Github has made it impossible to create an account when using a VPN and a privacy browser with fully spoofed hardware identifiers. (Use Firefox or Firefox-based Privacy Browser, VPN, install Canvasblocker to test this.) I create an account with Google or Apple (both requiring hardware identifiers and numbers and birthdates) or I can use an email. When I use an email, it comes back with this horrible test, and even if I do it completely correctly, it tells me after I didn’t do the test right, gaslighting me with a picture of what I chose (which I didn’t choose) and showing me the correct picture (which I did choose and it claims I didn’t select).
It’s fucking bullshit and it’s more corporate control of open source software. For people who have their discussion or issue tracker, I can’t even participate without hardware identifiers likely linked to me some other way and phone numbers. It’s fucking bullshit. If anyone from Microsoft is reading this, FUCK YOU!!!
I am so tired of this bullshit. I just want to post an issue about a piece of software. You don’t need my fingerprint, hardware or personal, or biometric shit. This is a slippery slope. Fuck them.
I really hope more developers just get the fuck off Github. Honestly, if you are developing privacy-oriented software and using github, there’s a mistmatch and it’s bullshit, and I know it’s time consuming and annoying to move, but please do. This is fucking bullshit and it’s not like it’s going to become LESS annoying over time. FUCK THIS.
OC by @someone@lemmy.today
Good thing git itself is decentralized and self-hostable. Codeberg/Forgejo exists or you can spin up your own bare git repo.
You don’t have to use Github, people, or even Gitlab for that matter as since Gitlab is ran by a for-profit company, it’s only a matter of time before they go in the direction of Github as well.
Get the fuck off of github 🤷
I’ve been saying it since Microslop took over github. There’s codeberg, radicle, and Gitlab. Move before they start asking for age identification and you’re locked out of your repos.
No shit. Have you seen how much threat actors abuse git forges?
If I opened my forge to the internet I would also mandate hardware tokens and block known VPN endpoints.They should also block linux users and other suspicious people. Lots of hackers and weirdos use linux.
All hackers use computers, so ban those as well
… and spoons. The spoon grabbers are coming for your spoons. We need to organize to protect our neighbors cutlery
Social hackers use humans, so ban those aswell.
I’m not sure I would want completely anonymous, unknown, and unaccountable actors to be able to comment, submit issues, and submit PRs on my repos. So, it’s annoying, but the alternative is so much worse.
Serious question, how old are you?
Why would that possibly matter to you?
What do you think the internet was like pre-Facebook?
Ah, that’s what you mean. Yes, I remember the internet before Facebook. I also remember software development before distributed version control. It was easier to keep track of incoming patches when they were all in email. Not better, but easier.
I’ve been managing open source libraries and projects for two decades. In general, community involvement is good, but anonymous, ephemeral community “members” are very rarely helpful, and way more often a pain in the ass.
That’s a weird outlook. I would postulate that (pseudo-)anonymous passer-bys are collectively probably the most valuable contributors to open-source. That one random well-researched easily-reproducible obvious-in-hindsight issue or patch that makes you go wtf.
Annoyance would come from people who would create a “community” construct in the first place, even if it didn’t exist or was needed, just to be a busyworking “member” of. And those types often wouldn’t mind identifying themselves, if not for everyone, for a host like GH.
Recently, I’ve been frequenting an “anonymous” old platform or two which are nowhere near their peak, and have a very high ratio of pure drivel, just in hopes of running into the random anonymous passer-bys of old mentioned above. Passer-bys who would never come near the M$/AI ID-requiring enshitified GH of today. And what do you know! I’ve seen issues (mostly performance ones) show-cased related to a couple of tools I contribute to, that neither I nor the upstream developers knew about.
Anyway, what I was actually hinting at is that online communication existed for a long time before ID-centric social media came into the scene. This even predates the web itself (newsgroups …), and it wasn’t exactly an unmanageable wild west. Most spaces in fact were much nicer than the ID-centric social media platforms of today.
You’re just wrong if you think the most valuable people to an open source project are anonymous randos.
I would think it would be astoundingly obvious that the most valuable people are the core team members. They do all of the maintenance work. They guide the project’s direction and define its mission. They implement new features and do most of the bug fixing. They triage, handle releases, coordinate.
Look at the commit stats of any major project; there are a handful of people who do >90% of the work. Those are the most valuable people to open source. They are who keep these projects going year after year.
Anonymous randos might fix a low-pri bug once in a while, but they don’t actually help a project much. It’s vastly more likely that anonymous randos will just add more work to a core dev’s plate and provide nothing of value. Now, please note that I’m not talking about new devs. Plenty of new devs will start by submitting some bug fixes to help projects. Those are actually helpful. I’m talking about randos. People who go by new pseudonyms not tied to any established Internet presence. And this problem has only gotten exponentially worse with AI.
I’m assuming, from the way you talk about it, that you’ve never been a part of a large open source project‘s community. You should try it. It’s extremely rewarding work (in that it makes you feel accomplished, you will not be paid for it). You’ll see that the work you label as busywork is actually what makes the project both valuable and maintainable.
I actually run some large open source projects:
https://github.com/hperrin/svelte-material-ui
https://github.com/sciactive/pnotify
And a bunch of smaller ones:
https://github.com/sciactive/tinygesture
https://github.com/sciactive/nephele
https://github.com/sciactive/nymphjs
https://github.com/hperrin/stream-overlay
https://github.com/sciactive/quickdav
So I’m speaking from experience here.
Just to give you an example, if you look at the v9 branch of SMUI, you’ll see the work I’ve been doing on it lately to separate it from the upstream library that has been abandoned. All of that work will not change the outward utility of the project one bit from v8, but it is absolutely necessary if the project is going to continue into the future. This kind of work will always fall on a core dev. No random passerby is ever going to do weeks of grinding labor just to make sure the project has a path forward.
So yes, the occasional bug fix or performance improvement from an anonymous stranger is nice, but no, it is not necessary nor the most important part. And to me not worth opening the project up to potential unaccountable abuse from bad actors.
You’re missing the point. Every project has core team/developers. They (the passer-bys) are the most valuable by being the added value, the differentiators that close-source and the (neu) closed-platform open-source projects can’t have.
It is valid that a developer (or developers) of some projects may not want any kind of feedback, and just want to do their own thing. But the original “social coding” platform is not exactly the best fit for such projects.
Somewhat unrelated, but wtf is the link you posted? The full (currently broken) link is:
https://infosec.pub/api/v3/image_proxy?url=https%3A%2F%2Flemmy.ml%2Fapi%2Fv3%2Fimage_proxy%3Furl%3Dhttps%253A%252F%252Flemmy.today%252Fapi%252Fv3%252Fimage_proxy%253Furl%253Dhttps%25253A%25252F%25252Fupload.wikimedia.org%25252Fwikipedia%25252Fcommons%25252F0%25252F00%25252F%252525C5%25252581ajno_ko%252525C5%25252584skie_400.jpgWhich, URL decoding the proxied URL, gives you:
https://lemmy.ml/api/v3/image_proxy?url=https%3A%2F%2Flemmy.today%2Fapi%2Fv3%2Fimage_proxy%3Furl%3Dhttps%253A%252F%252Fupload.wikimedia.org%252Fwikipedia%252Fcommons%252F0%252F00%252F%2525C5%252581ajno_ko%2525C5%252584skie_400.jpgDecoding once again:
https://lemmy.today/api/v3/image_proxy?url=https%3A%2F%2Fupload.wikimedia.org%2Fwikipedia%2Fcommons%2F0%2F00%2F%25C5%2581ajno_ko%25C5%2584skie_400.jpgAnd one final time actually gets to the original link: https://upload.wikimedia.org/wikipedia/commons/0/00/Łajno_końskie_400.jpg
I’ve been fighting with the image proxying for days now, I just gave up on this post since the meat and potatoes is the text post itself
People have been saying this would happen since MSFT bought GitHub and gutted it. Where have you been this whole time?
Wait till he finds out about Twitter.
I had the exact same struggle this week. I refuse to give up my privacy just to make an account, and after countless tries I’ve gotten nowhere. If anyone has suggestions to get around this I’d love them.
