Sounds like it would be nice if Savannah offered Forgejo hosting.
As a guix user and package maintainer I’m ecstatic.
I’m so proud of the community for rallying around the needs and pain points of everyone and making this decision. This reduces so many pain points for a guix user and will hopefully smooth out the package maintenance process a great deal. Email is simple but trying to do code change communication over it can be very complex and time-laborous.
If you’re curious about functional packaging systems grab guix on your distro and give it a try!
Special shout out to anyone burnt out on Nix lang. Come feel the warm embrace of Scheme’s parentheses. :)
It would have been better to self host forgejo, rather than trusting a cloud git service using forgejo. But to be honest, its TOS, as well as the sourcehut’s TOS which I even like it better, sound way better than GH’s…
Yes it’s ToS, and also its structure - it’s basically a non-profit club rather than a for-profit business like GitHub (now owned by M$), which means it isn’t prone to enshittifying.
I guess there was an attempt to move away from the email flow, to allow more people to contribute (I read that was part of the motivation), perhaps that made sourcehut (although it’s in their plan, it hadn’t become their highest priority) not an option, however both can be self hosted (that’s what I would have expected from an organization as the Guix one, so that there’s no dependency on a cloud service, as good as it might be), and both have really good TOS and are non profit. But cloud services are still something its users/clients do not really own. Perhaps as I understood, savannah will still be used as a mirror, but not just temporally, rather for good, so that if something happens on the cloud, there’s plan B available… That’s why for such big and important project I would have preferred a self hosted service. But oh well, I’m not part of the decision, and not an user yet, hopefully to become one later on when getting some minimal understanding of both guile and guix configuration (still guile but I believe simpler), because no matter the distro I always have to write and maintain a few packages myself. Hopefully at some point doesn’t become never having the time to do so, hehe.
So all in all yes, the two best cloud options by far, but I’m surprised a Guix instance was not chosen, not sure if even considered.
More GNU projects need to do this
Thats awesome news for both parties.
Codeberg just sketchy …
Why?
They bombarded my mailbox with alt right nazi spam. It was an obvious data breach but they keep saying ”no user data was compromised”. Who’s gonna believe that?
That spam was a troll who found a loophole in the notification system. It was obviously not a data breach. That’s clear to anyone who’s worked with software databases or web servers.
How is that an obvious databreach? It was just bot spam, something every single public site has had issues with.
I thought it was just bots spamming comments on issues. See https://blog.codeberg.org/we-stay-strong-against-hate-and-hatred.html Also I would believe that since codeberg is run by volunteers in a non-profit organization.
I agree with what you’re saying, that the attack didn’t require any data breach to take place, but I do have one slightly pedantic point.
Codeberg being non-profit does not make the employees “volunteers”. They are normal employees and take a wage like working for any other company. What’s different is that any excess revenue over costs must be used to continue the company’s objectives and is not able to be taken by the company owners as profit.
No. Codeberg is run by volunteers. AFAIK Codeberg e.V. has only one part time employee https://blog.codeberg.org/letter-from-codeberg-we-are-now-an-employer.html
You have to think of them more like a club rather than a non-profit company. Their legal form “eingetragener Verein” does mean “registered club”.
Basically, here in Germany, you can register a non-profit club and then you get exempt from taxes. And folks who donate to your club can also get that donation exempt from their taxes.
So more like a charity status?
How was it an obvious data breach? The attack was done via Codebergs notification system. It’s no different from the notification you got from me writing this comment.
deleted by creator
