I got my own Forgejo, but I'm still on Github. That's the easiest way to check what the people I follow push, comment or star. I like this part of Github a lot.

by p2detar

5/13/2026 at 2:01:39 PM

It was a sad day when Microsoft bought GitHub, we all know eventually it will go the way of Hotmail and Skype.

by _stiofan

5/13/2026 at 1:24:52 PM

For self hosting... and personal code repo, why not just git... and expose something like Stagit for the web?

by keyle

5/13/2026 at 1:27:37 PM

CI/CD, package registry, issue tracking in one place?

by import

5/13/2026 at 1:28:53 PM

Fair enough for the formers.

Issue tracking though...

by keyle

5/13/2026 at 10:55:58 PM

Good riddance. I’m sick f Microsoft thinking they can ruin everything and people will stay.

by brendanml

5/13/2026 at 4:37:04 PM

Moving from a selfhosted gitlab to forgejo too.

Gitlab it’s getting to heavy for my needs

by Havoc

5/14/2026 at 5:09:09 PM

I did same for my personal projects and i am happy with forgejo

by gabazing

5/14/2026 at 7:52:43 AM

I'm curious why people do not choose Radicle in FLOSS...

by kkfx

5/16/2026 at 9:30:32 AM

I've never heard of it and, if I were to guess, that might be one of the reasons.

by a96

5/13/2026 at 4:41:44 PM

Can somebody recommend some good github alternatives that are available as a service, without having to self host it? I'm already self hosting my own gitea, but want a SaaS fallback to github

by Myzel394

5/13/2026 at 4:04:36 PM

GitHub is becoming Sourceforge. Remember them?

by wood_spirit

5/13/2026 at 6:53:27 PM

How does Forgejo stack up to Gitea nowadays?

by tiberious726

5/14/2026 at 11:09:42 AM

Forgejo is pronounced as forjeyo

by AbuAssar

5/14/2026 at 3:22:35 AM

GitHub? Forgejo bout it!

by denizay

5/13/2026 at 5:45:55 PM

bespoke versioning system for my code? no thanks.

by m3kw9

5/14/2026 at 2:47:29 AM

maybe after the exodus it will be usable again

by the_ai_wizarrd

5/13/2026 at 1:14:42 PM

Is Forgejo Actions any good? CI/CD would be cool.

by sgt

5/13/2026 at 1:17:52 PM

From personal experience, there have been a few papercuts (mostly trying to figure out why runners aren't picking up jobs), but it isn't too hard to debug and the CI format is simple. When it works, it works well enough. It uses a similar workflow as GitHub actions. Some, but not all, actions are even interchangeable or at least portable from GitHub without much fuss.

by xx_ns

5/13/2026 at 1:49:30 PM

I keep CI/CD super super simple, but was able to set it up for my Python repos in 15 minutes, with compatibility with GitHub actions (using the same yaml file at the same path)

by epistasis

5/13/2026 at 1:18:13 PM

It’s act runner. So you can continue using GitHub actions with minor changes

by import

5/13/2026 at 9:16:05 PM

yea cool story bro

by beanjuiceII

5/14/2026 at 6:46:21 AM

[flagged]

by rudraneel93

5/13/2026 at 6:11:45 PM

[flagged]

by sathishmg

5/14/2026 at 3:21:17 AM

[flagged]

by parijatmohor

5/13/2026 at 1:35:58 PM

[flagged]

by thehwang

5/13/2026 at 4:44:20 PM

[dead]

by paol_taja

5/13/2026 at 6:43:43 PM

[flagged]

by galaSerge

5/13/2026 at 2:15:15 PM

[dead]

by OhNoNotAgain_99

5/13/2026 at 3:07:39 PM

[flagged]

by lukassbrad

5/13/2026 at 1:55:09 PM

some of my identity is built around github, i think im in love with the github brand

also: releases, packages, actions... its all very convenient

by felixsebastian