The edit history of the announcement is quite a ride:
> [2025-11-27T02:10:07Z] it’s abundantly clear that the talented folks who used to work on the product have moved on to bigger and better things, with the remaining losers eager to inflict some kind of bloated, buggy JavaScript framework on us in the name of progress [1]
> [2025-11-27T14:04:47Z] it’s abundantly clear that the talented folks who used to work on the product have moved on to bigger and better things, with the remaining rookies eager to inflict some kind of bloated, buggy JavaScript framework on us in the name of progress [2]
> [2025-11-28T09:21:12Z] it’s abundantly clear that the engineering excellence that created GitHub’s success is no longer driving it [3]
On the previous HN article, I recall many a comment talking about how they should change this, leave the politics/negative juju out because it was a bad look for the Zig community.
It would appear they listened to that feedback, swallowed their ego/pride and did what was best for the Zig community with these edits. I commend them for their actions in doing what's best for the community at the cost of some personal mea culpa edits.
I often find we don't appreciate enough people accepting their failures and changing their mind. For some reason I see the opposite: people respecting those who "stick to their guns" or double down when something is clearly wrong. As you say, the context matters and these edits seem to be learning from the feedback rather than saving face since the sentiment stands, just in a less needlessly targeted way.
Never understood that either. If someone was wrong and bad, and now they're trying to do right and good, we need to celebrate that. Not just because that's awesome in itself, but also to give the opportunity and incentives for others in the future to do better.
If everyone is always bad regardless if they're trying to change, what incentives would they have from changing at all? It doesn't make any sense.
The incentive is less about morals and very much about self-preservation.
With online mobs, when the target shows any sort of regret there is blood in the water and the sharks feast. It sometimes turns into a very public form of struggle session for the person under scrutiny. Besides avoiding the faux pas in the first place, one well-tested mitigation is to be absolutely unapologetic and wait for the storm to blow over.
For what it’s worth, I found the original announcement childish and unnecessarily negative towards people working on the product (against their CoC which I found hilarious and hypocritical), and I find it refreshing that they updated the post to phrase their criticism much more professional.
I think that real honesty works well as long as you have the character to stand up for yourself. An unflinchingly honest self-assessment which shows that you understand the error and rectified it is almost always the path to take.
Acknowledgement of mistakes do not invoke much of a mob reaction unless there is wavering, self-pity, or appeals for leniency. Self-preservation should be assumed and not set as a goal -- once you appear to be doing anything that can be thought of as covering up or minimizing or blaming others, the mob will latch on to that and you get no consideration from then on.
The other part of the equation is not letting bad people get away with doing bad stuff if they do good stuff after that. The return on doing bad stuff, then good stuff has to be greater than the return on only doing bad stuff, but less than the return on only doing good stuff. It should increase over time the more you don't do bad stuff again.
I agree with the sentiment (people changing their minds), but the flipside to that is people pleasing. Someone who capitulates under even the slightest pressure is not much better than the person who is set in their ways.
The trouble there, of course, is that the motivation for changing (or not changing) one's mind is not always clear, and it's easy to score points from spinning it one way or another.
Engineers are not exactly famous for people-pleasing. Maybe management, but engineering? Maybe some fresh junior?
I'm not convinced that the existence of a low-probability event justifies normalizing the regular occurrence of a much more likely (and negative) event, like a belligerent engineer throwing a fit in a design meeting. I'd go as far as to say I'm open to more people-pleasers in engineering.
Also, fwiw, if you want to know why someone changed their mind, you can just ask them and see how you feel about the answer. If someone changes their mind at the drop of a hat, my guess is that their original position was not a strongly held one.
You and I obviously have different experiences because I encounter belligerent engineers much less frequently than ones who are enthusiastic to do what they can, and those who don't want to rock the boat when challenged.
I thought I made a fairly innocuous point, I don't even think I was talking about engineers specifically.
You can’t read people’s mind, so when in doubt, assume good intention.
It’s not particularly relevant (to me as a random non-zig affiliated HN reader) why they right their wrongs, as long as they did it, I find it positive (at least better than if they had left the monkey comments in the post).
Well, it's not like it's a simple black and white situation, universally applicable to every debate in human history. Sometimes it is relatively better to be open-minded and able to change own opinion. Sometimes it is relatively better to keep pushing a point if it is rational and/or morally correct.
The reason why the latter stance is often popularized and cheered is because it is often harder to do, especially in the adverse conditions, when not changing your opinion has a direct cost of money or time or sanity or in rare cases even freedom. Usually it involves small human group or individual against a faceless corporation, making it even harder. Of course we should respect people standing against corporation.
PS: this is not applicable if they are "clearly wrong" of course.
Consider the plight of a policy-maker who changes their stance on some issue. They may have changed their mind in light of new information, or evolved their position as a result of deeper reflection, personal experience, or maturation. Opponents will accuse them of "waffling" or "flip-flopping", indicating a lack of reliability or principles (if not straight-up bribery). Elected officials are responsible for expressing the will of the people they represent, so if they're elected largely by proponents of issue X, it is arguably a betrayal of sorts for them to be as dynamic as private citizens.
This is tangential to the original topic of insider trading, where the corruption is structural / systemic -- akin to how "conflict of interest" objectively describes a scenario, not an individual's behavior.
The demonization of "flip-flopping" is so stupid. Bro, I want my politicians to change their minds when new facts arise or when public sentiment changes. The last thing we need is more dogmatic my-way-or-the-highway politicians that refuse to change their minds about anything.
While I agree with you, I find it hard to argue against the view that politicians are elected for the views they held during their campaign. They may change their mind after being elected, but their constituents that voted for them will not all change their mind simultaneously. To the ones that don't change their mind, it does appear to be a betrayal of their principles. A rational politician would not want to gain that kind of reputation out of pure self-interest.
Reminds me of Stephen Colbert's roast of George W. Bush at the 2006 White House Correspondents' Dinner:
> The greatest thing about this man is he's steady. You know where he stands. He believes the same thing Wednesday that he believed on Monday, no matter what happened Tuesday. Events can change; this man's beliefs never will.
1) People don't really vote based on logic and sound reasoning. They vote based on what sounds right to them. If they're unhappy with something, they vote for somebody who also claims to be unhappy about it, regardless if he has any actual solutions.
2) Even for the minority who wants to vote based on sound principles, it's very hard to push information back to them. If the politician changes his mind, he has to explain it to his voters. Are there really platforms which allow in-depth conversations in political debates?
Every university classroom has a whiteboard and a projector. Because you need to draw graphs, diagrams, etc. You need to explain the general structure and then focus on the details without losing track of the whole.
Is there a single country where politicians use either when talking to each other or voters?
Well, it was comparing people with monkeys and calling them losers. It was a straightforward personal insult. Writing something online in a blog is like making a public announcement on a market with 100s listening. No one except someone who wants to inflame would use such words in the real world. People just forget that they are speaking in the public. And in that case not only for himself but also for others.
> I often find we don't appreciate enough people accepting their failures and changing their mind.
Because this plays into a weird flaw in cognition that people have. When people become leaders because they are assholes and they are wrong, then after the wind blows the other way they see the light and do a mea culpa, there is always a certain segment that says that they're even more worthy to be a leader because they have the ability to change. They yell at the people who were always right that they are dogmatic and ask "why should people change their minds if they will be treated like this?"
If one can't see what's wrong with this toy scenario that I've strawmanned here, that's a problem. The only reason we ever cared about this person is because they were loud and wrong about everything. Now, we are expected to be proud of them because they are right, and make sure that they don't lose any status or position for admitting that. This becomes a new reason for the people who were previously attacking the people who were right to continue to attack the people who were right, who are also now officially dogmatic puritans whose problem is that they weren't being right correctly.
This is a social phenomenon, not a personality flaw in these leaders. People can be wrong and then right. People can not care either way and latch onto a trend for attention or profit, and follow it where it goes. I don't think either of these things are in and of themselves morally problematic. The problem is that there are people who are simply following individual personalities and repeating what they say, change their minds when that personality changes their mind, and whose primary aim is to attack anyone who is criticizing that personality. They don't really care about the issue in question (and usually don't know much about it), they're simply protecting that personality like a family member.
This, again, doesn't matter when the subject is stupid, like some aesthetic or consumer thing He used to hate the new Batman movies but now he says that he misunderstood them; who cares. But when the subject is a real life or death thing, or involves serious damage to people's lives and careers, it's poisonous when a vocal minority becomes dedicated to this personality worship.
It's so common that there now seems to be a pipeline of born-agains in front of everything, giving their opinion. Sir, you were a satanist until three years ago.
The flaw in your argument is referring to the people who are “always right.”
Those people don’t exist. Which is exactly why the ability to change your opinion when presented with new information is a critical quality in a good leader.
I think it's because when people do a 180 due to public pressure, it's hard to know to what degree they changed their mind and to what degree they are just lying about what is on their mind.
Toning down aggressive phrasing is not "doing a 180", calling the change from "only losers left at GitHub" to "the engineering excellence has left" lying seems disingenuous.
> I often find we don't appreciate enough people accepting their failures and changing their mind. For some reason I see the opposite: people respecting those who "stick to their guns" or double down when something is clearly wrong.
As I see it, someone who "listened to that feedback, swallowed their ego/pride" would include a note at the end of the post about the edits. Admitting you were wrong requires not erasing the evidence of what you said.
(He did post a kind of vague apology in https://ziggit.dev/t/migrating-from-github-to-codeberg-zig-p..., but it's ambiguous enough that anyone who was offended is free to read it as either retracting the offending accusation, or not. This is plausibly the best available alternative for survival in the current social-media landscape, because it's at best useless to apologize to a mob that's performatively offended on behalf of people they don't personally know, and usually counterproductive because it marks you as a vulnerable victim, but the best available alternative might still tend to weaken the kind of integrity we're talking about rather than strengthen it.)
> Admitting you were wrong requires not erasing the evidence of what you said.
I don't think there's really an obligation to announce to newcomers, "hey, an earlier version of this post was overly inflammatory." But you should be forthright about your mistake to people who confront you about it, which is what's happening in the forum thread you linked. I think this is all fine.
You mean, on a third-party website that currently happens to have a capture of the page outside of the Zig team's control, one which can go down at any time?
There is utility in indicating how surprised / concerned you are at a certain process or event. We can flatten out all communication and boil everything down to an extremely neutral "up", "down", and "nailed it to exacting precision".
I find the fact that this painting has been hung crooked by 0.00001º: down
I find torture and mass murder: down
Clearly this is a ridiculous state of affairs. There's more gradations available than this.
Possibly coloured by my dutch culture: I think this rewrite is terrible. The original sentence was vastly superior, though I think the first rewrite (newbies to rookies) was an improvement.
The zig team is alarmed, and finds this state of affairs highly noteworthy and would like to communicate this more emotional, gut instincty sense in their words.
There's a reason humans invent colourful language and epithets. They always do, in all languages. Because it's useful!
And this rewrite takes it out. That's not actually a good thing. The fact that evidently the internet is so culturally USA-ised that any slightly colourful language is instantly taken as a personal affront and that in turn completely derails the entire debate into a pointless fight over etiquitte and whether something is 'appropriate' is fucking childish. I wish it wasn't so.
In human communication, the US is somewhat notorious in how flattened its emotional range is of interaction amongst friendly folk. One can bring anthropology into it if one must: Loads of folks from vastly different backgrounds all moving to a vast expanse of land? Given that cultural misunderstanding is extremely likely and the cost of such a misunderstanding is disastrously high, best plaster a massive smile on your face and be as diplomatic as you can be!
Consider as a practical example: Linus Torvalds' many famed communications. "NVidia? Fuck you!" was good. It made clear, in a very, very pithy way, that Linus wasn't just holding a negative opinion about the quality and behaviour of the nvidia gfx driver team at the time, but that this negative opinion was universal across a broad range of concerns and extremely so. It caused a shakeup where one was needed. All in 3 little words.
(Possibly the fact that the internet in general is even more incapable of dealing with colourful language is not necessarily the fault of USification of the internet: The internet is a lot like early US, at least in the sense that the risk of cultural misunderstanding is far higher than in face to face communications on most places on the planet).
If I could upvote you, I would. I have never liked the mob of people that think we should all be super diplomatic corpospeakers who hedge everything and who think that not doing so is "offensive" or "unprofessional". I definitely didn't think anything was wrong with the original sentences or word usage, because it wasn't aimed at any specific individual with the deliberate intent of being offensive, but was aimed at Microsoft itself. And even if the intent was to be offensive, well, on the internet your always going to offend someone. You could be super nice and say all the right words and someone would still find a way to be offended by it. And were these circumstances ordinary, I would call out the word usage as well, because it would be uncalled for. But given all the evidence that the original points at, it's rather hard to say that GitHub didn't deserve it. And it is also rather difficult for me to see how this wasn't the time or place for such language. Sometimes the only way to get your point across is to be "unprofessional" (whatever that means these days).
There's a reason humans invent colourful language and epithets. They always
do, in all languages. Because it's useful!
I have never liked the mob of people that think we should all be super
diplomatic corpospeakers who hedge everything and who think that not doing
so is "offensive" or "unprofessional".
Agreed with you and OP. More to the point, the final rewrite leaves out any meaningful why. Perhaps they could/should be more diplomatic about their distaste, but leaving it out all together leaves quite the elephant in the room.
Then again the front end rewrite (which GitHub was crowing about for quite a while) and doubling down on AI nonsense got me to stop using GH for personal projects and to stop contributing to projects hosted on GH.
Thanks for pointing this out! I looked at the edit history and without looking at the timestamps assumed it was in reverse chronological order. Seeing that I was wrong brought a smile to my face.
I appreciate that Andrew and the other Zig team members are really passionate about their project, their goals, and the ideals behind those goals. I was dismayed by the recent news of outbursts which do a lot to undermine their goals. That they’re listening to feedback and trying to take the high road (despite feeling a lot of frustration with the direction industry is taking) should be commended.
I did prefer that honest line about bloated, buggy Javascript framework. Otherwise might as well ask an LLM to spit out a sanitized apology text for your change in provider. Just like ten thousand identical others copied from a playbook. Allow your eyes to comfortably glaze over with zero retention.
Did they though? I'm not signing up to use codeberg anytime soon. It's practically a ghost town, couple that with zig already being the second most popular project after their own project forgejo. They didn't even migrate their issues. It just seems like someone got upset about something they can't articulate and then performed a half ass migration (remote/push) while claiming victory.
ICE, Actions, and Microsoft, not a single complaint about git itself. All I see is they have CI issues coupled with dumbest anti AI policy that is impossible for them to enforce. Giving up your donations and losing half your community doesn't seem like an intelligent move when all you had to do is update your CI.
> ICE, Actions, and Microsoft, not a single complaint about git itself
Codeberg is also a Git-based project host. It doesn't even support other repo types. Why would you be expecting the latter?
If a project announcement or article headline says someone/something is quitting or leaving GitHub, it makes a lot of sense to assume that their issue is with GitHub (and in this case, it would be an assumption they'd be right about).
I was pointing out how ironic it was for them to move from git SaaS to git SaaS while having no issues with git on the git SaaS they're moving away from. Make sense?
That's kind of what they are doing - the move is 'updating their CI' to Codeberg Actions which is presumably more reliable. All the git workflows stay the same.
ICE, Actions, and Microsoft, not a single complaint about git itself.
…
all you had to do is update your CI
Updating your CI only addresses one of the issues you raised, and you forgot about the front-end complaints which also wouldn't be addressed by "updating your CI".
It's all faux outrage, they didn't give a shit about ICE or MSFT until they could use it as a rage bait prop.
Imagine being a slave to any SCM UI when cli tools and desktop clients have existed for ages not to mention integration into nearly every IDE. Also, what they're describing "random" workflows is classic ci build machine went offline and came back later.
Regardless, best of luck to them, hopefully they don't run into any more "monkeys", that would be terrible for them.
Zig is the language that was intentionally made to fail and error out on windows carriage returns instead of parsing them like every language ever made. They made a version for windows and then made it not work with every windows text editor. Their answer was to 'get better text editors' or 'make a preprocessing program to strip out carriage returns' or 'don't use windows' (they had a windows executable).
This is not a group with community or pragmatism from the start.
You want a language that releases a compiler on a specific platform then intentionally breaks it for everyone on something trivial just to troll and irritate them?
Every text editor on windows adds a carriage return by default.
You haven't given any actual reasons this makes sense, if you don't like windows why would you be using it in the first place? Why would you care what text editor people use?
Why would it be ok to release something on a platform just to annoy your own users?
Last I checked even Apple migrated to LF. Perhaps it's time for Windows to stop being the odd man out? Regardless:
not work with every windows text editor
Last I checked both Visual Studio Code and Notepad++ can both make line endings configurable. That covers a plurality of use cases. Even the built-in Notepad supports using CR or LF only for going on eight years now.
Perhaps it's time for Windows to stop being the odd man out?
This is the same nonsense rationalizations that zig gave. Windows is the odd man out. If you want to release something on windows you match an extra byte on the ends of lines. It isn't that hard and even the simplest toy language does it. It's just part of line splitting, it isn't even something that happens at the language stage.
Last I checked both Visual Studio Code and Notepad++ can both make line endings configurable.
Last time I checked it was totally unnecessary because no other language releases for a platform and tries to punish their users. Options like that are to make files match while being worked on for different platforms, not so that a compiler doesn't try to punish and troll its users for using it.
> This is the same nonsense rationalizations that zig gave.
I'm guessing you didn't live through the early days of webdev when you had to jump through ridiculous hoops just to support IE. At least back then there was the excuse that IE had the lions share of the market and many corporate users.
The industry wide acceptance of supporting IE majorly held back what websites/apps were capable of being. Around 2012ish (right as I was leaving webdev) more and more major teams started to stop supporting earlier broken versions of IE (this was largely empowered by the rising popularity of Chrome). This had a major impact on improving the state of web applications, and also got MS to seriously improve their web browser. Moves like this one by the Zig team are the only way you're going to push Microsoft to improve the situation.
Now you may claim "but Windows is 70% of users!" but this issue doesn't impact anyone wanting to run Zig applications, only those writing them. If you're an inexperienced dev that's super curious about Zig, this type of error might be another good nudge that maybe Windows isn't the OS you want to be working on.
Now you may claim "but Windows is 70% of users!" but this issue doesn't impact anyone wanting to run Zig applications, only those writing them.
No one is confused about how a compiler works. Those people being intentionally trolled are called your users when you make a language.
If you're an inexperienced dev that's super curious about Zig, this type of error might be another good nudge that maybe Windows isn't the OS you want to be working on.m
Then why did they make a windows version? Any normal person just sees that they shouldn't invest time in a language intentionally annoying it's own users for trying it out.
You still haven't come up with any explanation, your whole tangent about internet explorer has no relevance. There isn't one part of your comment that makes sense. Why would you even care about other people's OS and text editors? What kind of fanaticism would lead to wanting to use a language because they intentionally annoy users of something you aren't even involved in?
The whole thing is basically a case of "this things doesn't stand on any merits, I've just decided that I don't like certain people and they did something to upset them even though they are really just shooting themselves in the foot".
If you want to release something on windows you match an extra byte on the ends of lines
Did I miss some sort of formal directive from Microsoft or is this just outrage that someone dared do something not up to your standards?
try to punish and troll its users for using it
Nobody's being punished. Configuring your dev environment is something people do for every language. Let's add some perspective here: we're talking about a single runtime option for your text editor of choice. BFD. More to the point, why isn't your editor or IDE properly supporting Zig files?
Did I miss some sort of formal directive from Microsoft or is this just outrage that someone dared do something not up to your standards?
It's just the way it works, it isn't my standards, it is literally any piece of software that detects line breaks.
Nobody's being punished. Configuring your dev environment is something people do for every language.
No one has to configure around this issue because it is trivially solved and dealt with by every piece of software on the planet. It takes longer to write an error message than it does it just split a line correctly.
Let's add some perspective here: we're talking about a single runtime option for your text editor of choice.
Let's add some perspective here: they intentionally broke their own software to upset 72% of their potential users.
More to the point, why isn't your editor or IDE properly supporting Zig files?
No one has to care about zig, it's a niche language that doesn't care about its users, it's irrelevant except for hacker news threads.
If some language started demanding you save all your text files with carriage returns or will will error out, what would you think?
You sound like a lawyer grasping at straws instead of someone with a reasonable perspective that wouldn't be hypocritical when flipped around.
You sound like a lawyer grasping at straws instead of
someone with a reasonable perspective that wouldn't be
hypocritical when flipped around.
What lawyer speak? You're throwing a temper tantrum over a situation entirely of your own making. That there's a Windows port of Zig and sufficient users to justify its continued existence pretty clearly shows your hyperbole isn't representative in the way you claim.
Were I in a situation where I needed to work with something not expecting LF line termination I'd either configure my dev environment appropriately or find tools that do what I want.
No one has to care about zig, it's a niche language that doesn't
care about its users, it's irrelevant except for hacker news threads.
So when it's your tool selection nobody has to care? But when someone else makes a decision you disagree with it's the end of the world? Gotcha. Don't check that checkbox. Stay mad, bro.
You didn't confront anything I wrote and instead just made up something no one said. All I did say was that zig is intentionally hostile to their own users, which they are.
If you could actually deal with what I wrote I think you would have done it already.
Perhaps the final edit should have included the complaint about 'buggy bloated Javascript' as that's a very substantive issue - and now I don't know if they changed that as 'tone' or because they decided that technical criticism wasn't correct, and there are other issues?
Well, no, they still acted based on the original ego/pride, they just changed blogpost to look different.
I mean, reason of "we don't want to be tied with direction MS takes" is good enough, not sure why they felt need to invent reasons and nitpick some near irrelevant things just to excuse their actions
> I completely agree with this. I performed really poorly on this axis. I’m sorry to the Zig community for that. I’ll take my L and get back to working on std.Io and the rest of the roadmap. [1]
> I do feel bad for hurting your feelings but I also strongly believe that you should not be proud of working for Microsoft, and particularly on GitHub for the last 5 years. I truly am sorry but you need to be called out.
Kelly’s indignant attitude and commitment to “engineering excellence” suggest a bright future for Zig. It’s good to see the leader of a technical project get angry about mediocrity.
It can be true, that a person needs a wake-up call, but it can also be true that the person(s) doing the "shocking" are sadistic, abusive, or psychopaths.
The methods for influencing results within an organization exist on a spectrum, and failing to adequately utilize the breadth of that spectrum is always counter-productive.
If you want to measure the language used by the productivity of the desired outcome. I'd encourage you to survey the ratio of comments talking about the problems with github's very broken CI and UX, with how many people expressed an objection to the language and words used in the announcement. Failure to convey ideas with tact and respect, is demonstrably more counter productive.
I assume you'll choose to dismiss those who object as fragile birds... but then you don't really care about the productivity towards the goal then do you? You just want to be ok with being mean because it doesn't bother you.
> Why do you consider that a useful metric? Hit dogs holler, after all.
you do...
> The methods for influencing results within an organization exist on a spectrum, and failing to adequately utilize the breadth of that spectrum is always counter-productive.
Or did you have a different expectation for result in mind? The one you thought would be counter-productive without insults.
My assumption was that ark wanted to put support behind codeberg, and encourage others to take a critical look at how bad github has become, and to consider other options. Not rally additional support and defense of github's actions.
I haven’t actually used harsh language with anyone so I’m not sure what your point is. I have been on HN long enough to know that expressions of strong negative emotion are punished here. That says absolutely nothing about the effectiveness of different methods of influence within an organization.
I think if people are rallying to defend GitHub due to some language that ruffled their feathers and not objective technical merit then they have completely lost the plot as engineers.
As far as Andrew’s goals, I think he has been pretty successful within the framework of the attention economy.
I'm talking about the ideas, threads and conversations that are occupying the head space of others.
> then they have completely lost the plot as engineers.
I think most people who would call themselves software engineers have lost the plot of engineering.
That applies equally to those who are blind to the fact that engineering only exists to create stuff for humans. Most engineers are ignorant to the ability to consider the humans they're supposedly build for.
The point is to make shit better, not worse, and not more inhuman.
You’re not mining coal, get real. Either use efficient techniques to make people do the intellectual work necessary to achieve whatever goal you have in mind, or you’re just deluding yourself thinking you’re some kind of “reality expert” while being an asshole, meaning they might still do it, but it would be despite your leadership, not because of it.
Intellectual work requires a bit of creativity (across all the domains I can think of), abuse, of any kind increases stress, stress decreases creativity, ability to problem solve, and resilience (or the ability to endure the difficulty of solving hard problems).
But even if that wasn't true. There's a significant difference between confronting the harshness of reality. And behaving in a way that makes reality suck more. Every human deserves to be treated with dignity, and a base level of respect.
Suggesting that someone is fragile and weak, because they object to being insulted, or object to the careless and needless stripping of dignity and humanity from people is a wild take.
I started working on srctree 2 years ago because of how awful github has become. I don't think there's much creativity in this trend line... But the question was; "why is insulting people doing intellectual work bad". Not, "do you think the changes at github are creative", but I do think that the changes require a bit of intellectual work, and that no matter how shitty github has become, it's unreasonable to attack people when unprovoked.
Ok, but that’s still not effective as a leadership course of action. Calling people names might make you feel like a big man inside, but that’s it, it won’t accomplish anything, that’s only for your personal benefit, not the project, not the product and definitely not the team.
Actually if you completely rule out the possibility of harshness then you are giving license to let yourself be walked over and for standards to drop to zero. It might make you feel like a big enlightened man inside to do so, but the proper application of firmness and pressure is absolutely effective in leadership.
They should know that crap software is rarely intentional as they make it out to be in the initial version of the text, what you get is what they are able to build in the environment they are in (that matters too). Capability and environment.
I think the Reddit mobile website team might be the exception to that. What they make is a particular brand of unusable and from what I remember there is evidence of them talking about how that was intentional.
Reddit is trying to steer everyone into using their mobile app, which schlorps up as much personal data as it possibly can. I normally don’t go in for the whole mustache twirling thing, but given their previous actions in shutting down all third party apps, I’m fine in this case with accusing them of outright malice.
I think they recently banned people from creating their own API keys, which is a thing that people were doing to enter into their third party apps to bypass the ban - every copy of the app was registered as a single-user app. Now if you want to make any app or bot, you either screen-scrape, steal an API key, or get the approval of Reddit management.
I would contend that anger is the only thing that drives any kind of progress. An abundance of love means accepting, adjusting, and forgiving, which are antithetical to systemic change.
You need that middle-finger-to-everyone, "let me show you how it's really done" energy to build anything meaningful. Pretty much all the great builders I can think of in tech history are/were deeply angry people.
A righteous, passionate anger can be indistinguishable from love. Having and committing to something worth fighting over, however bloody the battles may be, can make a life just a meaningful as one that practices disciplined quiescence, reflection, acceptance, etc. Love is what it is because it must paradoxically accept its opposites; love can be anger, anger can be love. The real mind killer is a pat moralism!
> A righteous, passionate anger can be indistinguishable from love. ... love can be anger, anger can be love.
These are just word games. Blurring and mixing what we mean with different words. To say what? Passion takes different forms and can be a hell of a motivator? Nobody disputes that.
There's clearly a difference between anger and love. GP was addressing that difference and recommended to focus on the healthier of the two. That's good advice.
What is the anger that arises from you when one you care for is hurt because of some violence or injustice? Is that not an expression of love?
What is that particular anger you can feel towards a romantic life partner of many years? One that can only be based in an already profound intimacy, in some deep fidelity? Don't you feel that same love you have always felt for them, but in a different color?
What is the anger you feel when you see grand injustices? Hate crimes, genocides, crimes against freedom.. Isn't that something like a humanistic love?
To make love simply the "healthier" option is to totally destroy it! It makes it, like, at best a pragmatic maxim and at worst a weird kind of imperative (we should be healthy after all..). But love is not an imperative, it's a (beautiful, amazing, natural) condition. And it is not always "healthy," not always without anger, but always "good" in that you can't go wrong following it.
Of course there is a difference between anger and love. Either one can be present without the other, and that they can sometimes mix and play off each other does not change that they are different.
You are playing around with words to pretend they are the same. That's very poetic and dramatic, but I hope you realize that love is not the same as anger, and that neither truly requires the other.
If done right, love can eat anger. If done wrong, anger will eat love, and much more. These outcomes are not the same. That's were the game gets serious, and that's why I'm being such an ass about what you wrote.
Sure ok. I do think its ultimately just semantic. That is: if you start from the definition of love as a state we can, like, get into or not, if it is more something we do rather than experience, then sure, the state of anger and the state of love are different, and the latter definitely seems more preferable. I only get "dramatic" here insofar as I feel like thats just kind of an unsatisfying definition! Like, love songs are sometimes sad songs too. I just reject this psychological/behavioral starting point and offer that what we call "love" should be a broader, deeper, messier thing is all.
But this is really heady woowoo stuff at this point, and its quite ok to disagree on stuff of this sort! I understand you will probably continue to dismiss all this as sophistry or playing with words or whatever, but know either way that I do recognize and respect your point here! It can probably be seen as a choice: love can be a desirable state or a dramatic raison d'etre. For the former, you're probably a pretty happy monk/stoic type, for the other, you're more like the classic Romantic, the artist, etc.
AI witch-hunts are definitely a problem. The only tell you can actually rely on is when the AI says something so incredibly stupid that it not only fails to understand what it is talking about but the very meaning of words themselves.
Eg,metaphors that make no sense or fail to contribute any meaningful insight or extrenely cliched phrases ("it was a dark and stormy night...") used seriously rather than for self-deprecating humor.
My favorite example of an AI tell was a youtube video about serial killers i was listening to for background noise which started one of its sentences with "but what at first seemed to be an innocent night of harmless serial murder quickly turned to something sinister."
which is unfortunate, because pre-AI, "but what at first seemed to be an innocent night of harmless serial murder quickly turned to something sinister." would just be a funny bit of writing.
This has always been the case in the "corporate/professional" world imo.
It's just much easier now for "laypeople" to also adjust their style to this. My prediction is people will get quickly tired of it (as evidenced by your comment)
Question: would you go to a public place and call a person who is listening to you a loser or a monkey with the risk of getting your face smashed in?
Companies do public announcement with the risk of getting sued left and right. Normal people chose careful words in public. In the Internet it seems different rules apply in public. Laypeople are not adjusting to corporate talk, laypeople are more and more aware of the public of the Internet and behave accordingly (most are, like in real life, mute)
Whatever the wording, what they are writing truly shows on Github. There are many things wrong with its code display ... All of which used to work fine or were not added in this buggy state in the first place.
Code folding is buggy. Have some functions that have inner functions or other foldable stuff like classes with methods and inside the method maybe some inner function? It will only show folding buttons sporadically, seemingly without pattern.
Also standard text editing stuff like "double click and drag" no longer properly works without issues/has weird effects and behavior. The inspection of identifiers interferes with being able to properly select text.
The issue search is stupid too, often doesn't find the things one searches for.
You must be logged in to search properly too.
Most of the functionality is tied to running that JavaScript.
In short, it shows typical signs of a platform that is more and more JavaScriptianized with bloated frameworks making things work half-assed and not properly tested for sane standard behavior.
But there is more. Their silly AI bots closing issues. "State bot". "Dependabot". All trash or half thought out annoying (mis-)features. Then recently I read here on HN, that apparently a project maintainer can edit another person's post! This reeks of typical Microsoft issues with permissions to do things and not properly thinking such a thing through. Someone internally must be pushing for all this crap.
Do people actually use GitHub to inspect code? I figure for anything that's not a 1-second lookup, I might as well just do at least a shallow clone of the repo, and look through it with my own personally-tailored editor instead.
Not to say their implementation doesn't suck. I just wouldn't know because even a non-buggy one would probably still be a subpar experience.
He hid the comments he made and apologized to the Zig community for his behavior. He never apologized to the people he harmed (the 'losers' at GitHub in this context).
The fact that three revisions were needed to tone down inflammatory language could raise questions about impulse control in leadership decisions (regularly prioritizing ideological positions over pragmatic stability). This is notable given that Zig has been in development since 2015 and remains at version 0.15.1 as of August 2025.
This, I was shocked when I read the first version. I get it if you’re an influencer, but as a programming language people need to expect you can manage your emotions and be objective
What is terrible is that new developers think that this has been the usual poor state of things...this is why Zig & others moving to alternate platforms is good.
I'll be honest, I don't use github often. So if they're wrong, well, they fucked up in their complaint that could be redirected to one of many other websites instead.
fair enough! To be clear - a rails app and a bloated js app are not mutually exclusive. From my observations though, github feels slow because it feels slow, not because of js shittiness
At least he edited it to something more palatable. I vastly prefer someone who can admit to making a mistake and amending what they said to someone who doubles down. The latter attitude has become far too normalised in the last few years.
On the other hand some notable open source leaders seem to be abrasive assholes. Linus, Theo, DHH, just three examples who come to mind. I think if you have a clear vision of what you want your project to be then being agressively dismissive of ideas that don't further that vision is necessary just to keep the noise to a low roar.
> Makes me wonder how much to the mass strife and confusion of the internet is simply down to people not knowing what the words they use mean?
Or being intentionally misled about them. People who enjoy being awful in various ways have a vested interest in reframing the opposition as "political correctness" in order to make it easier to dismiss or ridicule. The vast majority of usage of the term "political correctness" is in dismissing or ridiculing it.
It has everything to do with political correctness. Honest, blunt language is now de-valued in favor of passive, sanitized, AI-slop language that no longer conveys important information. The revised post forgot to mention the critical point of the bloated, buggy Javascript framework because it would offend someone here.
Prefer a blunt, honest dick over a passive, polite liar anyday.
Hmm I don’t think any of the revisions are about being PC but rather not making juvenile comments. Linus has definitely made a lot of harsh inflammatory comments to others, I don’t think it’s the right thing to do and shows his character but at the same time for me at least it comes across as a smart pompous jerk who says things in the wrong way but at least usually has some kernel of a point.
The Zig comments come off has highly immature, maybe because they are comments made to unknown people, calling folks losers or monkeys just crosses some line to me. Telling someone to stfu is not great but calling groups of people monkeys feels worse.
Calling the devs of Actions "monkeys" has nothing to do about being un-PC or not. It's just plain rude and deeply insulting. It has no place in an a public announcement such as this.
Also, Torvalds was rightfully called out on his public behaviour and he's corrected himself.
He represented his community with insulting words to the world. In higher ranks of IT it is all about communication. With his lack of proper words he showed these leaders, who decide about the adoption of Zig, that they do not want to communicate with him/the Zig community.
As a project/tech leader he is in the business of communications. He recognized this. See link in the article.
Perhaps he should be. This idea that we should tolerate terrible things and only respond to them politely seems to produce bad outcomes, for some mysterious reason.
Any analysis of Github's functionality that begins and ends with blaming individuals and their competency is deeply mistaken while being insulting. Anyone who has ever worked at a large company knows exactly how hard it is for top performers to make changes and it's not difficult because the other people are stupid. At least in my experience, almost everyone holding this "they must be stupid" opinion knows very little about how large organizations make decisions and knows very little about how incentives at different levels of an org chart leads to suboptimal decisions and results. I would agree with you that being overly polite helps no one, but being correct does, and what they initially wrote isn't even right and it's also insulting. There's no value in that.
I am not convinced of this. Being rude and insulting someone’s intelligence is rarely a good trait. Linus got away with it due to the unique circumstances: leader of an incredibly popular open source project and a gatekeeper to a lot of access to it.
My argument against how he handles things has always been that while it may seem effective, we do not know how much more effective he would be if he did not curse people out for being dumb fucks.
And it doesn’t seem like this is a requirement for the job: lots of other project leaders treat others with courtesy and respect and it doesn’t seem to cause issues.
The reality is that it is easy to wish more people were verbally abusive to others when it isn’t directed at you. But soon as you are on the receiving end of it, especially as a volunteer, there is a greater than not chance that you will be less likely to want to continue contributing.
I think this is a good way to put it and I agree with it. Linus is a jerk and I would never want to work with him. Doubly so with zig maintainers who call other groups of people losers or monkeys. Shows a clear lack of maturity and ability to think.
Eh. Linus has a long history of abusive behavior towards other Linux contributors but also apparently apologized for it and started amending his ways. The Zig person I do not know by reputation, let alone in person. One post that he later chose to amend based on feedback is not enough for me to pass that kind of judgement. If anything, the fact that he updated it shows the opposite of lack of maturity. Adults can get frustrated. What they do with it is what matters.
Zero clue what your point is so please help me understand.
I was agreeing with your stance and adding my own anecdote that it’s a turnoff with the way those posts were originally formatted. Not people I would want to work with. If you do that’s fine. This is not star wars and simply my own choice as it’s everyone else.
I also cannot think of a time in my adult life I wanted to call out a group of people as losers or monkeys i n public.
My point is that Linus and the Zig guy are in different categories in my mind. I think it is a bit naive to lump them into the same category.
I would definitely classify the tiki torch wielding white nationalists as losers publicly, for example. In fact I have a hard time thinking of a better term for them. It could also apply to the fairly famous liar and criminal, the disgraced Congressman George Santos. Or any person who decides to flash kids at a playground, or beats his wife and children.
I think the Zig guy was a little over-dramatic with his initial post. He did change his mind, so in my book that's better than not. Linus did too, just after many years of bad behavior. My point is that your replies were painting the world with only black and white and there is a lot of gray area in between. Sometimes public shame is a valid way to do discourse. Often times it isn't. But it's not a "always" or "never" thing.
I did not realize we were lumping Microsoft engineers alongside white nationalists and pedos. Sure folks like that I can see people using descriptions like that.
Because one person is judging that "terribleness" before being entitled to flame, changes to that person influence their ability to objectively make that assessment.
Say, when their project becomes popular, they gain more power and fame, and suddenly their self-image is different.
Hence it usually being a more community-encouraging approach to keep discussions technical without vitriol.
Flaming is unnecessarily disruptive, not least because it gives other (probably not as talented) folks a license to also put their worst impulses to text.
there's a big gulf between being politically correct and not being a jerk. In this case the community reps can present their concern, motivation and decision without insulting people. It's also not a smart or valid comment; give me any organization over 100 people and I can find something deeply flawed that it hase produced or a very bad decision. Do I then tag everybody who currently works for that organization as "a brain-dead idiot" or similar?
Eager to do what? If it sucks it sucks, but that's a very childish way to frame it, no one did anything on purpose or out of spite. That kind of silliness hurts the image of the project. But bad translation I suppose.
Even Linus doesn’t act that way anymore. Here’s him a few years ago:
> This week people in our community confronted me about my lifetime of not understanding emotions. My flippant attacks in emails have been both unprofessional and uncalled for.
> Especially at times when I made it personal. In my quest for a better patch, this made sense to me. I know now this was not OK and I am truly sorry. The above is basically a long-winded way to get to the somewhat painful personal admission that hey, I need to change some of my behavior, and I want to apologize to the people that my personal behavior hurt and possibly drove away from kernel development entirely.
> I am going to take time off and get some assistance on how to understand people's emotions and respond appropriately.
He took time off and he’s better now. What you call “political correctness” is what I and others call “basic professionalism”. It took Linus 25 years to understand that. I can only hope that the people who hero worshipped him and adopted a similar attitude can also mature.
But you got to give it to him, he does seem to be really good at catching deficiensies early that may accumulate to become serious bugs or security vulnerabilities in the future. Sure, being an asshole is not ok, but being assertive is a must for a person in his position.
If you’ll notice, he called the code garbage, not the author. Judging by how bad the code was, I think this interaction was fine. This actually shows the progress Linus made in improving himself.
One can avoid being asshole even if it is not strictly speaking necessary. In fact, if you are an asshole when it is not necessary, then you are an asshole.
Not calling other software engineers 'losers' is not about political correctness. They're "losers" because they take their product on a path you don't like? Come on. Linus can be emotional in his posts because Linux is his "child".
this Corporate Americanism is of only positivity and fake smiles is exactly how we end up with enshittified products, because no one is ever called out for it. If the feedback is too soft, it just gets swept under the rug.
No, the edits are better. The original message made unwarranted assumptions, and used intentionally inaccurate language. That's objectively bad communication.
It's not a binary choice between insults (escalates conflict, destabilizes rational decision making) vs hiding your opinions. That's what the word tact is for. It's simply, quite literally, a skill issue if someone can't find a middle ground between those two failure modes.
Honestly, why do so many people, especially in the western hemisphere, act so shocked when somebody speaks their mind openly?
To me this kind of communication says it comes from a real person who has real experiences, not the marketing department, and is understandably angry at the people who make his life worse. And it's natural to insult those people. Insults are a signal, not noise. They signal something is wrong and people should pay attention to it.
I hear criticisms about being unprofessional and the like. So what? I don't wanna live in a world where everything everyone says is supposed to be filtered to match some arbitrary restrictions made up be people who more often than not can't do the work themselves.
Almost all of the actually competent people I personally know speak like this.
They can't stand those dragging us down through incompetence. They get angry when something that should work doesn't. They are driven by quality and will not be silent when it's lacking. If somebody fucked up, they will tell them they fucked up and have to fix it.
I say this as someone who has been cautioning about Microsoft's ownership of GitHub for years now... but the Zig community has been high drama lately. I thought the Rust community had done themselves a disservice with their high tolerance of drama, but lately Zig seems to me to be more drama than even Rust.
I was saddened to see how they ganged up to bully the author of the Zig book. The book author, as far as I could tell, seems like a possibly immature teenager. But to have a whole community gang up on you with pitch forks because they have a suspicion you might use AI... that was gross to watch.
I was already turned off by the constant Zig spam approach to marketing. But now that we're getting pitchfork mobs and ranty anti-AI diatribes it just seems like a community sustaining itself on negative energy. I think they can possibly still turn it around but it might involve cleaning house or instituting better rules for contributors.
What makes you say that? Couldn’t it be an immature adult?
> because they have a suspicion you might use AI
Was that the reason? From what I remember (which could definitely be incomplete information) the complaint was that they were clearly using AI while claiming no AI had been used, stole code from another project while claiming it was their own, refused to add credit when a PR for that was made, tried to claim a namespace on open-vsx…
At a certain point, that starts to look outright malicious. It’s one thing to not know “the rules” but be willing to fix your mistakes when they are pointed out. It’s an entirely different thing to lie, obfuscate, and double down on bad attitude.
I’m a Zig outsider. I gathered the context from reading the conversation around it, most of it posted to HN. Which is why I also pointed out I may have incomplete information.
If one looks past the immediate surface, which is a prerequisite to form an informed opinion, Zigbook is the one who clearly looks bad. The website is no longer up, even, now showing a DMCA notice.
The way these sorts of things look to outsiders depends on the set of facts that are presented to those outsiders.
Choosing to focus on the existence of drama and bullying without delving into the underlying reason why there was such a negative reaction in the first place is kind of part and parcel to that.
At best it's the removal of context necessary to understand the dynamics at play, at worst it's a lie of omission.
> I was saddened to see how they ganged up to bully the author of the Zig book. The book author, as far as I could tell, seems like a possibly immature teenager. But to have a whole community gang up on you with pitch forks because they have a suspicion you might use AI... that was gross to watch.
Your assumption is woefully incorrect. People were annoyed, when the explicit and repeated lie that the AI generated site he released which was mostly written by AI, was claimed to be AI free. But annoyed isn't why he was met with the condemnation he received.
In addition to the repeated lies, there's the long history of this account of typosquatting various groups, many, many crypto projects, the number of cursor/getcursor accounts, the license violation and copying code without credit from an existing community group (with a reputation for expending a lot of effort, just to help other zig users), the abusive and personal attack editing the PR asking, for nothing but crediting the source of the code he tried to steal. All the while asking for donations for the work he copied from others.
All of that punctuated by the the fact he seems to have plans to typo squat Zig users given he controls the `zigglang` account on github. None of this can reasonable be considered just a simple mistake on a bad day. This is premeditated malicious behavior from someone looking to leach off the work of other people.
People are mad because the guy is a selfish asshole, who has a clear history of coping from others, being directly abusive, and demonstrated intent to attempt to impersonate the core ziglang team/org... not because he dared to use AI.
I do think that it was weird to focus on the AI aspect so much. AI is going to pollute everything going forward whether you like it or not. And honestly who cares, either it is a good ressource for learning or it’s not. You have to decide that for yourself and not based on whether AI helped writing it.
However I think some of the critique was because he stole the code for the interactive editor and claimed he made it himself, which of course you shouldn’t do.
> I do think that it was weird to focus on the AI aspect so much. AI is going to pollute everything going forward whether you like it or not.
The bigger issue is that they claimed no AI was used. That’s an outright lie which makes you think if you should trust anything else about it.
> And honestly who cares, either it is a good ressource for learning or it’s not. You have to decide that for yourself and not based on whether AI helped writing it.
You have no way of knowing if something is a good resource for learning until you invest your time into it. If it turns out it’s not a good resource, your time was wasted. Worse, you may have learned wrong ideas you now have to unlearn. If something was generated with an LLM, you have zero idea which parts are wrong or right.
I agree with you. It is shitty behavior to say it is not AI written when it clearly is.
But I also think we at this point should just assume that everything is partially written using AI.
For your last point, I think this was also a problem before LLMs. It has of course become easier to fake some kind of ethos in your writing, but it is also becoming easier to spot AI slop when you know what to look after right?
> I agree with you. It is shitty behavior to say it is not AI written when it clearly is.
> But I also think we at this point should just assume that everything is partially written using AI.
Using "but" here implies your 2nd line is a partial refutation to the first. No one would have been angry if he'd posted it without clearly lying. Using AI isn't what pissed anyone off, being directly lied to (presumably to get around the strict "made by humans" rules across all the various Zig communities). Then there was the abusive PR edits attacking someone that seems to have gotten him banned. And his history of typosquatting, both various crypto surfaces, and cursor, and the typosquatting account for zigglang. People are mad because the guy is a selfish asshole, not because he dared to use AI.
Nothing I've written has been assisted by AI in any way, and I know a number of people who do and demand the same. I don't think it's a reasonable default assumption.
You can correct me if I'm wrong, but I believe the actual claim was that Zigbook had not complied with the MIT license's attribution clause for code someone believed was copied. MIT only requires attribution for copies of "substantial portions" of code, and the code copied was 22 lines.
Does that count as substantial? I'm not sure because I'm not a lawyer, but this was really an issue about definitions in an attribution clause over less code than people regularly copy from stack overflow without a second thought. By the time this accusation was made, the Zigbook author was already under attack from the community which put them in a defensive posture.
Now, just to be clear, I think the book author behaved poorly in response. But the internet is full of young software engineers who would behave poorly if they wrote a book for a community and the community turned around and vilified them for it. I try not to judge individuals by the way they behave on their worst days. But I do think something like a community has a behavior and culture of its own and that does need to be guided with intention.
> You can correct me if I'm wrong, but I believe the actual claim was that Zigbook had not complied with the MIT license's attribution clause for code someone believed was copied. MIT only requires attribution for copies of "substantial portions" of code, and the code copied was 22 lines.
Without including proper credit, it is classic infringement. I wouldn't personally call copyright infringement "theft", though.
Imagine for a moment, the generosity of the MIT license: 'you can pretty much do anything you want with this code, I gift it to the world, all you have to do is give proper credit'. And so you read that, and take and take and take, and can't even give credit.
> Now, just to be clear, I think the book author behaved poorly in response
Precisely: maybe it was just a mistake? So, the author politely and professionally asks, not for the infringer to stop using the author's code, but just to give proper credit. And hey, here's a PR, so doing the right thing just requires an approval!
The infringer's response to the offer of help seemed to confirm that this was not a mistake, but rather someone acting in bad faith. IMO, people should learn early on in their life to say "I was wrong, I'm sorry, I'll make it right, it won't happen again". Say that when you're wrong, and the respect floods in.
> By the time this accusation was made, the Zigbook author was already under attack
This is not quite accurate, from my recollection of events (which could be mistaken!): the community didn't even know about it until after the author respectfully, directly contacted the infringer with an offer to help, and the infringer responded with hostility and what looked like a case of Oppositional Defiant Disorder.
You're assuming they are a teenager but you don't know. They used code without attribution and when asked to do so, they edited the comment and mocked the requestor. And you're calling the zig community the bully? They lied about not using AI. This kind of dishonesty does not need to be tolerated.
Disservice? Rust is taking over the world while they still have nothing to show basically (Servo, the project Rust was created for, is behind ladybird of all things). Every clueless developer and their dog thinks Rust is like super safe and great, with very little empirical evidence still after 19 years of the language's existence.
Zig people want Zig to "win". They are appearing on Hacker News almost every day now, and for that purpose this kind of things matters more than the language's merits themselves. I believe the language has a good share of merits though, far more than Rust, but it's too early and not battle tested to get so much attention.
FWIW, all of those links compare Rust to languages created before 1980, and are all projects largely and unusually independent of the crates ecosystem and where dynamic linking does not matter. If you're going to use a modern language anyway, you should do due diligence and compare it with something like Swift as the ladybird team is doing right now, or even a research language like Koka. There is a huge lack of evidence for Rust vs other modern languages and we should investigate that before we lock ourselves into yet another language that eventually becomes widely believed to suck.
Microsoft isn't going to abandon C#, it's just using the right tool for the right job. While there are certainly cases where it is justified to go lower level and closer to the metal, writing everything in Rust would be just as dumb as writing everything in C# or god forbid, JS.
The Pavlovian conditioning in some US right-wing folks of 'see word transgender' -> 'brain off' is sad.
Especially since it was created just by hammering people with repeated exposure to biased media over ~5 years.
If someone would take a beat, even from that biased copy, they might think that studying the effects of hormone treatment in animal models would be scientifically productive, regardless of how one feels about human transgender rights.
IMHO, the main advantage of github is that it is an ecosystem. This is a well-thought-out Swiss knife: a pioneering (but no longer new) PR system, convenient issues, as well as a well-formed CI system with many developed actions and free runners. In addition, it is best to use code navigation simply in a web browser. You write code, and almost everything works effortlessly. Having a sponsorship system is also great, you don't have to search for external donation platforms and post weird links in your profile/repository.
All in one, that's why developers like it so much. The obsession with AI makes me nervous, but the advantages still outweigh, as for me, the average developer. For now.
I don't agree with this at all. I think the reason Github is so prominent is the social network aspects it has built around Git, which created strong network effects that most developers are unwilling to part with. Maintainers don't want to loose their stars and the users don't want to loose the collective "audit" by the github users.
Things like number of stars on a repository, number of forks, number of issues answered, number of followers for an account. All these things are powerful indicators of quality, and like it or not are now part of modern software engineering. Developers are more likely to use a repo that has more stars than its alternatives.
I know that the code should speak for itself and one should audit their dependencies and not depend on Github stars, but in practice this is not what happens, we rely on the community.
These are the only reasons I use GitHub. The familiarity to students and non-developers is also a plus.
I have no idea what the parent comment is talking about a "well-formed CI system." GitHub Actions is easily the worst CI tool I've ever used. There are no core features of GitHub that haven't been replicated by GitLab at this point, and in my estimation GitLab did all of it better. But, if I put something on GitLab, nobody sees it.
And this is the core problem with the modern platform internet. One victor (or a handful) take the lead in a given niche, and it becomes impossible to get away from them without great personal cost, literal, moral, or labor, and usually a combo of all three. And then that company has absolutely no motivation at all to prioritize the quality of the product, merely to extract all the value from the user-base as possible.
Facebook has been on that path for well over a decade, and it shows. The service itself is absolute garbage. Users stay because everyone they know is already there and the groups they love are there, and they just tolerate being force-fed AI slop and being monitored. But Facebook is not GROWING as a result, it's slowly dying, much like it's aging userbase. But Facebook doesn't care because no one in charge of any company these days can see further than next quarter's earnings call.
This is a socio-economic problem, it can happen with non internet platforms too. Its why people end up living in cities for example. Any system that has addresses, accounts or any form of identity has the potential for strong network effects.
> Things like number of stars on a repository, number of forks, number of issues answered, number of followers for an account. All these things are powerful indicators of quality
They're NOT! Lots of trashy AI projects have +50k stars.
Github became successful long before those 'social media features' were added, simply because it provided free hosting for open source projects (and free hosting services were still a rare thing back in the noughties).
The previous popular free code hoster was Sourceforge, which eventually entered its what's now called "enshittifcation phase". Github was simply in the right place at the right time to replace Sourceforge and the rest is history.
There's definitely a few phases of Github, feature and popularity wise.
1. Free hosting with decent UX
2. Social features
3. Lifecycle automation features
In this vein, it doing new stuff with AI isn't out of keeping with its development path, but I do think they need to pick a lane and decide if they want to boost professional developer productivity or be a platform for vibe coding.
And probably, if the latter, fork that off into a different platform with a new name. (Microsoft loves naming things! Call it 'Codespaces 365 Live!')
Technically so was BitBucket but it chose mercurial over git initially. If you are old enough you will remember articles comparing the two with mercurial getting slightly more favorable reviews.
And for those who don’t remember SourceForge, it had two major problems in DevEx: first you couldn’t just get your open source project published. It had to be approved. And once it did, you had an ugly URL. GitHub had pretty URLs.
I remember putting up my very first open source project back before GitHub and going through this huge checklist of what a good open source project must have. Then seeing that people just tossed code onto GitHub as is: no man pages, no or little documentation, build instructions that resulted in errors, no curated changelog, and realizing that things are changing.
Github was faster than BitBucket and it worked well whether or not JavaScript was enabled. This does seem to be regressing as of late. I have tried a variety of alternatives; they have all been slower, but Github does seem to be regressing.
And GitHub got free hosting and support from Engine Yard when they were starting out. I remember it being a big deal when we had to move them from shared hosting to something like 3 dedicated supermicro servers.
> Things like number of stars on a repository, number of forks, number of issues answered, number of followers for an account. All these things are powerful indicators of quality, and like it or not are now part of modern software engineering.
I hate that this is perceived as generally true. Stars can be farmed and gamed; and the value of a star does not decay over time. Issues can be automatically closed, or answered with a non-response and closed. Numbers of followers is a networking/platform thing (flag your significance by following people with significant follower numbers).
> Developers are more likely to use a repo that has more stars than its alternatives.
If anything, star numbers reflect first mover advantage rather than code quality. People choosing which one of a number of competing packages to use in their product should consider a lot more than just the star number. Sadly, time pressures on decision makers (and their assumptions) means that detailed consideration rarely happens and star count remains the major factor in choosing whether to include a repo in a project.
So number of daily/weekly downloads on PyPI/npm/etc?
All these things are a proxy for popularity and that is a valuable metric. I have seen projects with amazing code quality but if they are not maintained eventually they stop working due to updates to dependencies, external APIs, runtime environment, etc. And I have see projects with meh code quality but so popular that every quirk and weird issue had a known workaround. Take ffmpeg for example: its code is.. arcane. But would you choose a random video transcoder written in JavaScript just due to the beautiful code that was last updated in 2012?
> Things like number of stars on a repository, number of forks, number of issues answered, number of followers for an account. All these things are powerful indicators of quality
There are projects, or repositories, with a very narrow target audience, sometimes you can count them on one hand. Important repositories for those few who need them, and there aren't any alternatives. Things like decoders for obscure and undocumented backup formats and the like.
I guess if I viewed software engineering merely as a placing of bets, I would not, but that's the center of the disagreement here. I'm not trying to be a dick (okay maybe a little sue me), the grandparent comment mentioned "software engineering."
I can refer you to some github repositories with a low number of stars that are of extraordinarily high quality, and similarly, some shitty software with lots of stars. But I'm sure you get the point.
You are placing a bet that the project will continue to be maintained; you do not know what the future holds. If the project is of any complexity, and you presumably have other responsibilities, you can't do everything yourself; you need the community.
having used gerrit 10 years ago there's nothing about github's PRs that I like more, today.
> code navigation simply in a web browser
this is nice indeed, true.
> You write code, and almost everything works effortlessly.
if only. GHA are a hot mess because somehow we've landed in a local minimum of pretend-YAML-but-actually-shell-js-jinja-python and they have a smaller or bigger outage every other week, for years now.
> why developers like it so much
most everything else is much worse in at least one area and the most important thing it's what everyone uses. no one got fired for using github.
The main thing I like about Github's PRs is that it's a system I'm already familiar with and have a login/account for. It's tedious going to contribute to a project to find I have to sign up for and learn another system.
I've used Gerrit years ago, so wasn't totally unfamiliar, but it was still awkward to use when Go were using it for PRs. Notably that project ended up giving up on it because of the friction for users - and they were probably one of the most likely cases to stick to their guns and use something unusual.
> You will need a Gerrit account to respond to your reviewers, including to mark feedback as 'Done' if implemented as suggested
The comments are still gerrit, you really shouldn't use Github.
The Go reviewers are also more likely than usual to assume you're incompetent if your PR comes from Github, and the review will accordingly be slower and more likely to be rejected, and none of the go core contributors use the weird github PR flow.
That seems unsurprising given that it’s the easiest way for most people to do it. Almost any kind of obstacle will filter out the bottom X% of low effort sludge.
sure it's correlation, but the signal-to-noise ratio is low enough that if you send it in via github PR, there's a solid chance of it being ignored for months / years before someone decides to take a look.
A competent developer would be more likely to send a PR using the tool with zero friction than to dedicate a few additional hours of his life to create an account and figure out how to use some obscure.
You are making the same mistake of conflating competence and (lack of) dedication.
Most likely, dedication says little about competence, and vice versa. If you do not want to use the tools available to get something done and rather not do the task instead, what does that say about your competence?
I'm not in a position to know or judge this, but I could see how dedication could be a useful proxy for the expected quality a PR and the interaction that will go with it, which could be useful for popular open source projects. Not saying that's necessarily true, just that it's worth considering some maintainers might have anecdotal experiences along that line.
This attitude sucks and is pretty close to just being flame bait. There are all kinds of developer who would have no reason to ever have come across it.
A competent developer should be aware of the tools of the trade.
I'm not saying a competent developer should be proficient in using gerrit, but they should know that it isn't an obscure tool - it's a google-sponsored project handling millions of lines of code internally in google and externally. It's like calling golang an obscure language when all you ever did is java or typescript.
It’s silly to assume that someone isn’t competent just because you know about a tool that they don’t know about. The inverse is almost certainly also true.
Is there some kind of Google-centrism at work here? Most devs don’t work at Google or contribute to Google projects, so there is no reason for them to know anything about Gerrit.
> Most devs don’t work at Google or contribute to Google projects, so there is no reason for them to know anything about Gerrit.
Most devs have never worked on Solaris, but if I ask you about solaris and you don't even know what it is, that's a bad sign for how competent a developer you are.
Most devs have never used prolog or haskell or smalltalk seriously, but if they don't know what they are, that means they don't have curiosity about programming language paradigms, and that's a bad sign.
Most competent professional developers do code review and will run into issues with their code review tooling, and so they'll have some curiosity and look into what's out there.
There's no reason for most developers to know random trivia outside of their area of expertise "what compression format does png use by default", but text editors and code review software are fundamental developer tools, so fundamental that every competent developer I know has enough curiosity to know what's out there. Same for programming languages, shells, and operating systems.
These are all ridiculous shibboleths. I know what Solaris is because I’m an old fart. I’ve never used it nor needed to know anything about it. I’d be just as (in)competent if I’d never heard of it.
> The main thing I like about Github's PRs is that it's a system I'm already familiar with and have a login/account for. It's tedious going to contribute to a project to find I have to sign up for and learn another system.
codeberg supports logging in with GitHub accounts, and the PR interface is exactly the same
Yeah and this slavish devotion to keeping the existing (broken imho) PR structure from GH is the one thing I most dislike about Forgejo, but oh well. I still moved my project over to Codeberg.
GH's PR system is semi-tolerable for open source projects. It's downright broken for commercial software teams of any scale.
Like the other commenter: I miss Gerrit and proper comment<->change tracking.
I used gerrit a bit at work but any time I want to contribute to OSS project requiring to use it I just send a message with bugfix patch applied and leave, it's so much extra effort for drive by contributions that I don't care.
It's fine for code review in a team, not really good in GH-like "a user found a bug, fixed it, and want to send it" contribution scheme
> having used gerrit 10 years ago there's nothing about github's PRs that I like more, today.
I love patch stack review systems. I understand why they're not more popular, they can be a bit harder to understand and more work to craft, but it's just a wonderful experience once you get them. Making my reviews work in phabricator made my patchsets in general so much better, and making my patchsets better have improved my communication skills.
Maybe I have low standards given I've never touched what gitlab or CircleCi have to offer, but compared to my past experiences with Buildbot, Jenkins and Travis, it's miles ahead of these in my opinion.
Am I missing a truly better alternative or CI systems simply are all kind of a pita?
I don't enough experience w/ Buildbot or Travis to comment on those, but Jenkins?
I get that it got the job done and was standard at one point, but every single Jenkins instance I've seen in the wild is a steaming pile of ... unpatched, unloved, liability. I've come to understand that it isn't necessarily Jenkins at fault, it's teams 'running' their own infrastructure as an afterthought, coupled with the risk of borking the setup at the 'wrong time', which is always. From my experience this pattern seems nearly universal.
Github actions definitely has its warts and missing features, but I'll take managed build services over Jenkins every time.
Jenkins was just build in pre-container way so a lot of stuff (unless you specifically make your jobs use containers) is dependent on setup of machine running jenkins. But that does make some things easier, just harder to make repeatable as you pretty much configuration management solution to keep the jenkins machine config repeatable.
And yes "we can't be arsed to patch it till it's problem" is pretty much standard for any on-site infrastructure that doesn't have ops people yelling at devs to keep it up to date, but that's more SaaS vs onsite benefit than Jenkins failing.
My issue with Github CI is that it doesn't run your code in a container. You just have github-runner-1 user and you need to manually check out repository, do your build and clean up after you're done with it. Very dirty and unpredictable. That's for self-hosted runner.
> You just have github-runner-1 user and you need to manually check out repository, do your build and clean up after you're done with it. Very dirty and unpredictable. That's for self-hosted runner.
Yeah checking out everytime is a slight papercut I guess, but I guess it gives you control as sometimes you don't need to checkout anything or want a shallow/full clone. I guess if it checked out for you then their would be other papercuts.
I use their runners so never need to do any cleanup and get a fresh slate everytime.
It is fairly common pratice almost engineering best pratice to not put logic in CI. Just have it call out to a task runner, so you can run the same command locally for debugging etc. Think of CI more as a shell as a service, your just paying someone to enter some shell commands for you, you should be able to do exactly the same locally.
You can take this a setup furthur and use an environment manager to removing the installing of tools from CI as well for local/remote consistency and more benefits.
The big issue with Github is that they never denied feeding ai with private repositories. (Gitlab for example did that when asked). This fact alone makes many users bitter, even for organizations not using private repos per se.
>a well-formed CI system with many developed actions and free runners.
It feels to me like people have become way too reliant on this (in particular, forcing things into CI that could easily be done locally) and too trusting of those runners (ISTR some reports of malware).
>In addition, it is best to use code navigation simply in a web browser.
I've always found their navigation quite clunky and glitchy.
I don't get what people are complaining about. I haven't run into these AI issues except for Copilot appearing AS AN OPTION in views. Otherwise it seems to be working the same has it always
> In addition, it is best to use code navigation simply in a web browser.
IMHO the vanilla Github UI sucks for code browsing since it's incredibly slow, and the search is also useless (the integrated web-vscode works much better - e.g. press '.' inside a Github project).
> as well as a well-formed CI system with many developed actions and free runners
The only good thing about the Github CI system are the free runners (including free Mac runners), for everything else it's objectively worse than the alternatives (like Gitlab CI).
> In addition, it is best to use code navigation simply in a web browser
How do you define "code navigation"? It might've got a bit easier with automatic highlighting of selected symbols, but in return source code viewer got way too laggy and, for a couple of years now, it has this weird bug with misplaced cursors if code is scrolled horizontally. I actually find myself using the "raw" button more and more often, or cloning repo even for some quick ad-hoc lookups.
Edit: not to mention the blame view that actively fights with browser's built in search functionality.
And now it opens... some VSCode-esque editor in the browser that asks me to sign-in? Why would I want something even more resource-hungry and convoluted just to look up a random thing once in a while?
Having used Forgejo with AGit now, IMO the PR experience on GitHub is not great when trying to contribute to a new project. It's just unnecessarily convoluted.
It's just how straightforward it is. With GitHub's fork-then-PR approach I would have to clone, fork, add a remote to my local fork, push to said remote, and open the PR.
With agit flow I just have to clone the repository I want to contribute to, make my changes, and push (to a special ref, but still just push to the target repo).
I have been making some small contributions to Guix when they were still using email for patches, and that (i.e. send patches directly to upstream) already felt more natural than what GitHub propagates. And agit feels like the git-native interpretation of this email workflow.
They have zero fees for individuals too which is amazing. Thanks to it I gained my first sponsor when one of my projects was posted here. Made me wish sponsorships could pay the bills.
Would you say Github has any significant advantages over Gitlab in this regard? I always found them to be on par, with incremental advantages on either side.
Code search over all of Gitlab (even if available) wouldn't help much when many of the interesting repos might be on Github. To be truly useful, it would need to index repos across many different forges. But there's a tension in presenting that to users if you're afraid that they might exit your ecosystem to go to another forge.
Underrated feature is the code search. Everyone starts out thinking they’ll just slap elastic search or similar in front of the code but it’s more nuanced than that. GitHub built a bespoke code search engine and published a detailed blog post about it afterwards.
Well, I guess. It's not a surprise LinkedIn and GitHub are owned by the same entity. Both are degrading down to the same Zuckernet-style engagement hacking, and pseudo-resume self-boosting portfolio-ware. If the value of open source has become "it gets me hired", then ... fine. But that's not why many of us do free software development.
GitHub's evolution as a good open source hosting platform stalled many years ago. Its advantages are its social network effects, not as technical infrastructure.
But from a technology and UX POV it's got growing issues because of this emphasis, and that's why the Zig people have moved, from what I can see.
I moved my projects (https://codeberg.org/timbran/) recently and have been so far impressed enough. Beyond ideological alignment (free software, distaste for Microsoft, want to get my stuff off US infrastructure [elbows up], etc.) the two chief advantages are that I could create my own "organization" without shelling over cash, and run my own actions with my own machines.
And since moving I haven't noticed any drop in engagement or new people noticing the project since moving. GitHub "stars" are a shite way of measuring project success.
Forgejo that's behind Codeberg is similar enough to GitHub that most people will barely notice anyways.
I'm personally not a fan of the code review tools in any of them (GitLab, Foregejo, or GitHub) because they don't support proper tracking of review commits like e.g. Gerritt does but oh well. At least Foregejo / Codeberg are open to community contribution.
Additional note on Codeberg, which I think is great as a project, but I got curious on what infrastructure they are running on and how reliable this would be for larger corporate repos.
[...] Although aged, the performance (and even energy efficiency) is often not much worse than with new hardware that we could afford. In the interest of saving embodied carbon emissions from hardware manufacturing, we believe that used hardware is the more sustainable path.
[...] We are investigating how broken Apple laptops could be repurposed into CI runners. After all, automated CI usage doesn't depend on the same factors that human beings depend on when using a computer (functioning screen, speakers, keyboard, battery, etc.). If you own a broken M1/M2 device or know someone who does, and believe that it is not worth a conventional repair, we would be happy to receive your hardware donation and give it a try!
[...] While it usually holds up nicely, we see sudden drop in performance every few days. It can usually be "fixed" with a simple restart of Forgejo to clear the backlog of queries.
Gives both early-Google as well as hackerspace vibes, which can or can not be a good thing.
Their reliability is not great unfortunately. Currently their 24h uptime is 89% for the main site. They are partially degraded right now.
The 14 day uptime is 98% but I think that’s actually because some of their auxiliary systems have great uptime, the main site is never that great it seems.
Yeah, they were down last week too. It's hard to run an open git forge on a small volunteer team, the workload is read and write heavy with endless "customers" (or bots).
To be fair, Codeberg isn’t for corporate repos, it’s for FLOSS projects. Take a look at their Terms of Use. They don’t aim to be a commercial provider, rather the opposite.
oh wow I had a larger cluster than that since I was 20 more than half a decade ago, considering that the costs appear to be so low maybe I should also pop out few free services since at the moment I pay $600+ just on power costs alone for idle hardware on my personal cluster. If anyone has any ideas feel free to email me at: [email protected]
Let me be blunt: this looks like a tantrum. Bugs exist, and they're sometimes fixed more slowly than we'd like, but given the size of the GitHub ecosystem this is probably just one of many outstanding bugs. Blaming AI is baseless - not that it couldn't be true, but the conclusion seems to be drawn from a single issue.
What does this mean for the Zig project? I haven't heard of Codeberg, they may be great, but for a popular open-source project I'd expect a proper discussion before deciding to move or weighing the pros and cons of different hosting options. From what I'm hearing, Zig is technically excellent but seems to lack level‑headed, mature leadership. That's not unique: many open‑source projects started by brilliant engineers struggle as they grow and need a new leadership structure. That transition can be painful and could even harm adoption.
> Bugs exist, and they're sometimes fixed more slowly than we'd like
Then I think the larger point I'd make is that it's impossible to get anyone to care. We've let tech giants like MS become so large they can essentially just ignore problems with their service, and as a customer, it does not matter that you are paying for it, or how much you pay, you're essentially nothing to MS. You pay not only in the direct cost of the product, but in the indirect costs of any problem with the product will hit you; e.g., here, with VMs just spinning due to really basic bugs. But you're right, nobody ever got fired for using Github.
The big "pro" of moving to a smaller platform to me, I hope, is that they're at least incentivized to help you succeed.
One reason I think most CI scripts should just be — as much as possible — scripts, in the literal sense, is that not only promotes running them locally, it also promotes moving to other CI platforms.
“Have you ever heard of {obscure thing most dont use}” doesn’t really scream a “you” problem.
Sucks that it won’t be on GH anymore as I used to follow the project closely. I’m not going to create yet another account just because of Zig. Oh well…
Forgejo is GPL 3, with the Github stuff apparently even running it on owned device is tied to a per user per month bill, and I have no idea if code is available and editable just having a look at https://azure.microsoft.com/en-us/pricing/details/githubente...
Commercial software support is not free. Contracting out for professional services or diverting internal developers to fix issues with open source software are also not free.
yes, GitHub Enterprise Server is not free. And yes you pay a license fee per user per month, billed annually, and the minimum license purchase is 10 users at something like $21/user/month. Microsoft discounts you qualify for will bring that down. You pay because you get support. You won't need it often, but when you do, you really need it.
It is easy to administer even for 15k users, and mostly it takes care of itself if you give it enough RAM and CPU for all the activity.
Downloading the virtual hard drive image from GitHub is easy and decrypting the code inside is borderline trivial, but I'm not going to help anyone do that. I've never had a need to do it.
As a server product it is good. I recommend it if you can afford it. It is not intended for private individuals or non-profits, though. It's for corporations who want their code on-premise, and for that it is quite good.
There have been complaints about it on Reddit as well. I registered an account recently and to me the annoying thing is the constant "making sure you are not a bot" check. For now I see no reason to migrate, but I do admit Forgejo looks very interesting to self-host.
3. They have a UI, but anyone can also build one and the ecosystem is shared
I've been considering Gerrit for git-codereview, and tangled will be interesting when private data / repos are a thing. Not trying to have multiple git hosts while I wait
I, too, am extremely interested in development on Tangled, but I miss two features from GitHub - universal search and Releases. the web frontend of Tangled is so fast that I am still getting used to the speed, and jj-first features like stacked PRs are just awesome. kinda reminds me of how Linux patch submitting works.
I moved (from selfhost gitlab) to forgejo recently, and for my needs it's a lot better, with a lot less hassle. It also seems a lot more performant (again probably because I don't need a lot of the advanced features of gitlab).
I've been contemplating this for almost two years. Gitlab has gotten very bloated and despite disabling a number of services in the config, it continues to require increasingly more compute and RAM; we don't even use the integrated Postgres database.
There are a few things that keep me on Gitlab, but the main one is the quality of the CI/CD system and the gitlab runners.
I looked at Woodpecker, but it seems so docker-centric and we are, uh, not.
The other big gulf is issues and issue management. Gitlab CE is terrible; weird limitations (no epics unless you pay), broken features, UX nightmares, but from the looks of it Forjego is even more lacking in this area? Despite this seeming disdain, the other feature we regularly use is referencing issue numbers in commits to tie work together easily. On this one, I can see the answer as "be the change - contribute this to Forgejo" and I'm certainly willing. Still, it's currently a blocker.
But my hopes in putting this comment out there is that perhaps others have suggestions or insight I'm missing?
Crazy. Who would have an incentive to spend resources on DDoS'ing Codeberg? The only party I can think of would be Github. I know that the normalization of ruthlessness and winner-takes-all mentality made crime mandatory for large parts of the economy, but still cannot wrap my mind around it.
Not just them. For example, Qt self hosted cgit got ddos just two weeks ago. No idea why random open source projects getting attacked.
> in the past 48 hours, code.qt.io has been under a persistent DDoS
attack. The attackers utilize a highly distributed network of IP
addresses, attempting to obstruct services and network bandwidth.
Probably some little script kiddie fucks who think they are elite mega haxors and use their mommie's credit card to pay one of the ddos services readily accessible.
DDoS are crazy cheap now, it could be a random person for the lulz, or just as a test or demo (though I suspect Codeberg aren't a bit enough target to be impressive there).
What is cheap and what are the risks of getting caught? I can understand that for a 15 yo it might be for the lulz, but I am having a hard time to imagine that this would give street creds, and why be persistent about it. AI-bots would make more sense, but these can be dealt with.
Big tech would be far more interested in slurping data than DDoS'ing them.
An issue with comments, linked to a PR with review comments, the commit stack implementing the feature, and further commits addressing comments is probably valuable data to train a coding agent.
Serving all that data is not just a matter of cloning the repo. It means hitting their (public, documented) API end points, that are likely more costly to run.
And if they rate limit the scrappers, the unscrupulous bunch will start spreading requests across the whole internet.
I think the goal is unclear, but the effect will be that Codeberg will be perceived as less of a real, stable alternative. Breaking in was not in my mind, but that will have the same effect, maybe even more damaging.
Now, if that has been the intended effect, I hope I won't have to believe that.
Story time:
I remember that back in the day I had a domain name for a pretty hot keyword with a great, organic position in Google rankings. Then someday it got all of a sudden serious boost from black-SEO, with a bazillion links from all kinds of unrelated websites. My domain got penalized and dropped of from the front page.
For threat analysis, you need to know how hard you are to break in, what the incentives are, and who your potential adversaries are.
For each potential adversary, you list the risk strategy; that's threat analysis 101.
E.g. you have a locked door, some valuables, and your opponent is the state-level. Risk strategy: ignore, no door you can afford will be able to stop a state-level actor.
I concur the question, "Who would have an incentive to spend resources on DDoS'ing Codeberg?" is a bit convoluted in mixing incentive and resources. But it's still, exactly, threat analysis, just not very useful threat analysis.
Are there standards committees with 786 voting members, of which you would have to convince at least 2/3 to betray the ideals of the association they chose to actively take part in to get the association to disband or otherwise stop it from pursuing its mission?
~800 members? That's great to hear actually. I like Codeberg and want them to succeed and be protected from outside effects.
That's said, I believe my comparison checks out. Having ~800 members is a useful moat, and will deter actors from harming Codeberg.
OTOH, the mechanism can still theoretically work. Of course Microsoft won't try something that blatant, but if the e.V loses this moat, there are mechanisms which Microsoft can and would like to use as Codeberg gets more popular.
I think another big "moat" is actually that Codeberg is composed of natural people only (those with voting rights, anyway). Real people have values, and since they have to actively participate in Codeberg in some way to get voting rights those values are probably aligned with Codeberg's mission. I don't actually now the details of the standardization process you cite, but I think this is a big difference to it.
Additionally, from skimming the bylaws of Codeberg I'd say they have multiple fail-safes built in as additional protection. For one, you can't just pay ~1600 people to sign up and crash a general assembly, every membership application has to be approved first. They also ask for "support [for] the association and its purpose in an adequate fashion" from its members, and include mechanisms to kick people out that violate this or are otherwise acting against Codeberg's interests, which such a hostile attack would surely qualify as.
Of course it's something to stay vigilant about, but I think Codeberg is well positioned with regard to protecting against a hostile takeover and shutdown situation, to the point that DDoS is the much easier attack against them (as was the initial topic).
I said e.V., not EV. Codeberg is an e.V., i.e. a "registered association" in Germany. I am not actually sure if you could technically buy an e.V., but I am 100% certain that all of the Codeberg e.V. members would not take kindly to an attempt at a hostile takeover from Microsoft. So no, buying Codeberg is not easier than DDoSing them.
What do you mean by "orgs", and what do you mean by "the codeberg"?
Sure, they could try to bribe the Codeberg e.V. active members into changing its mission or disbanding the association entirely, but they would need to get a 2/3 majority at a general assembly while only the people actively involved in the e.V. and/or one of its projects can get voting rights. I find that highly unlikely to succeed.
Part of the problem is that Codeberg/Gitea's API endpoints are well documented and there are bots that scrape for gitea instances. Its similar to running SSH on port 22 or hosting popular PHP forums software, there are always automated attacks by different entities simply because they recognize the API.
Try exposing a paswordless SSH server to outside to see what happens. It'll be tried immediately, non-stop.
Now, all the servers I run has no public SSH ports, anymore. This is also why I don't expose home-servers to internet. I don't want that chaos at my doorstep.
Yeah, I have been thinking about hosting a small internet facing service on my home server, but I’m just not willing to take the risk. I’d do it on a separate internet connection, but not on my main one.
You can always use a small Hetzner server (or a free Oracle Cloud one if you are in a pinch) and install tailscale to all of your servers to create a P2P yet invisible network between your hosts. You need to protect the internet facing one properly, and set ACLs at tailscale level if you're storing anything personal on that network, though.
Yeah no need for public ssh. Or if you do pick a random port and fail2ban or better just whitelist the one IP you are using for the duration of that session.
To avoid needing SSH just send your logs and metrics out and do something to autodeploy securely then you rarely need to be in. Or use k8s :)
This is just FUD, there is nothing dangerous in having an SSH server open to the internet that only allows key authentication. Sure, scanners will keep pinging it, but nobody is ever going to burn an ssh 0day on your home server.
A few years ago a vulnerable compression library almost got pushed out that major Linux distros linked their OpenSSH implementations to. That was caught by blind luck. I'm confident there's a lot more shit out there that we don't know about.
"opsec" includes well defined things like threat modeling, risk factors, and such. "Things I have seen" and vague "better safe than sorry" is not part of that.
GitHub uptime isn't perfect either. You will notice these outages from time to time if your employer is using it for more than just "store some git repos", e.g. using GHA for builds and deploys, packages etc.
Because they are Codeberg I'm betting they have a philosophical aversion to using a cloud based ddos protection service like Cloudflare. Sadly the problem is that noone has come up with any other type of solution that actually works.
GitHub is slow bloatware at this point. I can get a PR to load at least 2-3x faster in Graphite than GitHub. I avoid going directly to their UI at all costs now.
LLMs are useful, but AI is itself a marketing term that has begun to lose its luster. It’s rapidly becoming an annoying or trendy label, not a cutting edge one.
I guarantee that in ~24 months, most AI features will still remain in some form or another on most apps, but the marketing language of AI-first will have evaporated entirely.
> AI is itself a marketing term that has begun to lose its luster. It’s rapidly becoming an annoying or trendy label, not a cutting edge one.
Where have you been the last 15 years? However, I agree with your prediction. Coke making AI advertisements may have had cache a couple years ago, but now would be a doofus move.
Have you watched broadcast TV lately? Every single advert is AI generated. Pay attention and you’ll see the telltale signs: stitched together 3 second clips with continuity problems, every showdown from a fixed set of compositions, etc. it’s just less noticeable to the average viewer than that coke ad.
I don’t remember AI being used as a widespread marketing term until 2-3 years ago. Before that it was just more of a vague tech thing you’d sometimes see, but now every single app seems to have reframed their business to be about AI agents.
Early 2010s had a lot of neural networks AI stuff going on and it certainly became a minor hype cycle as well though that kind of resulted in the current LLM wave.
There was also a small chatbot bubble around 2014-2016 (Microsoft Tay kinda blew it out of the water, and it never recovered), though companies did seem a bit skittish about using the term 'AI' at that point.
Their most most recent update replaces all this with a list of recently updated PRs and issues. I've been learning on it heavily since it came out. One of the few recent changes that really feels like a clear improvement.
Haven't used the dashboard in years. What's on it now might be more useful. The homepage for me should be set to Notifications.
At any rate, the feed is still available and you can reach it via browser autocomplete. I open GitHub by typing "not" in my URL bar and landing on the notifications page.
The reason is a bit strange. To me it seems as if Zig is
just very opinionated. Personally I think the decision to
move to Codeberg was made independently of Microsoft being
a problem. I don't dispute that Microsoft is a problem; I
just don't see many great alternatives to github either.
Gitlab consistently is worse for me as a user.
I think the bigger problem is that these big megacorporations
control so much. I find Google even more problematic than
Microsoft these days in that regard. AI worsens this problem,
but even without AI it already was a problem.
Lets put it this way, no engineer is choosing to use bitbucket. You use it because some SVP made the mistake of choosing atlassian software a decade ago and refuses to change.
I used to use it, but left as it became apparent that Atlassian was increasingly incompetent in both software and business aspects to the point of both being badly broken.
One thing that's really nice about codeberg is how fast the pages load. Browsing GitHub often feels very sluggish. Obviously there's a difference in scale there, but I hope codeberg can keep being fast.
$ time curl -L 'https://codeberg.org/'
real 0m3.063s
user 0m0.060s
sys 0m0.044s
$ time curl -L 'https://github.com/'
real 0m1.357s
user 0m0.077s
sys 0m0.096s
I think you read that backwards. In skydhash's test, Codeberg's data was 72% cached, and GitHub's data was 28% cached. Maybe you meant that GitHub's cached 4.28MB was, in absolute terms, more than Codeberg's cached 1.41MB?
Some parts of Github are SPA island, which is why the DOM load fast, but then it has to wait for the JavaScript files and the request made by those files. Codeberg can be used with JavaScript disabled and you don’t have that much extra requests (almost everything is rendered serverside).
The transferred part is for the gzipped transfer. That makes sense if the bulk of the data is HTML (I have not checked).
That depends on location and GitHub pages generally take a while to execute all the javascript for a usable page even after the html is fetched while pages on Codeberg require much less javascript to be usable and are quite usable even without javascript.
Here are my results for what it's worth
$ time curl -o /dev/null -s -L 'https://codeberg.org'
real 0m0.907s
user 0m0.027s
sys 0m0.009s
$ time curl -o /dev/null -s -L 'https://github.com/'
real 0m0.514s
user 0m0.028s
sys 0m0.016s
Sure, it depends on your internet connection. But for Codeberg I see a blank page for 3-4 seconds until it shows something. On a big repo like Zig the delay is even worse.
On Github any page loads gradually and you don't see a blank page even initially.
GitHub frontpage is very quick indeed, but browsing repos can sometimes have load times over a full second for me. Especially when it's less popular repos less likely to be in a cache.
There's no code review system for Fossil, because the SQLite guy doesn't believe in formalized code review. It also doesn't have any good flow for accepting external contributions other than .patch/bundle files, because the SQLite guy doesn't believe anyone but him is good enough to regularly contribute code.
It might be great for single person projects, which I guess is fine for hobby stuff, but unless you luck out like Richard Hipp and manage to become a well-paid hermit working in a effectively-one-person cathedral model, then it's not really going to work for most projects.
Well, diversity is great but I think many people underestimate the quality and service of GitHub, especially the free services. Even commercial vendors have failed to provide such a free service over time (Docker Hub, Bintray, Sourceforge). They all have/had the power to earn money though commercial offerings and ads, but in the end had to cut down their free services. I still wonder, how codeberg plans to cover the exploding costs.
I think once Codeberg becomes federated, it will likely attract a lot of people.
Right now github is great for discovering and tracking projects, reflecting growth via the star and fork system (although a bit broken in the last few years).
If a federated layer is applied to these github alternatives, you could have an account in Codeberg, and be able to track lots of projects wherever people want to host them. Right now, I see a lot of forgejo servers, but I don't want to register in all of them.
+1 - I also see a huge opportunity for forgejo to become a new stackoverflow if they add federation
The primary issue with SO was that it was disconnected from the actual communities maintaining the project. A federated solution would be able to have the same network effects while handing ownership to the original community (rather than a separate SO branch of the community)
The main function of GitHub is really just advertising or at least broadcasting your work. I would use GitHub issues, stars, etc as an (imperfect gauge) of the quality of a library. This is not because of GitHub's features, just that it's the biggest and most well known. And yes I know buying stars is a thing, which is why it's part of the evaluation and not the whole ballgame.
Now that zig is fairly well known and trusted, it makes sense that this is less of a concern for them when migrating away.
Our CI workflow literally just invokes a plain old shell script (which is runnable outside CI). We really don't need an overcomplicated professional CI/CD solution.
One of the nice things about switching to Forgejo Actions is that the runner is lightweight, fast, and reliable - none of which I can say for the GitHub Actions runner. But even then, it's still more bloated than we'd ideally like; we don't need all the complexity of the YAML workflow syntax and Node.js-based actions. It'd also be cool for the CI system to integrate with https://codeberg.org/mlugg/robust-jobserver which the Zig compiler and build system will soon start speaking.
So if anything, we're likely to just roll our own runner in the future and making it talk to the Forgejo Actions endpoints.
I mean, … the outages are a big part of it. But those outages also extending to taking out my own hardware (e.g., through bugs like the above consuming resources on my own compute) is just double the pain.
But as a product, it's just bad? Riddled with bugs? In no particular order:
* Artifact APIs will return garbage results during a run. Note that the APIs are separate from the GHA actions for interacting with artifacts, and the latter uses undocumented APIs, presumably b/c the documented APIs are buggy AF.
* needs.… will just return junk data, if you typo.
* Builds of actions are not cached, making them rather slow. Many GH official actions hack around this by pointing the tag/branch (e.g., @v4) at a pre-built artifact.
* The pricing is high, compared to other offerings.
* The interface is just FUBAR: e.g., stdin is a pipe, which will wreak havoc on some commands that change their behavior when piped to. stdout & stderr are pipes, which although GHA ostensibly supports colored output, this basically renders it useless.
* Jobs, steps, actions are conceptual mud. There's a few ideas, like "execute this thing" in there, but its all jumbled up/duplicated. Container settings are configured per-job, so if you want to run some steps in one container, and some in another, but in the same job, you're just going to be left out to dry.
* Secrets are hard to manage, and even harder to not leak.
* The expression language has all sorts of corners, like coerced types and functions with parse-time side-effects!.
Google workspace will have me do the same. No, I don't want to 'generate an image' I just want to use my own, thank you. They give their AI prime billing everywhere to the detriment of the products and the users.
You can also run a Forgejo instance (the software that powers Codeberg) locally - it is just a single binary that takes a minute to setup - and setup a local mirror of your Codeberg repo with code, issues, etc so you have access to your issues, wiki, etc until Codeberg is up and Forgejo (though you'll have to update them manually later).
I hope Codeberg is able to scale up to this surge in interest, but
> it is just a single binary that takes a minute to setup - and setup a local mirror of your Codeberg repo with code, issues, etc so you have access to your issues, wiki, etc
is really cool! Having a local mirror also presumably gives you the means to build tools on top, to group and navigate and view them as best works for you, which could make that side of the process so much easier.
> you'll have to update them manually later
What does the manually part mean here? Just that you'll have to remember to do a `forgejo fetch` (or whatever equivalent) to sync it up?
I totally agree, Microsoft is ruining everything with AI, like all Microsoft product have been on decline for years even before the LLM era, and now they are on an even steeper decline.
it makes me sad to see that github is now going through the same shit, and people are using other random half-ass alternatives, it’s not easy to keep track of your favourite open-source projects across many source forgeries. we need someone to buy github from Microsoft and remove all the crap they have added to it.
Seeing the decline of GitHub in Actions is technically correct, but Actions was always broken. We tried getting self-hosted runners to work super early before there was a proper ephemeral mode (just an officially unsupported race-condition-y --once flag). It sucked. That code can't produce a consistent status code, constantly failed to connect to its scheduler with obscure Azure error codes and had so many races with accepting and timing out jobs. Runners wouldn't get new jobs, jobs would sit there for an hour and then time out, runners would just die and need to be re-provisioned (we used ephemeral VMs in a GCP instance group). This is all because Actions is actually Azure DevOps Pipelines rebranded.
Compared to then this product is downright mature now. And also, there always were people at GitHub who delivered crappy products outside the core that most people working on FOSS got to see. Enterprise Cloud has a ton of sharp edges and things that make you ask "WHY" out loud. Notifications with SAML enabled are broken in countless ways (I have 0 out of 12 notifications right now), newly onboarded users are encouraged to click a "request copilot" button that sends emails to admins you can't disable, policy toggles that used to do one thing get split up and not defaulted properly. The last two in particular are just dark pattern hacks to get people to use Copilot. In an enterprise product.
Is anything broken on the pure Git side of Github? From this, it's clear that actions and runners are becoming unusable. But are repositories still safe?
The outages break `git push`. I'm not a fan of the AI adoption within the UI, and the side bars when browsing code usually get in the way. Using GitHub as a dumb git backend isn't a great option either, look at the Linux kernels PRs, it's almost all spam. Why on earth can't PRs be disabled?
Maybe this is a nice chance to ask, would you move from Gitlab to Github? I would say no, but some people in my org are proposing it, it seems to me simply because the integration it has with AI tools, but my experience has been worse in Github than with Gitlab.
We self-host GitLab and I would fight a migration to GitHub with every fiber of my being. GitLab is just better in pretty much every way. Especially CI/CD.
One problem is that GH gives you no way to disable PRs. And even if you write in BIG BOLD LETTERS that PRs should be on Codeberg not GH, people get upset and make a fuss over their "ignored" PRs and it ends up making unnecessary headaches for you over and over.
You can ignore them yourself, but people will get annoyed, take to social media, post "this project ignores PRs" "dead project" "they're not inclusive" etc. without context, and those things can gain momentum out of nowhere and have real consequences. And there will goalpost-shifting again, from "just mirror to GH" to "just accept PRs on GH too, why are they being so obstinate" and then further along.
The Linux kernel is unlikely to get those and can survive that even if it does, but your average FOSS project can be severely damaged in terms of reputation, contribution, usage, etc., by this kind of stuff, even if you want to dismiss it as just "social media fluttering". Easier and safer just to keep things clean and clearly at one place.
This resonates with me. Last week I got stuck on a bug where GitHub actions was pulling ARMv7 docker images when I specifically requested ARMv8. Absolutely impossible to reproduce locally either.
More and more projects are moving to Codeberg, and I'm wondering; at what point will a critical mass be reached? Or will we end up with a fragmented ecosystem?
Oh no, our decentralized VCS will be… decentralized!
Seriously though the big problem to solve will be squatters, when there are three logical places for a module to be hosted. That could create issues if you want to migrate.
I would rather have this happening after a contender to git has surfaced. Something for instance with more project tracking built in so migration were simpler.
I was slightly wrong. You can manually mirror things, but they have removed a feature that allowed one to automatically mirror repositories hosted elsewhere. It was originally intended as an ease of migration tool, but ended up consuming too many resources.
From their FAQ:
> Why can't I mirror repositories from other code-hosting websites?
> Mirrors that pull content from other code hosting services were problematic for Codeberg. They ended up consuming a vast amount of resources (traffic, disk space) over time, as users that were experimenting with Codeberg would not delete those mirrors when leaving.
> A detailed explanation can be found in this blog post.[1]
That's the beauty of email-based approaches. You can just clone, do your changes and `git send-email`. Done.
I think it would've been far easier to build a decent GUI around that flow, with some email integration + a patch preview tool, rather than adding activitypub, but oh well.
> I think it would've been far easier to build a decent GUI around that flow, with some email integration + a patch preview tool, rather than adding activitypub, but oh well.
Check out Sourcehut (https://sourcehut.org/). It uses a mailing list-based workflow so contributing code or bug reports is relatively effortless and doesn't require a Sourcehut account.
doesn't need full fledged activitypub, just a common place to login
might just do it federated way of "here is my domain, here is DNS entry pointing to my identity server to talk with", that way it isn't even tied to single identity service, but a given user will need to use only single login for all of the servers.
Email-based approaches have far more issues than just needing to create an account. I would much rather have to create another account than deal with git send-email ever again. It's awful.
I used to submit quite a few back in the day. How many projects are still actively maintained on Sourceforge? The last time I needed to go there was to get the GPC (General Polygon Clipper) library with the last modification in 2014.
Maybe I wasn't quite clear. As an open-source author, bug reports are what makes open-source feel like a job. This is because Github has created a sense of entitlement that an open-source project is supposed to take bug reports. That its authors are its 'maintainers' and are expected to fix them.
No. You are the person with an issue. You have all the means to fix the issue -- the source code has been shared with you. Now go ahead and fix your bug yourself. Then share the source code with your users as per its license.
Notice how I don't even care much for 'pull requests'. Another detrimental notion started with Github -- that the authors of an open-source project are expected to review change requests and merge them.
Guy, open-source licenses do not require you to share the derived code with upstream. They require you to share it with your users. I, as the original author, mostly don't care as the original code I wrote works for me.
Yes, sending fixes back upstream is a courtesy and a way to thank the original authors. However it is neither required, nor one must expect that the fixes will be accepted or even looked at at all.
Hopefully one of the efforts to build distributed pull requests will take off, so that all the forges other than github can band together and interoperate.
All those different 'git forges' use git as version control system and the same issue and PR workflows. There is no fragmentation, unless you consider one git url being different from another git url 'fragmentation' ;)
I prefer a pletora of code hosting sites, that one massive hub controlled by a single one. We can see how bad is when there is a monopoly or cuasi-monopoly.
I don't get it, why did they allow GitHub bot to modify and merge pull request automatically? Yeah I agree that MS is ruining everything with AI, but this problem is avoidable, if they turn off the bot's auto merge feature, or turn it off completely. The reason they move to a lesser known Git provider sounds more like a marketing stunt.
> The reason they move to a lesser known Git provider sounds more like a marketing stunt.
We had technical problems that GitHub had no interest in solving, and lots of small frustrations with the platform built up over years.
Jumping from one enshittified profit-driven platform to another profit-driven platform would just mean we'd set ourselves up for another enshittification -> migration cycle later down the line.
What are you referring to? I may be missing a line from the article but it seems mostly focused around a lingering GitHub Actions bug and the direction of GitHub.
the self hosted runner host is some horrific dotnet csharp mono monstrosity and "language" is some javascript wrapper nonsense that needlessly creates a half baked dsl around running basic shell commands.
A lot of these forced "AI" integrations are essentially Clippy on steroids.
A more careful approach focusing on use cases the technology can really support would be much preferred.
Am I in the minority when I actually like those AI features on GitHub? The ability to interrogate any open source codebase is __amazing__, this feature alone has saved me days of work/research. The AI code reviews are nothing to write home about, but occasionally catch stuff that I would've missed, a net benefit for me. I don't really get all the outrage... Sure, having an "Ask AI" Clippy-like thing in your face everywhere gets old quick, but at least on GitHub I find it non-obtrusive and often actually useful.
...you can just clone the repository and do that interrogation locally with the AI tool of your choice.
Every single application or webpage having its own AI integration is seriously one of the dumbest ideas in computing history (instead of separating applications and AI tools and let them work together via standardized interfaces).
The interesting thing about Zig's move isn't really the drama - it's watching a project work through platform migration in real time.
Most open source projects talk about reducing GitHub dependency but never actually do it because the switching costs are brutal. Issues, PRs, CI integrations, contributor muscle memory - it all adds up. Codeberg is solid but the network effects aren't there yet.
Curious whether this pushes other projects to at least have contingency plans. The AI training concerns are real, but I suspect the bigger long-term risk is just platform enshittification in general - feature bloat, performance degradation, mandatory upsells.
I hate these constant drama posts, but I am all for seeing competition. I think it's good to have a couple of top-tier companies offering the same service, and especially with git, it's been... lacklustre outside of Github, I'd say. Bitbucket was totally nice, but Atlassian and Jira and meh... Github has (mostly) steered clear of cross-product promotions until the CoPilot era washed all over us, and I wonder for how long they can continue to thrive off the power of brand-awareness.
Same effect at play watching all the top-tier AI corps under heavy competitive fire still, trying hard to keep the audience attached while battling to stay on top of (or keep up with) the competition. This mainly (for now) benefits the user. If OpenAI were to trailblaze on their own, we'd all be paying through the roof for even the most basic GPT by now.
Last week the reason for the move was MS tools being used by the baddies. Today AI is the baddie du jour. To use a great quote "either do or don't, but I got places to be".
Lack of investment more like. There are a ton of simple and obvious bugs that have persisted well before the AI crazy, e.g. this annoying bug from 2021: https://github.com/orgs/community/discussions/6874
That said, I still think Github is fine, and you can't argue with free CI - especially on Windows/Mac. If they ever stop that I'll definitely consider Codeberg. Or if Codeberg gets support for stacked PRs (i.e. dependencies between PRs), then I'm there! So frustrating that Github doesn't support such an obvious workflow.
The evidence of AI failure is all this low hanging fruit maintenance fixes users are begging Microsoft to fix and these AI agents are not fixing them. AI was going to 10x engineers or something right? Why isn’t GitHub getting better with all this AI help?
For my money, the scorpion is halfway across the river and y’all are about to become the frog. I haven’t touched a windows machine in 15 years and I’d really like to continue that streak to the grave. Gaben is working hard to become my new favorite tech person by trying to claw gaming off of the PC. I really hope he wins.
> So frustrating that Github doesn't support such an obvious workflow.
It kind of does.
I used this a lot in several jobs to work in dependent tickets in advance. Just make another branch on top of the previous (a PR to the other PR branch).
People could review the child PR before the parent was merged. And it requires some less than trivial git knowledge to manage effectively, but nothing extraordinary. Any solution for stacked PRs based on git would also require it (or a custom tool).
I think I'm on their side on this one. From git perspective, it works just as I expect. Something else probably belongs to JIRA or project management instead.
That feels like the opposite of what I think stacked PRs are? Like someone will open PR #1 for one feature, and then PR #2 into the PR #1 branch, but it doesn't make sense without knowing the context of PR #1 so that gets reviewed first - and then when that PR gets merged, the second one gets automatically closed by GitHub?
You first send PR#1, then PR#2 on top of the first one.
The diff for PR#1 will show dough stuff. The diff for PR#2 will show toppings in relation to dough.
People can review them asynchronously. If you merge PR#1, PR#2 will automatically target main (that's where dough went) now.
In this arrangement, I use to cross-mention the PRs by number (a link will exist in both). I also like to keep the second one draft, but that depends on the team practices.
I don't understand why you would close the second PR when the first gets merged. It should lose the dependency automagically, which is exactly what happens if you branch correctly.
> The diff for PR#2 will show toppings in relation to dough.
The problem is the diff for PR#2 will show dough and toppings all mixed together. Unless you go into the commits view, but that's super tedious and it's easy to lose comments in there.
It's kind of frustrating because there's very little required to make this work. All you really need is for Github to detect `Depends on #1` like it detects `Fixes #123`, and then a) use the HEAD of #1 as the diff based for #2, and b) block merging #2 until #1 is merged.
It's really not that complicated but I'm not holding my breath.
PR#2 will show only what changed between dough and toppings.
If you merge it, it will become part of PR#1. You turned the dependency into a single block.
So, if you don't want to mix, you should merge the dependency (dough) first to main (or whatever is your target).
Codeberg probably also supports the same thing, it's a git thing not a GitHub thing. That's why I'm saying it works exactly as expected. Git alone already supports dependencies, and GitHub just follows it.
To block the merge, you can make a workflow that turns PRs with dependencies into drafts. However, as it is a merge from one PR into another, I don't see the reason to. You can easily de-merge them if you need.
From the looks of it, it seems that you are branching at the wrong point, and creating two PRs to main, one of them containing duplicates. That's not what I suggested.
Look, how is number to go up without constant AI bullshit? Won't somebody think of the shareholders!
MS in particular _really_ seems to be sacrificing itself on the altar of Roko's Basilisk; they appear totally incapable of doing _anything_ that isn't AI-branded anymore.
MS need someone that will slap people doing the second the moment some of the first happen.
Securing base, easy to use and reliable OS should be no.1 priority.
Forcing down the throat services the users largely do not want just breeds resentment, and not only in people treated that way but also anyone that hears about it.
If W11 was "hey, we did some optimising, fixed some bugs and HEY, if you have TPM2.0, we can do that little step to make your machine more secure!" there would be far less resentment.
Similarly with every other feature, ask user, present the benefits, fuck off if they don't want to. NOT "turn it on by default then let them try to figure out how to turn it off". And then ask them again every few days with only option being "remind me later" as current copilot feature for teams does.
In other news today, Bun, which is one of the biggest projects written in Zig, joined Anthropic, the company behind Claude Code, and has nothing but kind words to say about AI. If Zig becomes ever more hostile to AI, I wonder if there may be some "friction" there.
Usually programming languages need that killer project to sell themselves, instead of being something only language nerds play with, Bun was one of such projects.
As Bun uses Zig quite a lot, I expect them to be quite active in the Zig forums and submitting patches and feature requests.
I was thinking of things like AI-generated patches submitted by Bun to the Zig project, or feature requests by Bun for AI-specific use cases... that could create a really bad atmosphere between Zig and Bun people if the Zig Foundation continuously rejects their contributions/requests/discussions.
maybe I’m out of the loop, but what is the “obsession” with AI that’s ruining it? GitHub still works for me like it always has. How are other people using GitHub?
Zig is distributed under the MIT License. MS is completely with in their rights to clone the git repository from Codeberg and do whatever with the source code. Including feeding it to their AI algorithms. Moving it to Codeberg doesn't really fix that. I get that some people want to restrict what people can do with source code (including using it for capitalist purposes or indeed ai/machine learning). But the whole point of many open source licenses (and especially the MIT license) is actually the opposite: allowing people to do whatever they want with the source code.
The Zig attitude towards AI usage is a bit odd in my view. I don't think it's that widely shared. But good for them if they feel strongly about that.
I'm kind of intrigued by Codeberg. I had never heard of it until a few days ago and it seems like that's happening in Berlin where I live. I don't think I would want to use it for commercial projects but it looks fine for open source things. Though I do have questions about the funding model. Running all this on donations seems like it could have some issues long term for more serious projects. Moving OSS communities around can be kind of disruptive. And it probably rules out commercial usage.
This whole Github is evil anti-capitalist stance is IMHO a bit out of place. I'm fine with diversity and having more players in the market though; that's a good thing. But many of the replacements are also for profit companies; which is probably why many people are a bit disillusioned with e.g. Gitlab. Codeberg seems structured to be more resilient against that.
Otherwise, Github remains good value and I'm getting a lot of value out of for profit AI companies providing me with stuff that was clearly trained on the body of work stored inside of it. I'm even paying for that. I think it's cool that this is now possible.
> Zig is distributed under the MIT License. MS is completely with in their rights to clone the git repository from Codeberg and do whatever with the source code. Including feeding it to their AI algorithms.
MIT license requires attribution, which AI algorithms don’t provide AFAIK. So either (a) it’s fair use and MS can do that regardless of the license or (b) MS can’t do that. In any case, yeah, that’s not the issue Zig folks have with GitHub.
> Zig is distributed under the MIT License. MS is completely with in their rights to clone the git repository from Codeberg and do whatever with the source code. Including feeding it to their AI algorithms. Moving it to Codeberg doesn't really fix that. I get that some people want to restrict what people can do with source code (including using it for capitalist purposes or indeed ai/machine learning). But the whole point of many open source licenses (and especially the MIT license) is actually the opposite: allowing people to do whatever they want with the source code.
MS training AIs on Zig isn't their complaint here. They're saying that Github has become a worse service because MS aren't working on the fundamentals any more and just chasing the AI dream, and trying to get AI to write code for it is having bad results.
I'm loving all the seething comments because a smart man who runs a good project is doing something a bunch of stealth GitHub employees don't like, even though it doesn't affect them. You don't have to use Zig, y'all. You don't have to agree with Andrew's opinions, y'all.
> [2025-11-27T02:10:07Z] it’s abundantly clear that the talented folks who used to work on the product have moved on to bigger and better things, with the remaining losers eager to inflict some kind of bloated, buggy JavaScript framework on us in the name of progress [1]
> [2025-11-27T14:04:47Z] it’s abundantly clear that the talented folks who used to work on the product have moved on to bigger and better things, with the remaining rookies eager to inflict some kind of bloated, buggy JavaScript framework on us in the name of progress [2]
> [2025-11-28T09:21:12Z] it’s abundantly clear that the engineering excellence that created GitHub’s success is no longer driving it [3]
---
1: https://web.archive.org/web/20251127021007/https://ziglang.o...
2: https://web.archive.org/web/20251127140447/https://ziglang.o...
3: https://web.archive.org/web/20251128092112/https://ziglang.o...
It would appear they listened to that feedback, swallowed their ego/pride and did what was best for the Zig community with these edits. I commend them for their actions in doing what's best for the community at the cost of some personal mea culpa edits.
If everyone is always bad regardless if they're trying to change, what incentives would they have from changing at all? It doesn't make any sense.
With online mobs, when the target shows any sort of regret there is blood in the water and the sharks feast. It sometimes turns into a very public form of struggle session for the person under scrutiny. Besides avoiding the faux pas in the first place, one well-tested mitigation is to be absolutely unapologetic and wait for the storm to blow over.
Acknowledgement of mistakes do not invoke much of a mob reaction unless there is wavering, self-pity, or appeals for leniency. Self-preservation should be assumed and not set as a goal -- once you appear to be doing anything that can be thought of as covering up or minimizing or blaming others, the mob will latch on to that and you get no consideration from then on.
The trouble there, of course, is that the motivation for changing (or not changing) one's mind is not always clear, and it's easy to score points from spinning it one way or another.
I'm not convinced that the existence of a low-probability event justifies normalizing the regular occurrence of a much more likely (and negative) event, like a belligerent engineer throwing a fit in a design meeting. I'd go as far as to say I'm open to more people-pleasers in engineering.
Also, fwiw, if you want to know why someone changed their mind, you can just ask them and see how you feel about the answer. If someone changes their mind at the drop of a hat, my guess is that their original position was not a strongly held one.
I thought I made a fairly innocuous point, I don't even think I was talking about engineers specifically.
It’s not particularly relevant (to me as a random non-zig affiliated HN reader) why they right their wrongs, as long as they did it, I find it positive (at least better than if they had left the monkey comments in the post).
The reason why the latter stance is often popularized and cheered is because it is often harder to do, especially in the adverse conditions, when not changing your opinion has a direct cost of money or time or sanity or in rare cases even freedom. Usually it involves small human group or individual against a faceless corporation, making it even harder. Of course we should respect people standing against corporation.
PS: this is not applicable if they are "clearly wrong" of course.
This is tangential to the original topic of insider trading, where the corruption is structural / systemic -- akin to how "conflict of interest" objectively describes a scenario, not an individual's behavior.
> The greatest thing about this man is he's steady. You know where he stands. He believes the same thing Wednesday that he believed on Monday, no matter what happened Tuesday. Events can change; this man's beliefs never will.
1) People don't really vote based on logic and sound reasoning. They vote based on what sounds right to them. If they're unhappy with something, they vote for somebody who also claims to be unhappy about it, regardless if he has any actual solutions.
2) Even for the minority who wants to vote based on sound principles, it's very hard to push information back to them. If the politician changes his mind, he has to explain it to his voters. Are there really platforms which allow in-depth conversations in political debates?
Every university classroom has a whiteboard and a projector. Because you need to draw graphs, diagrams, etc. You need to explain the general structure and then focus on the details without losing track of the whole.
Is there a single country where politicians use either when talking to each other or voters?
If no one hates what you are doing chances are you're not doing anything really
Because this plays into a weird flaw in cognition that people have. When people become leaders because they are assholes and they are wrong, then after the wind blows the other way they see the light and do a mea culpa, there is always a certain segment that says that they're even more worthy to be a leader because they have the ability to change. They yell at the people who were always right that they are dogmatic and ask "why should people change their minds if they will be treated like this?"
If one can't see what's wrong with this toy scenario that I've strawmanned here, that's a problem. The only reason we ever cared about this person is because they were loud and wrong about everything. Now, we are expected to be proud of them because they are right, and make sure that they don't lose any status or position for admitting that. This becomes a new reason for the people who were previously attacking the people who were right to continue to attack the people who were right, who are also now officially dogmatic puritans whose problem is that they weren't being right correctly.
This is a social phenomenon, not a personality flaw in these leaders. People can be wrong and then right. People can not care either way and latch onto a trend for attention or profit, and follow it where it goes. I don't think either of these things are in and of themselves morally problematic. The problem is that there are people who are simply following individual personalities and repeating what they say, change their minds when that personality changes their mind, and whose primary aim is to attack anyone who is criticizing that personality. They don't really care about the issue in question (and usually don't know much about it), they're simply protecting that personality like a family member.
This, again, doesn't matter when the subject is stupid, like some aesthetic or consumer thing He used to hate the new Batman movies but now he says that he misunderstood them; who cares. But when the subject is a real life or death thing, or involves serious damage to people's lives and careers, it's poisonous when a vocal minority becomes dedicated to this personality worship.
It's so common that there now seems to be a pipeline of born-agains in front of everything, giving their opinion. Sir, you were a satanist until three years ago.
Those people don’t exist. Which is exactly why the ability to change your opinion when presented with new information is a critical quality in a good leader.
Except we cared about Andrew Kelley because he was right about quite a lot of things (eg the zig design).
> I often find we don't appreciate enough people accepting their failures and changing their mind. For some reason I see the opposite: people respecting those who "stick to their guns" or double down when something is clearly wrong.
Not this specific situation.
(He did post a kind of vague apology in https://ziggit.dev/t/migrating-from-github-to-codeberg-zig-p..., but it's ambiguous enough that anyone who was offended is free to read it as either retracting the offending accusation, or not. This is plausibly the best available alternative for survival in the current social-media landscape, because it's at best useless to apologize to a mob that's performatively offended on behalf of people they don't personally know, and usually counterproductive because it marks you as a vulnerable victim, but the best available alternative might still tend to weaken the kind of integrity we're talking about rather than strengthen it.)
I don't think there's really an obligation to announce to newcomers, "hey, an earlier version of this post was overly inflammatory." But you should be forthright about your mistake to people who confront you about it, which is what's happening in the forum thread you linked. I think this is all fine.
https://github.com/ziglang/www.ziglang.org/commit/c8d046b288...
I find the fact that this painting has been hung crooked by 0.00001º: down
I find torture and mass murder: down
Clearly this is a ridiculous state of affairs. There's more gradations available than this.
Possibly coloured by my dutch culture: I think this rewrite is terrible. The original sentence was vastly superior, though I think the first rewrite (newbies to rookies) was an improvement.
The zig team is alarmed, and finds this state of affairs highly noteworthy and would like to communicate this more emotional, gut instincty sense in their words.
There's a reason humans invent colourful language and epithets. They always do, in all languages. Because it's useful!
And this rewrite takes it out. That's not actually a good thing. The fact that evidently the internet is so culturally USA-ised that any slightly colourful language is instantly taken as a personal affront and that in turn completely derails the entire debate into a pointless fight over etiquitte and whether something is 'appropriate' is fucking childish. I wish it wasn't so.
In human communication, the US is somewhat notorious in how flattened its emotional range is of interaction amongst friendly folk. One can bring anthropology into it if one must: Loads of folks from vastly different backgrounds all moving to a vast expanse of land? Given that cultural misunderstanding is extremely likely and the cost of such a misunderstanding is disastrously high, best plaster a massive smile on your face and be as diplomatic as you can be!
Consider as a practical example: Linus Torvalds' many famed communications. "NVidia? Fuck you!" was good. It made clear, in a very, very pithy way, that Linus wasn't just holding a negative opinion about the quality and behaviour of the nvidia gfx driver team at the time, but that this negative opinion was universal across a broad range of concerns and extremely so. It caused a shakeup where one was needed. All in 3 little words.
(Possibly the fact that the internet in general is even more incapable of dealing with colourful language is not necessarily the fault of USification of the internet: The internet is a lot like early US, at least in the sense that the risk of cultural misunderstanding is far higher than in face to face communications on most places on the planet).
Then again the front end rewrite (which GitHub was crowing about for quite a while) and doubling down on AI nonsense got me to stop using GH for personal projects and to stop contributing to projects hosted on GH.
Indeed. The article even links to it.
https://ziggit.dev/t/migrating-from-github-to-codeberg-zig-p...
I appreciate that Andrew and the other Zig team members are really passionate about their project, their goals, and the ideals behind those goals. I was dismayed by the recent news of outbursts which do a lot to undermine their goals. That they’re listening to feedback and trying to take the high road (despite feeling a lot of frustration with the direction industry is taking) should be commended.
Have people already forgotten that the ReactJS port made github slow ? https://news.ycombinator.com/item?id=44799861
The revised, politically-correct, sanitized re-framing that you apparently insist on does not convey this very important point of information.
We have freedom of speech for a reason - blunt honesty conveys important information. Passive language does not.
Codeberg is also a Git-based project host. It doesn't even support other repo types. Why would you be expecting the latter?
If a project announcement or article headline says someone/something is quitting or leaving GitHub, it makes a lot of sense to assume that their issue is with GitHub (and in this case, it would be an assumption they'd be right about).
Imagine being a slave to any SCM UI when cli tools and desktop clients have existed for ages not to mention integration into nearly every IDE. Also, what they're describing "random" workflows is classic ci build machine went offline and came back later.
Regardless, best of luck to them, hopefully they don't run into any more "monkeys", that would be terrible for them.
This is not a group with community or pragmatism from the start.
You haven't given any actual reasons this makes sense, if you don't like windows why would you be using it in the first place? Why would you care what text editor people use?
Why would it be ok to release something on a platform just to annoy your own users?
This is the same nonsense rationalizations that zig gave. Windows is the odd man out. If you want to release something on windows you match an extra byte on the ends of lines. It isn't that hard and even the simplest toy language does it. It's just part of line splitting, it isn't even something that happens at the language stage.
Last I checked both Visual Studio Code and Notepad++ can both make line endings configurable.
Last time I checked it was totally unnecessary because no other language releases for a platform and tries to punish their users. Options like that are to make files match while being worked on for different platforms, not so that a compiler doesn't try to punish and troll its users for using it.
I'm guessing you didn't live through the early days of webdev when you had to jump through ridiculous hoops just to support IE. At least back then there was the excuse that IE had the lions share of the market and many corporate users.
The industry wide acceptance of supporting IE majorly held back what websites/apps were capable of being. Around 2012ish (right as I was leaving webdev) more and more major teams started to stop supporting earlier broken versions of IE (this was largely empowered by the rising popularity of Chrome). This had a major impact on improving the state of web applications, and also got MS to seriously improve their web browser. Moves like this one by the Zig team are the only way you're going to push Microsoft to improve the situation.
Now you may claim "but Windows is 70% of users!" but this issue doesn't impact anyone wanting to run Zig applications, only those writing them. If you're an inexperienced dev that's super curious about Zig, this type of error might be another good nudge that maybe Windows isn't the OS you want to be working on.
No one is confused about how a compiler works. Those people being intentionally trolled are called your users when you make a language.
If you're an inexperienced dev that's super curious about Zig, this type of error might be another good nudge that maybe Windows isn't the OS you want to be working on.m
Then why did they make a windows version? Any normal person just sees that they shouldn't invest time in a language intentionally annoying it's own users for trying it out.
You still haven't come up with any explanation, your whole tangent about internet explorer has no relevance. There isn't one part of your comment that makes sense. Why would you even care about other people's OS and text editors? What kind of fanaticism would lead to wanting to use a language because they intentionally annoy users of something you aren't even involved in?
The whole thing is basically a case of "this things doesn't stand on any merits, I've just decided that I don't like certain people and they did something to upset them even though they are really just shooting themselves in the foot".
It's just the way it works, it isn't my standards, it is literally any piece of software that detects line breaks.
Nobody's being punished. Configuring your dev environment is something people do for every language.
No one has to configure around this issue because it is trivially solved and dealt with by every piece of software on the planet. It takes longer to write an error message than it does it just split a line correctly.
Let's add some perspective here: we're talking about a single runtime option for your text editor of choice.
Let's add some perspective here: they intentionally broke their own software to upset 72% of their potential users.
More to the point, why isn't your editor or IDE properly supporting Zig files?
No one has to care about zig, it's a niche language that doesn't care about its users, it's irrelevant except for hacker news threads.
If some language started demanding you save all your text files with carriage returns or will will error out, what would you think?
You sound like a lawyer grasping at straws instead of someone with a reasonable perspective that wouldn't be hypocritical when flipped around.
Were I in a situation where I needed to work with something not expecting LF line termination I'd either configure my dev environment appropriately or find tools that do what I want.
So when it's your tool selection nobody has to care? But when someone else makes a decision you disagree with it's the end of the world? Gotcha. Don't check that checkbox. Stay mad, bro.You didn't confront anything I wrote and instead just made up something no one said. All I did say was that zig is intentionally hostile to their own users, which they are.
If you could actually deal with what I wrote I think you would have done it already.
much better to put a colon in a filename, or call part of your toolchain "aux.exe"
https://help.interfaceware.com/v6/windows-reserved-file-name...
works like a treat
I mean, reason of "we don't want to be tied with direction MS takes" is good enough, not sure why they felt need to invent reasons and nitpick some near irrelevant things just to excuse their actions
The big problem still remains: corporations control WAY too much in general.
If they would own up to it and say sorry, then your point stands. But that's not what happened here.
[1] https://ziggit.dev/t/migrating-from-github-to-codeberg-zig-p...
Crocodile tears.
https://hachyderm.io/@[email protected]/1156234452984...
The people that got yelled at didn't do markedly better after getting yelled at, but they sure had a worse attitude towards their peers and chefs.
None of the chefs I talked to about it had anything better than "that's how it was when I started in kitchens" as actual justification.
I assume you'll choose to dismiss those who object as fragile birds... but then you don't really care about the productivity towards the goal then do you? You just want to be ok with being mean because it doesn't bother you.
you do...
> The methods for influencing results within an organization exist on a spectrum, and failing to adequately utilize the breadth of that spectrum is always counter-productive.
Or did you have a different expectation for result in mind? The one you thought would be counter-productive without insults.
My assumption was that ark wanted to put support behind codeberg, and encourage others to take a critical look at how bad github has become, and to consider other options. Not rally additional support and defense of github's actions.
I haven’t actually used harsh language with anyone so I’m not sure what your point is. I have been on HN long enough to know that expressions of strong negative emotion are punished here. That says absolutely nothing about the effectiveness of different methods of influence within an organization.
I think if people are rallying to defend GitHub due to some language that ruffled their feathers and not objective technical merit then they have completely lost the plot as engineers.
As far as Andrew’s goals, I think he has been pretty successful within the framework of the attention economy.
> then they have completely lost the plot as engineers.
I think most people who would call themselves software engineers have lost the plot of engineering.
That applies equally to those who are blind to the fact that engineering only exists to create stuff for humans. Most engineers are ignorant to the ability to consider the humans they're supposedly build for.
The point is to make shit better, not worse, and not more inhuman.
But even if that wasn't true. There's a significant difference between confronting the harshness of reality. And behaving in a way that makes reality suck more. Every human deserves to be treated with dignity, and a base level of respect.
Suggesting that someone is fragile and weak, because they object to being insulted, or object to the careless and needless stripping of dignity and humanity from people is a wild take.
I agree that people should be treated with dignity...but groupthink & herd mentality often strips people of their humanity.
So the criticism is really about culture & abstract attractors...not the individual people who often act rationally within the context of the system.
A reasonable person that's acting maliciously can be reasoned to stop their behavior.
An unreasonable person that's acting in good faith cannot be reasoned to stop their behavior because they are stupid.
If after attempts to reason with the unreasonable fail, it is not an insult or ad hominem attack to explain the person is acting stupidly.
That can not be absolutely true.
That wouldn't have happened if they hadn't derided whatever idiot decision makers thought it was acceptable in the first place.
https://www.gnu.org/philosophy/rms-nyu-2001-transcript.txt
You need that middle-finger-to-everyone, "let me show you how it's really done" energy to build anything meaningful. Pretty much all the great builders I can think of in tech history are/were deeply angry people.
Thus spake zarathustra etc etc..
These are just word games. Blurring and mixing what we mean with different words. To say what? Passion takes different forms and can be a hell of a motivator? Nobody disputes that.
There's clearly a difference between anger and love. GP was addressing that difference and recommended to focus on the healthier of the two. That's good advice.
What is the anger that arises from you when one you care for is hurt because of some violence or injustice? Is that not an expression of love?
What is that particular anger you can feel towards a romantic life partner of many years? One that can only be based in an already profound intimacy, in some deep fidelity? Don't you feel that same love you have always felt for them, but in a different color?
What is the anger you feel when you see grand injustices? Hate crimes, genocides, crimes against freedom.. Isn't that something like a humanistic love?
To make love simply the "healthier" option is to totally destroy it! It makes it, like, at best a pragmatic maxim and at worst a weird kind of imperative (we should be healthy after all..). But love is not an imperative, it's a (beautiful, amazing, natural) condition. And it is not always "healthy," not always without anger, but always "good" in that you can't go wrong following it.
You are playing around with words to pretend they are the same. That's very poetic and dramatic, but I hope you realize that love is not the same as anger, and that neither truly requires the other.
If done right, love can eat anger. If done wrong, anger will eat love, and much more. These outcomes are not the same. That's were the game gets serious, and that's why I'm being such an ass about what you wrote.
But this is really heady woowoo stuff at this point, and its quite ok to disagree on stuff of this sort! I understand you will probably continue to dismiss all this as sophistry or playing with words or whatever, but know either way that I do recognize and respect your point here! It can probably be seen as a choice: love can be a desirable state or a dramatic raison d'etre. For the former, you're probably a pretty happy monk/stoic type, for the other, you're more like the classic Romantic, the artist, etc.
Companies with heaps of cash are (over)paying "software engineers" to create and maintain it
Millions of people, unable to disable it, are "active users"
When I use Github servers I only use them to download source code, as zipballs or tarballs. I don't run any JS
The local forward proxy skips the redirects when downloading
Works for mehttps://news.ycombinator.com/item?id=46114083
"I think that writing style is more LinkedIn than LLM, the style of people who might get slapped down if they wrote something individual.
Much of the world has agreed to sound like machines."
Eg,metaphors that make no sense or fail to contribute any meaningful insight or extrenely cliched phrases ("it was a dark and stormy night...") used seriously rather than for self-deprecating humor.
My favorite example of an AI tell was a youtube video about serial killers i was listening to for background noise which started one of its sentences with "but what at first seemed to be an innocent night of harmless serial murder quickly turned to something sinister."
It's just much easier now for "laypeople" to also adjust their style to this. My prediction is people will get quickly tired of it (as evidenced by your comment)
Companies do public announcement with the risk of getting sued left and right. Normal people chose careful words in public. In the Internet it seems different rules apply in public. Laypeople are not adjusting to corporate talk, laypeople are more and more aware of the public of the Internet and behave accordingly (most are, like in real life, mute)
Code folding is buggy. Have some functions that have inner functions or other foldable stuff like classes with methods and inside the method maybe some inner function? It will only show folding buttons sporadically, seemingly without pattern.
Also standard text editing stuff like "double click and drag" no longer properly works without issues/has weird effects and behavior. The inspection of identifiers interferes with being able to properly select text.
The issue search is stupid too, often doesn't find the things one searches for.
You must be logged in to search properly too.
Most of the functionality is tied to running that JavaScript.
In short, it shows typical signs of a platform that is more and more JavaScriptianized with bloated frameworks making things work half-assed and not properly tested for sane standard behavior.
But there is more. Their silly AI bots closing issues. "State bot". "Dependabot". All trash or half thought out annoying (mis-)features. Then recently I read here on HN, that apparently a project maintainer can edit another person's post! This reeks of typical Microsoft issues with permissions to do things and not properly thinking such a thing through. Someone internally must be pushing for all this crap.
Not to say their implementation doesn't suck. I just wouldn't know because even a non-buggy one would probably still be a subpar experience.
> More importantly, Actions is created by monkeys ...
vs
> Most importantly, Actions has inexcusable bugs ...
I commend the author for correcting their mistakes. However, IMHO, an acknowledgement instead of just a silent edit would have been better.
Anyway, each to their own, and I'm happy for the Zig community.
Harm is damage to health. He damaged their health.
Thanks
Edit: I upvoted you because I love parties.
What is terrible is that new developers think that this has been the usual poor state of things...this is why Zig & others moving to alternate platforms is good.
Linux seems to be doing fine.
I wouldn't personally care either way but it is non-obvious to me that the first version would actually hurt the community.
In this case, the unnecessary insults detract from the otherwise important message, and reflect poorly on Zig. They were right to edit it.
Not at all, but this reads like childishness rather than political correctness.
Not being a dick is quite a different thing than political correctness.
Makes me wonder how much to the mass strife and confusion of the internet is simply down to people not knowing what the words they use mean?
Or being intentionally misled about them. People who enjoy being awful in various ways have a vested interest in reframing the opposition as "political correctness" in order to make it easier to dismiss or ridicule. The vast majority of usage of the term "political correctness" is in dismissing or ridiculing it.
Prefer a blunt, honest dick over a passive, polite liar anyday.
The Zig comments come off has highly immature, maybe because they are comments made to unknown people, calling folks losers or monkeys just crosses some line to me. Telling someone to stfu is not great but calling groups of people monkeys feels worse.
Also, Torvalds was rightfully called out on his public behaviour and he's corrected himself.
He represented his community with insulting words to the world. In higher ranks of IT it is all about communication. With his lack of proper words he showed these leaders, who decide about the adoption of Zig, that they do not want to communicate with him/the Zig community.
As a project/tech leader he is in the business of communications. He recognized this. See link in the article.
I've spent more than a month trying to delete my account on GitHub, still couldn't do it
Product is useless, you move along. Save your compassion for those actually needing it.
> how hard it is for top performers to make change
then you're not a top performer anymore?
seems pretty straightforward
> they must be stupid
one can be not stupid and still not competent
My argument against how he handles things has always been that while it may seem effective, we do not know how much more effective he would be if he did not curse people out for being dumb fucks.
And it doesn’t seem like this is a requirement for the job: lots of other project leaders treat others with courtesy and respect and it doesn’t seem to cause issues.
The reality is that it is easy to wish more people were verbally abusive to others when it isn’t directed at you. But soon as you are on the receiving end of it, especially as a volunteer, there is a greater than not chance that you will be less likely to want to continue contributing.
More to the point, if someone does it once and then stops, should we exclude this person from society forever?
Remember that only the Siths deal in absolutes.
I was agreeing with your stance and adding my own anecdote that it’s a turnoff with the way those posts were originally formatted. Not people I would want to work with. If you do that’s fine. This is not star wars and simply my own choice as it’s everyone else.
I also cannot think of a time in my adult life I wanted to call out a group of people as losers or monkeys i n public.
I would definitely classify the tiki torch wielding white nationalists as losers publicly, for example. In fact I have a hard time thinking of a better term for them. It could also apply to the fairly famous liar and criminal, the disgraced Congressman George Santos. Or any person who decides to flash kids at a playground, or beats his wife and children.
I think the Zig guy was a little over-dramatic with his initial post. He did change his mind, so in my book that's better than not. Linus did too, just after many years of bad behavior. My point is that your replies were painting the world with only black and white and there is a lot of gray area in between. Sometimes public shame is a valid way to do discourse. Often times it isn't. But it's not a "always" or "never" thing.
Because one person is judging that "terribleness" before being entitled to flame, changes to that person influence their ability to objectively make that assessment.
Say, when their project becomes popular, they gain more power and fame, and suddenly their self-image is different.
Hence it usually being a more community-encouraging approach to keep discussions technical without vitriol.
Flaming is unnecessarily disruptive, not least because it gives other (probably not as talented) folks a license to also put their worst impulses to text.
Eager to do what? If it sucks it sucks, but that's a very childish way to frame it, no one did anything on purpose or out of spite. That kind of silliness hurts the image of the project. But bad translation I suppose.
> This week people in our community confronted me about my lifetime of not understanding emotions. My flippant attacks in emails have been both unprofessional and uncalled for.
> Especially at times when I made it personal. In my quest for a better patch, this made sense to me. I know now this was not OK and I am truly sorry. The above is basically a long-winded way to get to the somewhat painful personal admission that hey, I need to change some of my behavior, and I want to apologize to the people that my personal behavior hurt and possibly drove away from kernel development entirely.
> I am going to take time off and get some assistance on how to understand people's emotions and respond appropriately.
He took time off and he’s better now. What you call “political correctness” is what I and others call “basic professionalism”. It took Linus 25 years to understand that. I can only hope that the people who hero worshipped him and adopted a similar attitude can also mature.
https://lore.kernel.org/lkml/CAHk-=wjLCqUUWd8DzG+xsOn-yVL0Q=...
I wish I could say this.
But unfortunately delaying your big PR until it's affecting schedule is a good way to dodge review.
https://mastodon.social/@andrewrk
The normalization, in fact, has been quite successful. The entire silicon valley has tacitly approved of it.
You act like people arn't being rewarded for this type of behavior.
we need less self censorship, not more.
It's not a binary choice between insults (escalates conflict, destabilizes rational decision making) vs hiding your opinions. That's what the word tact is for. It's simply, quite literally, a skill issue if someone can't find a middle ground between those two failure modes.
To me this kind of communication says it comes from a real person who has real experiences, not the marketing department, and is understandably angry at the people who make his life worse. And it's natural to insult those people. Insults are a signal, not noise. They signal something is wrong and people should pay attention to it.
I hear criticisms about being unprofessional and the like. So what? I don't wanna live in a world where everything everyone says is supposed to be filtered to match some arbitrary restrictions made up be people who more often than not can't do the work themselves.
Almost all of the actually competent people I personally know speak like this.
They can't stand those dragging us down through incompetence. They get angry when something that should work doesn't. They are driven by quality and will not be silent when it's lacking. If somebody fucked up, they will tell them they fucked up and have to fix it.
And I much prefer that approach.
I was saddened to see how they ganged up to bully the author of the Zig book. The book author, as far as I could tell, seems like a possibly immature teenager. But to have a whole community gang up on you with pitch forks because they have a suspicion you might use AI... that was gross to watch.
I was already turned off by the constant Zig spam approach to marketing. But now that we're getting pitchfork mobs and ranty anti-AI diatribes it just seems like a community sustaining itself on negative energy. I think they can possibly still turn it around but it might involve cleaning house or instituting better rules for contributors.
What makes you say that? Couldn’t it be an immature adult?
> because they have a suspicion you might use AI
Was that the reason? From what I remember (which could definitely be incomplete information) the complaint was that they were clearly using AI while claiming no AI had been used, stole code from another project while claiming it was their own, refused to add credit when a PR for that was made, tried to claim a namespace on open-vsx…
At a certain point, that starts to look outright malicious. It’s one thing to not know “the rules” but be willing to fix your mistakes when they are pointed out. It’s an entirely different thing to lie, obfuscate, and double down on bad attitude.
If one looks past the immediate surface, which is a prerequisite to form an informed opinion, Zigbook is the one who clearly looks bad. The website is no longer up, even, now showing a DMCA notice.
Choosing to focus on the existence of drama and bullying without delving into the underlying reason why there was such a negative reaction in the first place is kind of part and parcel to that.
At best it's the removal of context necessary to understand the dynamics at play, at worst it's a lie of omission.
Your assumption is woefully incorrect. People were annoyed, when the explicit and repeated lie that the AI generated site he released which was mostly written by AI, was claimed to be AI free. But annoyed isn't why he was met with the condemnation he received.
In addition to the repeated lies, there's the long history of this account of typosquatting various groups, many, many crypto projects, the number of cursor/getcursor accounts, the license violation and copying code without credit from an existing community group (with a reputation for expending a lot of effort, just to help other zig users), the abusive and personal attack editing the PR asking, for nothing but crediting the source of the code he tried to steal. All the while asking for donations for the work he copied from others.
All of that punctuated by the the fact he seems to have plans to typo squat Zig users given he controls the `zigglang` account on github. None of this can reasonable be considered just a simple mistake on a bad day. This is premeditated malicious behavior from someone looking to leach off the work of other people.
People are mad because the guy is a selfish asshole, who has a clear history of coping from others, being directly abusive, and demonstrated intent to attempt to impersonate the core ziglang team/org... not because he dared to use AI.
I do think that it was weird to focus on the AI aspect so much. AI is going to pollute everything going forward whether you like it or not. And honestly who cares, either it is a good ressource for learning or it’s not. You have to decide that for yourself and not based on whether AI helped writing it.
However I think some of the critique was because he stole the code for the interactive editor and claimed he made it himself, which of course you shouldn’t do.
The bigger issue is that they claimed no AI was used. That’s an outright lie which makes you think if you should trust anything else about it.
> And honestly who cares, either it is a good ressource for learning or it’s not. You have to decide that for yourself and not based on whether AI helped writing it.
You have no way of knowing if something is a good resource for learning until you invest your time into it. If it turns out it’s not a good resource, your time was wasted. Worse, you may have learned wrong ideas you now have to unlearn. If something was generated with an LLM, you have zero idea which parts are wrong or right.
But I also think we at this point should just assume that everything is partially written using AI.
For your last point, I think this was also a problem before LLMs. It has of course become easier to fake some kind of ethos in your writing, but it is also becoming easier to spot AI slop when you know what to look after right?
> But I also think we at this point should just assume that everything is partially written using AI.
Using "but" here implies your 2nd line is a partial refutation to the first. No one would have been angry if he'd posted it without clearly lying. Using AI isn't what pissed anyone off, being directly lied to (presumably to get around the strict "made by humans" rules across all the various Zig communities). Then there was the abusive PR edits attacking someone that seems to have gotten him banned. And his history of typosquatting, both various crypto surfaces, and cursor, and the typosquatting account for zigglang. People are mad because the guy is a selfish asshole, not because he dared to use AI.
Nothing I've written has been assisted by AI in any way, and I know a number of people who do and demand the same. I don't think it's a reasonable default assumption.
Does that count as substantial? I'm not sure because I'm not a lawyer, but this was really an issue about definitions in an attribution clause over less code than people regularly copy from stack overflow without a second thought. By the time this accusation was made, the Zigbook author was already under attack from the community which put them in a defensive posture.
Now, just to be clear, I think the book author behaved poorly in response. But the internet is full of young software engineers who would behave poorly if they wrote a book for a community and the community turned around and vilified them for it. I try not to judge individuals by the way they behave on their worst days. But I do think something like a community has a behavior and culture of its own and that does need to be guided with intention.
Without including proper credit, it is classic infringement. I wouldn't personally call copyright infringement "theft", though.
Imagine for a moment, the generosity of the MIT license: 'you can pretty much do anything you want with this code, I gift it to the world, all you have to do is give proper credit'. And so you read that, and take and take and take, and can't even give credit.
> Now, just to be clear, I think the book author behaved poorly in response
Precisely: maybe it was just a mistake? So, the author politely and professionally asks, not for the infringer to stop using the author's code, but just to give proper credit. And hey, here's a PR, so doing the right thing just requires an approval!
The infringer's response to the offer of help seemed to confirm that this was not a mistake, but rather someone acting in bad faith. IMO, people should learn early on in their life to say "I was wrong, I'm sorry, I'll make it right, it won't happen again". Say that when you're wrong, and the respect floods in.
> By the time this accusation was made, the Zigbook author was already under attack
This is not quite accurate, from my recollection of events (which could be mistaken!): the community didn't even know about it until after the author respectfully, directly contacted the infringer with an offer to help, and the infringer responded with hostility and what looked like a case of Oppositional Defiant Disorder.
? what? from my experience zig marketing is pretty mid. it is nowhere at the level of rust.
heck, rust evangelism strikeforce made me hate rust and all the people promote it, even for now.
Zig people want Zig to "win". They are appearing on Hacker News almost every day now, and for that purpose this kind of things matters more than the language's merits themselves. I believe the language has a good share of merits though, far more than Rust, but it's too early and not battle tested to get so much attention.
Evidence is easy to turn up and cite:
https://security.googleblog.com/2025/11/rust-in-android-move...
https://www.cisa.gov/news-events/news/urgent-need-memory-saf...
https://www.microsoft.com/en-us/msrc/blog/2019/07/a-proactiv...
https://www.chromium.org/Home/chromium-security/memory-safet...
https://hacks.mozilla.org/2019/02/rewriting-a-browser-compon...
[0] https://www.whitehouse.gov/articles/2025/03/yes-biden-spent-...
Especially since it was created just by hammering people with repeated exposure to biased media over ~5 years.
If someone would take a beat, even from that biased copy, they might think that studying the effects of hormone treatment in animal models would be scientifically productive, regardless of how one feels about human transgender rights.
All in one, that's why developers like it so much. The obsession with AI makes me nervous, but the advantages still outweigh, as for me, the average developer. For now.
Things like number of stars on a repository, number of forks, number of issues answered, number of followers for an account. All these things are powerful indicators of quality, and like it or not are now part of modern software engineering. Developers are more likely to use a repo that has more stars than its alternatives.
I know that the code should speak for itself and one should audit their dependencies and not depend on Github stars, but in practice this is not what happens, we rely on the community.
I have no idea what the parent comment is talking about a "well-formed CI system." GitHub Actions is easily the worst CI tool I've ever used. There are no core features of GitHub that haven't been replicated by GitLab at this point, and in my estimation GitLab did all of it better. But, if I put something on GitLab, nobody sees it.
It's been years through and the ease of doing simple things is not always indicative of difficult things. Often quite the contrary...
Facebook has been on that path for well over a decade, and it shows. The service itself is absolute garbage. Users stay because everyone they know is already there and the groups they love are there, and they just tolerate being force-fed AI slop and being monitored. But Facebook is not GROWING as a result, it's slowly dying, much like it's aging userbase. But Facebook doesn't care because no one in charge of any company these days can see further than next quarter's earnings call.
As for me, this does not negate the convenient things that I originally wrote about.
In non-coding social circles, social proof is even more accepted. So, I think that for a large portion of codebases, social proof is enough.
They're NOT! Lots of trashy AI projects have +50k stars.
The previous popular free code hoster was Sourceforge, which eventually entered its what's now called "enshittifcation phase". Github was simply in the right place at the right time to replace Sourceforge and the rest is history.
And probably, if the latter, fork that off into a different platform with a new name. (Microsoft loves naming things! Call it 'Codespaces 365 Live!')
And for those who don’t remember SourceForge, it had two major problems in DevEx: first you couldn’t just get your open source project published. It had to be approved. And once it did, you had an ugly URL. GitHub had pretty URLs.
I remember putting up my very first open source project back before GitHub and going through this huge checklist of what a good open source project must have. Then seeing that people just tossed code onto GitHub as is: no man pages, no or little documentation, build instructions that resulted in errors, no curated changelog, and realizing that things are changing.
The big reason I recall was that GitHub provided free public repos and limited private, while BitBucket was the opposite.
So if you primarily worked with open-source, GitHub was the better choice in that regard.
But VCS has always been a standard-preferring space, because its primary point is collaboration, so using something different creates a lot of pain.
And the good ship SS Linux Kernel was a lot of mass for any non-git solution to compete with.
I hate that this is perceived as generally true. Stars can be farmed and gamed; and the value of a star does not decay over time. Issues can be automatically closed, or answered with a non-response and closed. Numbers of followers is a networking/platform thing (flag your significance by following people with significant follower numbers).
> Developers are more likely to use a repo that has more stars than its alternatives.
If anything, star numbers reflect first mover advantage rather than code quality. People choosing which one of a number of competing packages to use in their product should consider a lot more than just the star number. Sadly, time pressures on decision makers (and their assumptions) means that detailed consideration rarely happens and star count remains the major factor in choosing whether to include a repo in a project.
The metrics you want are mostly ones they don't and can't have. Number of dependent projects for instance.
The metrics they keep are just what people have said, a way to gameify and keep people interested.
All these things are a proxy for popularity and that is a valuable metric. I have seen projects with amazing code quality but if they are not maintained eventually they stop working due to updates to dependencies, external APIs, runtime environment, etc. And I have see projects with meh code quality but so popular that every quirk and weird issue had a known workaround. Take ffmpeg for example: its code is.. arcane. But would you choose a random video transcoder written in JavaScript just due to the beautiful code that was last updated in 2012?
Hahahahahahahahahahahaha...
I can refer you to some github repositories with a low number of stars that are of extraordinarily high quality, and similarly, some shitty software with lots of stars. But I'm sure you get the point.
??? Seriously?
> All these things are powerful indicators of quality
Not in my experience....
People don't just share their stargazing plots "for fun", but because it has meaning for them.
What's the difference?
having used gerrit 10 years ago there's nothing about github's PRs that I like more, today.
> code navigation simply in a web browser
this is nice indeed, true.
> You write code, and almost everything works effortlessly.
if only. GHA are a hot mess because somehow we've landed in a local minimum of pretend-YAML-but-actually-shell-js-jinja-python and they have a smaller or bigger outage every other week, for years now.
> why developers like it so much
most everything else is much worse in at least one area and the most important thing it's what everyone uses. no one got fired for using github.
I've used Gerrit years ago, so wasn't totally unfamiliar, but it was still awkward to use when Go were using it for PRs. Notably that project ended up giving up on it because of the friction for users - and they were probably one of the most likely cases to stick to their guns and use something unusual.
That's not accurate. They more or less only use Gerrit still. They started accepting Github PRs, but not really, see https://go.dev/doc/contribute#sending_a_change_github
> You will need a Gerrit account to respond to your reviewers, including to mark feedback as 'Done' if implemented as suggested
The comments are still gerrit, you really shouldn't use Github.
The Go reviewers are also more likely than usual to assume you're incompetent if your PR comes from Github, and the review will accordingly be slower and more likely to be rejected, and none of the go core contributors use the weird github PR flow.
I've always done it that way, and never got that feeling.
Lowest common denominator way will always get worst quality
A competent developer would be more likely to send a PR using the tool with zero friction than to dedicate a few additional hours of his life to create an account and figure out how to use some obscure.
Most likely, dedication says little about competence, and vice versa. If you do not want to use the tools available to get something done and rather not do the task instead, what does that say about your competence?
I'm not in a position to know or judge this, but I could see how dedication could be a useful proxy for the expected quality a PR and the interaction that will go with it, which could be useful for popular open source projects. Not saying that's necessarily true, just that it's worth considering some maintainers might have anecdotal experiences along that line.
I'm not saying a competent developer should be proficient in using gerrit, but they should know that it isn't an obscure tool - it's a google-sponsored project handling millions of lines of code internally in google and externally. It's like calling golang an obscure language when all you ever did is java or typescript.
Is there some kind of Google-centrism at work here? Most devs don’t work at Google or contribute to Google projects, so there is no reason for them to know anything about Gerrit.
Most devs have never worked on Solaris, but if I ask you about solaris and you don't even know what it is, that's a bad sign for how competent a developer you are.
Most devs have never used prolog or haskell or smalltalk seriously, but if they don't know what they are, that means they don't have curiosity about programming language paradigms, and that's a bad sign.
Most competent professional developers do code review and will run into issues with their code review tooling, and so they'll have some curiosity and look into what's out there.
There's no reason for most developers to know random trivia outside of their area of expertise "what compression format does png use by default", but text editors and code review software are fundamental developer tools, so fundamental that every competent developer I know has enough curiosity to know what's out there. Same for programming languages, shells, and operating systems.
codeberg supports logging in with GitHub accounts, and the PR interface is exactly the same
you have nothing new to learn!
GH's PR system is semi-tolerable for open source projects. It's downright broken for commercial software teams of any scale.
Like the other commenter: I miss Gerrit and proper comment<->change tracking.
hopefully codeberg can build on it, and have an "advanced" option
It's fine for code review in a team, not really good in GH-like "a user found a bug, fixed it, and want to send it" contribution scheme
I love patch stack review systems. I understand why they're not more popular, they can be a bit harder to understand and more work to craft, but it's just a wonderful experience once you get them. Making my reviews work in phabricator made my patchsets in general so much better, and making my patchsets better have improved my communication skills.
Man :| no. I genuinely understand the convenience of using Actions, but it's a horrible product.
Am I missing a truly better alternative or CI systems simply are all kind of a pita?
I get that it got the job done and was standard at one point, but every single Jenkins instance I've seen in the wild is a steaming pile of ... unpatched, unloved, liability. I've come to understand that it isn't necessarily Jenkins at fault, it's teams 'running' their own infrastructure as an afterthought, coupled with the risk of borking the setup at the 'wrong time', which is always. From my experience this pattern seems nearly universal.
Github actions definitely has its warts and missing features, but I'll take managed build services over Jenkins every time.
And yes "we can't be arsed to patch it till it's problem" is pretty much standard for any on-site infrastructure that doesn't have ops people yelling at devs to keep it up to date, but that's more SaaS vs onsite benefit than Jenkins failing.
Is this not what you want?
https://docs.github.com/en/actions/how-tos/write-workflows/c...
> You just have github-runner-1 user and you need to manually check out repository, do your build and clean up after you're done with it. Very dirty and unpredictable. That's for self-hosted runner.
Yeah checking out everytime is a slight papercut I guess, but I guess it gives you control as sometimes you don't need to checkout anything or want a shallow/full clone. I guess if it checked out for you then their would be other papercuts.
I use their runners so never need to do any cleanup and get a fresh slate everytime.
Every time.
You can take this a setup furthur and use an environment manager to removing the installing of tools from CI as well for local/remote consistency and more benefits.
It feels to me like people have become way too reliant on this (in particular, forcing things into CI that could easily be done locally) and too trusting of those runners (ISTR some reports of malware).
>In addition, it is best to use code navigation simply in a web browser.
I've always found their navigation quite clunky and glitchy.
Is there more?
IMHO the vanilla Github UI sucks for code browsing since it's incredibly slow, and the search is also useless (the integrated web-vscode works much better - e.g. press '.' inside a Github project).
> as well as a well-formed CI system with many developed actions and free runners
The only good thing about the Github CI system are the free runners (including free Mac runners), for everything else it's objectively worse than the alternatives (like Gitlab CI).
How do you define "code navigation"? It might've got a bit easier with automatic highlighting of selected symbols, but in return source code viewer got way too laggy and, for a couple of years now, it has this weird bug with misplaced cursors if code is scrolled horizontally. I actually find myself using the "raw" button more and more often, or cloning repo even for some quick ad-hoc lookups.
Edit: not to mention the blame view that actively fights with browser's built in search functionality.
Having used Forgejo with AGit now, IMO the PR experience on GitHub is not great when trying to contribute to a new project. It's just unnecessarily convoluted.
With agit flow I just have to clone the repository I want to contribute to, make my changes, and push (to a special ref, but still just push to the target repo).
I have been making some small contributions to Guix when they were still using email for patches, and that (i.e. send patches directly to upstream) already felt more natural than what GitHub propagates. And agit feels like the git-native interpretation of this email workflow.
They have zero fees for individuals too which is amazing. Thanks to it I gained my first sponsor when one of my projects was posted here. Made me wish sponsorships could pay the bills.
GitHub's evolution as a good open source hosting platform stalled many years ago. Its advantages are its social network effects, not as technical infrastructure.
But from a technology and UX POV it's got growing issues because of this emphasis, and that's why the Zig people have moved, from what I can see.
I moved my projects (https://codeberg.org/timbran/) recently and have been so far impressed enough. Beyond ideological alignment (free software, distaste for Microsoft, want to get my stuff off US infrastructure [elbows up], etc.) the two chief advantages are that I could create my own "organization" without shelling over cash, and run my own actions with my own machines.
And since moving I haven't noticed any drop in engagement or new people noticing the project since moving. GitHub "stars" are a shite way of measuring project success.
Forgejo that's behind Codeberg is similar enough to GitHub that most people will barely notice anyways.
I'm personally not a fan of the code review tools in any of them (GitLab, Foregejo, or GitHub) because they don't support proper tracking of review commits like e.g. Gerritt does but oh well. At least Foregejo / Codeberg are open to community contribution.
That's not a Victorinox you're looking at, it's a cheap poorly made enshittified clone using a decades old playbook (e-e-e).
The focus on "Sponsorship buttons" and feature instead of fixing is just a waste of my time.
Nov 22, 2025 https://blog.codeberg.org/letter-from-codeberg-onwards-and-u...
Quotes from their website:
Infrastructure status [...] We are running on 3 servers, one Gigabyte and 2 Dell servers (R730 and R740).
Here's their current hardware: https://codeberg.org/Codeberg-Infrastructure/meta/src/branch...
[...] Although aged, the performance (and even energy efficiency) is often not much worse than with new hardware that we could afford. In the interest of saving embodied carbon emissions from hardware manufacturing, we believe that used hardware is the more sustainable path.
[...] We are investigating how broken Apple laptops could be repurposed into CI runners. After all, automated CI usage doesn't depend on the same factors that human beings depend on when using a computer (functioning screen, speakers, keyboard, battery, etc.). If you own a broken M1/M2 device or know someone who does, and believe that it is not worth a conventional repair, we would be happy to receive your hardware donation and give it a try!
[...] While it usually holds up nicely, we see sudden drop in performance every few days. It can usually be "fixed" with a simple restart of Forgejo to clear the backlog of queries.
Gives both early-Google as well as hackerspace vibes, which can or can not be a good thing.
Their reliability is not great unfortunately. Currently their 24h uptime is 89% for the main site. They are partially degraded right now.
The 14 day uptime is 98% but I think that’s actually because some of their auxiliary systems have great uptime, the main site is never that great it seems.
https://news.ycombinator.com/item?id=46131693
You can donate here: https://donate.codeberg.org/
Setup recurring donations on liberapay: https://liberapay.com/codeberg/donate
Or join as a member here: https://join.codeberg.org/
What does this mean for the Zig project? I haven't heard of Codeberg, they may be great, but for a popular open-source project I'd expect a proper discussion before deciding to move or weighing the pros and cons of different hosting options. From what I'm hearing, Zig is technically excellent but seems to lack level‑headed, mature leadership. That's not unique: many open‑source projects started by brilliant engineers struggle as they grow and need a new leadership structure. That transition can be painful and could even harm adoption.
Then I think the larger point I'd make is that it's impossible to get anyone to care. We've let tech giants like MS become so large they can essentially just ignore problems with their service, and as a customer, it does not matter that you are paying for it, or how much you pay, you're essentially nothing to MS. You pay not only in the direct cost of the product, but in the indirect costs of any problem with the product will hit you; e.g., here, with VMs just spinning due to really basic bugs. But you're right, nobody ever got fired for using Github.
The big "pro" of moving to a smaller platform to me, I hope, is that they're at least incentivized to help you succeed.
One reason I think most CI scripts should just be — as much as possible — scripts, in the literal sense, is that not only promotes running them locally, it also promotes moving to other CI platforms.
That's more of a you problem really.
> I'd expect a proper discussion before deciding to move
And you know the discussion did not happen?
“Have you ever heard of {obscure thing most dont use}” doesn’t really scream a “you” problem.
Sucks that it won’t be on GH anymore as I used to follow the project closely. I’m not going to create yet another account just because of Zig. Oh well…
https://status.codeberg.org/status/codeberg
I would even consider that moving everything from one single point of failure to an other is not the brightest move.
Github does offer a self hosted product: GitHub Enterprise Server
It is easy to administer even for 15k users, and mostly it takes care of itself if you give it enough RAM and CPU for all the activity.
Downloading the virtual hard drive image from GitHub is easy and decrypting the code inside is borderline trivial, but I'm not going to help anyone do that. I've never had a need to do it.
As a server product it is good. I recommend it if you can afford it. It is not intended for private individuals or non-profits, though. It's for corporations who want their code on-premise, and for that it is quite good.
1. use git or jj
2. pull-request like data lives on the network
3. They have a UI, but anyone can also build one and the ecosystem is shared
I've been considering Gerrit for git-codereview, and tangled will be interesting when private data / repos are a thing. Not trying to have multiple git hosts while I wait
I'm more interested in gerrit/git-codereview for stacked commits than jj. A couple extra commands for new folks, not a completely new tool and lexicon
There are a few things that keep me on Gitlab, but the main one is the quality of the CI/CD system and the gitlab runners.
I looked at Woodpecker, but it seems so docker-centric and we are, uh, not.
The other big gulf is issues and issue management. Gitlab CE is terrible; weird limitations (no epics unless you pay), broken features, UX nightmares, but from the looks of it Forjego is even more lacking in this area? Despite this seeming disdain, the other feature we regularly use is referencing issue numbers in commits to tie work together easily. On this one, I can see the answer as "be the change - contribute this to Forgejo" and I'm certainly willing. Still, it's currently a blocker.
But my hopes in putting this comment out there is that perhaps others have suggestions or insight I'm missing?
I've been self-hosting it for a few years now and can definitely recommend. It has been very reliable. I even have a runner running. Full tutorial at https://huijzer.xyz/posts/55/installing-forgejo-with-a-separ....
I believe the correct question is "Why they are getting DDoSed this much if they are not something important?"
For anyone who wants to follow: https://social.anoxinon.de/@Codeberg
Even their status page is under attack. Sorry for my French, but WTF?
> in the past 48 hours, code.qt.io has been under a persistent DDoS attack. The attackers utilize a highly distributed network of IP addresses, attempting to obstruct services and network bandwidth.
https://lists.qt-project.org/pipermail/development/2025-Nove...
- the internet's a lot bigger nowadays
- there are a lot of crappily secured iot devices
- the average household internet connection has gotten a lot faster, especially on upload bandwidth.
- there's a pile of amplification techniques which can multiply the bandwidth of an attack by using poorly-configured services.
An issue with comments, linked to a PR with review comments, the commit stack implementing the feature, and further commits addressing comments is probably valuable data to train a coding agent.
Serving all that data is not just a matter of cloning the repo. It means hitting their (public, documented) API end points, that are likely more costly to run.
And if they rate limit the scrappers, the unscrupulous bunch will start spreading requests across the whole internet.
I think it's not malice, but stupidity. IoT made even a script kiddie capable of running a huge botnet capable of DDoSing anything but CloudFlare.
That's not how threat analysis works. That's a conspiracy theory. You need to consider the difficulty of achieving it.
Otherwise I could start speculating which large NAS provider is trying to DDoS me, when in fact it's a script kiddie.
As for who would have the most incentives? Unscrupulous AI scrapers. Every unprotected site experiences a flood of AI scrapers/bots.
Story time:
I remember that back in the day I had a domain name for a pretty hot keyword with a great, organic position in Google rankings. Then someday it got all of a sudden serious boost from black-SEO, with a bazillion links from all kinds of unrelated websites. My domain got penalized and dropped of from the front page.
For each potential adversary, you list the risk strategy; that's threat analysis 101.
E.g. you have a locked door, some valuables, and your opponent is the state-level. Risk strategy: ignore, no door you can afford will be able to stop a state-level actor.
Just research about Office formats' ISO standardization process.
I'm not insinuating MicroSoft will buy Codeberg, but I just wanted to say that, they are not foreigners to the process itself.
I don't think your comparison works out.
That's said, I believe my comparison checks out. Having ~800 members is a useful moat, and will deter actors from harming Codeberg.
OTOH, the mechanism can still theoretically work. Of course Microsoft won't try something that blatant, but if the e.V loses this moat, there are mechanisms which Microsoft can and would like to use as Codeberg gets more popular.
I think another big "moat" is actually that Codeberg is composed of natural people only (those with voting rights, anyway). Real people have values, and since they have to actively participate in Codeberg in some way to get voting rights those values are probably aligned with Codeberg's mission. I don't actually now the details of the standardization process you cite, but I think this is a big difference to it.
Additionally, from skimming the bylaws of Codeberg I'd say they have multiple fail-safes built in as additional protection. For one, you can't just pay ~1600 people to sign up and crash a general assembly, every membership application has to be approved first. They also ask for "support [for] the association and its purpose in an adequate fashion" from its members, and include mechanisms to kick people out that violate this or are otherwise acting against Codeberg's interests, which such a hostile attack would surely qualify as.
Of course it's something to stay vigilant about, but I think Codeberg is well positioned with regard to protecting against a hostile takeover and shutdown situation, to the point that DDoS is the much easier attack against them (as was the initial topic).
which is basically the same thing
Sure, they could try to bribe the Codeberg e.V. active members into changing its mission or disbanding the association entirely, but they would need to get a 2/3 majority at a general assembly while only the people actively involved in the e.V. and/or one of its projects can get voting rights. I find that highly unlikely to succeed.
Now, all the servers I run has no public SSH ports, anymore. This is also why I don't expose home-servers to internet. I don't want that chaos at my doorstep.
To avoid needing SSH just send your logs and metrics out and do something to autodeploy securely then you rarely need to be in. Or use k8s :)
Kubernetes for personal infrastructure is akin to getting an aircraft carrier for fishing trips.
For simple systems snapshots and backups are good enough. If you're managing a thousand machine fleet, then things are of course different.
I manage both so, I don't yearn to use big-stack-software on my small hosts. :D
No, it's just opsec.
> Sure, scanners will keep pinging it, but nobody is ever going to burn an ssh 0day on your home server.
I wouldn't be so sure about it, considering the things I have seen.
I'd better be safe than sorry. You can expose your SSH if you prefer to do so. Just don't connect your server to my network.
all my services are always exposed for convenience but never on a standard port (except http)
After managing a fleet for a long time, I'd never do that. Tailscale or any other VPN is mandatory for me to be able to access "login" ports.
I guarantee that in ~24 months, most AI features will still remain in some form or another on most apps, but the marketing language of AI-first will have evaporated entirely.
Where have you been the last 15 years? However, I agree with your prediction. Coke making AI advertisements may have had cache a couple years ago, but now would be a doofus move.
https://en.wikipedia.org/wiki/AI_winter
Early 2010s had a lot of neural networks AI stuff going on and it certainly became a minor hype cycle as well though that kind of resulted in the current LLM wave.
On the other hand "personalized ads" is still going strong despite the entire concept being offensive.
https://github.com/orgs/community/discussions/65343
At any rate, the feed is still available and you can reach it via browser autocomplete. I open GitHub by typing "not" in my URL bar and landing on the notifications page.
I think the bigger problem is that these big megacorporations control so much. I find Google even more problematic than Microsoft these days in that regard. AI worsens this problem, but even without AI it already was a problem.
Night and day compared to something like Linear.
The transferred part is for the gzipped transfer. That makes sense if the bulk of the data is HTML (I have not checked).
I’ve disabled the cache for the network requests.
Here are my results for what it's worth
On Github any page loads gradually and you don't see a blank page even initially.
https://fossil-scm.org/
Single ~6mb executable, blazing fast. I've been a happy user for years.
It might be great for single person projects, which I guess is fine for hobby stuff, but unless you luck out like Richard Hipp and manage to become a well-paid hermit working in a effectively-one-person cathedral model, then it's not really going to work for most projects.
Right now github is great for discovering and tracking projects, reflecting growth via the star and fork system (although a bit broken in the last few years).
If a federated layer is applied to these github alternatives, you could have an account in Codeberg, and be able to track lots of projects wherever people want to host them. Right now, I see a lot of forgejo servers, but I don't want to register in all of them.
The primary issue with SO was that it was disconnected from the actual communities maintaining the project. A federated solution would be able to have the same network effects while handing ownership to the original community (rather than a separate SO branch of the community)
Now that zig is fairly well known and trusted, it makes sense that this is less of a concern for them when migrating away.
The people at Zig should use proper CI tools and not something that a big service provider is offering as an afterthought.
One of the nice things about switching to Forgejo Actions is that the runner is lightweight, fast, and reliable - none of which I can say for the GitHub Actions runner. But even then, it's still more bloated than we'd ideally like; we don't need all the complexity of the YAML workflow syntax and Node.js-based actions. It'd also be cool for the CI system to integrate with https://codeberg.org/mlugg/robust-jobserver which the Zig compiler and build system will soon start speaking.
So if anything, we're likely to just roll our own runner in the future and making it talk to the Forgejo Actions endpoints.
I mean, … the outages are a big part of it. But those outages also extending to taking out my own hardware (e.g., through bugs like the above consuming resources on my own compute) is just double the pain.
But as a product, it's just bad? Riddled with bugs? In no particular order:
* Artifact APIs will return garbage results during a run. Note that the APIs are separate from the GHA actions for interacting with artifacts, and the latter uses undocumented APIs, presumably b/c the documented APIs are buggy AF.
* needs.… will just return junk data, if you typo.
* Builds of actions are not cached, making them rather slow. Many GH official actions hack around this by pointing the tag/branch (e.g., @v4) at a pre-built artifact.
* The pricing is high, compared to other offerings.
* The interface is just FUBAR: e.g., stdin is a pipe, which will wreak havoc on some commands that change their behavior when piped to. stdout & stderr are pipes, which although GHA ostensibly supports colored output, this basically renders it useless.
* Jobs, steps, actions are conceptual mud. There's a few ideas, like "execute this thing" in there, but its all jumbled up/duplicated. Container settings are configured per-job, so if you want to run some steps in one container, and some in another, but in the same job, you're just going to be left out to dry.
* Secrets are hard to manage, and even harder to not leak.
* The expression language has all sorts of corners, like coerced types and functions with parse-time side-effects!.
That's just a few of the bugs I've encountered.
And there exist a lot of specialized solutions out there, where the business model is purely CI.
Migrating the main Zig repository from GitHub to Codeberg - 883 comments
You can also run a Forgejo instance (the software that powers Codeberg) locally - it is just a single binary that takes a minute to setup - and setup a local mirror of your Codeberg repo with code, issues, etc so you have access to your issues, wiki, etc until Codeberg is up and Forgejo (though you'll have to update them manually later).
> it is just a single binary that takes a minute to setup - and setup a local mirror of your Codeberg repo with code, issues, etc so you have access to your issues, wiki, etc
is really cool! Having a local mirror also presumably gives you the means to build tools on top, to group and navigate and view them as best works for you, which could make that side of the process so much easier.
> you'll have to update them manually later
What does the manually part mean here? Just that you'll have to remember to do a `forgejo fetch` (or whatever equivalent) to sync it up?
it makes me sad to see that github is now going through the same shit, and people are using other random half-ass alternatives, it’s not easy to keep track of your favourite open-source projects across many source forgeries. we need someone to buy github from Microsoft and remove all the crap they have added to it.
Most public forge instances and web presence for open source projects have RSS feeds.
Compared to then this product is downright mature now. And also, there always were people at GitHub who delivered crappy products outside the core that most people working on FOSS got to see. Enterprise Cloud has a ton of sharp edges and things that make you ask "WHY" out loud. Notifications with SAML enabled are broken in countless ways (I have 0 out of 12 notifications right now), newly onboarded users are encouraged to click a "request copilot" button that sends emails to admins you can't disable, policy toggles that used to do one thing get split up and not defaulted properly. The last two in particular are just dark pattern hacks to get people to use Copilot. In an enterprise product.
I haven't used GHES, but I imagine it's worse.
https://github.com/torvalds/linux/pulls?q=is%3Apr+is%3Aclose...
done.
The Linux kernel is unlikely to get those and can survive that even if it does, but your average FOSS project can be severely damaged in terms of reputation, contribution, usage, etc., by this kind of stuff, even if you want to dismiss it as just "social media fluttering". Easier and safer just to keep things clean and clearly at one place.
Seriously though the big problem to solve will be squatters, when there are three logical places for a module to be hosted. That could create issues if you want to migrate.
I would rather have this happening after a contender to git has surfaced. Something for instance with more project tracking built in so migration were simpler.
I suspect Codeberg, which is focused on free software, will frown on them. They already disallow mirroring.
In which direction? (I'd check myself but they're down...). That doesn't sound very open to me.
From their FAQ:
> Why can't I mirror repositories from other code-hosting websites?
> Mirrors that pull content from other code hosting services were problematic for Codeberg. They ended up consuming a vast amount of resources (traffic, disk space) over time, as users that were experimenting with Codeberg would not delete those mirrors when leaving.
> A detailed explanation can be found in this blog post.[1]
[1]: https://blog.codeberg.org/mirror-repos-easily-created-consum...
This sounds a bit like an oxymoron. More diversity will only help the ecosystem IMHO.
I think it would've been far easier to build a decent GUI around that flow, with some email integration + a patch preview tool, rather than adding activitypub, but oh well.
Check out Sourcehut (https://sourcehut.org/). It uses a mailing list-based workflow so contributing code or bug reports is relatively effortless and doesn't require a Sourcehut account.
might just do it federated way of "here is my domain, here is DNS entry pointing to my identity server to talk with", that way it isn't even tied to single identity service, but a given user will need to use only single login for all of the servers.
No. You are the person with an issue. You have all the means to fix the issue -- the source code has been shared with you. Now go ahead and fix your bug yourself. Then share the source code with your users as per its license.
Notice how I don't even care much for 'pull requests'. Another detrimental notion started with Github -- that the authors of an open-source project are expected to review change requests and merge them.
Guy, open-source licenses do not require you to share the derived code with upstream. They require you to share it with your users. I, as the original author, mostly don't care as the original code I wrote works for me.
Yes, sending fixes back upstream is a courtesy and a way to thank the original authors. However it is neither required, nor one must expect that the fixes will be accepted or even looked at at all.
They didn't, poor wording on Register part. The pull request was closed for inactivity by the bot.
We had technical problems that GitHub had no interest in solving, and lots of small frustrations with the platform built up over years.
Jumping from one enshittified profit-driven platform to another profit-driven platform would just mean we'd set ourselves up for another enshittification -> migration cycle later down the line.
No stunt here.
the self hosted runner host is some horrific dotnet csharp mono monstrosity and "language" is some javascript wrapper nonsense that needlessly creates a half baked dsl around running basic shell commands.
it has a pretty ui, but that's about it.
Every single application or webpage having its own AI integration is seriously one of the dumbest ideas in computing history (instead of separating applications and AI tools and let them work together via standardized interfaces).
Most open source projects talk about reducing GitHub dependency but never actually do it because the switching costs are brutal. Issues, PRs, CI integrations, contributor muscle memory - it all adds up. Codeberg is solid but the network effects aren't there yet.
Curious whether this pushes other projects to at least have contingency plans. The AI training concerns are real, but I suspect the bigger long-term risk is just platform enshittification in general - feature bloat, performance degradation, mandatory upsells.
Same effect at play watching all the top-tier AI corps under heavy competitive fire still, trying hard to keep the audience attached while battling to stay on top of (or keep up with) the competition. This mainly (for now) benefits the user. If OpenAI were to trailblaze on their own, we'd all be paying through the roof for even the most basic GPT by now.
"top-tier" is not a term I would use to describe Microsoft
Like, reading and posting on Hacker News?
https://ziglang.org/news/migrating-from-github-to-codeberg/
> Putting aside GitHub’s relationship with ICE
That was the extent of it. Six words.
Furthermore, this submission is an independent post, not from Zig, reporting on the original and adding more context.
> To use a great quote "either do or don't, but I got places to be".
What exactly is your complaint? The move had already been completed at the time of the original Zig post. They did do it.
There’s no incongruence between posts. The nature of your discontent or how it could possibly affect you isn’t clear in the slightest.
We really got to the point where AI is both a problem and solution to the problem it causes.
This one is almost a one-line change (technically they need an extra flag in the YAML but that's hardly difficult): https://github.com/orgs/community/discussions/12882#discussi...
That said, I still think Github is fine, and you can't argue with free CI - especially on Windows/Mac. If they ever stop that I'll definitely consider Codeberg. Or if Codeberg gets support for stacked PRs (i.e. dependencies between PRs), then I'm there! So frustrating that Github doesn't support such an obvious workflow.
Not spending on maintenance and spending gobs on something many people don’t want is far worse. It says we have the money, we just don’t give a fuck.
I think this is the natural outcome of "chasing points" mechanic inside Microsoft.
It kind of does.
I used this a lot in several jobs to work in dependent tickets in advance. Just make another branch on top of the previous (a PR to the other PR branch).
People could review the child PR before the parent was merged. And it requires some less than trivial git knowledge to manage effectively, but nothing extraordinary. Any solution for stacked PRs based on git would also require it (or a custom tool).
I think I'm on their side on this one. From git perspective, it works just as I expect. Something else probably belongs to JIRA or project management instead.
You first send PR#1, then PR#2 on top of the first one.
The diff for PR#1 will show dough stuff. The diff for PR#2 will show toppings in relation to dough.
People can review them asynchronously. If you merge PR#1, PR#2 will automatically target main (that's where dough went) now.
In this arrangement, I use to cross-mention the PRs by number (a link will exist in both). I also like to keep the second one draft, but that depends on the team practices.
I don't understand why you would close the second PR when the first gets merged. It should lose the dependency automagically, which is exactly what happens if you branch correctly.
The problem is the diff for PR#2 will show dough and toppings all mixed together. Unless you go into the commits view, but that's super tedious and it's easy to lose comments in there.
It's kind of frustrating because there's very little required to make this work. All you really need is for Github to detect `Depends on #1` like it detects `Fixes #123`, and then a) use the HEAD of #1 as the diff based for #2, and b) block merging #2 until #1 is merged.
It's really not that complicated but I'm not holding my breath.
PR#2 will show only what changed between dough and toppings.
If you merge it, it will become part of PR#1. You turned the dependency into a single block.
So, if you don't want to mix, you should merge the dependency (dough) first to main (or whatever is your target).
Codeberg probably also supports the same thing, it's a git thing not a GitHub thing. That's why I'm saying it works exactly as expected. Git alone already supports dependencies, and GitHub just follows it.
To block the merge, you can make a workflow that turns PRs with dependencies into drafts. However, as it is a merge from one PR into another, I don't see the reason to. You can easily de-merge them if you need.
From the looks of it, it seems that you are branching at the wrong point, and creating two PRs to main, one of them containing duplicates. That's not what I suggested.
Edit: Scrolling comments I see something called Codeberg but why am I getting connection refused?
Another edit: Oh because Codeberg is down. I had to look at another thread on the frontpage to find that out...
MS in particular _really_ seems to be sacrificing itself on the altar of Roko's Basilisk; they appear totally incapable of doing _anything_ that isn't AI-branded anymore.
MS need a stint of focusing on what users want rather than ramming stuff down their throat unasked hoping they’ll swallow
Securing base, easy to use and reliable OS should be no.1 priority.
Forcing down the throat services the users largely do not want just breeds resentment, and not only in people treated that way but also anyone that hears about it.
If W11 was "hey, we did some optimising, fixed some bugs and HEY, if you have TPM2.0, we can do that little step to make your machine more secure!" there would be far less resentment.
Similarly with every other feature, ask user, present the benefits, fuck off if they don't want to. NOT "turn it on by default then let them try to figure out how to turn it off". And then ask them again every few days with only option being "remind me later" as current copilot feature for teams does.
I was thinking of things like AI-generated patches submitted by Bun to the Zig project, or feature requests by Bun for AI-specific use cases... that could create a really bad atmosphere between Zig and Bun people if the Zig Foundation continuously rejects their contributions/requests/discussions.
Bun is made with Zig, and they just got acquired by Anthropic.
Ghostty is another notable piece of software made with Zig.
I assume the Bun acquisition is fueling most of this Zig news. There's about 4 articles on the frontpage about Zig.
The Zig attitude towards AI usage is a bit odd in my view. I don't think it's that widely shared. But good for them if they feel strongly about that.
I'm kind of intrigued by Codeberg. I had never heard of it until a few days ago and it seems like that's happening in Berlin where I live. I don't think I would want to use it for commercial projects but it looks fine for open source things. Though I do have questions about the funding model. Running all this on donations seems like it could have some issues long term for more serious projects. Moving OSS communities around can be kind of disruptive. And it probably rules out commercial usage.
This whole Github is evil anti-capitalist stance is IMHO a bit out of place. I'm fine with diversity and having more players in the market though; that's a good thing. But many of the replacements are also for profit companies; which is probably why many people are a bit disillusioned with e.g. Gitlab. Codeberg seems structured to be more resilient against that.
Otherwise, Github remains good value and I'm getting a lot of value out of for profit AI companies providing me with stuff that was clearly trained on the body of work stored inside of it. I'm even paying for that. I think it's cool that this is now possible.
MIT license requires attribution, which AI algorithms don’t provide AFAIK. So either (a) it’s fair use and MS can do that regardless of the license or (b) MS can’t do that. In any case, yeah, that’s not the issue Zig folks have with GitHub.
MS training AIs on Zig isn't their complaint here. They're saying that Github has become a worse service because MS aren't working on the fundamentals any more and just chasing the AI dream, and trying to get AI to write code for it is having bad results.
Github is great. It barely changes at all and yet it's still too much for this originalist crowd.