There needs to be a widespread p2p solution for opensource projects before its too late. I have lost count of all the amazing stuff that has been gravity bombed from orbit.
There also needs to be a way for authors to submit things anonymously too and maybe sign their things with cryptographic keys to ID it. How many times has a company had a court order someone to cease and desist or simply acquire somebody’s work?
That’s called Git and it’s been around longer than GitHub. There is also Usenet which by now is mostly dead. People fell for centralized alternatives. Oops :)
Git is, but it has no process of discovery or hosting by itself. Those are needed to efficiently share open source software to large numbers of people.
Right? Git is literally decentralized. If you choose to use GitHub as a centralized Git service, that’s on you.
(I will caveat this by saying we moved 2009scape off GitHub and the number of new contributors probably got cut in half. Mainstream services have a lot more eyes)
2009scape is wonderful for those like me who need to scratch that RuneScape itch without a subscription. The fact I can play it off of a USB is testament to itself how incredibly awesome you guys are. Thank you for the project, sincerely. :')
Fundamentally, the repository you have on GitHub is the same thing as the repository you have on your computer when you clone it. Pulling and pushing are shorthands for synchronizing commits between the two repositories, but you could also synchronize them directly with somebody else who cloned the repository. As somebody mentioned, you can also just host the same repository on two servers, and push to both of them.
The issue is that git doesn’t include convenient features like issues, pull requests, CI, wikis, etc., and by extensions, those aren’t included in your local repository, so if GitHub takes them down, you don’t have a copy.
An extra fun fact is that git can be considered a blockchain. It’s a distributed ledger of immutable commits, each one representing a change in state relative to the previous one. Everybody who clones a repository gets a copy of its entire history and fast forwards through the changes to calculate the current state.
Git works through ssh. So you need the same system as sshing into your machine. You just make a user group git and then let git and ssh handle things. And if you don’t need people to push to your repo, then it’s a lot easier as it’s now similar to hosting a website/file server.
Changes can come from anywhere. The Linux kernel itself doesn’t use any central repository like Github, it’s instead done via emailing patches that are eventually merged into the mainline kernel repository managed by Linus.
It’s not always takedowns either, just the developer deciding to nuke their own repos. Real annoying, although it’s making me more vigilant about forking/mirroring important repos.
All you need for this is a global overlay network and a global DNS untied from physical infrastructure. Cryptographic identities (hash of pubkey will do) instead of IP addresses (because NATs are PITA and too many people use mobile devices behind big bad NATs), and finding (in something like Kademlia) records signed by authority you yourself chose to trust instead of asking DNS.
Then come encryption and dynamic routing and synchronization of published states.
One can have some kind of Kademlia for discovery of projects too, but on the next level.
I2P comes close, but it’s more focused on anonymity.
OK, I’m not sure what I wrote makes sense. These things are easy to grasp somehow, but hard to understand well.
OK, I’m not sure what I wrote makes sense. These things are easy to grasp somehow, but hard to understand well.
yeah it seems you forgot what you wanted to say midway.
to extend on it, I2P, Tor and other mixnets provide the only safe way currently to host projects that others don’t like, because such sites cannot be taken down. that’s both a blessing and a curse
I wanted to say something about easily hosting searchable repositories, and solving a few of the problems because of which the Web as it exists still has users.
There needs to be a widespread p2p solution for opensource projects before its too late. I have lost count of all the amazing stuff that has been gravity bombed from orbit.
There also needs to be a way for authors to submit things anonymously too and maybe sign their things with cryptographic keys to ID it. How many times has a company had a court order someone to cease and desist or simply acquire somebody’s work?
I2p has a git service
I found https://radicle.xyz/ but I’ve never used this technology before. Maybe someone can shed some light?
That’s called Git and it’s been around longer than GitHub. There is also Usenet which by now is mostly dead. People fell for centralized alternatives. Oops :)
You’d think Usenet is dead.
It’s not.
Git is, but it has no process of discovery or hosting by itself. Those are needed to efficiently share open source software to large numbers of people.
Right? Git is literally decentralized. If you choose to use GitHub as a centralized Git service, that’s on you.
(I will caveat this by saying we moved 2009scape off GitHub and the number of new contributors probably got cut in half. Mainstream services have a lot more eyes)
I tried to follow that link and it seems Cloudflare blocked me. Don’t suppose you know who I’d need to talk to to resolve that would you?
Did Cloudflare not let you pass with a captcha?
2009scape is wonderful for those like me who need to scratch that RuneScape itch without a subscription. The fact I can play it off of a USB is testament to itself how incredibly awesome you guys are. Thank you for the project, sincerely. :')
How come Git is decentralized?
Doesnt it need a central component so I can pull your changes?
Edit: Thanks to all that explained it to me :)
Fundamentally, the repository you have on GitHub is the same thing as the repository you have on your computer when you clone it. Pulling and pushing are shorthands for synchronizing commits between the two repositories, but you could also synchronize them directly with somebody else who cloned the repository. As somebody mentioned, you can also just host the same repository on two servers, and push to both of them.
The issue is that git doesn’t include convenient features like issues, pull requests, CI, wikis, etc., and by extensions, those aren’t included in your local repository, so if GitHub takes them down, you don’t have a copy.
An extra fun fact is that git can be considered a blockchain. It’s a distributed ledger of immutable commits, each one representing a change in state relative to the previous one. Everybody who clones a repository gets a copy of its entire history and fast forwards through the changes to calculate the current state.
But to push/pull you’d in theory need to port forward your git server/workstation, right?
Git works through ssh. So you need the same system as sshing into your machine. You just make a user group git and then let git and ssh handle things. And if you don’t need people to push to your repo, then it’s a lot easier as it’s now similar to hosting a website/file server.
You can have arbitrarily many git “remotes”: GitHub, gitlab, your own custom forge, etc…
Git a cmd tool only. Your can remote wherever you like.
Changes can come from anywhere. The Linux kernel itself doesn’t use any central repository like Github, it’s instead done via emailing patches that are eventually merged into the mainline kernel repository managed by Linus.
It is 100% decentralized.
Sounds like it’s centralized around Linus…
But… How does that work? The code has to be stored somewhere…
The code is replicated by everyone who works on it, and on various public and private servers, so you might say it’s stored everywhere.
…I need to watch a video on this 😂
git is clearly not p2p in the needed level or else we wouldn’t have faced this problem
It’s not always takedowns either, just the developer deciding to nuke their own repos. Real annoying, although it’s making me more vigilant about forking/mirroring important repos.
Host a git-style repo on IPFS
All you need for this is a global overlay network and a global DNS untied from physical infrastructure. Cryptographic identities (hash of pubkey will do) instead of IP addresses (because NATs are PITA and too many people use mobile devices behind big bad NATs), and finding (in something like Kademlia) records signed by authority you yourself chose to trust instead of asking DNS.
Then come encryption and dynamic routing and synchronization of published states.
One can have some kind of Kademlia for discovery of projects too, but on the next level.
I2P comes close, but it’s more focused on anonymity.
OK, I’m not sure what I wrote makes sense. These things are easy to grasp somehow, but hard to understand well.
yeah it seems you forgot what you wanted to say midway.
to extend on it, I2P, Tor and other mixnets provide the only safe way currently to host projects that others don’t like, because such sites cannot be taken down. that’s both a blessing and a curse
I wanted to say something about easily hosting searchable repositories, and solving a few of the problems because of which the Web as it exists still has users.
Open-source projects are quiet safe on Github. Maybe don’t push illegal code? Seems pretty obvious to me.
Do you forget who determines what is illegal?
deleted by creator