Author

Topic: GitHub is shitty, why not a decentralized solution? (Read 1335 times)

hero member
Activity: 491
Merit: 1259
Nihil impunitum
If don't like centralized github why not to try Radicle - the open-source p2p  platform where coders can collaborate and contribute to projects. I do  coding  for self-education and don't need collaboration platform but  those who use them and subsequently can compare prefer Radicle, despite its beta stage,  and say it   beats github in  features.
copper member
Activity: 1666
Merit: 1901
Amazon Prime Member #7
A year later and GitLab now comply with U.S. regulation. It's even worse since there's no way to download your code (while GitHub still allow you to download code if you make the repository public).

https://ahmadhaghighi.com/blog/2020/gitlab/
Both GitLab and GitHub allow you to download your code. Most commonly, repositories will be managed with git, with a copy of a repository being on your computer at all times.

I personally have some repositories on GitHub that is private, and routinely download code in my repos (I update code with multiple computers).
copper member
Activity: 784
Merit: 710
Defend Bitcoin and its PoW: bitcoincleanup.com
A year later and GitLab now comply with U.S. regulation. It's even worse since there's no way to download your code (while GitHub still allow you to download code if you make the repository public).
https://ahmadhaghighi.com/blog/2020/gitlab/
That sucks on so many levels. Had so many mixed feelings after reading: anger, disappointment, sorrow etc.
Intellectual property should be respected regardless which country you were born in.

I guess as long as you live in a country where the president is in good relations with the US counter part, at least in theory, you're good for the moment.
Has anyone tried one of these decentralized GitHub alternatives ? I personally have not.
Tried to find a living example and found Radicle.
They have the code on github (haha) https://github.com/radicle-dev and seems they are active. Since I saw them last night some new commits were pushed. Not sure how mature it is as it seems the project is 9-10 months old.
Most of what I found besides this was abandoned. Not maintained for 2-3-5-7 years.

Do you know of any alternatives out there and if you do... how easy is the shift to one of those in regards to work flow, GUI etc ?
full member
Activity: 252
Merit: 103
Guys? Do we still need a distributed decentralized git repository?
full member
Activity: 252
Merit: 103
We don't need thousands and thousands of Bitcoin code repos across the world. It is good if so (and it is forked 24k times), but to fight the censorship it is enough to have more repos than the censor controls or may shutdown. I mean imagine we have a China censored app code hosted in lets say 5-7 different countries like USA, France, Russia, India, Brasil and Algeria. It will now be possible to shut one or two repos in one day, but it will result in attracting more attention to the app and thus people create more repos. Even small modern projects have hundreds of forks - cloned repos. It will be impossible to kill such a project by censoring it in a single country.

When people do not control what they host it is good in an ideal world - every project is distributed across the galaxy and nobody knows where exactly it is hosted and by whom. But that creates an opportunity to attack this distributed system with spam. And that is where I see a flaw and why I propose to give users the control of what they host. That is the reason. If we can somehow manage to get rid of it - that would be perfect.
AGD
legendary
Activity: 2070
Merit: 1164
Keeper of the Private Key
This all ties back to checking if nodes really have the data stored, this is the easy part as calling and checking if the data is stored, the question is which way are you going to go about it? The most efficient is through the use of a committee.
I just thought maybe we do not need to store the data spreading it across the network. Maybe it will work better if you allow users to decide about what projects/repos they want to host. Like it is done in bittorrent protocol.

So if I want to protect some project from censorship I could host exactly this project's repo only.
Very good point. It encourages me to think more about an incentive mechanism.

Incentive could be created with a reward for providing disk space and bandwith. Btw I don't like the approach where people can decide what to host. This would probably end in another kind of censorship and centralizing.
If data is encrypted and fragmented, disk space/bandwith providers would not know, which data they are actually hosting/sharing.
legendary
Activity: 1456
Merit: 1175
Always remember the cause!
This all ties back to checking if nodes really have the data stored, this is the easy part as calling and checking if the data is stored, the question is which way are you going to go about it? The most efficient is through the use of a committee.
I just thought maybe we do not need to store the data spreading it across the network. Maybe it will work better if you allow users to decide about what projects/repos they want to host. Like it is done in bittorrent protocol.

So if I want to protect some project from censorship I could host exactly this project's repo only.
Very good point. It encourages me to think more about an incentive mechanism.
member
Activity: 243
Merit: 18
This all ties back to checking if nodes really have the data stored, this is the easy part as calling and checking if the data is stored, the question is which way are you going to go about it? The most efficient is through the use of a committee.
I just thought maybe we do not need to store the data spreading it across the network. Maybe it will work better if you allow users to decide about what projects/repos they want to host. Like it is done in bittorrent protocol.

So if I want to protect some project from censorship I could host exactly this project's repo only.

Could be also, still this could all be incorporated together, if you have a system such as mentioned above there is nothing also preventing someone from hosting their preferred projects also.

To gain the most out of decentralization it would be best to put all 3 together. just doing one such as this would not provide a guarantee as only those who are popular would really be decentralized.
full member
Activity: 252
Merit: 103
This all ties back to checking if nodes really have the data stored, this is the easy part as calling and checking if the data is stored, the question is which way are you going to go about it? The most efficient is through the use of a committee.
I just thought maybe we do not need to store the data spreading it across the network. Maybe it will work better if you allow users to decide about what projects/repos they want to host. Like it is done in bittorrent protocol.

So if I want to protect some project from censorship I could host exactly this project's repo only.
copper member
Activity: 8
Merit: 23
There is an existing decentralized git platform* setup on ZeroNet, it's a little clunky but it's usable enough to be a censorship-resistant route to share code.
You can find a link to it on the ZeroNet site directory.

* edit to clarify a platform exists, not a clone of any specific codebase or any work done by specific parties.
member
Activity: 243
Merit: 18
Also with the you store for me I store for you it would be able to work at a large scale
I can't agree

you store 50gb of data for others you are allowed a credit of 50gb in which others can store for you
to make system fail proof you need to duplicate data and store some additional info too. That means you *must* allow to store more data than you store yourself in the network. Assuming we have only 50% nodes online 24/7 you need to store in about 1:2 ration to make it possible.

A lot could be done with this system everything would be neutral no spam attacks you are essentially paying for space with space. This method does not limit you to a small team.  
how can you check that i really have the data not just downloaded, saved hashes and deleted all the files?

Well this is where documentation takes places, again I have documents in which I am working on and documentation is time consuming, if I where to provide all the answers than I am really creating the system for you.

There are ways to achieve what you are obtaining, it is all about being creative.

You would have to answer what system are we building on top of are there premium features? is crypto included? how often are these files being accessed?

This all ties back to checking if nodes really have the data stored, this is the easy part as calling and checking if the data is stored, the question is which way are you going to go about it? The most efficient is through the use of a committee.

If we take a look at other current decentralized storage system most only store while the user is paying, once they stop the file stops being hosted. You would have to assume the same for this system, once a node goes offline their files will also stop being hosted. Clearing up space across the system. So it is to the benefit of nodes staying online, you can put a system also in place in where when nodes host more than needed they are awarded energy/gas which allows them to go offline for a certain period of time while still allowing for their files to be hosted.

If it is a blockchain which utilizes its own crypto on top of it with premium features then we can also have a set of committee/delegates or just any node who has extra storage space they can be rewarded through the block reward this is taking note that if PoW is not used, a substantial amount of rewards are able to be distributed while at the same time distributing fees coming into the network from premiums.  

You have to take into account that it does not have to be 1:1 the whole time if some people are storing extra files they will have no problem with it at all if they are rewarded accordingly this can be with energy/gas and/or financially. It going off ratio does not mean that it is a attack. These numbers would have to be played with and the only way doing so would be actually getting a test net up and running



full member
Activity: 252
Merit: 103
Also with the you store for me I store for you it would be able to work at a large scale
I can't agree

you store 50gb of data for others you are allowed a credit of 50gb in which others can store for you
to make system fail proof you need to duplicate data and store some additional info too. That means you *must* allow to store more data than you store yourself in the network. Assuming we have only 50% nodes online 24/7 you need to store in about 1:2 ration to make it possible.

A lot could be done with this system everything would be neutral no spam attacks you are essentially paying for space with space. This method does not limit you to a small team. 
how can you check that i really have the data not just downloaded, saved hashes and deleted all the files?
member
Activity: 243
Merit: 18
> you store for me I store for you type system

I thought about that and as I think - that may work for small teams who share their own data.
I can even imaging the system with encryption and possibility to prevent excluded team member to continue reading the repo: a team owner just needs to publish new encryption and decryption keys personally for each member encrypted by this member's public key.

As a conclusion  - that may work for small teams

Double posted, should merge your post together.

Also with the you store for me I store for you it would be able to work at a large scale, it is not about specifically having only the person you stored the file for store it for you, it is gaining credit on the blockchain as a whole, you store 50gb of data for others you are allowed a credit of 50gb in which others can store for you, this data obviously can be sharded and encrypted. A lot could be done with this system everything would be neutral no spam attacks you are essentially paying for space with space. This method does not limit you to a small team.  


People aren't storing whole files for users, they are storing pieces of a file for users.

and yes it would have to be documented better but hey I do not have the time for it right now, have other documents I am working on.
full member
Activity: 252
Merit: 103
> you store for me I store for you type system

I thought about that and as I think - that may work for small teams who share their own data.
I can even imaging the system with encryption and possibility to prevent excluded team member to continue reading the repo: a team owner just needs to publish new encryption and decryption keys personally for each member encrypted by this member's public key.

As a conclusion  - that may work for small teams
full member
Activity: 252
Merit: 103
> On your second statement, a way to do so that would allow it to remain free is to identify the users.

It doesn't sound quite good Cheesy
Anyway it is very easy to be identified but store enormous amounts of data in repo. It will require other users to reserve space to store other's files in ratio much bigger than 1:1 or even 1:2. This is obviously an attack vector here. If we do limit users in space available for free it just make an attack a bit more difficult to do but still to easy to trust that approach.
So anyway we come to the system where one needs to pay for the space. In such kind of situation most of the users will go back to GitHub or GitLab.
By thus we end up focusing on pro devs and pro teams like Bitcoin team. This is not bad, but that niche may be too marginal and not profitable for the system making it too small to resist attacks.

I'm not saying we do not have to try. Only that we has to think thoroughly.

member
Activity: 243
Merit: 18
there are two problems we need to solve:

1. github is not the repo only. It is an ecosystem for developing projects with bug tracking, issues, voting, comments, reviews, etc.
To create a decentralized clone of github you'll need to reproduce all that features.

2. to create a distributed decentralized repo hosting you need to create a storage with multiple times duplicated data. GitHub is free for opensource projects and paid features for private projects. How that can be reproduced in distributed ecosystem?


We have been discussing on works about your first statement.

On your second statement, a way to do so that would allow it to remain free is to identify the users. You would not be able to do so freely in current eco-systems. To allow it to remain free for the mass is to have a decentralized identity system in place, better than an email, this would be the only way to freely control spam. The good in such system could be that we are only storing text and in many cases this does not amount to much space, meaning that just to store a file on a users end would not technically be a problem. A way to further decrease space per user is to shard. Block rewards in a free eco-system in where money is still coming in through premium features would allow those storing to reap financial rewards. Still there could be a eco-system in where no money comes in just a blockchain without cryptocurrency in where you have to opt-in to store information from other users to be able to have others store information for you.

Really the biggest goal to allow it to remain free and this goes for every platform is to tackle decentralized identity.

Update

Now that I think about it a nice way to reduce spam without decentralized identity which would be possible to have been in use as of yesterday is to further develop the system in which I spoke of secondly, a you store for me I store for you type system. This would defeat spam in a sense if further looked into such as only allowing to decentrally store what you are decentralizing for others, so if I have 50gb in which I am storing files for others then I am allowed a cap of 50gb in which others can freely store for me in a decentralized manner, this would make everything neutral.
full member
Activity: 252
Merit: 103
there are two problems we need to solve:

1. github is not the repo only. It is an ecosystem for developing projects with bug tracking, issues, voting, comments, reviews, etc.
To create a decentralized clone of github you'll need to reproduce all that features.

2. to create a distributed decentralized repo hosting you need to create a storage with multiple times duplicated data. GitHub is free for opensource projects and paid features for private projects. How that can be reproduced in distributed ecosystem?
legendary
Activity: 1456
Merit: 1175
Always remember the cause!
Git is decentralized as is. It stores all the history locally and sends a copy to GitHub AND/OR any other repo you would like. GitHub is just a part of decentralized git ecosystem. It simplifies communication. But I agree - it is good to use more than one repository. And in case of Bitcoin code it is crucial to use several different private repos owned by different people.
So, what I understand, as Git is already decentralized, we just need to increase hubs to decentralize Github. Right?
GitHub provides an application layer for git. Git alone is a distributed Version Control System, VCS. It is not able to provide either teamwork or public repository environment for open-source projects. What we need is a decentralized application service on git, yesterday.
member
Activity: 243
Merit: 18
Git is decentralized as is. It stores all the history locally and sends a copy to GitHub AND/OR any other repo you would like. GitHub is just a part of decentralized git ecosystem. It simplifies communication. But I agree - it is good to use more than one repository. And in case of Bitcoin code it is crucial to use several different private repos owned by different people.
So, what I understand, as Git is already decentralized, we just need to increase hubs to decentralize Github. Right?

Git is distributed more so as it allows you to distribute the copy to other developers who each store their own copy and each works on their own copy still it is not decentralized. Each developer is pulling from the manager a central authority.

You can read more here.

https://git-scm.com/book/en/v1/Distributed-Git-Distributed-Workflows

Still the reason it is not decentralized is because the copy that developers are pulling from is not distributed in a trust-less manner. Instead of having to go through the manager only for the pull, one should be allowed to go through any trust-less party in who holds a valid copy while at the same time when a update is made all trust-less party holding a copy must update theirs to be current & valid also. You can as stated put them up in different repos but this still would not be full decentralization it would be more of a federated system as it is limited.

I just read this blog

https://medium.com/@alexberegszaszi/mango-git-completely-decentralised-7aef8bcbcfe6

and it shows that projects are actually working on making git fully decentralized.

Stating that there are projects such as Mango which runs on Ethereum, GitTorrent which runs on Bitcoin and Git-SSB.

Would be neat to keep tabs on such projects, maybe there isn't enough popularity because they do not have to do with Cryptocurrency instead solely the use of Blockchain for the better of the people. We as a community need to promote the use of these projects and stand together. It isn't all about money in this space.
sr. member
Activity: 860
Merit: 423
Git is decentralized as is. It stores all the history locally and sends a copy to GitHub AND/OR any other repo you would like. GitHub is just a part of decentralized git ecosystem. It simplifies communication. But I agree - it is good to use more than one repository. And in case of Bitcoin code it is crucial to use several different private repos owned by different people.
So, what I understand, as Git is already decentralized, we just need to increase hubs to decentralize Github. Right?
member
Activity: 243
Merit: 18
Git is decentralized as is. It stores all the history locally and sends a copy to GitHub AND/OR any other repo you would like. GitHub is just a part of decentralized git ecosystem. It simplifies communication. But I agree - it is good to use more than one repository. And in case of Bitcoin code it is crucial to use several different private repos owned by different people.

Not decentralized in the way in which we are speaking. Sure with Git you can have a local copy and others who are working on it will work on their own local copy that is stored thus providing some form of decentralization. Still it is not fully decentralized in a way that it would be censorship resistant, IE theoretically say some government body got wind of you working on some code which they do not want you to work on and raided you and your co-workers you would have nothing protecting you once each local copy has been deleted, in this case there would not be many copies as you are only distributing it with you co-workers there is no trustless party who has copies of your code.

What we are looking at is a solution to prevent a malicious actor from being able to delete the copy locally from only say 5 computers and then your work being gone forever.

The way Git is set up is not meant to have your copy live forever no matter what, it is set up to only have your copy live as long as needed. Huge differences.
member
Activity: 141
Merit: 62
The problem would be bitcoin blockchain that is not scalable and fast enough for multiple active projects with lots of contributions and commits. How do you think about a specialized blockchain with its own token? Obviously, it would need some incentive mechanism, but couldn't we define some sort of incentive for maintaining a permissionless decentralized git system?

You could built in on top of Bitcoin network by using side-chain with merged mining (just like RSK)

It maybe possible to look at this from a fresh prospective, not the least in that the version control architecture (what github really is in essence) level seems rather similar to blockchain in several ways:

github and other version control repository are apache-svn based. (Not include CVS, which is rather outdated and limited in capabilities)  
SVN and blockchain have significant similarities, in that each version (like block) contain transactions where certain edits (diffs) were to be made to the code repository.

The only thing that would be really needed to make the technical leap to HODL the actual repository over thousands, if not millions of nodes containing the diffs (blocks) so that an 3rd party cannot modify the content with strong assurance against tamper.  I can't imagine the consequence of tampering the bitcoin core code that runs thousands of node without being detected by the core team members (not likely, though.. because with core dev checked out source tree hidden .svn folder would have a copy that immediately alert core member that code repo had been hacked).  Also I am a bit concerned how the storage of the blocks contains all the commits, locks (like BTC chain-state), annotations are going to be stored.. The bitcoin core code is somewhat static and 1MB every 10 minute are more than adequate.  But since the scope of the request is to replace the entire github, one must look into decentralized / distributed version (block) storage with parity or other distributed storage that can have good access time but not great in write time due to obvious synchronization issues.  Even if this can be achieved algorithmicly we still need incentive to run node.  Technically this can be achieved but is a lot to consider and to test for this to become a reality.

legendary
Activity: 2618
Merit: 1105
Git is decentralized as is. It stores all the history locally and sends a copy to GitHub AND/OR any other repo you would like. GitHub is just a part of decentralized git ecosystem. It simplifies communication. But I agree - it is good to use more than one repository. And in case of Bitcoin code it is crucial to use several different private repos owned by different people.

But why such control is being spread amongst countries to stop specific places from using something that allows usage of open-source applications? If this is being stopped, what's the guarantee that in the near future, these 'laws' are not going to stop you from doing other activities too? Then, where is decentralization and if such solution doesn't/ can't exist, I don't think that such technologies will be evolving any further.
full member
Activity: 252
Merit: 103
Git is decentralized as is. It stores all the history locally and sends a copy to GitHub AND/OR any other repo you would like. GitHub is just a part of decentralized git ecosystem. It simplifies communication. But I agree - it is good to use more than one repository. And in case of Bitcoin code it is crucial to use several different private repos owned by different people.
legendary
Activity: 1456
Merit: 1175
Always remember the cause!
The problem would be bitcoin blockchain that is not scalable and fast enough for multiple active projects with lots of contributions and commits. How do you think about a specialized blockchain with its own token? Obviously, it would need some incentive mechanism, but couldn't we define some sort of incentive for maintaining a permissionless decentralized git system?

what @ETFbitcoin suggested; a side chain would be perfect for this.
as for specialized blockchain, it obviously can not be PoW like bitcoin because the hashrate will never be high enough to secure it. i haven't really done any extensive research on alternatives but those that i have seen weren't good enough.

Plus, I don't think multi-sig is necessary for big projects with multiple/sophisticated access rights. You know an authorization scheme is just another "file" and you need a web/desktop application for UI anyways. It can easily decide about legitimate commits by checking the keys used against the security settings derived from the above mentioned "file".
the point of multisig was having the 1 single address so that others only have to "subscribe" to one address like watching 3BitcoinCoreGit and get the new outgoing transactions from that. it doesn't have to require more than 1 key, it can be a 1 of 5 multi-sig scheme with 5 main developer each having commit access.
I just sent merit for @ETFbitcoin and his side-chain suggestion but I'm not a side-chain fan for several reasons.
That said, it is not unlikely that sidechains with merge mining can do good for the cause: decentralized git.

As of multi-sig issue, I maintain my proposal as it covers more general use cases and is more flexible. For instance, consider adding or removing people with commit rights which is not supported by 1 of n multi-sig solution. My security_settings_file scheme proposal also supports your single entry/subscription requirement as people (their applications) start with synchronizing their SSF in the first steps. This way they find out who (which addresses) have commit rights and continue with looking for their latest commits.
legendary
Activity: 3472
Merit: 10611
The problem would be bitcoin blockchain that is not scalable and fast enough for multiple active projects with lots of contributions and commits. How do you think about a specialized blockchain with its own token? Obviously, it would need some incentive mechanism, but couldn't we define some sort of incentive for maintaining a permissionless decentralized git system?

what @ETFbitcoin suggested; a side chain would be perfect for this.
as for specialized blockchain, it obviously can not be PoW like bitcoin because the hashrate will never be high enough to secure it. i haven't really done any extensive research on alternatives but those that i have seen weren't good enough.

Plus, I don't think multi-sig is necessary for big projects with multiple/sophisticated access rights. You know an authorization scheme is just another "file" and you need a web/desktop application for UI anyways. It can easily decide about legitimate commits by checking the keys used against the security settings derived from the above mentioned "file".
the point of multisig was having the 1 single address so that others only have to "subscribe" to one address like watching 3BitcoinCoreGit and get the new outgoing transactions from that. it doesn't have to require more than 1 key, it can be a 1 of 5 multi-sig scheme with 5 main developer each having commit access.
legendary
Activity: 2870
Merit: 7490
Crypto Swap Exchange
The problem would be bitcoin blockchain that is not scalable and fast enough for multiple active projects with lots of contributions and commits. How do you think about a specialized blockchain with its own token? Obviously, it would need some incentive mechanism, but couldn't we define some sort of incentive for maintaining a permissionless decentralized git system?

You could built in on top of Bitcoin network by using side-chain with merged mining (just like RSK)
legendary
Activity: 1456
Merit: 1175
Always remember the cause!
~

here is how you could do it using torrents:
* each time you make a change in code, git produces a file with the changes and the SHA1 hash of it committing it to the chain.
* create a torrent from this file, which is yet another SHA1 hash of the file. by doing that you will start seeding this commit and by share this hash with others they can download and seed it.
* now you need an immutable ledger that you could share these hashes so others can find and download them and you don't want them to be changed and also want them to be timestampted. bitcoin blockchain is perfect for this. you create a new key and each time you had a new torrent hash, you create an outgoing transaction from that key and include the hash inside of an OP_RETURN output from that key. now all you need to do is to share your public key (or address) with others and all they have to do is to watch the txouts, extract the hash and download the torrent/file.

† if it is a big project with multiple user's having commit access that "key" that was created could be a multiple key (aka a multi signature address) that all need to sign the result.
The problem would be bitcoin blockchain that is not scalable and fast enough for multiple active projects with lots of contributions and commits. How do you think about a specialized blockchain with its own token? Obviously, it would need some incentive mechanism, but couldn't we define some sort of incentive for maintaining a permissionless decentralized git system?

Plus, I don't think multi-sig is necessary for big projects with multiple/sophisticated access rights. You know an authorization scheme is just another "file" and you need a web/desktop application for UI anyways. It can easily decide about legitimate commits by checking the keys used against the security settings derived from the above mentioned "file".
full member
Activity: 203
Merit: 168
maybe a decentralized github clone could be implemented on maidsafe?  Perhaps using gitlab code as a starting point.   Or if not maidsafe, then maybe ipfs or sia for decentralized storage.  But my understanding is that maidsafe facilitates decentralized computing, dynamic websites / apps, etc...

yes / no / why?
legendary
Activity: 3472
Merit: 10611
~

here is how you could do it using torrents:
* each time you make a change in code, git produces a file with the changes and the SHA1 hash of it committing it to the chain.
* create a torrent from this file, which is yet another SHA1 hash of the file. by doing that you will start seeding this commit and by share this hash with others they can download and seed it.
* now you need an immutable ledger that you could share these hashes so others can find and download them and you don't want them to be changed and also want them to be timestampted. bitcoin blockchain is perfect for this. you create a new key and each time you had a new torrent hash, you create an outgoing transaction from that key and include the hash inside of an OP_RETURN output from that key. now all you need to do is to share your public key (or address) with others and all they have to do is to watch the txouts, extract the hash and download the torrent/file.

† if it is a big project with multiple user's having commit access that "key" that was created could be a multiple key (aka a multi signature address) that all need to sign the result.
full member
Activity: 305
Merit: 106
Nice finding, but it won't work in this case (distributed/decentralized Git) because there's no version control or update content feature.

It might serve as documentation website which rarely needs to be updated though.
Was thinking about this all day. Thought it would be an interesting pet project. But when trying to learn more about this ... https://forum.bittorrent.com/forum/134-developer-discussion/ seems they killed the project Sad
I guess big companies like BitTorrent are not allowed to "mess" with the current status quo !
This sucks ...

I stand corrected again
Seems there is another project .... on github (the irony) https://github.com/xuset/planktos
From what I read there is no solution so far to shard the website into multiple torrents so it's not scalable and would pose an issue for bigger websites.
I would get involved in such a project and help however I can Smiley
full member
Activity: 305
Merit: 106
The only way there would be a GitHub Dapp version IMO would be if the website would be hosted on multiple servers, on users pc. Sort of a torrent system. They would keep the pc open to seed the website content and css. Not sure how you would do such thing, or if it would be possible (not that web dev savvy) but seems like the only way to me.

Edit: doing a bit of research it seems there is such an option: BitTorrent's Maelstrom. Not sure if they kept developing it enough...
copper member
Activity: 623
Merit: 22
Guess GitHub is just following some governing rules which they can't brake through.
Take a look at some crypto exchangers and what geo restrictions they have. All of them just avoiding some probable troubles in future.

VPN is your choice buddy!
member
Activity: 243
Merit: 18
Having bitcoin codebase on github.com is unfortunately creating a central point of failure. Tommorow none knows Microsoft/US govt may decide to launch its own coin and take control of https://github.com/bitcoin repo

I think core development should move to a self hosted solution:

1. Move to an open source self hosted solution like gitbucket  which is mirrored by key members of the community on their domains
2. The updates to  PRs, issues , releases etc should be automatically committed to another meta-bitcoin git repo
3. Both bitcoin and meta-bitcoin  repo are free to be cloned/stored by everyone, so if any points of failure occurs another website can be hosted from one of the community members





I definitely agree, Bitcoin's main development code needs to be moved away from Github.
hero member
Activity: 692
Merit: 569
Having bitcoin codebase on github.com is unfortunately creating a central point of failure. Tommorow none knows Microsoft/US govt may decide to launch its own coin and take control of https://github.com/bitcoin repo

I think core development should move to a self hosted solution:

1. Move to an open source self hosted solution like gitbucket  which is mirrored by key members of the community on their domains
2. The updates to  PRs, issues , releases etc should be automatically committed to another meta-bitcoin git repo
3. Both bitcoin and meta-bitcoin  repo are free to be cloned/stored by everyone, so if any points of failure occurs another website can be hosted from one of the community members



legendary
Activity: 3948
Merit: 3191
Leave no FUD unchallenged
I think GitHub is trying to comply on where you live, which makes it more legitimate and trustworthy.

Personally, I don't see how being forced to comply with a blatant political agenda increases legitimacy or trustworthiness.  It's just something they're powerless to fight against, so they're simply taking the path of least resistance.


If you are working for the government of Iran, I would point out that the Iran government has a very poor history of Human Rights violations against their own people, and I would encourage you to defect.

Most governments on Earth have a poor track record on human rights.  I don't know why people always choose to single out Iran.  Again, sounds like pandering to US political agenda to me.


So, people of Iran(like me), Cuba, Syria, North Korea and Crimea (200 millions?) are subject to US Trade Controls as a whole and they can't use GitHub accordingly  Grin

Any comments?

While I don't agree with any of this, it sounds like you can still have a public repository.  Is that really not an option for you?
copper member
Activity: 1666
Merit: 1901
Amazon Prime Member #7
I read the article inside the email quote posted in the OP, and it looks like the OP had some kind of paid subscription to GitHub, and that GitHub is unable to accept money originating from Iran (nor from anyone inside Iran) due to US sanctions. My reading of the article posted in the OP is that those in Iran can still access GitHub and have a "free" membership.

No, they don't let people of Iran to have private repositories which is critical for teamwork before launching a project and they have dropped our access to already installed private repositories as well. I have my backups thanks god, but besides losing discussions and pull requests and stuff like that, many people have lost their codes.

The thing is, when GitHub commits censorship now, it can do it again and again and nobody is safe ever. Bitcoin is not a joke to be assured about it not being a future target.
Here is a quote from the link in the email you cited in the OP:
<>
GitHub may allow users in or ordinarily resident in countries and territories subject to U.S. sanctions to access certain free GitHub.com services for personal communications in accordance to authorizations issued by the U.S. Treasury Department’s Office of Foreign Assets Controls (OFAC).
<>
Specially Designated Nationals (SDNs) and other denied or blocked parties under U.S. and other applicable law are prohibited from accessing or using GitHub.com
<>
Furthermore, GitHub.com may not be used for purposes prohibited under applicable export control laws, including prohibited end uses described in 17 CFR 744.
<>

I am unsure of what you were using GitHub for, however they are required to follow US law being subject to jurisdiction in the US. According to the above, if you are not working for the government or an SDN, you can use GitHub on a personal basis via their free services.

If you are working for the government of Iran, I would point out that the Iran government has a very poor history of Human Rights violations against their own people, and I would encourage you to defect.
member
Activity: 243
Merit: 18
I understand that you cannot change your contributions in a decentralized system, that's great in some ways but could offerr also compromises with different things, like if the developer himself doesn't want the code anymore or something, he can never delete it. Or it can be seen and it can be archived or something. GitHub is just not for developers too, it's for people who want to see codes and educating themselves, it's already serving its purpose for that.


You technically could, in the blockchain all you would be storing is hashes of the end file, the file itself would be hosted across multiple servers(Nodes) thus decentralizing it, still you can add contributions on top of others, edit code, etc you would just store the hash of the file on the blockchain reaching concensus that such changes where made by the correct user, etc.

You can also delete contributions as a user would just make the request, store that request on the blockchain thus nodes reach concensus that such user did verify to have such contribution deleted and then nodes would just stop supporting the storage of that file. You can do alot with it as technically these files again are not stored on the blockchain itself as the blockchain just serves as a point of reference.

those looking to read into the file would just request for the file to be sent to them and they can view it, you can make a exact copy of Github in a decentralized manner with a very nice GUI just most people aren´t into it for that most just come to get rich and the usual by putting in no effort.

Either way OP pretty sure you posted this in the wrong category as this has nothing to do with Bitcoin nor its development, please move this as your first post talks nothing about Bitcoins technology or what you want from this thread, it is a simple discussion on why Github isn´t decentralized. I saw on Twitter the other day that some projects are trying to create a decentralized Github still didn´t look into it and pretty sure they aren´t making it much user friendly just a crappy version. IDK.


I could lay out a whole roadmap on how this would work but have no time and the OP as it seems he has no general knowledge on how it would work would spend months researching how it would work before even getting a roadmap in place.
copper member
Activity: 2940
Merit: 1280
https://linktr.ee/crwthopia
So your argument against a decentralized approach to Github which by the way is a major host for most decentralized projects is a bad idea because they are trying to protect members of Github from their own countries laws? I'm sorry but I would disagree with this wholeheartedly. If Bitcoin was made illegal in your country would you still use it? Or would you allow your country to censor your freedom that much? Github are limiting accounts to save their own ass and not that of their customers. Its like the whole debate that Bitcoin should be banned because its used for criminal activities. So what if theres a small amount of people illegally using Github? Innocent members are being limited because of it is that fair? If that is fair then we might as well ban the use of cash too.
I hope you read my statements again, I'm not against having a decentralized approach with GitHub. I'm just saying it's not going to happen and even if it did, it's not going to solve the problem the OP is having. Which is where there are limitations in his account, that's not my fault, it's the laws that GitHub follows. You are getting the wrong idea, my friend.

~snip
It is about being innocent. I'll give another example that I know the americans will relate too if america decided to ban all guns to its people because of the ongoing rise in gun crime over there would you be pleased that one of your amendments were breached? Gun crime in comparison to the population is a minority and yet you would be limiting innocent members of the public. This is why its been hard for this policy to be passed because the people don't want it.
What I meant with the part where I said, not about being innocent is that no matter where you are as long as the country you're living in has those kinds of laws where you get restricted, you get limitations. Do you get what I'm saying here? We're not talking about different topics though, but a lot has been changing with the laws in the US.

But anyway that's just an example but going onto the "choose another site" this is why a decentralized github would be good. There is problems with Github restricting members depending on where they live if we had a site which was decentralized and had the same features of Github this would be in my opinion beneficial. The only problem with that is there will be a lot more viruses being spread and no one to really take them down.
It is going to be awesome when you have a decentralized GitHub. There is more power distributed to users. My first opinion is about thinking that it wouldn't be happening anytime soon.
legendary
Activity: 1232
Merit: 1080
Do you think that making GitHub decentralized would solve your problem?

You cannot make sure that it is going to make it work because we all know Bitcoin is decentralized and what happened to some countries? They banned or limit the use of it, because they are worried about the “Unregulated Trading” or anything that says bad stuff with Bitcoin but we’re not talking about cryptocurrencies. I think GitHub is trying to comply on where you live, which makes it more legitimate and trustworthy. We’re not talking about anything that regards with what is happening with GitHub, codes and issues, it’s just the fact that the OP has limited access to some features.

Upon reading some replies here, I think the thought of having been acquired by Microsoft, would it be used for more profiting schemes? Maybe advertising in the site itself, knowing that GitHub has gained popularity and is being used by a lot of people, they could easily target people who look at certain codes, etc. Probably another topic created for this.

One good thing that I could think off is that decentralizing the power or the authority in which GitHub is distributed, more power could be disseminated and planning, decision making, etc. would benefit the users and they would have a say in it, in a way. I doubt it’s going to happen anyway.
So your argument against a decentralized approach to Github which by the way is a major host for most decentralized projects is a bad idea because they are trying to protect members of Github from their own countries laws? I'm sorry but I would disagree with this wholeheartedly. If Bitcoin was made illegal in your country would you still use it? Or would you allow your country to censor your freedom that much? Github are limiting accounts to save their own ass and not that of their customers. Its like the whole debate that Bitcoin should be banned because its used for criminal activities. So what if theres a small amount of people illegally using Github? Innocent members are being limited because of it is that fair? If that is fair then we might as well ban the use of cash too.

Well, it's not about being innocent, it's being a citizen to where you live and accepting the terms and conditions in the site. If you are going to use it, you need to comply with it. It's their decision to do that and you cannot do anything about it. It's either you choose another site or just go with it. I don't think GitHub is going anywhere soon.
It is about being innocent. I'll give another example that I know the americans will relate too if america decided to ban all guns to its people because of the ongoing rise in gun crime over there would you be pleased that one of your amendments were breached? Gun crime in comparison to the population is a minority and yet you would be limiting innocent members of the public. This is why its been hard for this policy to be passed because the people don't want it.
But anyway that's just an example but going onto the "choose another site" this is why a decentralized github would be good. There is problems with Github restricting members depending on where they live if we had a site which was decentralized and had the same features of Github this would be in my opinion beneficial. The only problem with that is there will be a lot more viruses being spread and no one to really take them down.

I read the article inside the email quote posted in the OP, and it looks like the OP had some kind of paid subscription to GitHub, and that GitHub is unable to accept money originating from Iran (nor from anyone inside Iran) due to US sanctions. My reading of the article posted in the OP is that those in Iran can still access GitHub and have a "free" membership.

Although this would be interesting I wasn't aware that Github had paid premium services? Although if that is the case then Github would in fact be well in their rights to cancel any payments made from these countries due to the recent sanctions made by the US. Although again this is another reason why there is a gap in the market for a decentralized approach to Github.
legendary
Activity: 1456
Merit: 1175
Always remember the cause!
I read the article inside the email quote posted in the OP, and it looks like the OP had some kind of paid subscription to GitHub, and that GitHub is unable to accept money originating from Iran (nor from anyone inside Iran) due to US sanctions. My reading of the article posted in the OP is that those in Iran can still access GitHub and have a "free" membership.

No, they don't let people of Iran to have private repositories which is critical for teamwork before launching a project and they have dropped our access to already installed private repositories as well. I have my backups thanks god, but besides losing discussions and pull requests and stuff like that, many people have lost their codes.

The thing is, when GitHub commits censorship now, it can do it again and again and nobody is safe ever. Bitcoin is not a joke to be assured about it not being a future target.
copper member
Activity: 2940
Merit: 1280
https://linktr.ee/crwthopia
Risking it to what level? a decentralized github serves its purpose, lets talk about the darkweb sure you do not want to access it via your IP and it may host criminal activies but accesing the darkweb is not criminal, a decentralized github would surely serve its purpose.
I'm not saying that making it decentralized won't serve its purpose, I said it might not complete solve the problem of the OP, because he cannot access some of GitHub's feature because of his location.

If you have code that you do not want deleted boom its there never to be deleted. Now sure for those without knowledge of not going anonymous it is risky if they do not want to be seen going to a decentralized github if it is banned in their country... in the U.S it won't be they first have to ban viewing any type of information for educational purpose. Github is purely educational.
I understand that you cannot change your contributions in a decentralized system, that's great in some ways but could offerr also compromises with different things, like if the developer himself doesn't want the code anymore or something, he can never delete it. Or it can be seen and it can be archived or something. GitHub is just not for developers too, it's for people who want to see codes and educating themselves, it's already serving its purpose for that.

I am all for knowledge and if a country is trying to stop you from learning then yes you do have your alternatives.
That's true, I am a man who is a believer in educating oneself, whether it's for improvement for your own, science-related courses, engineering courses, etc. I do want to have a free sharing of knowledge, but not everyone is going to agree on this, for sure. I forgot the name of the site that you could get scientific articles for free, even the published ones, but you just have to put a link and you could download it right away. They are unlocking free knowledge. (Pretty off-topic)
copper member
Activity: 1666
Merit: 1901
Amazon Prime Member #7
I read the article inside the email quote posted in the OP, and it looks like the OP had some kind of paid subscription to GitHub, and that GitHub is unable to accept money originating from Iran (nor from anyone inside Iran) due to US sanctions. My reading of the article posted in the OP is that those in Iran can still access GitHub and have a "free" membership.
member
Activity: 243
Merit: 18


A decentralized Github would surely benefit its users as the content can't be removed from the inside, a country banning such a thing is easily bypassable.

It could easily be bypassable but you are risking yourself too with it. I don't think they would go looking for something as bypassing the laws or anything but you are still risking it.


Risking it to what level? a decentralized github serves its purpose, lets talk about the darkweb sure you do not want to access it via your IP and it may host criminal activies but accesing the darkweb is not criminal, a decentralized github would surely serve its purpose. If you have code that you do not want deleted boom its there never to be deleted. Now sure for those without knowledge of not going anonymous it is risky if they do not want to be seen going to a decentralized github if it is banned in their country... in the U.S it won't be they first have to ban viewing any type of information for educational purpose. Github is purely educational. So lets say that in a country in which they do abuse their power and ban such access from a decentralized Github in those countries it is much much easier to go anonymous buy a off the shelf laptop eh $60 buy a burner router or w.e and get internet that is not on your name. Where is the risk in going anonymous? I know if I use TOR and I am searching something that would not incriminate me yeah I would not care if I use my regular PC still for someone really wanting to go anonymous yeah it is not hard I haven't done so because I do not have the need but at least I know if a time comes where I need to I could easily go anonymous without the feds knowing who I am.

I am all for knowledge and if a country is trying to stop you from learning then yes you do have your alternatives.
copper member
Activity: 2940
Merit: 1280
https://linktr.ee/crwthopia
~snip

A decentralized Github would surely benefit its users as the content can't be removed from the inside, a country banning such a thing is easily bypassable.
It could easily be bypassable but you are risking yourself too with it. I don't think they would go looking for something as bypassing the laws or anything but you are still risking it.

I think GitHub is trying to comply on where you live, which makes it more legitimate and trustworthy.
Perhaps, but most people who affected are innocent (not involved or directly support whatever which cause U.S. make this law)
Well, it's not about being innocent, it's being a citizen to where you live and accepting the terms and conditions in the site. If you are going to use it, you need to comply with it. It's their decision to do that and you cannot do anything about it. It's either you choose another site or just go with it. I don't think GitHub is going anywhere soon.
legendary
Activity: 2870
Merit: 7490
Crypto Swap Exchange
IPFS is only a solution for a decentralized file hosting. The rest is just the usual coding stuff. If people create accounts, they can apply permissions to anyone they want. A little bit like OpenBazaar > 2.0, only that these accounts could be shared with other participants based on the permissions, that the account owner provides. Shouldn't be a big issue or did I miss something here?

Edit: Account holder can also be a group that shares a multi sig key.

Good idea, i didn't think combining IPFS with another system such as OpenBazaar account. All developers & contributor needs to understand the value of their keys though.

I think GitHub is trying to comply on where you live, which makes it more legitimate and trustworthy.

Perhaps, but most people who affected are innocent (not involved or directly support whatever which cause U.S. make this law)
member
Activity: 243
Merit: 18
Do you think that making GitHub decentralized would solve your problem?

You cannot make sure that it is going to make it work because we all know Bitcoin is decentralized and what happened to some countries? They banned or limit the use of it, because they are worried about the “Unregulated Trading” or anything that says bad stuff with Bitcoin but we’re not talking about cryptocurrencies. I think GitHub is trying to comply on where you live, which makes it more legitimate and trustworthy. We’re not talking about anything that regards with what is happening with GitHub, codes and issues, it’s just the fact that the OP has limited access to some features.

Upon reading some replies here, I think the thought of having been acquired by Microsoft, would it be used for more profiting schemes? Maybe advertising in the site itself, knowing that GitHub has gained popularity and is being used by a lot of people, they could easily target people who look at certain codes, etc. Probably another topic created for this.

One good thing that I could think off is that decentralizing the power or the authority in which GitHub is distributed, more power could be disseminated and planning, decision making, etc. would benefit the users and they would have a say in it, in a way. I doubt it’s going to happen anyway.

A decentralized Github would surely benefit its users as the content can't be removed from the inside, a country banning such a thing is easily bypassable.
copper member
Activity: 2940
Merit: 1280
https://linktr.ee/crwthopia
Do you think that making GitHub decentralized would solve your problem?

You cannot make sure that it is going to make it work because we all know Bitcoin is decentralized and what happened to some countries? They banned or limit the use of it, because they are worried about the “Unregulated Trading” or anything that says bad stuff with Bitcoin but we’re not talking about cryptocurrencies. I think GitHub is trying to comply on where you live, which makes it more legitimate and trustworthy. We’re not talking about anything that regards with what is happening with GitHub, codes and issues, it’s just the fact that the OP has limited access to some features.

Upon reading some replies here, I think the thought of having been acquired by Microsoft, would it be used for more profiting schemes? Maybe advertising in the site itself, knowing that GitHub has gained popularity and is being used by a lot of people, they could easily target people who look at certain codes, etc. Probably another topic created for this.

One good thing that I could think off is that decentralizing the power or the authority in which GitHub is distributed, more power could be disseminated and planning, decision making, etc. would benefit the users and they would have a say in it, in a way. I doubt it’s going to happen anyway.
AGD
legendary
Activity: 2070
Merit: 1164
Keeper of the Private Key
Edit: IPFS would be a good starting point.

Using IPFS is good idea, but i don't see how decentralization is possible. Usually we still need trusted people for some specific tasks, such as approve pull request, manage release, create new branch, etc.

The way i understand IPFS, i think we only can achieve distributed Git repository
IPFS is only a solution for a decentralized file hosting. The rest is just the usual coding stuff. If people create accounts, they can apply permissions to anyone they want. A little bit like OpenBazaar > 2.0, only that these accounts could be shared with other participants based on the permissions, that the account owner provides. Shouldn't be a big issue or did I miss something here?

Edit: Account holder can also be a group that shares a multi sig key.
Thank you,

I'm now thinking of an open source (both client/server and web) application/UI layer for a moderately improved version of git backed by again a modified version of IPFS. Users install git2 locally but git uses IPFS2 as both filing system and for some authorization tasks. UI uses IPFS2 for authorization tasks as well.

I mean, a distributed, decentralized file hosting is a bad ass. any thing like permissions, accounting, security stuff, anything could be representable as a file and what our UI needs is just downloading the required file(s) which he has basically the key for.



You're welcome and thanks for the Merit.
Also, if network participants have an incentive to provide disk space, the network would probably grow rapidly around it, or maybe just use already existing solutions like Maidsafecoin.
legendary
Activity: 1456
Merit: 1175
Always remember the cause!
Edit: IPFS would be a good starting point.

Using IPFS is good idea, but i don't see how decentralization is possible. Usually we still need trusted people for some specific tasks, such as approve pull request, manage release, create new branch, etc.

The way i understand IPFS, i think we only can achieve distributed Git repository
IPFS is only a solution for a decentralized file hosting. The rest is just the usual coding stuff. If people create accounts, they can apply permissions to anyone they want. A little bit like OpenBazaar > 2.0, only that these accounts could be shared with other participants based on the permissions, that the account owner provides. Shouldn't be a big issue or did I miss something here?

Edit: Account holder can also be a group that shares a multi sig key.
Thank you,

I'm now thinking of an open source (both client/server and web) application/UI layer for a moderately improved version of git backed by again a modified version of IPFS. Users install git2 locally but git uses IPFS2 as both filing system and for some authorization tasks. UI uses IPFS2 for authorization tasks as well.

I mean, a distributed, decentralized file hosting is a bad ass. any thing like permissions, accounting, security stuff, anything could be representable as a file and what our UI needs is just downloading the required file(s) which he has basically the key for.

AGD
legendary
Activity: 2070
Merit: 1164
Keeper of the Private Key
Edit: IPFS would be a good starting point.

Using IPFS is good idea, but i don't see how decentralization is possible. Usually we still need trusted people for some specific tasks, such as approve pull request, manage release, create new branch, etc.

The way i understand IPFS, i think we only can achieve distributed Git repository

IPFS is only a solution for a decentralized file hosting. The rest is just the usual coding stuff. If people create accounts, they can apply permissions to anyone they want. A little bit like OpenBazaar > 2.0, only that these accounts could be shared with other participants based on the permissions, that the account owner provides. Shouldn't be a big issue or did I miss something here?

Edit: Account holder can also be a group that shares a multi sig key.
legendary
Activity: 3542
Merit: 1352
Cashback 15%
GitHub has been insanity since it was acquired by Microsoft. The most widespread alternative that I know of is GitLab which has an inbuilt migration feature. Core should have moved a long time ago, however it's a tricky thing.. you just abandon the GitHub? how do you proceed exactly? how do you get people on board?

GitLab is almost the same as GitHub, so I don't see what substantial change are we going to have from that. I know there had been a lot of discussions in reddit, here in this forum and some bitcoin IRC channels regarding the migration but the end result is always the same: where do we go from here? Now I know Microsoft hasn't been that friendly to people, especially projects and accounts coming in from affected countries of the trade bans, but then again I don't see anything that they have been doing recently to cause a concern to move the whole project elsewhere--or at least I'm not fully informed of what's happening deep within the surface.

It's a compromise developers have to deal with in their pursuit to maintain bitcoin's code intact and up-to-date. Not everybody likes it but it has to be there somehow as it's the only trusted repo we have right now.

I don't think a decentralized solution exists, or even is possible. You need to have somewhere for people to submit issues, patches, and comments, how would you decentralize that.

--

Then there are self hosted solutions. The problem with this is that there is no formal organization that backs Bitcoin Core. In order for a self hosted solution to work, someone would have to pay for servers and set it up themselves. They would basically have to run it using their own money and deal with things like DDoS attacks, server management, etc. That's a huge undertaking in both effort and cost. Then there's also the bus factor: what happens if that person gets hit by a bus? So in general, self hosted solutions aren't really a solution for us.

With your analogy, I remember what happened to QuadrigaCX's funds. Change this scenario into someone managing a self-hosted repo whcih everybody used, until such time that this dude dies unexpectedly without anyone knowing until the whole system shuts down/certs expired etc etc. Self-hosting is a no-go, but if there's such an organization with no political interest whatsoever and only wants bitcoin to move forward and are willing to pay for such (I highly doubt this), go ahead and migrate, although of course, the community still needs to decide on where to go from there. A simple problem yet leads to branches of even more problems, as if we are onto a stalemate and can't move no further, unless of course MS goes full retard and do something that everyone will not like.
legendary
Activity: 3472
Merit: 10611
~
Use VPN services..

/KX

that will probably be the thing everyone eventually ends up doing but it is too late for these accounts because they are already flagged and restrictions are applied on them. changing IP address won't help those with established accounts that they had for years with thousands of contributions.
additionally there is this:
Quote
Persons in or ordinarily resident in these countries and territories are prohibited from using IP proxies, VPNs, or other methods to disguise their location when accessing GitHub.com services
member
Activity: 378
Merit: 53
Telegram @keychainX
I've just received this e-mail from Github:

Quote
GitHub <[email protected]>

to me
Due to U.S. trade controls law restrictions, your GitHub account has been restricted.
For individual accounts, you may have limited access to free GitHub public repository
services for personal communications only. Please read about GitHub and Trade Controls at
https://help.github.com/articles/github-and-trade-controls for more information
So, people of Iran(like me), Cuba, Syria, North Korea and Crimea (200 millions?) are subject to US Trade Controls as a whole and they can't use GitHub accordingly  Grin

Any comments?


Use VPN services..

/KX
AGD
legendary
Activity: 2070
Merit: 1164
Keeper of the Private Key
I've just received this e-mail from Github:

Quote
GitHub <[email protected]>

to me
Due to U.S. trade controls law restrictions, your GitHub account has been restricted.
For individual accounts, you may have limited access to free GitHub public repository
services for personal communications only. Please read about GitHub and Trade Controls at
https://help.github.com/articles/github-and-trade-controls for more information
So, people of Iran(like me), Cuba, Syria, North Korea and Crimea (200 millions?) are subject to US Trade Controls as a whole and they can't use GitHub accordingly  Grin

Any comments?


GitHub will fade in this ongoing decentralisation process, just like many others.

Edit: IPFS would be a good starting point.
legendary
Activity: 4466
Merit: 3391
I've just received this e-mail from Github:

Quote
GitHub <[email protected]>

to me
Due to U.S. trade controls law restrictions, your GitHub account has been restricted.
For individual accounts, you may have limited access to free GitHub public repository
services for personal communications only. Please read about GitHub and Trade Controls at
https://help.github.com/articles/github-and-trade-controls for more information
So, people of Iran(like me), Cuba, Syria, North Korea and Crimea (200 millions?) are subject to US Trade Controls as a whole and they can't use GitHub accordingly  Grin

Any comments?


Git is decentralized as much as that while you may not be able to directly access a repo on Github, you can still access someone's clone of it.
member
Activity: 243
Merit: 18
the funniest part of it is the following and i still can't figure out how you could use an open source code sharing website to produce a nuclear,... weapon Cheesy
alternative that I know of is GitLab
GitLab is also the same.

in any case the version-control "Git" has nothing to do with centralization, it is the "hosting" websites GitHub,... that are centralized. i don't think we can do anything about that.

Because of the flight trajectory which is coded into a nuclear weapon and stuff, I mean there is some code that goes into a nuclear weapon for it to know where to strike or are you just going to use a bazooka type of thing where it strikes wherever it hits? I mean such information even though general for those with coding knowledge could be of danger in hands of those making home made bombs I mean now they would be able to just put an open sourced flight trajectory into their bomb and off it goes. {I personally removed other content to prevent terrorist organization from using an idea in which is not known to the general public for terror}

Ah just wanted to add that such a thing would be far more dangerous than just drone bombs as drones are usually flown by a human so it is not so anonymous, easier for someone to trace back, etc as they have to be within range blah blah blah all this other stuff.
staff
Activity: 3458
Merit: 6793
Just writing some code
I don't think a decentralized solution exists, or even is possible. You need to have somewhere for people to submit issues, patches, and comments, how would you decentralize that.

As for alternatives to github, there aren't many. Off the top of my head, I can think of Bitbucket, Sourceforge, and Gitlab. Bitbucket is out of the question because it's Australian and Australia has laws that allow their government to compel employees to add backdoors to software. Sourceforge's UI is awful and they don't use git. There's a reason the project moved off of Sourceforge to Github. And Gitlab is a US based company so you'd run into the same problem there.

Then there are self hosted solutions. The problem with this is that there is no formal organization that backs Bitcoin Core. In order for a self hosted solution to work, someone would have to pay for servers and set it up themselves. They would basically have to run it using their own money and deal with things like DDoS attacks, server management, etc. That's a huge undertaking in both effort and cost. Then there's also the bus factor: what happens if that person gets hit by a bus? So in general, self hosted solutions aren't really a solution for us.

There's also the problem with migrating everything. There's tons of issues and pull requests, migrating everything would be a major pain.

And so we are left with the status quo: keep using github. Of course there has been discussion about migrating away from Github, and this will probably kick off another round of that. But for the foreseeable future, we're still going to be on Github.

FWIW, moving off Github has been something that has been discussed a lot. More recently, besides the thing that was mentioned in the OP, there have been some other technical issues. Things like issues and PRs becoming unviewable and the site being down entirely. So there are other gripes about Github, but nothing absolutely show stopping that requires a switch. The main issue is really of where do we go?
legendary
Activity: 3472
Merit: 10611
{removed to prevent deviation from main discussion}

in any case it is not a ban, it is a restriction to certain free features such as private repositories. you still can access GitHub, create (public) repositories, contribute,...

alternative that I know of is GitLab
GitLab is also the same.

in any case the version-control "Git" has nothing to do with centralization, it is the "hosting" websites GitHub,... that are centralized. i don't think we can do anything about that.
legendary
Activity: 1610
Merit: 1183
GitHub has been insanity since it was acquired by Microsoft. The most widespread alternative that I know of is GitLab which has an inbuilt migration feature. Core should have moved a long time ago, however it's a tricky thing.. you just abandon the GitHub? how do you proceed exactly? how do you get people on board?

As all things centralized, when they become too big censorship problems begin, but it's also difficult to shift the created network effect on the site.
legendary
Activity: 1456
Merit: 1175
Always remember the cause!
I've just received this e-mail from Github:

Quote
GitHub <[email protected]>

to me
Due to U.S. trade controls law restrictions, your GitHub account has been restricted.
For individual accounts, you may have limited access to free GitHub public repository
services for personal communications only. Please read about GitHub and Trade Controls at
https://help.github.com/articles/github-and-trade-controls for more information
So, people of Iran(like me), Cuba, Syria, North Korea and Crimea (200 millions?) are subject to US Trade Controls as a whole and they can't use GitHub accordingly  Grin

Any comments?
Jump to: