It's cool to see such an impactful project choose sovereignty. I hope more projects follow their example.
If you're a backbone-of-the-internet project like FFmpeg is, living on GitHub seems horrible. You will be subjected to thousands of low quality pull requests and issues from people searching for typos to fix, adding a line of white space for a contrived reason, or similar nonsense changes. Just so they can put "FFmpeg contributor" on their CV (or whatever).
Rejecting useless or white space-only PRs is quick and easy. It’s not as big of a problem as you’re suggesting.
I’ve gone through a few projects and updated the documentation as I explored the codebase. Reception ranges from thankful to people scorning me for attempting to make contributions that weren’t code changes. It’s frustrating when maintainers are more interested in keeping people out than in considering actual code or doc improvements.
> Rejecting useless or white space-only PRs is quick and easy.
No, it really is draining.
> I’ve gone through a few projects and updated the documentation as I explored the codebase. Reception ranges from thankful to people scorning me for attempting to make contributions that weren’t code changes. It’s frustrating when maintainers are more interested in keeping people out than in considering actual code or doc improvements.
It's frustrating when people make "contributions" that take more effort to review than they put in and then get mad when they don't get thanked for it. This attitude is exactly why dealing with drive by pull requests is not "quick and easy" - suddenly you need to do social and public relations stuff when all you want to do is code.
It’s all in the approach: start with a “thank you for the project”, and a “hope you don’t mind but I’ve corrected a few typos” and nobody will shout you down. Only go with a blank PR description and it’ll come across as arrogant and spammy.
As a maintainer of a few open source projects, yes it happens a lot.
I want to believe some people just want to send small patches to projects when they notice something (I tend to do the same for projects I use) but my impression is a lot of them do it so that it shows up as "contributions" on the GitHub profile which they can then add to their resume (or get some other kind of street cred).
At least typos are actual fixes, far more often you get complete spam (people copy-pasting the contents of PRs and issues from 5 years ago, sending bizzare pull requests with hundred of commits as a merge commit, leaving cryptic comments on 5 year old commits). The spam reporting process on GitHub is kind of annoying to go through, but I trudge through it every time we get one of these PRs. There was one year of Hacktoberfest where some streamer told people that if they just spammed projects with 5 PRs they would get a free shirt and every open source project was DoSed by hundreds of garbage PRs made by accounts created the same day.
Personally as a maintainer, if someone is fixing one typo in order to "get started" contributing to a project I would prefer that they go through and check for any other instances of typos in the project to make a more complete fix (or even better, add a CI job that runs codespell or similar spell checkers). That feels more like someone actually interested in fixing something about the project, as opposed to sending a one-line drive-by patch to pad their resume. (I'm still happy to take the patch of course!)
> Personally as a maintainer, if someone is fixing one typo in order to "get started" contributing to a project I would prefer that they go through and check for any other instances of typos in the project to make a more complete fix (or even better, add a CI job that runs codespell or similar spell checkers). That feels more like someone actually interested in fixing something about the project, as opposed to sending a one-line drive-by patch to pad their resume. (I'm still happy to take the patch of course!)
I have to disagree, changes to development processes are the worst kind of drive by contributions. I don't want CI jobs contributed from someone who isn't going to maintain them.
I mean, I would prefer that it be done as part of a discussion with upstream but if you're talking about a GitHub Action it's not really that much effort to maintain in my experience.
But even if adding CI jobs is not the preference of upstream, I would prefer that the contributor runs codespell locally and fixes all of the issues rather than just sending one-line patches. And I can imagine much worse forms of drive-by contributions than CI jobs that you can easily disable in the future.
I fix documentation typos or broken links because they really annoy me. There are some egregious examples of people doing it for GitHub-as-a-social-network reasons, but I think some are like me and just want to fix the writing.
I always start with a small patch to test the waters of a project. That way i dont waste my time with a larger patch if the project is a PITA to contribute to.
I similarly contribute only minor language and writing corrections to Wikipedia, and usually anonymously (unless my phone has randomly pulled a blocked IP and I need to sign in). I don’t consider myself enough of an expert in any Wiki-worthy topic to do anything more, but I’ll make damn sure small mistakes get addressed.
I feel even less qualified to contribute corrections on GitHub mostly for the same reasons mentioned above. Staying anonymous prevents anyone from thinking I’m attempting to capitalize on low hanging fruit.
There’s also a couple of video tutorials that show how to make a pr, using node or nom on GitHub, and people just follow the tutorial verbatim, not thinking about what they’re actually doing.
This issue has only worsened with LLMs "assisting" contributors in submitting PRs that end up wasting maintainers' time.
Tools like OpenAI Codex, which can connect directly to repositories, are likely to amplify this problem even further.
That said, this is also the real measure of the actual value of LLMs and coding agents: the day we see top open-source projects having dozens of bugs effectively fixed per day by LLMs, we’ll know they’ve matured into a solid, reliable resource.
In my previous work we were strict about typos, whitespace and general consistency in reviews. And even fixed them later if they slipped through. I found it a bit ridicolous a times.
In my current company nobody cares. It can be seen in the whole code quality. Full of smaller and bigger bugs as well as horrible hacks. It can be seen whether coders look twice or more at their own stuff before putting it to review or not, just trying to avoid ridicolous comments. It's a whole attitude. I write good code in a messy source base is unlikely to work in practice.
That said, I have submitted cleanup commits to open source projects only in the same MR with a real code change I wanted to make and only in vincinity of that change.
FFmpeg seems to have dealt with that problem when they still were on github. This is the paragraph at the end of the readme:
> Contributing
> Patches should be submitted to the ffmpeg-devel mailing list using git format-patch or git send-email. Github pull requests should be avoided because they are not part of our review process and will be ignored.
An agentic LLM bot is likely to have no problems at creating a patch and mailing it but it's a major pain for most human developers. Furthermore they can ban source email addresses and vet potential contributors before letting them in the mailing list.
(I work on a project that uses an email workflow. "Should we switch to something else?" is a perennial topic.)
I think the main pain points are:
* unfamiliarity -- if you're not already set up then it's extra admin work. And the "obvious" approach (paste the patch into your usual email client and hit send) generally mangles the patch.
* developers are no longer largely using local plain text based email clients -- if you are already doing email that way then sending patches like that is a natural extension. If your email client is gmail, or worse still some Microsoft mail server, now you have to figure out how to send email in a way that's not html and doesn't get mangled by your mail server.
* how to set it up is not a single well documented path. Github has an incentive to do a decent tutorial/docs, and how to create an account and send a patch is the same for everyone. Using git send-email, there's a lot more variability: how to install it depends on your OS, and how to configure it to talk to your mail server depends on your mail server. In these days of two factor authentication and app specific passwords, it's no longer as easy as "put the server name and your account name and password into the config file".
This has got better in that now you can point people at e.g. https://git-send-email.io/ which has info on e.g. setting up gmail app specific passwords and what kind of authentication to use.
If you're a regular developer on a project, this is a one-time pain and thereafter sending patches is straightforward (assuming you're not totally allergic to the command line). But for one-off or first time contributions it can be a barrier.
If you are ignoring all of them. Filtering PRs to see which are worth having might take time in a large popular project. Even if it isn't much time, it is more than zero. You also have to deal with all the other comms associated: people submitting genuinely useful patches which accidentally get rejected querying (maybe politely, maybe not) and people who submitted less useful ones bitching about their rejection, both to the project and in public forums.
Another way to frame this is that even though the FFmpeg repository clearly indicates it's a mirror repository and has had a single open pull request titled "WARNING: PULL REQUESTS ON THIS REPOSITORY ARE IGNORED" [0] sitting in the pull requests page for 10 years, they've still had to close hundreds of pull requests.
That’s fair, but it would be trivial to use GitHub’s actions/API (and probably just an existing open source tool in either case) to automatically close them without anyone wasting their time.
I think you’re definitely right that being a massive project on GitHub that accepts PRs there would be a nightmare though.
Opening this site I get "Oh Noes! Invalid Response" with an anime girl.
Tried refreshing, opening in a private windows, same thing.
EDIT: tried it again and got to "Making sure you're not a bot" with the same cringey anime girl, then the site loaded without CSS. Tried one more time, finally it loaded.
EDIT 2: clicked on a link and I'm back to "Oh Noes!...".
Many people also never have problems with Cloudflare yet it causes endless pain for others. But besides that, having to enable scripts and waste resources should already be unacceptable.
Yes it did and it's only going to get worse, ai crawlers are going to continue to make running a website more and more painful. Don't blame the anime girl, she's just trying to fight the bots
> Don't blame the anime girl, she's just trying to fight the bots
This is exactly what makes this cringy. There is no reason to anthropomorphize your shitty anti-bot scripts. It's just as annoying as when software goes "oopsie woopsie" when there is an error.
I understand where they’re coming from with all the choices made, but honestly I suspect the anubis anime girl and associated sporadic failures (that I’ve seen, too, despite having a rather standard environment) functioning as a filtering mechanism that attracts a certain in-crowd person and makes a lot of others uninterested in staying around, and I think that’s intentional.
With the calm, respectful understanding that everything is subjective and there's no accounting for taste -
and in my personal capacity -
I do not understand how cutesy anime characters have been deemed sufficiently tasteful/professional/anodyne enough to be displayed to literally every single person who visits my site.
With apologies to fans of the art style, it is a negative signal to me. I do not prefer to use Cloudflare for things like this, but I would not use Anubis unless I could disable the imagery, and every time I see it on another site, I think: "hm. weird. whose branding is this?"
In the radiology department at Westchester Medical Center, all of the portable X-ray machines have little nametags on them that read, variously, "Enterprise", "Voyager", "Defiant", etc.
What an ingenious approach for a sustainable OSS project: serve the free version with playful art that you enjoy and that expresses your individuality, but which some people are bound to find triggering/improper; sell a bland lifeless corporate edition to those people.
I guess the main point is branding clash if you're a large company website (most companies care a lot about how their brand is shown, if they care about spacing/padding around their logo they also care about what pictures are shown when joining), hopefully nobody is triggered by this kind of art. (though resentment could build up if actual humans get frequently unexpectedly rejected as bots by this system, not sure if this actually happens however, didn't ever for me at least)
The approach they took here looks very reasonable from that standpoint indeed.
Branding clash also happens with Cloudflare. It’s only immediately clear when it is set up on a website you already know (e.g., Stack Overflow), but I remember when seeing it first I was visiting a new to me website and genuinely thought that’s what it looks like, and was taken by surprise when something with a completely different colour scheme, logo, typography popped up. I also recall Cloudflare did not (maybe still doesn’t) put up its own name up front on its captcha page, adding to the confusion. In any case, after a couple of times it’s no longer a problem to most people.
The resentment point is a fair one! If that happens and maintainers care about public perception of the mascot, I can imagine them wanting to change it somewhat.
> hopefully nobody is triggered by this kind of art
I’ve known at least one person who genuinely seemed triggered by anime-like visual style.
> hopefully nobody is triggered by this kind of art
Apparently a good chunk of HN is. Anubis-tan seems to me the main reason that this comment section about FFmpeg and Forgejo has devolved into a debate about Anubis; more than the intersitial page itself.
That's too bad, I wonder what's so triggering about it.
OSS projects are mostly done by people on their free time, they can do whatever they want with their mascots/branding/project. And those OSS projects tend to be significantly more respectful of users than the average modern software so on my side I tend to see those kind of harmless personal touches quite positively, sign of software that is made with the user in mind.
I think it's more that Anubis is getting in the way of accessing the content, and blocking actual humans. It quickly becomes "it's that damn anime girl again" and I suspect the mascot only increases the irritation in the same way that cutesy error messages do when you're trying to do serious work.
I fail to what hard choice there is to make. Choices are:
* use it
* don't use it
* use something else
* pay to change the picture
Easy.
> fetishes
And what fetish would that be? That's just a picture of a girl (maybe? Not sure they were ever gendered) holding a magnifying glass, if that's improper I'm not sure what is proper.
It's MIT licensed software. You can do whatever you want as long as you comply with the terms of the license. I can also choose to allocate my time wherever I want.
> but I would not use Anubis unless I could disable the imagery, and every time I see it on another site, I think: "hm. weird. whose branding is this?"
They do offer an unbranded version, botstopper. It is part of their commercial offering [0] and intended for "professional" environments
Once the project is sustainable (where I define sustainable as monthly recurring revenue--not one time donations--to be at $5000 USD per month as that is the point where my bank account stays flatlined not accounting for tax), an option to remove it will be added to the version you don't have to pay for.
Otherwise, it's MIT licensed software. You can remove it all you want, but I will use that as a signal to focus my time and energy as I see fit.
Thank you. I'm sorry if I was overly abrasive or rude, but it's getting really old. People have sent me horrible things because of this. I've had to start withdrawing from joining new places under my main identity. Just please take one femtoiota of care that the other side is also a human being with thoughts, feelings, and that they may just be incredibly tired of hearing people complain about something.
I legit didn't read any rudeness, it was a graceful retort.
> People have sent me horrible things because of this.
That sucks, and I see how it makes my (somewhat) measured reaction scan differently.
> Just please take one femtoiota of care that the other side is also a human being with thoughts, feelings, and that they may just be incredibly tired of hearing people complain about something.
Your shit rocks, your stuff on Tailscale in particular inspired me greatly, and I'm sorry you caught me seeing orange.
It's kind of an ingenious way to weed out people who are engaging in bad faith. Like if you're choosing not to use a very useful piece of software because of some aesthetic sensibility, maybe I want to be able to identify you more easily.
Fwiw I like the mascot but I also don't associate this username with my actual identity because I draw anime style pixel art, so I get it.
Thank you for what you do. I have zero use for Anubis nor have I personally encountered the problem it's meant to solve, but I'll readily support the girl, she is very cute. Never listen to the blisteringly lukewarm takes of the corpo venturecapitariat.
Thank you. I swear some people here have had their innate sense of whimsy surgically removed, or it's some kind of transphobia. Either way, it's frustrating to hear the people here bitch so much about something so minor.
So on one hand you wouldn't use it as-is for anything professional, because of the artwork, but on the other, you'd be unwilling to pay to use it -- for something professional -- because removing the artwork is the paid feature?
You would be horrified to spend any time in Japan then, where such characters are used in official capacity for anything from shops to corporations to government agencies, police stations and street signs.
It's just flashing a logo as the equivalent of a loading spinner while it does things. I don't see how the specific logo could possibly be interpreted as tasteless or offensive -- I know I'll take it any day over fucking Corporate Memphis.
> very time I see it on another site, I think: "hm. weird. whose branding is this?"
I'd hope at some point you'd start remembering whose branding it is, that would make things much less confusing for you :-)
Now imagine if the developers of sudo were behind this, now that would be the stuff of nightmares...
I couldn't care less about the art, but the user-agent discrimination is far worse. Implying that anyone not using an "officially sanctioned" browser is an AI bot is such a devious scheme that I don't think even Google themselves would've come up with it.
I think you've got the logic backwards. It defaults to assuming that user agents that have "Mozilla" in them might be bots. Uncommon browsers don't get challenged. It wouldn't make sense for bad faith bots to use uncommon, easy to block user agents.
Interesting. I guess I'll have to write an extensions to make open source websites usable again. I feel like at some point this will be "fixed" though.
The point is to allow bots that play nice and don't claim to be real browsers, as those can be identified in logs and blocked or rate limited fairly. But bad faith bots can be undistinguishable from browsers, so everyone else gets a PoW challenge to make their endeavour slower and expensive.
At least that's the spirit, of course someone will eventually just use random strings as user agents, but then again this is all a tragedy of the commons anyway.
Not sure what you're referring to, or what you mean by "it's just art style". It's a style that is likely to clash with the website branding it precedes, in my opinion.
I don't necessarily disagree. But in either case the point is "it's just an art style" is wrong. People make judgement calls based on art. It's just human nature.
~15 years ago I'd come across tweets sharing how European art teachers are struggling with cultural intrusions of anime into fine arts(lol), ~10 years ago Chinese companies started serving anime-style online games, ~5 years ago COVID kickstarted VTubers in anglosphere, now an anime art is in a major OSS like an AC/DC reference.
It's funny how vehemently people respond to anime the first time, it's often so strong that they would not be consistent with their judgements or even own moral standards. It then subsides, and then it'll be something that "doesn't look like anything" to them. Anime wasn't always accepted in Japanese culture(where it was born); it always existed and was growing consistently over the entire postwar history, but there were still plenty of cancellation forces on Twitter when it launched in late 2000s.
Don't worry, companies like Apple would be having an ultra sexualized silver gimpsuit teenager mascot by 2030 and anime hate would be replaced by something by then at this rate.
Can people just not like something? Not everything is a sociopolitical debate.
> It's funny how vehemently people respond to anime the first time, it's often so strong that they would not be consistent with their judgements or even own moral standards. It then subsides, and then it'll be something that "doesn't look like anything" to them
Yes in technical sense that only wrong countries try to control wrongthink, and no in the sense that if there are chances such opinions prevail.
It'll be like insisting YOLO[1] renamed and presentation video changed up. We all kind of deserve a right to say so, and insisting anime is unprofessional and must be removed don't look that way yet, but IMO it very well could be considered insane talks in 5-10 years.
Culture hasn't been monolithic for decades now; it's only fragmenting more. Broad consensus that any opinion is "insane" is becoming less likely, not the other way around.
I do find the fact that anime is inescapable among mainly the American youth (not seen it as much here in Germany) to be alienating. I guess it’s just what it feels like to get old
I don't feel you're right? I'm pretty sure that Germany experienced the same 80s anime boom that was felt in other parts of Europe too, and DoKomi (German anime convention) pulls ~180,000 people, very close to overtaking Comic Con. I'm actively involved in the European anime-adjacent DJ scene so I know Germany is not some low spot within Europe at all.
I think perhaps you might be overestimating how popular anime is with Americans because of how popular it is on the Internet.
I would say you are being unnecessarily pedantic: the GP said "anything wrong", and the original comment obviously believes that there is "something wrong" which makes the choice not "sufficiently tasteful/professional/anodyne" (/me looking up "anodyne").
The obvious positive reading of the GP comment is that they disagree anime characters make it not "sufficiently tasteful/professional/anodyne".
I am replying to the "parent" comment which replies to the "grandparent" comment on the "original comment".
You seem to be unnecessarily pedantic too, while being wrong at the same time (I would get those relationships wrong sometimes if I thought it was clear enough).
I mean, Anubis does allow you to change the image to whatever you want. (edit: apparently the feature is behind a paywall unless you edit the source code)
I kinda like the Anubis girl though (as you said, subjective)
OK, not GitHub "because Microsoft". But is there any particular reason why Forgejo and not GitLab, Gitea, or Gogs?
I'm not throwing shade at Forgejo or anything like that, I'm genuinely curious if there's anything about Forgejo that made it a better alternative than the other options.
Forejo is/was a soft fork of Gitea due to some licensing / trademark bruhaha that I think got blown somewhat out of proportion. (And Gitea was famous for using Github instead of dogfooding their own software, which I've always thought was a pretty strange choice). I'm not familiar enough with the development roadmap of both teams to make a good call on whether following the fork is a good idea or not, but I know a lot of projects are just bandwagoning on the fork due to generally frustrating Gitea governance. GitLab is open core and I know a lot of people are frustrated with their UX and with their high resource consumption for self-hosting (although I would expect YJIT probably made a big improvement here). I've only seen maybe one project use Gogs seriously, I don't get the sense that it has the same level of adoption as the other three.
Yes, Issue with GitLab is their "Enterprise" maximalist feature set. Seems like they want to be the solution for the entire SDLC for every conceivable team.
I remember thinking a decade ago "wow these guys are biting off a lot to chew, maybe in a decade they'll be able to tackle all these things in a comprehensive way" and my opinion now is they are still probably a decade out. I appreciate their ambition and wish them luck, but it's not for me.
If if a project requires more maintenance than I could potentially do by myself in a pinch because of complexity or having a massive supply chain of dependencies that keep it on a treadmill I will hesitate to depend on it.
In fairness, I've not used GL in a couple of years, but before that I used it a lot, and it all worked, but it never worked very well. Issue organisation was painful, and there was always some new trick that made it slightly easier but never enough (boards, nested workspaces, sprint tools, etc). CI had about a hundred different ways of doing the same thing, because every so often the GL devs would realise their current system wasn't quite general or powerful enough, and add a new way of defining DAGs, or a new way of sharing jobs, or a new way of managing environments. You didn't need to switch, but trying to figure out how all these different approaches interacted by reading the docs was a nightmare.
In general, the documentation and UI were painful, and trying to figure out how to do something usually took me to a GL issue that would describe my problem but either be closed (with little indication of whether the feature was added or what form it had taken in the end), or open with no discussion apart from a bunch of comments from a community manager saying "a bronze supporter said that this is a blocker for them". Trying to figure out where features or configuration lived in the UI was also like pulling teeth, especially with GL's love of icons to explain what everything is.
So it's not that the features are missing, it's that they're all half-baked, and it would take Gitlab another ten years to polish them off and round them out.
Just about every week I find "new" GitLab bugs which, after a quick search, turn out to be 5+ years old, with lots of community engagement, but seemingly zero movement from GitLab itself. I wonder what GitLab devs actually work on, because none of the new features in the last couple of years seem as impactful as fixing one of those bugs would be. (I still prefer it to GitHub, especially the CI model.)
It's not about features or if they work it's about the conceptual load presented to the user by the quality of how those features are integrated, how much configuration they require to do only what you want them to, ask of you only what you want them to, and no more.
When I'm interacting with a maximalist system designed to be everything to everyone, I still only want to have to worry about the things I care about.
They do seem to hold this as a value, but it's secondary to the maximalism.
The bit about the name seems to be a complete hallucination / tokenization error. The project's docs say: "Forgejo (pronounced /forˈd͡ʒe.jo/ (hear an audio sample)) is inspired by forĝejo, the Esperanto word for forge." I would expect the rest of the AI summary to be similarly unreliable / hallucinated—I compared the test directories for both projects and they both seemed to have about the same amount of activity.
For all sorts of reasons, this will probably happen to the vast majority of LLM output copy-pastes here.
It's a bit like copy pasting a search result link (anyone can do the search for themselves). LLM outputs don't provide the insight people are looking for on HN. They are unreliable. They sound boring. They may sound like ads for the LLM providers. There's probably someone out there actually knowing the thing and able to answer. There's usually a better way of finding out stuff. For instance, if you want to learn about Forgejo, going to its website or its Wikipedia page will be far more straightforward and reliable.
You also stated that something that contains hallucinations is surprisingly decent, which can mislead people (who should strive to stay alert though).
Many people also just plain dislike generative AI.
You are not the first to whom it happens, and you'll probably not be the last.
At that point, I believe HN's guidelines should be updated to discourage posting LLM outputs in most contexts.
all well and good to host your own code. but from a contributer's point of view, it is between managing dedicated accounts per project you want to participate in...or sign in with github [1]
openid exists, and is arguably older, but odds are most people would not be using it to begin with.
The comments on this page are a complete cesspool.
A full third of them complaining about the anti-bot protection mascot (yes, it's a cartoon character; get over it), others splitting the finest of hairs over software development groups and company politics, and more.
Self-hosting is generally good, well done to FFmpeg. Many large projects self-host, and my own ex-company has physical servers in the city we work at that can be unplugged if necessary.
I just wish Git itself had a more robust means of issue-handling (no, email is a 1980s protocol, it's not good enough, even if it is for Linux) and CI/CD, rather than relegating the matter to different hosts.
And now everyone has to learn GitHub Actions, Gitlab pipelines, Jenkins pipelines, and more.
I love self hosting but the comments i think have to do with quality issues.
Having an anime girl show up 99% of the time one visits due to AI bot protection is not the best experience no matter how much I love anime. Saying to “get over it” is dismissive to a large group of people who disagree with you.
The comments are not a cesspool but standard hn being critical.
I think it's cute. It wouldn't be a problem if it wasn't cute. It's inoffensive and doesn't get in the way of the software serving its function, the only critique I could do if I wanted to is people unfamiliar with the project would get a bit confused if they only saw the character for a split second: https://anubis.techaro.lol/
I think even Cloudflare gives you a second or two to see what's going on before forwarding you to the page behind it, that would be a nice UX improvement.
Otherwise, agreed about self-hosting and the ability to choose whatever platform aligns with your goals the closest to be a good thing!
> And now everyone has to learn GitHub Actions, Gitlab pipelines, Jenkins pipelines, and more.
A part of me doesn't like the churn of new CI solutions coming in all the time. On the other hand, after learning GitLab CI, I'd generally prefer it to something like Jenkins, it just feels more pleasant. But with something like Drone CI or Woodpecker CI my non-work needs are also covered wonderfully, especially with a lot of the software I build being packaged in Docker containers, which further simplifies and somewhat standardizes things! A lot of the time I can also encapsulate most of the logic in shell scripts that are easy to run regardless of the environment (CI server or locally), which makes it even more portable.
So wait, is the cartoon mascot at issue the Annubis one for the Cloudflare-like DDoS protection, or is it an actual FFmpeg mascot? Because I don't see any cartoon characters on the FFmpeg code, main, or wiki websites. But I am curious what kinda -tan they came up with. :P
I’ve contributed to a number of projects that try to self-host, with mixed results. It gets frustrating when someone’s GitLab (or other) server is so slow that every page load takes several seconds, or when the self-hosted solution goes down for a week because the admin is on vacation and missed something.
I’ve contributed to one server that feels the need to periodically delete dormant accounts for some reason. Every time I come back to the project I find myself creating a new user account.
With the anubis-protected servers the anti-bot protection has a lot of false positives, so occasionally I have to switch browsers just to not deal with page load failures.
One server adopted some black list that had my home IP in it for some reason, so I was just banned from accessing the server without a VPN.
It all just feels old and tiring after a while compared to the breath of fresh air of just using a site like GitLab or GitHub that simply works.
I understand why they’d want to do it, but I don’t think it’s without some tradeoffs.
Contribution-wise, I find Sourcehut’s approach[0] very sound: you could never have troubles with your account because you don’t need one in the first place. If you want to contribute, create a patch and send it to respective mailing list.
As a positive side-effect, a contributor is compelled to write a reasonable explanatory message to maintainers and keep the patch minimal and contained (compared to a typical Github PR with a dozen of commits mixing together fixes, features, newlines and indentation changes all over the place).
[0] They did not invent it, obviously—it is what Linux kernel, the origin of Git, had (has?) been doing for a long time!
> frustrating when someone’s GitLab (or other) server is so slow that every page load takes several seconds
That's a typical experience when the chosen solution doesn't match the available resources and desired scale. Projects like WordPress and GitLab may work for large enterprises, or when you add in enough caching that you don't have to do the large computation (generating one page) most times, but they don't work so well when you're wanting it to just work without custom solutions as a small team on a small budget
Forgejo doesn't seem to have this issue as far as I've noticed. I've hosted the predecessor (Gitea) on a potato. It's so easy to host, I think it's actually still running but forgotten about. I should check if it needs updating at some point..
Cesspool is pretty strong language, dawg. They're critical and opinionated, sure, but so are your own comments. None of it is empirical, just personal opinion.
I personally couldn't give a rat's ass how it's hosted. Still uses a protocol there's open source clients for? Cool. Not that I have pulled the ffmpeg source more than once in my life (which I suspect's the same for 99% of the people here). I'll continue to get it packaged for me by somebody else, who will pull it from wherever it's hosted, however they can. I'm just glad it still exists.
> Cesspool is pretty strong language, dawg. They're critical and opinionated, sure,
There's nothing wrong about critical and opinionated but respectful, but the comments that are now flagged, and some of the downvoted ones are very low quality, not just critical and opinionated.
> I just wish Git itself had a more robust means of issue-handling (no, email is a 1980s protocol, it's not good enough, even if it is for Linux) and CI/CD, rather than relegating the matter to different hosts.
Just shove the issues into Git itself. That's what Fossil does for its wiki and issues, while GitHub only does it for its wiki. There are several open source ways to do this with Git itself.
It's frustrating. As someone who is into self-hosting, I was hoping to find answers in the comments to questions like:
- How self-hosted is it? Is it on somebody's computer at home? A colo? One of those university linux servers that runs for decades? Hetzner? Is there any redundancy?
- How are the costs and responsibilities for the hardware broken down?
- How is admin and patching handled?
I'm actually very curious about that stuff, but nobody's really talking about it here
> The comments on this page are a complete cesspool.
I noticed this. I'm quite appalled. Definitely outside the usual HN standards.
I suspect the very idea of self-hosting one's code instead of using GitHub is triggrering many people beyond reasonable levels for reasons I'd love to get an explanation for.
Are people projecting their GitHub FOMO? Are people thinking that the value of the GitHub they cherish decreases with each project not picking it because of the weaker network effect?
I'm not calling people or reasons unreasonable, but the level at which they are triggered. And I stand by my point: being mad that someone chooses to self host is unreasonable and no amount of accusing me of doing armchair psychology will change anything to this.
Oh no, we are trapped in a angry comments infinite loop! :-)
Yeah, I wouldn't say it triggered me but we should definitely have flagged the angry comment and moved on, as per the HN guidelines. I was negatively surprised, I'm not usually surprised by comments on HN.
In the end, all these comments were flagged and downvoted to death anyway.
I do have a sense of unease about most smaller hosting services and self-hosting solutions, in that I don't trust them to stay up in the long term, once no one is left to care about projects on them, or at least not about the old versions. (This isn't so big an issue for something as big as FFmpeg, but I'm talking about the general case.) Just try to download some old version of a minor library from the late 90s or early 2000s: unless it's been continuously using the same source control repo, the odds are better than not that the files disappeared during the intervening decades.
In contrast, whatever its faults, I fully expect public repos on GitHub to last for the next 10 years, likely the next 20, barring active removal by the author. (The biggest medium-term risk is a "GitHub is evil, take down all your repos" campaign a la Reddit.) Of course, it's not foolproof, the only way to get that would be to replicate the project in dozens of places, but I find it much better than the old status quo of files slipping away once forgotten.
That's a totally valid concern that I also have and that does need to be addressed.
I'm thinking of setting up mirrors for my stuff for this exact reason. Now that codeberg exists, that could be the solution and why not accept contributions from codeberg too if it doesn't make the development process too messy.
OTOH GitHub is a huge SPOF. I also trust that my stuff that matters is checked out by other people who will reupload somewhere else should something happen.
I think it is OK that repos and content in general disappear. It is healthy. If somebody is caring about hosting the thing it most likely means it is healthy project. If not you shouldn't probably be using it.
This obsession with saving everything forever leads to information overload. In 20 years the github namespaces will be so full that finding good name for a project will be impossible. People often bring up social media but i think that's even worse. If you like some of photos just keep and save them yourself. I don't think it's healthy to be randomly reminded (what facebook does) about what somebody was doing 8 years ago on this day. People are unable to forget and forgive. We should allow for this to happen automatically like our memories.
> I suspect the very idea of self-hosting one's code instead of using GitHub is triggrering many people beyond reasonable levels for reasons I'd love to get an explanation for.
The cloud companies do not want you to selfhost. It is good that Ffmpeg did not experience a DDOS attack yet, because that's what happened to someone who moved his email to selfhosting. We are living in a time when companies have become like mafia.
I strongly disagree with the issue handling & CI/CD part of your comment. Those are concerns are orthogonal to distributed version control and greatly complicate any system.
Not everyone even has to learn Jenkins/GH-Pipelines/whatever. In most teams I've worked on those are typically managed by one or two people, or by a different team entirely. And it's not even a hard skill to learn.
TCP is even older; so what? It works, as does email. It's merely a transport layer.
What is required is a well-defined standard to encapsulate relevant data into it: PR definitions, code review comments, approval / rejection votes. This all could be a zipped JSON attachment, for instance.
The code change proper can continue be passed in the patch format. Or the whole thing could arrive via an exposed API endpoint, or even be pushed by git protocol.
A tool could interpret the extracted data and update a database that powers a nice GUI / TUI, and controls a CI/CD interface.
(Now if I only had time to properly design and implement that.)
Why all of this? You can just enforce some formatting rules and add a few script to the system mailbox to alter the message (add an issue number, send a notification when a change is accepted and merged, etc,...). No need to complicate stuff. Just send a standard plain text email that follows the rules.
> A full third of them complaining about the anti-bot protection mascot (yes, it's a cartoon character; get over it)
If you're going to force people to stare at a screen with nothing but your quirky anime girl OC for a few seconds every time they visit your website, then in my opinion it's completely reasonable for those people to point out how immature it is. Telling people to "get over it" just makes you sound equally as immature.
The “branding of your captcha page is immature” point is a downside unless you consider it not merely self-expression but an intentional motivator for “more mature” (which not infrequently goes hand in hand with “financially able”) people to subscribe to a commercial offering, thus helping keep an open-source project alive and in an honest business, despite competition with a VC-backed behemoth that’s become nearly a monopoly.
> unless you consider it not merely self-expression but an intentional motivator for “more mature” (which not infrequently goes hand in hand with “financially able”) people to subscribe to a commercial offering
I'm fairly confident in saying that self-expression is the #1 motivator here and the commercial offering was an afterthought.
I don't have a marketing degree, but I'm pretty sure that if selling your software to professional businesses is the goal, making the non-commercial version feel extremely unprofessional is really not the best way to do it, considering most people are likely going to find out about the project's existence by seeing it, and it won't leave a good first impression.
> if selling your software to professional businesses is the goal
If that was the goal, this wouldn’t be an OSS project, would it?
When we are talking about FOSS, the goal is to keep the project alive and sustainable without burning out or starving. There are various ways people do it (such as making it your side project in addition to the day job, charging for bug fixes and features, etc.), and this one doesn’t strike me as the worst—making it partly your self-expression creates that extra bit of motivation to keep going, and if it serves as an incentive for people who find it otherwise good (some of which may in fact not mind the default style personally but wouldn’t go for it at their place of employment) to become paid customers then all the better!
Do these same people refuse to use Go because the homepage has a gopher mascot that could be straight from western children's cartoon courage the cowardly dog on the homepage?
FreeBSD because of the cartoon devil? Bash because of the GNU goat with the facial expression that could be read as smug or stoned? Google's logo is some printed characters in primary colours, is that too childish?
Nah, that people have such a visceral reaction to the anime girl is not just because it's "childish" as so much else of our industry is "childish" and passes without comment, or sometimes even causes criticism when it gets taken away for blandness (see all the complaints when projects redesign their logos to Helvetica work marks)
> If you're going to force people to stare at a screen with nothing but your quirky anime girl OC for a few seconds every time they visit your website
It is a damn sight better than the maliciously-compliant and deeply annoying GDPR 'we use cookies' banners, pop-ups, and dark patterns like having to uncheck thousands of 'partner' boxes.
This is merely a response to AI companies abusing scraper bots and having a callous, selfish disregard for Internet and server bandwidth. It was on this very website where I saw it put quite succinctly—AI-scraping bots have essentially started mass DDOS attacks on all small servers.
> immature
Maturity is empathy, human connection, understanding, perspective, compassion, altruism, and more. Not some arbitrary 'this is a cartoon, therefore it is immature'.
25 years ago Microsoft, the professional software behemoth, decided to put a cartoon dog and paperclip with googly eyes in its operating system and office software. A major mobile OS has a cartoon robot in its logo.
Cartoons are metaphors and windows into the artist's frame of mind. They are much more mature than your shallow portrayal of them.
You can take it as another data point. Here's another one: it works for me on Firefox/Android too. It might imply that the issue is probably not with that specific combination but something else. Maybe disabled cookies? Just an idea.
They were using an old fashioned mailing list to pass patches around, I would imagine features like pull requests and issue tracking made forgejo an attractive option
### July 22nd, 2025, Modernization of contributions
The project is modernizing its contribution methods and switching to a software
forge.
We have setup a platform on [code.ffmpeg.org](https://code.ffmpeg.org/). The new
process features continuous integration on all commits and merge requests,
labelling for categorization, conflict resolution, and logging in via OpenID or
Github.
The main repository will become
[code.ffmpeg.org/FFmpeg/FFmpeg](https://code.ffmpeg.org/FFmpeg/FFmpeg), with all
others being mirrored to it. Users are encouraged to begin using it, effective
now.
Mailing lists have supported our development for nearly 25 years, but as more
and more contributors started to become involved, the ratio of merged patches to
total mails begun falling. Mailing lists became a source of friction, with
discussions frequently stalling and uncategorized noise drowning out patches by
bumping them down in inboxes.
Although [patchwork.ffmpeg.org](https://patch.ffmpeg.org/) was set up to track
submissions, it was less than reliable, with many patches and mails slipping
though. Since its activation exactly 9 years ago, it recorded 54,476 patches,
with 53,650 patches having the state of not archived. In comparison, the mailing
list has had a total of 150,736 emails during the same time period.
Additionally, new users have frequently encountered difficulties with mailing
list development. From finding out the correct SMTP login details, configuring
git send-email, new email security mechanisms interfering with mailing list
operations, and finally not having a comfortable workflow to review patches.
After years of discussions, and a vote, we officially announce the new platform,
[code.ffmpeg.org](https://code.ffmpeg.org/), running
[Forgejo](https://forgejo.org/). Documentation will be updated to reflect the
change.
Mailing lists will continue to be monitored, and used for project discussions
and other topics better discussed elsewhere, but traffic and noise should become
significantly reduced over time.
Bugs/issues will be accepted on [code.ffmpeg.org](https://code.ffmpeg.org/),
alongside with [trac.ffmpeg.org](https://trac.ffmpeg.org/) for the time being.
We are also hoping that this will significantly reduce the amount of unmerged
patches. If you submitted a patch which received no replies or conclusion, we
apologize, and you are encouraged to resubmit it on the new platform.
For those with a power-user email setup geared towards mailing lists and patch handling, modern web-based platforms are a substantial usability regression.
Some times HN comments are a time machine that reveal people stuck in the past who hate anything modern.
A couple weeks back someone was arguing that websites these days are too slow. So slow that it took them minutes of waiting time to order something online. Then they revealed that they were using a computer that was nearly two decades old and didn’t even have enough RAM to meet the requirements of a modern OS and browser. “But it should work!” was their refrain.
Not really. It probably got overloaded with requests and thought that another crawler was tergeting the repository so it probably bumped up the measures.
Once I reach the $5000 per month goal across all funding platforms, features currently exclusive to the private fork of Anubis for corpos (including changing the images and soon HTML templating support: https://anubis.techaro.lol/docs/admin/botstopper) will be merged into the open source repo.
I love the idea of Anubis, but in practice, it has turned more than a few sites that I visit into sites that don't work without javascript. So instead of being happy to see it, I find myself disappointed and frustrated, often deciding not to bother with the site after all.
It's off by default while the false positive, true positive, true negative, and false negative rates are being evaluated. This is how you make changes like that without breaking user expectations.
That's good news. That'll make me consider using Anubis.
Thanks for fighting the AI bots.
You get some hate for this anime girl image but this paid white label thing is a good idea I think. It's nice we have alternative ways of funding free software that doesn't involve ads and tracking and thank you for choosing this path.
There's a solid strategy behind it: give people what they want with a flaw that makes it unviable for corpos. Then sell the cure. I remember being told that monetization model as a joke and figured this would be one way to test it. The horrifying part in my book is that Anubis is a relative success story as far as open source funding goes, and it's barely a third of what a junior level software developer makes. It's maddening.
Interesting. I suppose I need to try this if I ever happen to build something to which it could apply. Thanks for the inspiration.
A third of a junior salary is not much but I guess it could help with at least turning a full time position into part time.
> I remember being told that monetization model as a joke and figured this would be one way to test it
Ah ah. Awesome.
It has happened to me once or twice that I jokingly share an idea, and it gets picked up seriously (in a professional setting). "But it was a joke! Too late. Oh no." - I guess it's not too bad in the end and shouldn't be fighted too hard. I guess I'll just make sure that if the idea is horrible, I don't make the joke if I think people around could seriously pick it up.
Thanks for the answer. To be clear, although I'm not a huge anime person, I don't have any issue with the mascot itself. I meant my question as "why is the Anubis mascot an anime girl [instead of an Anubis]", but it seems my intention was misread over the internet.
Every obscure browser I've thrown at it has passed except for Opera Mini because it doesn't support real Javascript. Compared to the alternatives (Cloudflare/Google RECAPTCHA), compatibility is great in my experience.
If you're one of those NoScript people you'll probably end up stuck unless site admins enable the meta refresh challenge. If it proves effective, that may get turned on by default in the future, though, which would solve that problem too.
It's interesting (and a little sad) how all git "forges" (for want of a better word) converge on the same layout. An alphabetical list of files, when they were last modified, and an expanded readme file.
IMO a list of recent commits would be more useful as a landing page, or maybe even just the readme. When checking out a new project, I'm interested in what it does, not in its folder structure when its LICENSE.md was last modified.
You might like cgit, git-arr, or one of the other static git generators. They generally have a different mode of navigation. They're not 'forges' in that they don't have in-built tools for things like bug-tracking and managing PRs though, but lately it seems like projects are becoming more interested in the git email workflow anyway
Pick one of the open source forges that takes MRs (not using the giant's terminology, hardly ever calling git pull either...) and contribute your ideas.
That said, it's a bit like QWERTY. Maybe a bit weird, but it eases quick orientation on a new keyboard or repo if everyone uses the same layout.
Well, for one it's much faster than the github mirror. Browsing files is at least 10x faster. And getting away from the mailing list send-patch workflow is huge. Though they could have that for free also.
self hosting could drain too much resources I fear.
Delightful, now Anubis is giving me "invalid response" (Firefox Android). Great to see that AI bot protection is blocking legitimate use now too. Would love to check this out, but I can't.
The CSS bug happened to me on desktop too (but went away after a refresh). It looks related to Anubis since the reason the stylesheet isn't applying is that it has HTML containing "<title>Making sure you're not a bot!</title>" prepended to it.
There are also some minor issues with composite actions and reusable workflows.
If I use composite actions, the logs get associated with the wrong step[1]. It's just a visual thing (the steps themselves run fine), but having 90% of your action logs in the "Complete job" step is unpleasant.
For reusable workflows there's a few open issues as well, but what happens in my case is that jobs just don't start at all, they stay as "Waiting" forever.
These issues only matter if you write your own reusable actions with YAML (the actions written in JavaScript seem to work fine), but it's worth mentioning.
Other than these two issues, I'm very happy with Forgejo and would still recommend it if people ask for my opinion.
- The provided reason given was due to user accessibility concerns complicated by what likely is a breaking change.
- Even if you don't agree with the claim, a reserved name isn't unreasonable at all. Not to make a standard of GitHub, but the `admin` username is reserved there too.
- Dismissing an entire product based on a single non-critical technical limitation while simultaneously not contributing to the solution (unless you have a different username there, happy to be corrected) is fundamentally toxic.
- All the while conflating two separate products (Anubis and Forgejo) that aren't related at all.
- And that Anubis offers a non-anime girl solution, and is MIT Licensed if you really don't care for supporting the author.
I'm not going to prod at the "and everything else" part either.
How exactly does mailing list contributions work? I've only ever seen a few urls of messages but they are extremely obtuse. You would need to click parent parent parent to get context on the message you originally read.
I must be missing something and since mailing lists are dying, would love to understand this relic of the past.
Simple: you don't use the browser at all. You download the source code via your VCS client. You find the thing you want to change, make a branch, modify it, generate a patch. You email the list with your patch and a very detailed description of what you're doing and why. Lots of people reply, and your email client shows you the threads hierarchically. It makes sense to you because you started the whole conversation and see their in-line replies in your email client.
As an old fogey who started with mailing lists, and still uses them to send patches, it's actually much simpler than browser-based workflows. Most of it is your own workflow in your own repo clone in your own environment. The patch and email threads are a universal abstraction; you add the rest yourself, with any method you're familiar with. This removes any complexity that would otherwise be imposed by the browser, remote web app, etc. It's like sending someone a letter in the mail, rather than choosing between 15 different messaging systems, protocols, apps, OSes, etc. If you can read words you can figure out your own way to deal with the contents.
And as far as it dying out: I actually think it's faster to communicate via mailing list. The thing a GitHub clone gets you is co-located collaboration, and CI tests. Those things are very powerful, and really should be integrated into a single open source standard, rather than a lot of custom web apps. But the modern software developer doesn't understand the value of standards.
You're supposed to use a proper email client which solves this problem. Sourcehut uses the email contribution workflow and has the documentation to support it; have a look at it:
The web view is meant to be the publicly searchable archive, not the primary interface. Developers are supposed to use an email client and git integrations. You can follow a number of different guides to get set up to contribute but it’s not actually easy to use the workflows.
To be honest I think the difficult and learning curve is part of the goal. The people who operate in these worlds don’t want it to be easy for anyone to come along and get involved. One of the main objections to moving to hosted platforms like GitHub or Forgejo is from people who worry it will result in a lot of low quality PRs that have to be dealt with. I’m not suggesting I agree, but it comes up a lot.
> To be honest I think the difficult and learning curve is part of the goal. The people who operate in these worlds don’t want it to be easy for anyone to come along and get involved.
If you’re using the git tool, it’s very easy to get it working and easier to use afterwards. It allows you to use you own environment and not someone else’ web app. If you’re the maintainer, people send you patch and you can script out the review phase. If you’re a contributor, it’s actually a few command to send a patch to anyone. And learning how to cleanup your commits is always good.
I can understand the pain if your only email account is gmail. But there are good smtp providers out there.
Linux kernel today is still managed with patches on the mailing list. It shouldn't be hard to see how this can be extremely effective for a maintainer running a programmable editor like Emacs or Vim.
I self host my code. If you can't bother creating an account or sending an email to share your contribution, I guess I'm quite fine not to have it. I'm sure ffmpeg don't need your contribution as well.
I don't get this stance. Sending an email or creating an account is so low effort compared to any meaningful contribution.
The friction is not intentional but I guess it's a feature, it probably filters out some low quality interactions.
Note that ffmpeg has been using mailing lists, they are not migrating away from github. I'll just assume you wrote your comment without going further than your initial gut reaction to the title, which kinda proves my point.
I have contributed to a lot of open source projects for many years. They sure don't need my contribution, but if it were more accessible, I might actually contribute one day.
Given that ffmpeg was apparently using mailing lists before (which I didn't know at the time of writing), this is obviously an improvement. But it's still a lot of friction, and it seems that it's friction for no particular reason.
Hosting your code on something as obscure as Forgejo actively makes it hard for people to contribute. Most developers use GitHub, and only have experience with GitHub.
If I have an issue with something, I'll make a PR and move on with my day. But if making that PR involves creating an account on some obscure website and learning a new user interface just to contribute code to a single project, I'll simply pass. It's not worth the hassle.
GitHub is the most popular service by far for a good reason. People build their whole professional portfolio on GitHub, and it's well-known and globally recognized.
If you're afraid GitHub is gonna go down one day or kick you out, just mirror your repo to your own git instance. It's been done for decades, and it works very well, without introducing friction.
> Most developers use GitHub, and only have experience with GitHub.
> GitHub is the most popular service by far for a good reason. People build their whole professional portfolio on GitHub, and it's well-known and globally recognized.
I see those things as a big issue. I hate it that github is a monopoly, that open source software projects rely on proprietary software for their infra and that we all depend on Microsoft of all companies for our open source activity.
I personally don't want to participate in helping MS maintain this monopoly.
Hopefully with these developments around forge federation, the "having to create an account is too big of a friction" thing will be less of an issue.
In the meantime, Forgejo already allows login in with open id providers, in many case you are already able to login with your github account.
Since we are talking Git hosting infrastructure here and comparing it to GitHub, can you explain to me what do you mean with "git instance" in "just mirror your repo to your own git instance"?
Interesting how clueless but determined you were in your first comment. Maybe you should pause a bit and reconsider your whole outlook so you can advance with better success.
Are you not familiar with SourceForge? Did you know what a (non-software) "forge" is?
The term actually predates Git (SourceForge started with CVS and SVN IIRC).
I am not saying documentation should not be better — it should — but I am surprised someone in software development would not know of the term. And knowing how good free software projects are at documentation, not turn to searches first (or is it just software projects? I've recently tried to find out what VMWare product I can run virtual machines on Windows with, and it took me a bit too).
Edit: the homepage at https://forgejo.org/ actually has phrases like "self-host your projects and get everyone involved in delivering quality software on the same page" or "Self-hosted alternative to GitHub"
> I am surprised someone in software development would not know of the term.
It is not a software development term. Are you trolling?
I know what SourceForge is. I had repositories there. I have never heard of a web portal for software project management (SCM front end, issue tracker) referred to as a "forge." Just because a product uses a weird name does not make it a term of art.
It's a widespread term. You just happened to not run into it yet or more likely you never made the connection. It happens. It's fine, but also we can't do much about this.
Someone did not read the homepage, did not do a web search and complained about the term "software forge" in a HackerNews comment, and I am "old and grumpy at internet"? :D
There are so many opportunities to learn it, and recognize it from one of the existing projects still using it in the name, and it's better to complain on HN?
(Though I guess I still classify as a millenial, but I would love to be closer to boomer when it comes to CS experience)
this is one where "software forge" is industry specific jargon (similar to "isostaticrebound" in earthquake science and "evapotranspiration" in biology) which the intended audience would tend to know the definition of. that said, it's a fair complaint for the quality of their marketing material (if not their technical documentation).
as an aside, i checked and it takes four taps (with an thumb highlight thown in ) to define it from my phone.
Curious, what part of the industry is "software forge" a term of art? I have been programming since the late 90s and have never heard it. Looks like it was popular from 1988 to 2007:
It's impressive how much GitHub dominates with so little lock-in. It's so easy to add a new git remote. Yeah GitHub has its own features too, but for a long time free private repo wasn't one of them.
Git itself is simple, but is their .md file renderer open? Are their workflow runners available anywhere to re-use? The API also has gaps (esp if you wanted to migrate your PRs or Issues over), though I don't remember what was the thing I couldn't achieve with it.
But I guess you are referring to indirect, incidental domination like "social" lock-in (I always smile at job application forms asking for a GitHub link — I've got thousands of free software commits in their own, dedicated software forges, but very few things on GitHub directly, or at least, in mirrors not tied to my GH account), "marketing" lock-in (I've heard many junior and not-so-junior engineers refer to GitHub as "Git"), etc...
This part seems mostly interoperable. GitHub's alternatives seem to have implemented something mostly compatible. If you migrate from github to gitlab or gogs or gitea or forgejo, that part will probably just work.
Worst case, markdown is still mostly readable as is and a commit can fix the odd non working thing.
But 100% agree with the rest of your comment.
GitHub has managed to create a network effect by trying to be a social network and succeeding. They managed to create fomo for code hosting. This very HN post shows this.
The lock in is issues, pull requests, and all the conversations that shape long term software projects. The actual implementation and what's tracked is often just what falls out of that.
It is quite common for larger open-source organisations to self-host their repositories and issue trackers. After all, they would quite literally stop existing if Github were to do an oopsie. Voluntarily putting the keys of your entire existence in the hands of a third party isn't exactly an attractive option.
"Literally stop existing"? Having broken links and notifying everyone when a migration happens is for sure a hassle, but migrating a git repo is the easiest thing in the world.
That's kinda the whole point of a distributed VCS.
Bit of a side note, but nobody should use Substack for anything.
For those out of the loop, Substack has been overlooking Nazis on their platform for a few years, and recently pushed a notification to all subscribers to check out a blog with a Nazi swastika.
Don't use the most used platform for blogging reach in 2025 because .0000001% of users are people you hate?
Sounds silly. Don't use wordpress because a store I don't like uses it? I hate to tell you this but friend and foe are using Google search.. time to move on.
Throughout my entire life this has been a reliable sign to move elsewhere. Monocultures and monopolies tend to have negative long term outcomes.
> this just means that the devs at FFmpeg are having so much fun
A real problem. This should be dealt with immediately.
> Trying around github alternatives for memes.
I have a feeling that if this attitude pervaded the open source community then Gérard Lantau (a.k.a. Fabrice Bellard) would have never started work on or released publicly ffmpeg in the first place.
There's a real feeling of modern corporate entitlement encoded into your comment.
The FFmpeg culture is… very different. It’s hard to explain. But one hard requirement they had is that they did not want to give someone else control over their infrastructure. And it had to be open source. Only self hosting options were considered.
[It should be overly clear that] there's nothing special in wanting to have control in one's own processes, in wanting to avoid monopolies, and for free software projects to want to rely on free software. There are also many other reasons to want to avoid github specifically (there's at least a "github is down" thread every month on HN these days - having something that works at all is one of them).
Many important free software projects use there own self hosted solution.
I don't even understand how this is a question, and your parent comment is needlessly inflammatory and didn't deserve any answer.
Well github is very much owned by Microsoft, and with the recent changes of the CEO there are a lot of reasons to prefer a non closed source and non-gigant-tech-corp-controlled software forge.
Many big successful open source projects host their own code. They also join/create foundations and create lasting legacy. Get real sponsorship dollars.
So do some smaller projects.
Culturally hosting yourself is one of the key elements of the hacker ethos.
I'm finding out about Forgejo (and their reasons for forking Gitea) right now for the first time. I already migrated my Gogs install to Gitea, and now I have to migrate Gitea to Forgejo? This shit is why people just stay on Github.
We've been using gitea for 6 years, and I see no reason to migrate anywhere at this moment. Gitea sees faster development and has more features (even though many patches flow to Forgejo — the reverse is impossible due to license restrictions).
It is possible to migrate from 1.22 to Forgejo simply by changing the binary, and downgrading from 1.24 to 1.23, and from 1.23 to 1.22 is possible if you know your way around PostgreSQL and have a spare hour. I always write downgrade scripts for each release and test them before upgrading Gitea to make sure that I can always back out and move to Forgejo if Gitea folds. Haven't seen much reason to do it up to this moment, though.
edit: for example, here's a 1.23 → 1.22 downgrade script; I don't have access to 1.24 → 1.23 atm:
According to Forgejo[1], Gitea underwent a secret hostile takeover by a for-profit company and has been moving from free software to "open core" bullshit. The reason that I, and I assume a lot of other people, made an effort to switch from Github to Gogs/Gitea was to evade the for-profit corpo nonfree crap. The more I'm looking into it, the more it looks like the real development is happening on Forgejo too.
A more charitable framing of the situation is: the for-profit company is because people always complained about Gitea "why is it developed on GitHub, not your own hosting" but that means money has to be involved in the cloud hosting project; it is just the same Gitea core developers it has always been, not a takeover.
The "open core" (Gitea Enterprise) is not Gitea, it is a downstream fork by CommitGo, who you can pay for contract development for custom features. The features are expected to be upstreamed, there are open PRs, they just don't yet meet Gitea's code review standards. You can run them from the PRs if you like.
Yeah, it's hard to take them seriously when they've been saying very nasty things about the project their whole foundation is built upon, and from where they continue to draw most of their functionality. Gitea is ahead on that despite patches flowing one way only. If you look at forgejo commits, more than half of them are merges of library updates made by the renovate bot, which artificially inflates the level of activity you see. About half of the rest are cherry-picks from the Gitea repo.
Look instead at the amount of features introduced with each version. Forgejo releases twice as often as Gitea does, so compare two releases of Forgejo with one release of Gitea made within the same time frame. I haven't been impressed so far.
> it's hard to take them seriously when they've been saying very nasty things about the project their whole foundation is built upon
I'm not sure why that would make them hard to take seriously unless the things they're saying are false. Is that what you're claiming?
> If you look at forgejo commits, more than half of them are merges of library updates made by the renovate bot, which artificially inflates the level of activity you see
If I thought number of commits strictly equals activity then I guess it would look like that, but I don't. From what I'm seeing, a lot of the Gitea devs left to go to Forgejo and are now working on it exclusively, while the work being done on Gitea gets selectively merged into Forgejo too. I don't actually care about that either - Gogs had all the features I wanted when I first installed it years ago and all I really want out of the maintainers is security patches. I'm mostly just concerned about licensing and ownership models that incentivize the software org to inevitably turn evil in the future.
None of the really heavy hitters from the "core team" have left. As long as 100% FOSS Gitea pulls ahead in functionality, and can be downgraded relatively easily with an hour of work, I personally see no reason to move anywhere. You can part in different ways, the vibes you give off certainly matter, even when you're 100% technically correct.
And I suggested comparing releases, not commits; Gitea is ahead here both in what it supported at the moment of the hard fork, and in what has been introduced since then (counting only the MIT version).
> And I suggested comparing releases, not commits...
Who's asking for all those new features? Enterprise users? I love the old Gitea because it was light enough to run on a Raspberry Pi Zero. I've been delaying trying Forgejo due to concerns about bloat, but you've just sold it to me. All I need for it is to mirror Git repositories I care about every couple of days. Like gp, I consider Gogs/Gitea to have been feature-complete years ago
Thank You. It was an obvious question as to why Forejo. Something that is not popular and not well known for many compared to Gitea. And what happened with the fork. I thought it should have been the first question on HN. Instead, even when asked it is not upvoted, and when it does, it is at the bottom of the comments section.
From the context in that mailing list it does seems there is more to it. Not to mention Gitea is still MIT license and continued development. But competition is good, I hope both project do well.
I get the annoyance of having to migrate (although migrating from gitea to forgejo was a matter or replacing the gitea binary with the forgejo binary up to until recently - completely painless), but you don't have to migrate.
Compared to Cloudflare and Google, you can actually talk to a human here and they might (I have no reason to believe the opposite) actually care about niche browsers whereas Google seems to test their products on browsers other than their own engine only after release (presumably people will get annoyed about these breakages/outages eventually and switch to a their browser or a rebrand thereof). There's no such conflict of interest here. I'm not aware of a better thing to use than Anubis or a self-written equivalent (my understanding is that it's a simple sha2 PoW)
It's cool to see such an impactful project choose sovereignty. I hope more projects follow their example.
If you're a backbone-of-the-internet project like FFmpeg is, living on GitHub seems horrible. You will be subjected to thousands of low quality pull requests and issues from people searching for typos to fix, adding a line of white space for a contrived reason, or similar nonsense changes. Just so they can put "FFmpeg contributor" on their CV (or whatever).
Rejecting useless or white space-only PRs is quick and easy. It’s not as big of a problem as you’re suggesting.
I’ve gone through a few projects and updated the documentation as I explored the codebase. Reception ranges from thankful to people scorning me for attempting to make contributions that weren’t code changes. It’s frustrating when maintainers are more interested in keeping people out than in considering actual code or doc improvements.
> Rejecting useless or white space-only PRs is quick and easy.
No, it really is draining.
> I’ve gone through a few projects and updated the documentation as I explored the codebase. Reception ranges from thankful to people scorning me for attempting to make contributions that weren’t code changes. It’s frustrating when maintainers are more interested in keeping people out than in considering actual code or doc improvements.
It's frustrating when people make "contributions" that take more effort to review than they put in and then get mad when they don't get thanked for it. This attitude is exactly why dealing with drive by pull requests is not "quick and easy" - suddenly you need to do social and public relations stuff when all you want to do is code.
It’s all in the approach: start with a “thank you for the project”, and a “hope you don’t mind but I’ve corrected a few typos” and nobody will shout you down. Only go with a blank PR description and it’ll come across as arrogant and spammy.
As a counterpoint, these kinds of formulaic ingratiating preambles turn me off. Get to the point of your PR, so I can judge on its merits!
completely agree, I'll take "fix typos" any day over three sentences that don't add anything of value
> and nobody will shout you down.
Unfortunately not my experience everywhere.
> Only go with a blank PR description and it’ll come across as arrogant and spammy.
Not at all what I was doing when I triggered the open source maintainers I was talking about.
There are people hunting double spaces or typos in code? For what contributor credits?
As a maintainer of a few open source projects, yes it happens a lot.
I want to believe some people just want to send small patches to projects when they notice something (I tend to do the same for projects I use) but my impression is a lot of them do it so that it shows up as "contributions" on the GitHub profile which they can then add to their resume (or get some other kind of street cred).
At least typos are actual fixes, far more often you get complete spam (people copy-pasting the contents of PRs and issues from 5 years ago, sending bizzare pull requests with hundred of commits as a merge commit, leaving cryptic comments on 5 year old commits). The spam reporting process on GitHub is kind of annoying to go through, but I trudge through it every time we get one of these PRs. There was one year of Hacktoberfest where some streamer told people that if they just spammed projects with 5 PRs they would get a free shirt and every open source project was DoSed by hundreds of garbage PRs made by accounts created the same day.
Personally as a maintainer, if someone is fixing one typo in order to "get started" contributing to a project I would prefer that they go through and check for any other instances of typos in the project to make a more complete fix (or even better, add a CI job that runs codespell or similar spell checkers). That feels more like someone actually interested in fixing something about the project, as opposed to sending a one-line drive-by patch to pad their resume. (I'm still happy to take the patch of course!)
> Personally as a maintainer, if someone is fixing one typo in order to "get started" contributing to a project I would prefer that they go through and check for any other instances of typos in the project to make a more complete fix (or even better, add a CI job that runs codespell or similar spell checkers). That feels more like someone actually interested in fixing something about the project, as opposed to sending a one-line drive-by patch to pad their resume. (I'm still happy to take the patch of course!)
I have to disagree, changes to development processes are the worst kind of drive by contributions. I don't want CI jobs contributed from someone who isn't going to maintain them.
I mean, I would prefer that it be done as part of a discussion with upstream but if you're talking about a GitHub Action it's not really that much effort to maintain in my experience.
But even if adding CI jobs is not the preference of upstream, I would prefer that the contributor runs codespell locally and fixes all of the issues rather than just sending one-line patches. And I can imagine much worse forms of drive-by contributions than CI jobs that you can easily disable in the future.
I fix documentation typos or broken links because they really annoy me. There are some egregious examples of people doing it for GitHub-as-a-social-network reasons, but I think some are like me and just want to fix the writing.
I always start with a small patch to test the waters of a project. That way i dont waste my time with a larger patch if the project is a PITA to contribute to.
I similarly contribute only minor language and writing corrections to Wikipedia, and usually anonymously (unless my phone has randomly pulled a blocked IP and I need to sign in). I don’t consider myself enough of an expert in any Wiki-worthy topic to do anything more, but I’ll make damn sure small mistakes get addressed.
I feel even less qualified to contribute corrections on GitHub mostly for the same reasons mentioned above. Staying anonymous prevents anyone from thinking I’m attempting to capitalize on low hanging fruit.
Yes.
There’s also a couple of video tutorials that show how to make a pr, using node or nom on GitHub, and people just follow the tutorial verbatim, not thinking about what they’re actually doing.
oh boy... I am thinking of having it as an interview question - once someone raises a PR for an empty space it's an obvious NO )))))
Yes. I have a lot of long, boring stories about exactly this.
This issue has only worsened with LLMs "assisting" contributors in submitting PRs that end up wasting maintainers' time.
Tools like OpenAI Codex, which can connect directly to repositories, are likely to amplify this problem even further.
That said, this is also the real measure of the actual value of LLMs and coding agents: the day we see top open-source projects having dozens of bugs effectively fixed per day by LLMs, we’ll know they’ve matured into a solid, reliable resource.
Typos may be quite impactful, don't discount them.
My only contribution to node-grpc fixed missing quotes, but only because that produced real crashes.
But the parent does not refer to fixing crashes
A typo caused NASA'a Mariner I to fail.
https://science.nasa.gov/mission/mariner-1/
In my previous work we were strict about typos, whitespace and general consistency in reviews. And even fixed them later if they slipped through. I found it a bit ridicolous a times.
In my current company nobody cares. It can be seen in the whole code quality. Full of smaller and bigger bugs as well as horrible hacks. It can be seen whether coders look twice or more at their own stuff before putting it to review or not, just trying to avoid ridicolous comments. It's a whole attitude. I write good code in a messy source base is unlikely to work in practice.
That said, I have submitted cleanup commits to open source projects only in the same MR with a real code change I wanted to make and only in vincinity of that change.
FFmpeg seems to have dealt with that problem when they still were on github. This is the paragraph at the end of the readme:
> Contributing
> Patches should be submitted to the ffmpeg-devel mailing list using git format-patch or git send-email. Github pull requests should be avoided because they are not part of our review process and will be ignored.
An agentic LLM bot is likely to have no problems at creating a patch and mailing it but it's a major pain for most human developers. Furthermore they can ban source email addresses and vet potential contributors before letting them in the mailing list.
The paragraph at the end of the README was letting people know that the GitHub PRs are unmonitored, not suggesting it was a problem.
Why is it a major pain? Isn't it part of git workflow?
Or is this because most developers got complacent in only using GitHub and similar?
(I work on a project that uses an email workflow. "Should we switch to something else?" is a perennial topic.)
I think the main pain points are:
* unfamiliarity -- if you're not already set up then it's extra admin work. And the "obvious" approach (paste the patch into your usual email client and hit send) generally mangles the patch.
* developers are no longer largely using local plain text based email clients -- if you are already doing email that way then sending patches like that is a natural extension. If your email client is gmail, or worse still some Microsoft mail server, now you have to figure out how to send email in a way that's not html and doesn't get mangled by your mail server.
* how to set it up is not a single well documented path. Github has an incentive to do a decent tutorial/docs, and how to create an account and send a patch is the same for everyone. Using git send-email, there's a lot more variability: how to install it depends on your OS, and how to configure it to talk to your mail server depends on your mail server. In these days of two factor authentication and app specific passwords, it's no longer as easy as "put the server name and your account name and password into the config file".
This has got better in that now you can point people at e.g. https://git-send-email.io/ which has info on e.g. setting up gmail app specific passwords and what kind of authentication to use.
If you're a regular developer on a project, this is a one-time pain and thereafter sending patches is straightforward (assuming you're not totally allergic to the command line). But for one-off or first time contributions it can be a barrier.
Because only a few people used that. The usual workflow I saw before GitHub made PRs popular was:
one local repo per developer (or more repo if they wished so),
one central shared repo,
push a feature branch to the central repo,
somebody pulls the branch, reviews the changes and poss the merge them in the preproduction branch, or go back to the developer,
some test build deploy procedure,
acceptance tests, pass or go back to development,
merge in the production branch,
test build deploy.
Is the version on Forgejo closed to public contribution?
I have to say you're exaggerating, ignoring prs isn't such a chore.
If you are ignoring all of them. Filtering PRs to see which are worth having might take time in a large popular project. Even if it isn't much time, it is more than zero. You also have to deal with all the other comms associated: people submitting genuinely useful patches which accidentally get rejected querying (maybe politely, maybe not) and people who submitted less useful ones bitching about their rejection, both to the project and in public forums.
Thousands is quite the exaggeration when there are only 379 on ffmpeg github. If you look through them, its actually 5-10% if not less
Another way to frame this is that even though the FFmpeg repository clearly indicates it's a mirror repository and has had a single open pull request titled "WARNING: PULL REQUESTS ON THIS REPOSITORY ARE IGNORED" [0] sitting in the pull requests page for 10 years, they've still had to close hundreds of pull requests.
[0] https://github.com/FFmpeg/FFmpeg/pull/153
That’s fair, but it would be trivial to use GitHub’s actions/API (and probably just an existing open source tool in either case) to automatically close them without anyone wasting their time.
I think you’re definitely right that being a massive project on GitHub that accepts PRs there would be a nightmare though.
Opening this site I get "Oh Noes! Invalid Response" with an anime girl.
Tried refreshing, opening in a private windows, same thing.
EDIT: tried it again and got to "Making sure you're not a bot" with the same cringey anime girl, then the site loaded without CSS. Tried one more time, finally it loaded.
EDIT 2: clicked on a link and I'm back to "Oh Noes!...".
That is Anubis trying to get your browser to do proof of work: https://github.com/TecharoHQ/anubis
So AI made human browsing inconvenient?
I’ve never had problems getting to any Anubis site even with uBlock origin and uMatrix. You have to enable cookies and scripting for the main domain.
Many people also never have problems with Cloudflare yet it causes endless pain for others. But besides that, having to enable scripts and waste resources should already be unacceptable.
I pass multiple proof of work checks from Cloudflare everyday using this browser (Brave on Android). I have JavaScript and cookies enabled.
Plus, I did manage to pass it once at least.
Yes it did and it's only going to get worse, ai crawlers are going to continue to make running a website more and more painful. Don't blame the anime girl, she's just trying to fight the bots
> Don't blame the anime girl, she's just trying to fight the bots
This is exactly what makes this cringy. There is no reason to anthropomorphize your shitty anti-bot scripts. It's just as annoying as when software goes "oopsie woopsie" when there is an error.
You're free to fork Anubis and change it so that it displays whatever else your heart pleases.
She's doing her best!
Yes, because AI made hosting inconvenient.
Not, lazy web developers that chose to put DRM on their websites did. As always that DRM hurts honest users more than dishonest ones.
AI-misia backfired and made human browsing inconvenient.
(PoW is fine, just wish it didn't spin it as an anti-AI thing.)
Thanks, I found out I had to disable Brave's protection to get it to let me past.
That’s the anubis anti-bot mechanism.
I understand where they’re coming from with all the choices made, but honestly I suspect the anubis anime girl and associated sporadic failures (that I’ve seen, too, despite having a rather standard environment) functioning as a filtering mechanism that attracts a certain in-crowd person and makes a lot of others uninterested in staying around, and I think that’s intentional.
Welcome to the bright future where open source projects happily put DRM on their websites. Yay!
I'm also locked out with the same message. Might be a setup failure as I didn't encounter this issue on other websites using that PoW page.
I can't get past the gate on my Linux workstation. But on my Mac, using the same browser with the same extensions, it works fine.
I think Anubis is cute. ;-)
With the calm, respectful understanding that everything is subjective and there's no accounting for taste -
and in my personal capacity -
I do not understand how cutesy anime characters have been deemed sufficiently tasteful/professional/anodyne enough to be displayed to literally every single person who visits my site.
With apologies to fans of the art style, it is a negative signal to me. I do not prefer to use Cloudflare for things like this, but I would not use Anubis unless I could disable the imagery, and every time I see it on another site, I think: "hm. weird. whose branding is this?"
It's the kids. They all like the anime. Not at all like the serious teams I worked with at IBM and DEC that slapped trek logos over everything.
In the radiology department at Westchester Medical Center, all of the portable X-ray machines have little nametags on them that read, variously, "Enterprise", "Voyager", "Defiant", etc.
Define kids? I know plenty of Gen X and elder millennials into anime
I think the GP is speaking tongue-in-cheek; it's a fun little joke
Only the ones that are still kids mentally.
Kids as in "kids these days" and "get off my lawn".
There are boomers, and there are kids.
It has simply been normalized and for a lot of smaller scale sites, that this was first made for, being a little less professional isn't a problem.
But for situations where a company simply won't use Anubis because of its branding then they do sell a unbranded version.
https://anubis.techaro.lol/docs/admin/botstopper
What an ingenious approach for a sustainable OSS project: serve the free version with playful art that you enjoy and that expresses your individuality, but which some people are bound to find triggering/improper; sell a bland lifeless corporate edition to those people.
> some others would find triggering/improper
I guess the main point is branding clash if you're a large company website (most companies care a lot about how their brand is shown, if they care about spacing/padding around their logo they also care about what pictures are shown when joining), hopefully nobody is triggered by this kind of art. (though resentment could build up if actual humans get frequently unexpectedly rejected as bots by this system, not sure if this actually happens however, didn't ever for me at least)
The approach they took here looks very reasonable from that standpoint indeed.
Branding clash also happens with Cloudflare. It’s only immediately clear when it is set up on a website you already know (e.g., Stack Overflow), but I remember when seeing it first I was visiting a new to me website and genuinely thought that’s what it looks like, and was taken by surprise when something with a completely different colour scheme, logo, typography popped up. I also recall Cloudflare did not (maybe still doesn’t) put up its own name up front on its captcha page, adding to the confusion. In any case, after a couple of times it’s no longer a problem to most people.
The resentment point is a fair one! If that happens and maintainers care about public perception of the mascot, I can imagine them wanting to change it somewhat.
> hopefully nobody is triggered by this kind of art
I’ve known at least one person who genuinely seemed triggered by anime-like visual style.
> hopefully nobody is triggered by this kind of art
Apparently a good chunk of HN is. Anubis-tan seems to me the main reason that this comment section about FFmpeg and Forgejo has devolved into a debate about Anubis; more than the intersitial page itself.
That's too bad, I wonder what's so triggering about it.
OSS projects are mostly done by people on their free time, they can do whatever they want with their mascots/branding/project. And those OSS projects tend to be significantly more respectful of users than the average modern software so on my side I tend to see those kind of harmless personal touches quite positively, sign of software that is made with the user in mind.
I think it's more that Anubis is getting in the way of accessing the content, and blocking actual humans. It quickly becomes "it's that damn anime girl again" and I suspect the mascot only increases the irritation in the same way that cutesy error messages do when you're trying to do serious work.
https://news.ycombinator.com/item?id=32337520
The problem is when those choices end up on about every project making up the open source ecosystem. Nor weird tastes and fetishes don't belong there.
I fail to what hard choice there is to make. Choices are:
* use it
* don't use it
* use something else
* pay to change the picture
Easy.
> fetishes
And what fetish would that be? That's just a picture of a girl (maybe? Not sure they were ever gendered) holding a magnifying glass, if that's improper I'm not sure what is proper.
Triggered people should buy their software from Microsoft
Is there anything stopping anyone from just making a fork and removing it manually?
It's MIT licensed software. You can do whatever you want as long as you comply with the terms of the license. I can also choose to allocate my time wherever I want.
People are also free to call you out on your shit tastes though.
> but I would not use Anubis unless I could disable the imagery, and every time I see it on another site, I think: "hm. weird. whose branding is this?"
They do offer an unbranded version, botstopper. It is part of their commercial offering [0] and intended for "professional" environments
[0]: https://anubis.techaro.lol/docs/admin/botstopper
IMO this makes it even worse - not only are FOSS projects now happily putting DRM on their websites, they also add ads for a commercial service.
Can't fault the logic. Will never use it if that's part of what they've chosen to paywall.
Once the project is sustainable (where I define sustainable as monthly recurring revenue--not one time donations--to be at $5000 USD per month as that is the point where my bank account stays flatlined not accounting for tax), an option to remove it will be added to the version you don't have to pay for.
Otherwise, it's MIT licensed software. You can remove it all you want, but I will use that as a signal to focus my time and energy as I see fit.
I appreciate the response, and your point is valid. FWIW there's no sarcasm in what I said up top; I'm not here to yuck anyone's yum.
I have been reading your stuff for a while, and if anything disproves my original point, it's your published output. cheers -
Thank you. I'm sorry if I was overly abrasive or rude, but it's getting really old. People have sent me horrible things because of this. I've had to start withdrawing from joining new places under my main identity. Just please take one femtoiota of care that the other side is also a human being with thoughts, feelings, and that they may just be incredibly tired of hearing people complain about something.
Hey, thanks for working on the software, you made something really cool!
My head might actually explode from irony wtf.
I legit didn't read any rudeness, it was a graceful retort.
> People have sent me horrible things because of this.
That sucks, and I see how it makes my (somewhat) measured reaction scan differently.
> Just please take one femtoiota of care that the other side is also a human being with thoughts, feelings, and that they may just be incredibly tired of hearing people complain about something.
Your shit rocks, your stuff on Tailscale in particular inspired me greatly, and I'm sorry you caught me seeing orange.
> Can't fault the logic. Will never use it if that's part of what they've chosen to paywall.
Is pretty damn rude. It's the kind of thing you say online but would never say face-to-face.
I'm not sure we agree on what constitutes "pretty damn rude". It was an inelegant, hastily expressed opinion.
Yes, inelegant, hasty, and with no regard to the person across the wire you're communicating with. Self serving and rude.
You are incorrectly implying that I made the comment after the author joined the thread. This is not true.
Hastiness and inelegance tends to happen when you want to trip over yourself to make a point on this site, which we're now both guilty of.
It's kind of an ingenious way to weed out people who are engaging in bad faith. Like if you're choosing not to use a very useful piece of software because of some aesthetic sensibility, maybe I want to be able to identify you more easily.
Fwiw I like the mascot but I also don't associate this username with my actual identity because I draw anime style pixel art, so I get it.
Thank you for what you do. I have zero use for Anubis nor have I personally encountered the problem it's meant to solve, but I'll readily support the girl, she is very cute. Never listen to the blisteringly lukewarm takes of the corpo venturecapitariat.
Thank you. I swear some people here have had their innate sense of whimsy surgically removed, or it's some kind of transphobia. Either way, it's frustrating to hear the people here bitch so much about something so minor.
I can't wait for it to be sustainable so I can send a PR to let people use gratuitously furry characters instead. :3
Like... imagine Anubis, but with the "anubis is overdrawn" meme.
https://imgur.com/a/RubDWrR
So on one hand you wouldn't use it as-is for anything professional, because of the artwork, but on the other, you'd be unwilling to pay to use it -- for something professional -- because removing the artwork is the paid feature?
Unbelievable.
Yeah this is a very weird logic. I would love some kind explanation of mpalmer.
You would be horrified to spend any time in Japan then, where such characters are used in official capacity for anything from shops to corporations to government agencies, police stations and street signs.
It's just flashing a logo as the equivalent of a loading spinner while it does things. I don't see how the specific logo could possibly be interpreted as tasteless or offensive -- I know I'll take it any day over fucking Corporate Memphis.
> very time I see it on another site, I think: "hm. weird. whose branding is this?"
I'd hope at some point you'd start remembering whose branding it is, that would make things much less confusing for you :-)
Now imagine if the developers of sudo were behind this, now that would be the stuff of nightmares...
Yeah, imagin typoing "ls" and having a Steam Locomotive drive through your terminal! Thankfully no one implemented that. ;-)
I couldn't care less about the art, but the user-agent discrimination is far worse. Implying that anyone not using an "officially sanctioned" browser is an AI bot is such a devious scheme that I don't think even Google themselves would've come up with it.
I think you've got the logic backwards. It defaults to assuming that user agents that have "Mozilla" in them might be bots. Uncommon browsers don't get challenged. It wouldn't make sense for bad faith bots to use uncommon, easy to block user agents.
Interesting. I guess I'll have to write an extensions to make open source websites usable again. I feel like at some point this will be "fixed" though.
All real browsers have Mozilla in the user agent string.
The point is to allow bots that play nice and don't claim to be real browsers, as those can be identified in logs and blocked or rate limited fairly. But bad faith bots can be undistinguishable from browsers, so everyone else gets a PoW challenge to make their endeavour slower and expensive.
At least that's the spirit, of course someone will eventually just use random strings as user agents, but then again this is all a tragedy of the commons anyway.
How is it different from the classic corporate caricature of a person with unnatural body proportions?
It's just art style.
Not sure what you're referring to, or what you mean by "it's just art style". It's a style that is likely to clash with the website branding it precedes, in my opinion.
they're referring to the infamous Corporate Memphis style which is frequently used in big tech branding: https://en.wikipedia.org/wiki/Corporate_Memphis
... and which is also reviled by many, making it an odd point to bring up.
> It's just art style.
Art styles aren't picked randomly out of a hat. Humans are pattern matching machines and will draw conclusions based on choice of art style or mascot.
> classic corporate caricature of a person with unnatural body proportions
Corporate Memphis is an abomination and I harshly judge any company that uses it. Everyone hates Corporate Memphis and makes fun of it.
IMHO Corporate Memphis is much worse than anime art. "You have small brain" is the message it seems to imply.
IMO both styles have that message.
I don't necessarily disagree. But in either case the point is "it's just an art style" is wrong. People make judgement calls based on art. It's just human nature.
I don't like the art either but much worse is how accepting open source projects are of putting the DRM that's behind it on their websites.
Hmm, does the cutesy anime Octocat bother you? It's all over GitHub; admittedly, not as large, but definitely more pervasive.
My point is that people get used to such things, and stop to even notice.
The context is a bit different from a proof of work captcha that sits in front of otherwise-unaffiliated sites.
I actually _like_ this, and so does the comfyweb & weebs who are a very significant portion of the driving force behind calm, decade-long projects.
Worse, it prevents people with older browsers from even visiting the site.
Yes it's DRM but somehow acceptable now (it shouldn't be).
I respect the expression of individual taste, but it suggests strongly that the platform has not reached professional maturity.
Professional maturity: https://www.reddit.com/r/graphic_design/comments/kv5651/what...
~15 years ago I'd come across tweets sharing how European art teachers are struggling with cultural intrusions of anime into fine arts(lol), ~10 years ago Chinese companies started serving anime-style online games, ~5 years ago COVID kickstarted VTubers in anglosphere, now an anime art is in a major OSS like an AC/DC reference.
It's funny how vehemently people respond to anime the first time, it's often so strong that they would not be consistent with their judgements or even own moral standards. It then subsides, and then it'll be something that "doesn't look like anything" to them. Anime wasn't always accepted in Japanese culture(where it was born); it always existed and was growing consistently over the entire postwar history, but there were still plenty of cancellation forces on Twitter when it launched in late 2000s.
Don't worry, companies like Apple would be having an ultra sexualized silver gimpsuit teenager mascot by 2030 and anime hate would be replaced by something by then at this rate.
If anything, I have only grown to hate the style more the more it is pushed everywhere.
Can people just not like something? Not everything is a sociopolitical debate.
> It's funny how vehemently people respond to anime the first time, it's often so strong that they would not be consistent with their judgements or even own moral standards. It then subsides, and then it'll be something that "doesn't look like anything" to them
uh... no, not in my case at least.
Yes in technical sense that only wrong countries try to control wrongthink, and no in the sense that if there are chances such opinions prevail.
It'll be like insisting YOLO[1] renamed and presentation video changed up. We all kind of deserve a right to say so, and insisting anime is unprofessional and must be removed don't look that way yet, but IMO it very well could be considered insane talks in 5-10 years.
1: https://pjreddie.com/darknet/yolo/
Culture hasn't been monolithic for decades now; it's only fragmenting more. Broad consensus that any opinion is "insane" is becoming less likely, not the other way around.
I do find the fact that anime is inescapable among mainly the American youth (not seen it as much here in Germany) to be alienating. I guess it’s just what it feels like to get old
I don't feel you're right? I'm pretty sure that Germany experienced the same 80s anime boom that was felt in other parts of Europe too, and DoKomi (German anime convention) pulls ~180,000 people, very close to overtaking Comic Con. I'm actively involved in the European anime-adjacent DJ scene so I know Germany is not some low spot within Europe at all.
I think perhaps you might be overestimating how popular anime is with Americans because of how popular it is on the Internet.
It could have been worse, it could have been a crab
I for one don't see anything wrong with anime characters, though I suppose neither of us are likely to change our minds.
"sufficiently tasteful/professional/anodyne" != "wrong"
I would say you are being unnecessarily pedantic: the GP said "anything wrong", and the original comment obviously believes that there is "something wrong" which makes the choice not "sufficiently tasteful/professional/anodyne" (/me looking up "anodyne").
The obvious positive reading of the GP comment is that they disagree anime characters make it not "sufficiently tasteful/professional/anodyne".
You are replying to the GP.
I am replying to the "parent" comment which replies to the "grandparent" comment on the "original comment".
You seem to be unnecessarily pedantic too, while being wrong at the same time (I would get those relationships wrong sometimes if I thought it was clear enough).
GP is overboard42. mpalmer is GGP / OP.
Its the cool kids doing it. It's the same kind of h4x0r esthetics as the nyan cat or unicorns and beavers everywhere.
I mean, Anubis does allow you to change the image to whatever you want. (edit: apparently the feature is behind a paywall unless you edit the source code)
I kinda like the Anubis girl though (as you said, subjective)
[flagged]
okay
EDIT: zig is very cool thank you
OK, not GitHub "because Microsoft". But is there any particular reason why Forgejo and not GitLab, Gitea, or Gogs?
I'm not throwing shade at Forgejo or anything like that, I'm genuinely curious if there's anything about Forgejo that made it a better alternative than the other options.
Forejo is/was a soft fork of Gitea due to some licensing / trademark bruhaha that I think got blown somewhat out of proportion. (And Gitea was famous for using Github instead of dogfooding their own software, which I've always thought was a pretty strange choice). I'm not familiar enough with the development roadmap of both teams to make a good call on whether following the fork is a good idea or not, but I know a lot of projects are just bandwagoning on the fork due to generally frustrating Gitea governance. GitLab is open core and I know a lot of people are frustrated with their UX and with their high resource consumption for self-hosting (although I would expect YJIT probably made a big improvement here). I've only seen maybe one project use Gogs seriously, I don't get the sense that it has the same level of adoption as the other three.
Yes, Issue with GitLab is their "Enterprise" maximalist feature set. Seems like they want to be the solution for the entire SDLC for every conceivable team.
I remember thinking a decade ago "wow these guys are biting off a lot to chew, maybe in a decade they'll be able to tackle all these things in a comprehensive way" and my opinion now is they are still probably a decade out. I appreciate their ambition and wish them luck, but it's not for me.
If if a project requires more maintenance than I could potentially do by myself in a pinch because of complexity or having a massive supply chain of dependencies that keep it on a treadmill I will hesitate to depend on it.
A decade out? They do Code, Artifacts and CI basically that all works.
What missing sdlc features are going to take them a decade to write?
In fairness, I've not used GL in a couple of years, but before that I used it a lot, and it all worked, but it never worked very well. Issue organisation was painful, and there was always some new trick that made it slightly easier but never enough (boards, nested workspaces, sprint tools, etc). CI had about a hundred different ways of doing the same thing, because every so often the GL devs would realise their current system wasn't quite general or powerful enough, and add a new way of defining DAGs, or a new way of sharing jobs, or a new way of managing environments. You didn't need to switch, but trying to figure out how all these different approaches interacted by reading the docs was a nightmare.
In general, the documentation and UI were painful, and trying to figure out how to do something usually took me to a GL issue that would describe my problem but either be closed (with little indication of whether the feature was added or what form it had taken in the end), or open with no discussion apart from a bunch of comments from a community manager saying "a bronze supporter said that this is a blocker for them". Trying to figure out where features or configuration lived in the UI was also like pulling teeth, especially with GL's love of icons to explain what everything is.
So it's not that the features are missing, it's that they're all half-baked, and it would take Gitlab another ten years to polish them off and round them out.
Just about every week I find "new" GitLab bugs which, after a quick search, turn out to be 5+ years old, with lots of community engagement, but seemingly zero movement from GitLab itself. I wonder what GitLab devs actually work on, because none of the new features in the last couple of years seem as impactful as fixing one of those bugs would be. (I still prefer it to GitHub, especially the CI model.)
It's not about features or if they work it's about the conceptual load presented to the user by the quality of how those features are integrated, how much configuration they require to do only what you want them to, ask of you only what you want them to, and no more.
When I'm interacting with a maximalist system designed to be everything to everyone, I still only want to have to worry about the things I care about.
They do seem to hold this as a value, but it's secondary to the maximalism.
There is a plan for hosting gitea on gitea: https://github.com/go-gitea/gitea/issues/1029
Yes but the project is almost a decade old. If they can't use it themselves by now why would anyone else.
[flagged]
The bit about the name seems to be a complete hallucination / tokenization error. The project's docs say: "Forgejo (pronounced /forˈd͡ʒe.jo/ (hear an audio sample)) is inspired by forĝejo, the Esperanto word for forge." I would expect the rest of the AI summary to be similarly unreliable / hallucinated—I compared the test directories for both projects and they both seemed to have about the same amount of activity.
Thank You for pointing this out. Although I am not entirely why my comment was downvoted into oblivion .
For all sorts of reasons, this will probably happen to the vast majority of LLM output copy-pastes here.
It's a bit like copy pasting a search result link (anyone can do the search for themselves). LLM outputs don't provide the insight people are looking for on HN. They are unreliable. They sound boring. They may sound like ads for the LLM providers. There's probably someone out there actually knowing the thing and able to answer. There's usually a better way of finding out stuff. For instance, if you want to learn about Forgejo, going to its website or its Wikipedia page will be far more straightforward and reliable.
You also stated that something that contains hallucinations is surprisingly decent, which can mislead people (who should strive to stay alert though).
Many people also just plain dislike generative AI.
You are not the first to whom it happens, and you'll probably not be the last.
At that point, I believe HN's guidelines should be updated to discourage posting LLM outputs in most contexts.
> OK, not GitHub "because Microsoft".
all well and good to host your own code. but from a contributer's point of view, it is between managing dedicated accounts per project you want to participate in...or sign in with github [1]
openid exists, and is arguably older, but odds are most people would not be using it to begin with.
[1] https://code.ffmpeg.org/user/sign_up
The comments on this page are a complete cesspool.
A full third of them complaining about the anti-bot protection mascot (yes, it's a cartoon character; get over it), others splitting the finest of hairs over software development groups and company politics, and more.
Self-hosting is generally good, well done to FFmpeg. Many large projects self-host, and my own ex-company has physical servers in the city we work at that can be unplugged if necessary.
I just wish Git itself had a more robust means of issue-handling (no, email is a 1980s protocol, it's not good enough, even if it is for Linux) and CI/CD, rather than relegating the matter to different hosts.
And now everyone has to learn GitHub Actions, Gitlab pipelines, Jenkins pipelines, and more.
I love self hosting but the comments i think have to do with quality issues.
Having an anime girl show up 99% of the time one visits due to AI bot protection is not the best experience no matter how much I love anime. Saying to “get over it” is dismissive to a large group of people who disagree with you.
The comments are not a cesspool but standard hn being critical.
> yes, it's a cartoon character; get over it
I think it's cute. It wouldn't be a problem if it wasn't cute. It's inoffensive and doesn't get in the way of the software serving its function, the only critique I could do if I wanted to is people unfamiliar with the project would get a bit confused if they only saw the character for a split second: https://anubis.techaro.lol/
I think even Cloudflare gives you a second or two to see what's going on before forwarding you to the page behind it, that would be a nice UX improvement.
Otherwise, agreed about self-hosting and the ability to choose whatever platform aligns with your goals the closest to be a good thing!
> And now everyone has to learn GitHub Actions, Gitlab pipelines, Jenkins pipelines, and more.
A part of me doesn't like the churn of new CI solutions coming in all the time. On the other hand, after learning GitLab CI, I'd generally prefer it to something like Jenkins, it just feels more pleasant. But with something like Drone CI or Woodpecker CI my non-work needs are also covered wonderfully, especially with a lot of the software I build being packaged in Docker containers, which further simplifies and somewhat standardizes things! A lot of the time I can also encapsulate most of the logic in shell scripts that are easy to run regardless of the environment (CI server or locally), which makes it even more portable.
So wait, is the cartoon mascot at issue the Annubis one for the Cloudflare-like DDoS protection, or is it an actual FFmpeg mascot? Because I don't see any cartoon characters on the FFmpeg code, main, or wiki websites. But I am curious what kinda -tan they came up with. :P
It's the Anubis one, there are a few other drawings on the homepage of theirs.
It was pointed out elsewhere in the thread that they also sell an unbranded version for companies: https://anubis.techaro.lol/docs/admin/botstopper
Cool way to make money, to be honest!
I think even Cloudflare gives you a second or two to see what's going on before forwarding you to the page behind it
Not if you have the right fingerprint - then you're not even aware the site is using CF.
> Self-hosting is generally good
I’ve contributed to a number of projects that try to self-host, with mixed results. It gets frustrating when someone’s GitLab (or other) server is so slow that every page load takes several seconds, or when the self-hosted solution goes down for a week because the admin is on vacation and missed something.
I’ve contributed to one server that feels the need to periodically delete dormant accounts for some reason. Every time I come back to the project I find myself creating a new user account.
With the anubis-protected servers the anti-bot protection has a lot of false positives, so occasionally I have to switch browsers just to not deal with page load failures.
One server adopted some black list that had my home IP in it for some reason, so I was just banned from accessing the server without a VPN.
It all just feels old and tiring after a while compared to the breath of fresh air of just using a site like GitLab or GitHub that simply works.
I understand why they’d want to do it, but I don’t think it’s without some tradeoffs.
Contribution-wise, I find Sourcehut’s approach[0] very sound: you could never have troubles with your account because you don’t need one in the first place. If you want to contribute, create a patch and send it to respective mailing list.
As a positive side-effect, a contributor is compelled to write a reasonable explanatory message to maintainers and keep the patch minimal and contained (compared to a typical Github PR with a dozen of commits mixing together fixes, features, newlines and indentation changes all over the place).
[0] They did not invent it, obviously—it is what Linux kernel, the origin of Git, had (has?) been doing for a long time!
> frustrating when someone’s GitLab (or other) server is so slow that every page load takes several seconds
That's a typical experience when the chosen solution doesn't match the available resources and desired scale. Projects like WordPress and GitLab may work for large enterprises, or when you add in enough caching that you don't have to do the large computation (generating one page) most times, but they don't work so well when you're wanting it to just work without custom solutions as a small team on a small budget
Forgejo doesn't seem to have this issue as far as I've noticed. I've hosted the predecessor (Gitea) on a potato. It's so easy to host, I think it's actually still running but forgotten about. I should check if it needs updating at some point..
> server is so slow that every page load takes several seconds,
Welcome to DE, where _every_ page takes several seconds to load.
Desktop environment? Deutschland? Neither is true so I can't tell what you mean
Cesspool is pretty strong language, dawg. They're critical and opinionated, sure, but so are your own comments. None of it is empirical, just personal opinion.
I personally couldn't give a rat's ass how it's hosted. Still uses a protocol there's open source clients for? Cool. Not that I have pulled the ffmpeg source more than once in my life (which I suspect's the same for 99% of the people here). I'll continue to get it packaged for me by somebody else, who will pull it from wherever it's hosted, however they can. I'm just glad it still exists.
> Cesspool is pretty strong language, dawg. They're critical and opinionated, sure,
There's nothing wrong about critical and opinionated but respectful, but the comments that are now flagged, and some of the downvoted ones are very low quality, not just critical and opinionated.
> I just wish Git itself had a more robust means of issue-handling (no, email is a 1980s protocol, it's not good enough, even if it is for Linux) and CI/CD, rather than relegating the matter to different hosts.
Just shove the issues into Git itself. That's what Fossil does for its wiki and issues, while GitHub only does it for its wiki. There are several open source ways to do this with Git itself.
> There are several open source ways to do this with Git itself.
Yes but that's also the problem. What's the point of doing it in git if whatever choice you make is incompatible with most clients?
It's frustrating. As someone who is into self-hosting, I was hoping to find answers in the comments to questions like:
- How self-hosted is it? Is it on somebody's computer at home? A colo? One of those university linux servers that runs for decades? Hetzner? Is there any redundancy?
- How are the costs and responsibilities for the hardware broken down?
- How is admin and patching handled?
I'm actually very curious about that stuff, but nobody's really talking about it here
> The comments on this page are a complete cesspool.
I noticed this. I'm quite appalled. Definitely outside the usual HN standards.
I suspect the very idea of self-hosting one's code instead of using GitHub is triggrering many people beyond reasonable levels for reasons I'd love to get an explanation for.
Are people projecting their GitHub FOMO? Are people thinking that the value of the GitHub they cherish decreases with each project not picking it because of the weaker network effect?
> beyond reasonable levels for reasons I'd love to get an explanation for.
Since you're ignoring the reasons by calling them unreasonable, the armchair psychology alternative won't help get you what you love
I'm not calling people or reasons unreasonable, but the level at which they are triggered. And I stand by my point: being mad that someone chooses to self host is unreasonable and no amount of accusing me of doing armchair psychology will change anything to this.
There’s an irony to becoming so triggered by a couple angry comments that you become triggered and leave your own angry comments.
Oh no, we are trapped in a angry comments infinite loop! :-)
Yeah, I wouldn't say it triggered me but we should definitely have flagged the angry comment and moved on, as per the HN guidelines. I was negatively surprised, I'm not usually surprised by comments on HN.
In the end, all these comments were flagged and downvoted to death anyway.
I do have a sense of unease about most smaller hosting services and self-hosting solutions, in that I don't trust them to stay up in the long term, once no one is left to care about projects on them, or at least not about the old versions. (This isn't so big an issue for something as big as FFmpeg, but I'm talking about the general case.) Just try to download some old version of a minor library from the late 90s or early 2000s: unless it's been continuously using the same source control repo, the odds are better than not that the files disappeared during the intervening decades.
In contrast, whatever its faults, I fully expect public repos on GitHub to last for the next 10 years, likely the next 20, barring active removal by the author. (The biggest medium-term risk is a "GitHub is evil, take down all your repos" campaign a la Reddit.) Of course, it's not foolproof, the only way to get that would be to replicate the project in dozens of places, but I find it much better than the old status quo of files slipping away once forgotten.
That's a totally valid concern that I also have and that does need to be addressed.
I'm thinking of setting up mirrors for my stuff for this exact reason. Now that codeberg exists, that could be the solution and why not accept contributions from codeberg too if it doesn't make the development process too messy.
OTOH GitHub is a huge SPOF. I also trust that my stuff that matters is checked out by other people who will reupload somewhere else should something happen.
I think it is OK that repos and content in general disappear. It is healthy. If somebody is caring about hosting the thing it most likely means it is healthy project. If not you shouldn't probably be using it.
This obsession with saving everything forever leads to information overload. In 20 years the github namespaces will be so full that finding good name for a project will be impossible. People often bring up social media but i think that's even worse. If you like some of photos just keep and save them yourself. I don't think it's healthy to be randomly reminded (what facebook does) about what somebody was doing 8 years ago on this day. People are unable to forget and forgive. We should allow for this to happen automatically like our memories.
> I suspect the very idea of self-hosting one's code instead of using GitHub is triggrering many people beyond reasonable levels for reasons I'd love to get an explanation for.
The cloud companies do not want you to selfhost. It is good that Ffmpeg did not experience a DDOS attack yet, because that's what happened to someone who moved his email to selfhosting. We are living in a time when companies have become like mafia.
Do you have evidences that these individual HN accounts are from some cloud company mafia?
I don't think this is it and I would not want to dismiss individual spontaneous, genuine feeling too early.
I strongly disagree with the issue handling & CI/CD part of your comment. Those are concerns are orthogonal to distributed version control and greatly complicate any system.
Not everyone even has to learn Jenkins/GH-Pipelines/whatever. In most teams I've worked on those are typically managed by one or two people, or by a different team entirely. And it's not even a hard skill to learn.
> 1980s protocol
TCP is even older; so what? It works, as does email. It's merely a transport layer.
What is required is a well-defined standard to encapsulate relevant data into it: PR definitions, code review comments, approval / rejection votes. This all could be a zipped JSON attachment, for instance.
The code change proper can continue be passed in the patch format. Or the whole thing could arrive via an exposed API endpoint, or even be pushed by git protocol.
A tool could interpret the extracted data and update a database that powers a nice GUI / TUI, and controls a CI/CD interface.
(Now if I only had time to properly design and implement that.)
Why all of this? You can just enforce some formatting rules and add a few script to the system mailbox to alter the message (add an issue number, send a notification when a change is accepted and merged, etc,...). No need to complicate stuff. Just send a standard plain text email that follows the rules.
Oh no how dare people complain about the "cute" DRM.
Anubis is funny because I think it's in the license that you have to keep the mascot. If you want to remove it you have to pay them.
Anubis has a commercial version called BotStopper that allows the mascot to be changed:
https://anubis.techaro.lol/docs/admin/botstopper
But, Anubis uses the plain MIT license, so you can modify it to remove the branding yourself: https://github.com/TecharoHQ/anubis/blob/main/LICENSE
If Anubis used a license with that mascot requirement, it would not be free and open source.
I stand corrected. It's still a funny bit of marketing.
Anubis is MIT licensed so you should be able to modify it freely: https://github.com/TecharoHQ/anubis/blob/main/LICENSE It would be very funny if they did that though.
> A full third of them complaining about the anti-bot protection mascot (yes, it's a cartoon character; get over it)
If you're going to force people to stare at a screen with nothing but your quirky anime girl OC for a few seconds every time they visit your website, then in my opinion it's completely reasonable for those people to point out how immature it is. Telling people to "get over it" just makes you sound equally as immature.
The “branding of your captcha page is immature” point is a downside unless you consider it not merely self-expression but an intentional motivator for “more mature” (which not infrequently goes hand in hand with “financially able”) people to subscribe to a commercial offering, thus helping keep an open-source project alive and in an honest business, despite competition with a VC-backed behemoth that’s become nearly a monopoly.
> unless you consider it not merely self-expression but an intentional motivator for “more mature” (which not infrequently goes hand in hand with “financially able”) people to subscribe to a commercial offering
I'm fairly confident in saying that self-expression is the #1 motivator here and the commercial offering was an afterthought.
I don't have a marketing degree, but I'm pretty sure that if selling your software to professional businesses is the goal, making the non-commercial version feel extremely unprofessional is really not the best way to do it, considering most people are likely going to find out about the project's existence by seeing it, and it won't leave a good first impression.
> if selling your software to professional businesses is the goal
If that was the goal, this wouldn’t be an OSS project, would it?
When we are talking about FOSS, the goal is to keep the project alive and sustainable without burning out or starving. There are various ways people do it (such as making it your side project in addition to the day job, charging for bug fixes and features, etc.), and this one doesn’t strike me as the worst—making it partly your self-expression creates that extra bit of motivation to keep going, and if it serves as an incentive for people who find it otherwise good (some of which may in fact not mind the default style personally but wouldn’t go for it at their place of employment) to become paid customers then all the better!
Do these same people refuse to use Go because the homepage has a gopher mascot that could be straight from western children's cartoon courage the cowardly dog on the homepage?
FreeBSD because of the cartoon devil? Bash because of the GNU goat with the facial expression that could be read as smug or stoned? Google's logo is some printed characters in primary colours, is that too childish?
Nah, that people have such a visceral reaction to the anime girl is not just because it's "childish" as so much else of our industry is "childish" and passes without comment, or sometimes even causes criticism when it gets taken away for blandness (see all the complaints when projects redesign their logos to Helvetica work marks)
> If you're going to force people to stare at a screen with nothing but your quirky anime girl OC for a few seconds every time they visit your website
It is a damn sight better than the maliciously-compliant and deeply annoying GDPR 'we use cookies' banners, pop-ups, and dark patterns like having to uncheck thousands of 'partner' boxes.
This is merely a response to AI companies abusing scraper bots and having a callous, selfish disregard for Internet and server bandwidth. It was on this very website where I saw it put quite succinctly—AI-scraping bots have essentially started mass DDOS attacks on all small servers.
> immature
Maturity is empathy, human connection, understanding, perspective, compassion, altruism, and more. Not some arbitrary 'this is a cartoon, therefore it is immature'.
25 years ago Microsoft, the professional software behemoth, decided to put a cartoon dog and paperclip with googly eyes in its operating system and office software. A major mobile OS has a cartoon robot in its logo.
Cartoons are metaphors and windows into the artist's frame of mind. They are much more mature than your shallow portrayal of them.
> Maturity is empathy, human connection, understanding, perspective, compassion, altruism, and more.
Maturity is FFmpeg moving to Forgejo knowing and weighing the tradeoffs.
> Cartoons are metaphors and windows into the artist's frame of mind.
Maybe they are. But, in this case, nobody cares about the "artist's frame of mind". We care about accessing a website that has nothing to do with art.
Are you having actual, real problems accessing the source code due to the anime character being used in the bot-blocker?
That is just what LLM era brings.
It doesn't have to be - adding this kind of DRM is an active choice and definitely not the only option. Neither is the art style required.
Dunno why but lately I can't visit any Anubis protected websites from my phone (Android).
Just says Invalid Response :(
Meanwhile, my phone is a potato that is slow to actually solve the proof of work challenges.
I can access it ok on Firefox on Android FWIW.
Not sure how that helps the parent commenter.
It might help narrow in on the specific issue in case they are using some other browser
You can take it as another data point. Here's another one: it works for me on Firefox/Android too. It might imply that the issue is probably not with that specific combination but something else. Maybe disabled cookies? Just an idea.
Did you block cookies?
The biggest news is not what software they use but they finally moved away from mail list, which is a big win.
Why did it move to Forgejo?
They were using an old fashioned mailing list to pass patches around, I would imagine features like pull requests and issue tracking made forgejo an attractive option
It sounds like they're still testing but there's this from https://ffmpeg.org/pipermail/ffmpeg-devel/2025-July/346938.h...:
Main link should point to this ...
I wish a certain open source project would take notice of the reasoning here...
The friction and overhead of mailing list development is seen as a feature, not a bug, for certain devs who prefer an exclusive environment.
Moving to a modern platform with real collaborative development features is a mature move.
For those with a power-user email setup geared towards mailing lists and patch handling, modern web-based platforms are a substantial usability regression.
I have seen people arguing "mailing patches is better than github" more than once here on HN.
I am like, whatever.
Some times HN comments are a time machine that reveal people stuck in the past who hate anything modern.
A couple weeks back someone was arguing that websites these days are too slow. So slow that it took them minutes of waiting time to order something online. Then they revealed that they were using a computer that was nearly two decades old and didn’t even have enough RAM to meet the requirements of a modern OS and browser. “But it should work!” was their refrain.
The list seems long? https://forgejo.org/
What's with the anime girl? I couldn't get past her. Is that a Fargejo thing?
That's anubis, an anti web crawler tool [0]
[0]: https://github.com/TecharoHQ/anubis
Not a very good one, given the apparently large number of complaints by presumably legitimate users in this thread.
Seems like it doesn't like users who take privacy enhancing measures.
Not really. It probably got overloaded with requests and thought that another crawler was tergeting the repository so it probably bumped up the measures.
Why is the anubis mascot an anime girl?
To entice people to support the project. See this comment for a breakdown of the finances of the project: https://news.ycombinator.com/item?id=44926915
Once I reach the $5000 per month goal across all funding platforms, features currently exclusive to the private fork of Anubis for corpos (including changing the images and soon HTML templating support: https://anubis.techaro.lol/docs/admin/botstopper) will be merged into the open source repo.
All it's doing is enticing me to discourage anyone from using your DRM malware.
Any news on the no-script feature?
I love the idea of Anubis, but in practice, it has turned more than a few sites that I visit into sites that don't work without javascript. So instead of being happy to see it, I find myself disappointed and frustrated, often deciding not to bother with the site after all.
Admins need to enable the meta refresh challenge: https://anubis.techaro.lol/docs/admin/configuration/challeng...
It's off by default while the false positive, true positive, true negative, and false negative rates are being evaluated. This is how you make changes like that without breaking user expectations.
That's good news. That'll make me consider using Anubis.
Thanks for fighting the AI bots.
You get some hate for this anime girl image but this paid white label thing is a good idea I think. It's nice we have alternative ways of funding free software that doesn't involve ads and tracking and thank you for choosing this path.
There's a solid strategy behind it: give people what they want with a flaw that makes it unviable for corpos. Then sell the cure. I remember being told that monetization model as a joke and figured this would be one way to test it. The horrifying part in my book is that Anubis is a relative success story as far as open source funding goes, and it's barely a third of what a junior level software developer makes. It's maddening.
Interesting. I suppose I need to try this if I ever happen to build something to which it could apply. Thanks for the inspiration.
A third of a junior salary is not much but I guess it could help with at least turning a full time position into part time.
> I remember being told that monetization model as a joke and figured this would be one way to test it
Ah ah. Awesome.
It has happened to me once or twice that I jokingly share an idea, and it gets picked up seriously (in a professional setting). "But it was a joke! Too late. Oh no." - I guess it's not too bad in the end and shouldn't be fighted too hard. I guess I'll just make sure that if the idea is horrible, I don't make the joke if I think people around could seriously pick it up.
Thanks for the answer. To be clear, although I'm not a huge anime person, I don't have any issue with the mascot itself. I meant my question as "why is the Anubis mascot an anime girl [instead of an Anubis]", but it seems my intention was misread over the internet.
For reasons I struggle to understand, some people are into that sort of thing.
Because it can be
Go take a look at the author's websites/socials and it should become pretty obvious why.
I looked at their Bluesky profile and they mostly post about their GitHub projects.
Because she's cute; everybody loves her.
It filters out people with issues.
[dead]
It's Anubis[0], an AI crawler blocker.
[0]: https://github.com/TecharoHQ/anubis
s/AI crawler/non-Big Browser/
Every obscure browser I've thrown at it has passed except for Opera Mini because it doesn't support real Javascript. Compared to the alternatives (Cloudflare/Google RECAPTCHA), compatibility is great in my experience.
If you're one of those NoScript people you'll probably end up stuck unless site admins enable the meta refresh challenge. If it proves effective, that may get turned on by default in the future, though, which would solve that problem too.
> non-Big Browser
Surprisingly there was no problem for me with Servo and Links. Which browsers are not working?
Not for Sailfish's not so up to date Firefox either.
Do we know if Anubis is unwilling to fix that, or if they've just not opened a bug report yet?
It's interesting (and a little sad) how all git "forges" (for want of a better word) converge on the same layout. An alphabetical list of files, when they were last modified, and an expanded readme file.
IMO a list of recent commits would be more useful as a landing page, or maybe even just the readme. When checking out a new project, I'm interested in what it does, not in its folder structure when its LICENSE.md was last modified.
You might like cgit, git-arr, or one of the other static git generators. They generally have a different mode of navigation. They're not 'forges' in that they don't have in-built tools for things like bug-tracking and managing PRs though, but lately it seems like projects are becoming more interested in the git email workflow anyway
I agree. My ideal forge would be SourceHut but with GitHub style PR workflow (as opposed to email).
Pick one of the open source forges that takes MRs (not using the giant's terminology, hardly ever calling git pull either...) and contribute your ideas.
That said, it's a bit like QWERTY. Maybe a bit weird, but it eases quick orientation on a new keyboard or repo if everyone uses the same layout.
Well, for one it's much faster than the github mirror. Browsing files is at least 10x faster. And getting away from the mailing list send-patch workflow is huge. Though they could have that for free also.
self hosting could drain too much resources I fear.
Delightful, now Anubis is giving me "invalid response" (Firefox Android). Great to see that AI bot protection is blocking legitimate use now too. Would love to check this out, but I can't.
I'm sorry but the cool kids have decided that DRM is in now. Sucks to be you (and me).
The site doesn't load any css for me on mobile, is it really worth it not to use GitHub or gitlab?
I had that issue after it "verified I'm a human", I refreshed and it looked fine.
I have refreshed a few times and the styles still aren't loading
It's pretty good on desktop. Report the bug and I'm sure they'll get to it
The CSS bug happened to me on desktop too (but went away after a refresh). It looks related to Anubis since the reason the stylesheet isn't applying is that it has HTML containing "<title>Making sure you're not a bot!</title>" prepended to it.
How fascinating, the exact same thing happened to me!
Forgejo is great and all... up until you're trying to use your SSO with a user named 'admin':
https://codeberg.org/forgejo/forgejo/issues/8030
then it just looks like a bad joke with all the anime girls and everything else...
There are also some minor issues with composite actions and reusable workflows.
If I use composite actions, the logs get associated with the wrong step[1]. It's just a visual thing (the steps themselves run fine), but having 90% of your action logs in the "Complete job" step is unpleasant.
For reusable workflows there's a few open issues as well, but what happens in my case is that jobs just don't start at all, they stay as "Waiting" forever.
These issues only matter if you write your own reusable actions with YAML (the actions written in JavaScript seem to work fine), but it's worth mentioning.
Other than these two issues, I'm very happy with Forgejo and would still recommend it if people ask for my opinion.
[1]: https://codeberg.org/forgejo/forgejo/issues/5049
This is a bad faith comment in so many layers:
- The provided reason given was due to user accessibility concerns complicated by what likely is a breaking change.
- Even if you don't agree with the claim, a reserved name isn't unreasonable at all. Not to make a standard of GitHub, but the `admin` username is reserved there too.
- Dismissing an entire product based on a single non-critical technical limitation while simultaneously not contributing to the solution (unless you have a different username there, happy to be corrected) is fundamentally toxic.
- All the while conflating two separate products (Anubis and Forgejo) that aren't related at all.
- And that Anubis offers a non-anime girl solution, and is MIT Licensed if you really don't care for supporting the author.
I'm not going to prod at the "and everything else" part either.
So now you have to see some anime flash instead of just having the website open?
It's a new anti-bot mechanism that uses in-browser proof-of-work.
That explains the delay, not the flash
See https://news.ycombinator.com/item?id=44886997#44928597
Oh, thanks, so it's even worse than I thought - it's an intentional degradation of user experience for financial benefit
To support a DRM business no less.
I'm fond of it. Even if I was paying, I don't think I would change it.
Sounds like most tech companies with their ads and and tracking.
We should have higher standards than "usual big tech dark patterns" for our open source project infrastructure though.
I do find it more noble to pursue degradation of the user experience for its own sake, but we do live in a capitalist society.
Congrats! I was waiting for them to start using a decent bug tracker.
How exactly does mailing list contributions work? I've only ever seen a few urls of messages but they are extremely obtuse. You would need to click parent parent parent to get context on the message you originally read.
I must be missing something and since mailing lists are dying, would love to understand this relic of the past.
Simple: you don't use the browser at all. You download the source code via your VCS client. You find the thing you want to change, make a branch, modify it, generate a patch. You email the list with your patch and a very detailed description of what you're doing and why. Lots of people reply, and your email client shows you the threads hierarchically. It makes sense to you because you started the whole conversation and see their in-line replies in your email client.
As an old fogey who started with mailing lists, and still uses them to send patches, it's actually much simpler than browser-based workflows. Most of it is your own workflow in your own repo clone in your own environment. The patch and email threads are a universal abstraction; you add the rest yourself, with any method you're familiar with. This removes any complexity that would otherwise be imposed by the browser, remote web app, etc. It's like sending someone a letter in the mail, rather than choosing between 15 different messaging systems, protocols, apps, OSes, etc. If you can read words you can figure out your own way to deal with the contents.
And as far as it dying out: I actually think it's faster to communicate via mailing list. The thing a GitHub clone gets you is co-located collaboration, and CI tests. Those things are very powerful, and really should be integrated into a single open source standard, rather than a lot of custom web apps. But the modern software developer doesn't understand the value of standards.
You're supposed to use a proper email client which solves this problem. Sourcehut uses the email contribution workflow and has the documentation to support it; have a look at it:
https://man.sr.ht/git.sr.ht/#sending-patches-upstream
https://git-send-email.io/
https://git-am.io/
Thanks for the links!
Seems you have to remember what -v you are sending as you respond to feedback. Pretty troublesome... Glad ffmpeg is moving to a more modern solution.
The web view is meant to be the publicly searchable archive, not the primary interface. Developers are supposed to use an email client and git integrations. You can follow a number of different guides to get set up to contribute but it’s not actually easy to use the workflows.
To be honest I think the difficult and learning curve is part of the goal. The people who operate in these worlds don’t want it to be easy for anyone to come along and get involved. One of the main objections to moving to hosted platforms like GitHub or Forgejo is from people who worry it will result in a lot of low quality PRs that have to be dealt with. I’m not suggesting I agree, but it comes up a lot.
> To be honest I think the difficult and learning curve is part of the goal. The people who operate in these worlds don’t want it to be easy for anyone to come along and get involved.
If you’re using the git tool, it’s very easy to get it working and easier to use afterwards. It allows you to use you own environment and not someone else’ web app. If you’re the maintainer, people send you patch and you can script out the review phase. If you’re a contributor, it’s actually a few command to send a patch to anyone. And learning how to cleanup your commits is always good.
I can understand the pain if your only email account is gmail. But there are good smtp providers out there.
Linux kernel today is still managed with patches on the mailing list. It shouldn't be hard to see how this can be extremely effective for a maintainer running a programmable editor like Emacs or Vim.
[dead]
[flagged]
[flagged]
Why would you think this?
It is the self hosted part that bothers you?
I self host my code. If you can't bother creating an account or sending an email to share your contribution, I guess I'm quite fine not to have it. I'm sure ffmpeg don't need your contribution as well.
I don't get this stance. Sending an email or creating an account is so low effort compared to any meaningful contribution.
The friction is not intentional but I guess it's a feature, it probably filters out some low quality interactions.
Note that ffmpeg has been using mailing lists, they are not migrating away from github. I'll just assume you wrote your comment without going further than your initial gut reaction to the title, which kinda proves my point.
I have contributed to a lot of open source projects for many years. They sure don't need my contribution, but if it were more accessible, I might actually contribute one day.
Given that ffmpeg was apparently using mailing lists before (which I didn't know at the time of writing), this is obviously an improvement. But it's still a lot of friction, and it seems that it's friction for no particular reason.
Hosting your code on something as obscure as Forgejo actively makes it hard for people to contribute. Most developers use GitHub, and only have experience with GitHub.
If I have an issue with something, I'll make a PR and move on with my day. But if making that PR involves creating an account on some obscure website and learning a new user interface just to contribute code to a single project, I'll simply pass. It's not worth the hassle.
GitHub is the most popular service by far for a good reason. People build their whole professional portfolio on GitHub, and it's well-known and globally recognized.
If you're afraid GitHub is gonna go down one day or kick you out, just mirror your repo to your own git instance. It's been done for decades, and it works very well, without introducing friction.
> Most developers use GitHub, and only have experience with GitHub.
> GitHub is the most popular service by far for a good reason. People build their whole professional portfolio on GitHub, and it's well-known and globally recognized.
I see those things as a big issue. I hate it that github is a monopoly, that open source software projects rely on proprietary software for their infra and that we all depend on Microsoft of all companies for our open source activity.
I personally don't want to participate in helping MS maintain this monopoly.
Hopefully with these developments around forge federation, the "having to create an account is too big of a friction" thing will be less of an issue.
In the meantime, Forgejo already allows login in with open id providers, in many case you are already able to login with your github account.
Since we are talking Git hosting infrastructure here and comparing it to GitHub, can you explain to me what do you mean with "git instance" in "just mirror your repo to your own git instance"?
Interesting how clueless but determined you were in your first comment. Maybe you should pause a bit and reconsider your whole outlook so you can advance with better success.
Humility is good tool more people should use it.
[flagged]
Are you not familiar with SourceForge? Did you know what a (non-software) "forge" is?
The term actually predates Git (SourceForge started with CVS and SVN IIRC).
I am not saying documentation should not be better — it should — but I am surprised someone in software development would not know of the term. And knowing how good free software projects are at documentation, not turn to searches first (or is it just software projects? I've recently tried to find out what VMWare product I can run virtual machines on Windows with, and it took me a bit too).
Edit: the homepage at https://forgejo.org/ actually has phrases like "self-host your projects and get everyone involved in delivering quality software on the same page" or "Self-hosted alternative to GitHub"
> I am surprised someone in software development would not know of the term.
It is not a software development term. Are you trolling?
I know what SourceForge is. I had repositories there. I have never heard of a web portal for software project management (SCM front end, issue tracker) referred to as a "forge." Just because a product uses a weird name does not make it a term of art.
It's a widespread term. You just happened to not run into it yet or more likely you never made the connection. It happens. It's fine, but also we can't do much about this.
The GitHub monopoly obviously doesn't help.
Edit: I see your later "TIL" comment.
[flagged]
Boomer means what now, anyone over 40?
anyone that is old and grumpy at internet (+ real life)
neck beard balding would be pissed to me since I'am not being pedantic
Someone did not read the homepage, did not do a web search and complained about the term "software forge" in a HackerNews comment, and I am "old and grumpy at internet"? :D
There are so many opportunities to learn it, and recognize it from one of the existing projects still using it in the name, and it's better to complain on HN?
(Though I guess I still classify as a millenial, but I would love to be closer to boomer when it comes to CS experience)
That is the irony. Not sure how old are you but you are the one supporting "grumpy" (bitching about Forgejo) in this thread.
The term boomer is just ageist, and comments like this don't deserve any other answers than "stop being ageist".
And nope, I'm not in the target, so I'm not being defensive here.
Although we all know many nice people who are targeted by this term.
It does say “a self hosted alternative to GitHub” on the main page
this is one where "software forge" is industry specific jargon (similar to "isostaticrebound" in earthquake science and "evapotranspiration" in biology) which the intended audience would tend to know the definition of. that said, it's a fair complaint for the quality of their marketing material (if not their technical documentation).
as an aside, i checked and it takes four taps (with an thumb highlight thown in ) to define it from my phone.
Curious, what part of the industry is "software forge" a term of art? I have been programming since the late 90s and have never heard it. Looks like it was popular from 1988 to 2007:
https://books.google.com/ngrams/graph?content=Software+Forge...
TIL
I would fully expect not everybody to have ran into it. I would not expect people to complain about the term without looking it up first.
It is not a term of art. A veteran programmer here and I also cringed when saw it used in this context.
It's far from new.
It's new to me, a 15 year industry veteran. I know of sourceforge but never heard the term used otherwise.
Exactly. I never saw SourceForge as some sort of inspiration name-wise.
That's fair enough!
Why not GitHub?
Does it make a difference? More alternatives to Github is a good thing and alternatives mean nothing if no one is using them.
It's impressive how much GitHub dominates with so little lock-in. It's so easy to add a new git remote. Yeah GitHub has its own features too, but for a long time free private repo wasn't one of them.
So little lock-in?
Git itself is simple, but is their .md file renderer open? Are their workflow runners available anywhere to re-use? The API also has gaps (esp if you wanted to migrate your PRs or Issues over), though I don't remember what was the thing I couldn't achieve with it.
But I guess you are referring to indirect, incidental domination like "social" lock-in (I always smile at job application forms asking for a GitHub link — I've got thousands of free software commits in their own, dedicated software forges, but very few things on GitHub directly, or at least, in mirrors not tied to my GH account), "marketing" lock-in (I've heard many junior and not-so-junior engineers refer to GitHub as "Git"), etc...
> but is their .md file renderer open?
This part seems mostly interoperable. GitHub's alternatives seem to have implemented something mostly compatible. If you migrate from github to gitlab or gogs or gitea or forgejo, that part will probably just work.
Worst case, markdown is still mostly readable as is and a commit can fix the odd non working thing.
But 100% agree with the rest of your comment.
GitHub has managed to create a network effect by trying to be a social network and succeeding. They managed to create fomo for code hosting. This very HN post shows this.
The lock in are the network effects.
The lock in is issues, pull requests, and all the conversations that shape long term software projects. The actual implementation and what's tracked is often just what falls out of that.
official reasoning is posted elsewhere, but GitHub means you rely on Microsoft.
Forgejo is a fork of Gitea which is a clone of Github.
Forgejo is a fork of Gitea, which is a fork of Gogs, which is a clone of Github
Yes but it isn't controlled by it, that's the point.
Oh boy do I have some recent news for you…
[flagged]
It is quite common for larger open-source organisations to self-host their repositories and issue trackers. After all, they would quite literally stop existing if Github were to do an oopsie. Voluntarily putting the keys of your entire existence in the hands of a third party isn't exactly an attractive option.
Pretty sure GitHub will go out of their way to avoid mishandling such important projects (i.e. they'll reach into their backups if things go awry)
"Literally stop existing"? Having broken links and notifying everyone when a migration happens is for sure a hassle, but migrating a git repo is the easiest thing in the world.
That's kinda the whole point of a distributed VCS.
Migrating the repo is easy, migrating issues and MRs and whatever other ancillary features you’re using is not.
I invite you to migrate all your GH workflows to GitLab pipelines as the "easiest thing in the world" as an exercise for the reader.
Lemme guess: you might think that everyone should just write their blogs on Substack, right?
The web thrives on diversity. More forges is good.
Furthermore, GitHub has been making moves that understandably worry some and so it’s great that there are some excellent alternatives.
Bit of a side note, but nobody should use Substack for anything.
For those out of the loop, Substack has been overlooking Nazis on their platform for a few years, and recently pushed a notification to all subscribers to check out a blog with a Nazi swastika.
https://arstechnica.com/tech-policy/2025/07/substacks-nazi-p...
https://www.theatlantic.com/ideas/archive/2023/11/substack-e...
Don't use the most used platform for blogging reach in 2025 because .0000001% of users are people you hate?
Sounds silly. Don't use wordpress because a store I don't like uses it? I hate to tell you this but friend and foe are using Google search.. time to move on.
The difference is the Substack owners have actively recommended Nazi substacks, and ignored calls to deplatform Nazi content.
They're not a common carrier like the phone company, and could kick off the nazis at any moment if they wanted to.
What does it tell about you when you dismiss concern about Nazis "as people you hate"?
> Don't use wordpress because a store I don't like uses it?
Store I do not like have not murdered half of my family.
WordPress isn't a platform.
Also, downvoted for being a platform shill.
> I mean, everyone is using it.
Throughout my entire life this has been a reliable sign to move elsewhere. Monocultures and monopolies tend to have negative long term outcomes.
> this just means that the devs at FFmpeg are having so much fun
A real problem. This should be dealt with immediately.
> Trying around github alternatives for memes.
I have a feeling that if this attitude pervaded the open source community then Gérard Lantau (a.k.a. Fabrice Bellard) would have never started work on or released publicly ffmpeg in the first place.
There's a real feeling of modern corporate entitlement encoded into your comment.
The FFmpeg culture is… very different. It’s hard to explain. But one hard requirement they had is that they did not want to give someone else control over their infrastructure. And it had to be open source. Only self hosting options were considered.
[It should be overly clear that] there's nothing special in wanting to have control in one's own processes, in wanting to avoid monopolies, and for free software projects to want to rely on free software. There are also many other reasons to want to avoid github specifically (there's at least a "github is down" thread every month on HN these days - having something that works at all is one of them).
Many important free software projects use there own self hosted solution.
I don't even understand how this is a question, and your parent comment is needlessly inflammatory and didn't deserve any answer.
Well github is very much owned by Microsoft, and with the recent changes of the CEO there are a lot of reasons to prefer a non closed source and non-gigant-tech-corp-controlled software forge.
Many big successful open source projects host their own code. They also join/create foundations and create lasting legacy. Get real sponsorship dollars.
So do some smaller projects.
Culturally hosting yourself is one of the key elements of the hacker ethos.
Why GitHub?
I'm finding out about Forgejo (and their reasons for forking Gitea) right now for the first time. I already migrated my Gogs install to Gitea, and now I have to migrate Gitea to Forgejo? This shit is why people just stay on Github.
We've been using gitea for 6 years, and I see no reason to migrate anywhere at this moment. Gitea sees faster development and has more features (even though many patches flow to Forgejo — the reverse is impossible due to license restrictions).
It is possible to migrate from 1.22 to Forgejo simply by changing the binary, and downgrading from 1.24 to 1.23, and from 1.23 to 1.22 is possible if you know your way around PostgreSQL and have a spare hour. I always write downgrade scripts for each release and test them before upgrading Gitea to make sure that I can always back out and move to Forgejo if Gitea folds. Haven't seen much reason to do it up to this moment, though.
edit: for example, here's a 1.23 → 1.22 downgrade script; I don't have access to 1.24 → 1.23 atm:
https://paste.debian.net/plainh/7d8cab27
Why would you have to migrate? If you're happy with Gitea just stay there.
According to Forgejo[1], Gitea underwent a secret hostile takeover by a for-profit company and has been moving from free software to "open core" bullshit. The reason that I, and I assume a lot of other people, made an effort to switch from Github to Gogs/Gitea was to evade the for-profit corpo nonfree crap. The more I'm looking into it, the more it looks like the real development is happening on Forgejo too.
[1] https://forgejo.org/compare-to-gitea/#why-was-forgejo-create...
A more charitable framing of the situation is: the for-profit company is because people always complained about Gitea "why is it developed on GitHub, not your own hosting" but that means money has to be involved in the cloud hosting project; it is just the same Gitea core developers it has always been, not a takeover.
The "open core" (Gitea Enterprise) is not Gitea, it is a downstream fork by CommitGo, who you can pay for contract development for custom features. The features are expected to be upstreamed, there are open PRs, they just don't yet meet Gitea's code review standards. You can run them from the PRs if you like.
This sounds like a lot of work for no benefit
Yeah, it's hard to take them seriously when they've been saying very nasty things about the project their whole foundation is built upon, and from where they continue to draw most of their functionality. Gitea is ahead on that despite patches flowing one way only. If you look at forgejo commits, more than half of them are merges of library updates made by the renovate bot, which artificially inflates the level of activity you see. About half of the rest are cherry-picks from the Gitea repo.
Look instead at the amount of features introduced with each version. Forgejo releases twice as often as Gitea does, so compare two releases of Forgejo with one release of Gitea made within the same time frame. I haven't been impressed so far.
Also a bit more context: https://lwn.net/Articles/963608
> it's hard to take them seriously when they've been saying very nasty things about the project their whole foundation is built upon
I'm not sure why that would make them hard to take seriously unless the things they're saying are false. Is that what you're claiming?
> If you look at forgejo commits, more than half of them are merges of library updates made by the renovate bot, which artificially inflates the level of activity you see
If I thought number of commits strictly equals activity then I guess it would look like that, but I don't. From what I'm seeing, a lot of the Gitea devs left to go to Forgejo and are now working on it exclusively, while the work being done on Gitea gets selectively merged into Forgejo too. I don't actually care about that either - Gogs had all the features I wanted when I first installed it years ago and all I really want out of the maintainers is security patches. I'm mostly just concerned about licensing and ownership models that incentivize the software org to inevitably turn evil in the future.
None of the really heavy hitters from the "core team" have left. As long as 100% FOSS Gitea pulls ahead in functionality, and can be downgraded relatively easily with an hour of work, I personally see no reason to move anywhere. You can part in different ways, the vibes you give off certainly matter, even when you're 100% technically correct.
And I suggested comparing releases, not commits; Gitea is ahead here both in what it supported at the moment of the hard fork, and in what has been introduced since then (counting only the MIT version).
> And I suggested comparing releases, not commits...
Who's asking for all those new features? Enterprise users? I love the old Gitea because it was light enough to run on a Raspberry Pi Zero. I've been delaying trying Forgejo due to concerns about bloat, but you've just sold it to me. All I need for it is to mirror Git repositories I care about every couple of days. Like gp, I consider Gogs/Gitea to have been feature-complete years ago
Thank You. It was an obvious question as to why Forejo. Something that is not popular and not well known for many compared to Gitea. And what happened with the fork. I thought it should have been the first question on HN. Instead, even when asked it is not upvoted, and when it does, it is at the bottom of the comments section.
From the context in that mailing list it does seems there is more to it. Not to mention Gitea is still MIT license and continued development. But competition is good, I hope both project do well.
What features is non-Enterprise Gitea ahead by? I can’t find any
I don't think they are saying nasty things about the project they were born out of. They are saying nasty things about the corporate takeover.
Why leave Gitea just because an alternative exists..
I use gitea and it "just works". I'm definitely not going anywhere.
It's very likely not so different in function and performance for users and better suit their dev needs than what you may be used to.
All 3 are still under active development.
[flagged]
That's pretty obviously not what I'm bitching about
I get the annoyance of having to migrate (although migrating from gitea to forgejo was a matter or replacing the gitea binary with the forgejo binary up to until recently - completely painless), but you don't have to migrate.
What are you bitching about, fundamentally?
Life happens.
[flagged]
Why did you put the word feature in quotes? What you described is definitely a feature, no qualification needed.
Can't get past cringe anime girl
Try opening a bug report? https://github.com/TecharoHQ/anubis?tab=readme-ov-file#suppo...
Compared to Cloudflare and Google, you can actually talk to a human here and they might (I have no reason to believe the opposite) actually care about niche browsers whereas Google seems to test their products on browsers other than their own engine only after release (presumably people will get annoyed about these breakages/outages eventually and switch to a their browser or a rebrand thereof). There's no such conflict of interest here. I'm not aware of a better thing to use than Anubis or a self-written equivalent (my understanding is that it's a simple sha2 PoW)