Skip to content
This repository has been archived by the owner on Jun 24, 2022. It is now read-only.

❌ Software Removal | github #843

Closed
ghost opened this issue Apr 9, 2019 · 37 comments
Closed

❌ Software Removal | github #843

ghost opened this issue Apr 9, 2019 · 37 comments
Assignees

Comments

@ghost
Copy link

ghost commented Apr 9, 2019

Drop Github, avoid Gitlab, endorse notabug.org

Since PTIO was reorganized it's unclear if github is being endorsed. There is no mention in the productivity category but the participate page links to github. PTIO is leading by poor example in this case. It's embarrassing to the project and not good for credibility. Luckily it no longer appears on the front page.

Before continuing, it's worth mentioning that Github and Gitlab both distribute the free software that implements their service. Unless I say otherwise, this post is about their service, not their software.

Privacy problems with Microsoft Github service

  1. MS feeds other privacy abusers:
    1. Github uses Amazon AWS which triggers several privacy and ethical problems
    2. (2012) MS spent $35 million on Facebook advertisements, making it the third highest financial supporter of a notorious privacy abuser that year.
  2. Censorship and PTIO project interference: Github staff apparently deleted a PTIO contributor who was reporting a privacy abuses present on other projects. Hostility toward volunteer privacy advocates working for PTIO is in itself sufficient reason to abandon Github.
  3. Github may have a policy that entails censoring bug reports (see this post for the discussion)
  4. Github is Tor-hostile (according to Tor project, although personally I've had no issue using Tor for GH)
  5. MS is a PRISM corporation prone to mass surveillance
  6. MS lobbies for privacy-hostile policy:
    1. MS supported CISPA and CISA unwarranted information exchange bills, and CISA passed.
    2. (2018) MS paid $195k to fight privacy in CA
  7. MS supplies Bing search service which gives high rankings to privacy-abusing CloudFlare websites.
  8. MS supplies hotmail.com email service, which uses vigilante extremist org Spamhaus to force residential internet users to share all their e-mail metadata and payloads with a corporate third-party.
  9. MS drug tests its employees, thus intruding on their privacy outside the workplace.
  10. MS products (Office in particular) violate the GDPR
  11. To report an MS security bug, one must sign in and the sign-in page is broken. It's really bad for security to make defect reports difficult to submit.

Privacy-compromising consequence of using Github for the PTIO project:

  1. (conflict of interest) PTIO selects only contributors willing to make privacy compromises, and excludes those who will not use GH for privacy reasons.
  2. (conflict of interest) When contributors are evaluating whether a tool is privacy-respecting, they white list Microsoft and Amazon as a consequence of PTIO using Github, and then use that as rationale to endorse an unworthy tool.
  3. (side-effect) Privacy advocates who use GH face demoralizing criticism for what some regard as hypocrisy. PTIO contributors should not be subjected to that.

Rationale for staying with Github:

  1. The shake-up of making a move will lose contributors.
  2. e-voting was mentioned, but self-hosted GitLab probably supports this (the GL service does).

Problems with Gitlab service

Many Github refugees fled to Gitlab when Microsoft acquired Github. It's a bad idea. Gitlab should be avoided.

Alternatives

  1. self-hosting (Gogs, Gitea, Gitlab, etc.)
    1. (+) avoids the "shake-up" problem of shrinking the community each time the project moves (there is no risk that the privacy factors would later take a negative turn).
    2. (+) PTIO could host other privacy-focused projects and become part of the support structure for them. Centralizing privacy-focused projects would increase PTIO visibility and establish a place where developers with the same high-level goals could develop in a more united way. Poaching privacy-focused projects from GH and GL would solve the hypocrisy problem those projects are facing as well.
  2. Bitbucket
    1. (-) dodgy j/s up the yin yang that clusterfucks uMatrix
    2. (-) has some relationship with Netlify, who uses AWS
    3. (-) non-free software?
  3. Launchpad
  4. notabug.org ("NAB") (privacy policy). Based on a liberated fork of gogs.
    1. (+) supports Tor (although the onion web UI is currently disabled in response to attack, so the onion site only accepts git connections)
    2. (+) supports SSH keys and SSH over Tor to NAB's onion service
    3. (+) no CAPTCHAs
    4. (+) registration very non-intrusive, and not controlling about where you get your email
    5. (+) hosts Jeff Cliff's CF-Tor project which is one of the most credible and competently staffed privacy projects.
    6. (-) noteworthy drawback unrelated to privacy: e-voting non-existent. Framadate.org could be used but probably quite inconvenient.
    7. (-) drawback not related to privacy: NAB doesn't associate PGP keys to users, so PGP signed commits may be unavailable or more manual work needed. I doubt that's a factor for PTIO.
    8. (-) IRC support channel is dead.
  5. Codeberg. Runs on Gitea, which is a Gogs fork. Suggested by @IzzySoft.
    1. (+) web UI works on Tor (probably SSH as well)
    2. (+) supports SSH and GPG keys
    3. (+) no CAPTCHAs
    4. (+) registration very non-intrusive, and not controlling about where you get your email
    5. (+) functions without any j/s, and the javascript that exists is all 1st-party (ref)
    6. (+) supports e-voting
    7. (-) logins don't work from Ungoogled Chromium
    8. (-) no onion address?

I haven't made a significant effort to dig up dirt on these suppliers, but I can confirm that NAB has none of the issues of Github. My experience with NAB has been quite positive.

@jonaharagon
Copy link
Contributor

jonaharagon commented Apr 9, 2019

Possible duplicate of #763?

Github and Gitlab both distribute the free software that implements their service.

This does not appear to be true in the case of GitHub.

@ghost
Copy link
Author

ghost commented Apr 9, 2019

yeah, looks like the threads should be merged, ideally with the #843 subject line and kept open since it needs a revisit.

@jonaharagon
Copy link
Contributor

I'm open to discussion but it appears to have been closed just two months ago, and it sounds like a pretty final decision at this time: https://github.com/privacytoolsIO/privacytools.io/issues/763#issuecomment-463225736

@Mikaela
Copy link
Contributor

Mikaela commented Apr 10, 2019

Alternatives
self-hosting

👍

Bitbucket (has some relationship with Netlify, who uses AWS)

It's not open-source isn't it, so would it really be that much better than GitHub?

Launchpad

As far as I know they only support their own version control system known as Bazaar (or bzr) and I think they are the worst option you listed in terms of UI. I seem to have been a registered user since 2008-05-13 which seems to be around the time I started using Ubuntu/Linux.

notabug.org ("NAB") (privacy policy)

This isn't a very big issue, but I wish they supported reactions to comments like 👍 so there woldn't need to be duplicate comments or not-so-useful-comments like "seen" "agreed entirely" etc., but I am not sure if this is a valid concern.

(Another problem I have applying to everything else than GitHub seems to be inability to subscribe only new releases/tags, but that is non applicable in the context of Privacytools.io.)

@Mikaela
Copy link
Contributor

Mikaela commented Apr 10, 2019

Oh, and I forgot to say that I have already commented to this on #763:

Personally I am fine with GitHub, but if moving somewhere happened, I think it should be something selfhosted (maybe a Gitea instance) and it should happen after different FOSS Git hosting services implement federation instead of forcing me to register on yet another instance unless Microsoft changed something drastically with GitHub and moving became a better option.

@jonaharagon
Copy link
Contributor

If we do move, we would move to a self-hosted GitLab install.

@ghost
Copy link
Author

ghost commented Apr 10, 2019

There are lots of problems with the Gitlab service, but Gitlab's free software is probably relatively clean (it's listed in the FSF directory). You'd probably just want to make sure that the CAPTCHA hell that users normally experience with the G/L service can be disabled in the software.

@ghost
Copy link
Author

ghost commented Apr 11, 2019

It seems i'm getting censored in this thread. I edited the OP to add:

  1. Github has a policy that entails censoring bug reports (see this post for the discussion)

and the OP is not updating with my changes. (seems to be working now)

@IzzySoft
Copy link

Bitbucket is a pain in the a… behind, needing a bunch of Javascript to work at all. Doing a quick check:

  • uBlock Origin gives 3 straight warnings (Cloudfront, Newrelic, Atlassian)
  • uMatrix counter jumps straight to 17: multiple Javascript sources from Cloudfront, one from Newrelic.

That doesn't seem a good match for PTIO, but would rather make it look doubtful. I'd strongly discourage using that.


As I brought up Codeberg, let me give some details on that: it basically combines most of the pros you gave for self-hosted and NotABug (as it uses Gitea as well). Big plus: you can use if without any Javascript enabled. I didn't check all functionality, but wasn't yet stopped anywhere. Plus, all Javascript source is first party, in case one needs to permit it for some functionality. The project itself is strongly focused on F/L OSS and privacy, so it would be a good partnership. Behind it is a non-profit which was founded exactly for this purpose – as is stated a.o. on their landing page.

I rarely sign up to some service for just a single project, and I guess I'm not the only one working this way. So I'd rather sign up to Codeberg (already done) or NotABug than to a single-service. Saying: Codeberg would probably mean a bigger user base. Especially when the synergy leads to spreading the word and making Codeberg better known. Sure, that could also be said about NotABug.

Disclosure: I'm in personal contact with some of the "founding fathers" of Codeberg – which is also why I know a little about it. They're actively looking for good privacy and open source focused projects with a "good name" – and they have potential. If you wish to ask closer questions on Codeberg, I could ask one of their crew to join in, just let me know.

@ghost
Copy link
Author

ghost commented Apr 17, 2019

I had trouble creating a Codeberg account. It accepted the registration form and sent a confirmation link, but the the link gave "Your confirmation code is invalid or has expired." When I try to login, it gives no error but simply returns to the screen in a logged-out state. When I try to register again, it says my username is taken.. gives no way to send another confirmation link.

@IzzySoft
Copy link

@libBletchley strange, I don't remember such a thing. Neither can I find a matching issue in their tracker. I don't know if there's a way to send a new confirmation code.

Ah: just asked a crew member for advice. Answer: Link expires after 3h. Log in again, you should see a new confirmation button. Or try the "forgot my password" feature. He just checked to confirm that there is no issue with registrations, and could not reproduce your problem.

@ghost
Copy link
Author

ghost commented Apr 17, 2019

@IzzySoft
It had only been ~5 min between reg. submission and confirmation. When I attempt to login I don't get a denial msg, just a screen in a logged-out state showing "sign in / register" in the corner.

@IzzySoft
Copy link

So you don't get a chance to reset your forgotten password? May I ask what username you tried to register? I'd then forward it so someone can take a specific look.

@ghost
Copy link
Author

ghost commented Apr 17, 2019

i didn't realize it was the forgot password process that also fixes the email confirmation.. but it made no difference. I completed the forgotten password procedure without error, but when i login it still shows "register / sign in" on the top right. I used libBletchley.

@IzzySoft
Copy link

IzzySoft commented Apr 17, 2019

That's strange. Have you verified you call the correct (and, most important, complete ) link? Nothing cut off? No part(s) missing? Or have you maybe tapped the link twice (the second time it would fail)? Cookies allowed¹ (they are required a.o. for the session state)? Login still doesn't work? According to Codeberg, your account was successfully created and confirmed.

¹ just tested: what you describe exactly matches what would happen with cookies rejected.

@ghost
Copy link
Author

ghost commented Apr 17, 2019

uMatrix was already allowing codeberg.org cookies. I also just enabled the google cookie and it made no difference.

The emailed link is bizarre. I clicked it in the HTML-rendered email. I also did a view-source and pasted both portions.

https://codeberg.org/user/activate?code=3D2019041712230001805da17c8eb869212=
204500800b3ac52073d282e3a6c6962626c657463686c6579 ( https://codeberg.org/us=
er/activate?code=3D2019041712230001805da17c8eb869212204500800b3ac52073d282e=
3a6c6962626c657463686c6579 )

Pasted the first https://... and also the second, trimming the trailing continuation "=". It's strange they would put a 2nd copy in parenthesis.. but both fail in the same way that the rendered click does.

@IzzySoft
Copy link

Of course the two fail: I told you your account is already successfully verified, so just log in!

The quote you show really looks like a "quote": quoted-printable as used by MTAs to transport mail. That quoted from the mail source view? Hint for next time you see this: concatenate the lines after stripping the trailing = (usually it's something longer demarking the "cut place", AFAIR it was something like 3D= – but the longest constant string at EOL in your quote is =).

@ghost
Copy link
Author

ghost commented Apr 17, 2019

Signing in fails. There's no error, but I just get a page with "Register / Sign in" on the top right, indicating that my sign-in was ignored.

(edit)
Works in Firefox. So apparently Ungoogled Chromium cannot be used to login to Codeberg.

@IzzySoft
Copy link

Ah! OK, I'll forward that, thanks!

@five-c-d
Copy link

Codeberg would probably mean a bigger user base

A bigger userbase than NotABug perhaps. But not compared to github, fortunately or unfortunately. I think the privacyToolsIO folks will eventually move to their own gitlab (see the https://git.privacytools.io service they recently began providing) rather than outsource to non-self-hosted.

The advantage to github is that 1) it is already up and running and if it ain't badly broke then switching over for the sake of switching over is a mistake, and 2) any kind of switchover will cause loss of community even if the new place is self-hosted because of inertia and old hyperlinks floating around the interwebs and whatnot.

Works in Firefox

This is a symptom of that wide field-testing thing, methinks. Unless the codeberg website is one of the few which is not tested in stock GoogleChrome, in which case all chromium-based browsers might fail, not just the UngoogledChromium project?

@Mikaela
Copy link
Contributor

Mikaela commented Apr 21, 2019

In reply to me 11 days ago above at https://github.com/privacytoolsIO/privacytools.io/issues/843#issuecomment-481631551.

I still await federated accounts allowing me to login to git.privacytools.io with my dev.gajim.org (first GitLab instance that came to my mind, I am not sure I have configured keys there as I have done only commenting to issues) account so my keys get copied without a separate action, because I recently contributed into a project hosting it's own Gitlab (and the merge request wasn't even merged (yet)) and the process seems to be:

  1. Register to a new Gitlab.
  2. Add your email address to Gitlab (because I have +git in my gitconfig address)
  3. Add your SSH key to Gitlab in order to clone and push repositories
  4. Add your GPG key to Gitlab so your signed commits appear appropiately.

I think there is currently too much of annoying treshold (while at GitHub everyone using it for other projects too has already done that) that shouldn't be necessary. I think federated Gitlab login is planned somewhere, but I don't know where (and would appreciate if someone was able to give me a link to subscribe).

Good night (it's 00:41 in Finland).

@ghost
Copy link
Author

ghost commented Apr 22, 2019

The advantage to github is that 1) it is already up and running and if it ain't badly broke then switching over for the sake of switching over is a mistake,

It's broken in terms of hostility toward PTIO contributors as well as PTIO's mission against mass surveillance.

The whole git paradigm is designed to be portable with freedom from centralization. To trap yourself on one repository host despite excessive issues is to not grok the benefits of git.

and 2) any kind of switchover will cause loss of community even if the new place is self-hosted because of inertia and old hyperlinks floating around the interwebs and whatnot.

It will shrink initially but then it will be allowed to grow to include privacy-aware PTIO contributors who (quite rightly) do not use Github. That's regardless of which privacy-respecting solution is used.

If self-hosting is PTIO's future, then it will grow as a consequence of establishing a community of privacy-respecting projects in one place (as opposed to having them scattered across two privacy-hostile services [github & gitlab.com]).

Works in Firefox

This is a symptom of that wide field-testing thing, methinks. Unless the codeberg website is one of the few which is not tested in stock GoogleChrome, in which case all chromium-based browsers might fail, not just the UngoogledChromium project?

I noticed a google.com cookie in uMatrix. Even though I gave uMatrix permission to send that cookie, Ungoogled Chromium is wired not to talk to google. So it's likely that the codeberg issue is specific to Ungoogled Chromium and not other implementations.

It is, of course, a concern that Google has a role with Codeberg here. But it's still among the least evil outsourced solutions - penultimate of the lesser of evils IMO.

@ghost
Copy link
Author

ghost commented Apr 22, 2019

@Mikaela Doesn't the github proxy login solve your concern?
auth

@five-c-d
Copy link

As usual, I think you misunderstand me: you listed an issue called "software removal: github". The category of software-removal issues is intended for tools that are listed, which should no longer be listed. You have filed such issues, as I recall ;-)

Github is not software the privacyToolsIO recommends to the readership, it is just, some software that is optionally utilized by privacyToolsIO contributors: thus, the correct title for this issue about "boycott github" does not belong in software-removal, that is the wrong place. There is no category which matches what you are wanting, but if their was it would be called "contributor-optional-software removal: github" or something like that. This is all I meant with the your-comment-is-in-the-wrong-place thing. Try not to be so prickly please.

implied endorsement of a service owned by a firm that has political stances I dislike... that is no way to run a railroad, or a repo for that matter

You are pretty certain that @unnaturalname (no d at the end there) was not just marked as a spammer by the github algorithms, because they posted a bunch of identical issues in a row? Because in the OP you say "Censorship and PTIO project interference: Github staff apparently deleted a PTIO contributor." But then later you change the story, and say "The direct attack on a PTIO contributor (@unnaturalnamed) was an attack on the PTIO mission."

Where were they attacked? Were they even censored? Are you sure they were not just spamming a bunch of repos all across github, half a dozen on the 22nd and another half a dozen on the 26th, and got their github username auto-blocked? Do you have an archive of the stuff they posted, prior to the alleged censorship? And how do you leap from "github removed a username" to the "github is directly attacking the mission"? Are you positive you want to make such leaps? https://help.github.com/en/articles/github-terms-of-service#k-advertising-on-github subsection 3, second sentence.

We have a fundamental disagreement about what the mission of the privacyToolsIO website is, and of where the backend-tools used by contributors fit into that mission: you think the main website is for everyday readership, and fantasize they will all install jami, if only you can delete all the competitors&alternatives to jami from the listings. I have a more jaundiced view of humanity: I know for an absolute fact that the everyday enduser cannot run linux-on-the-desktop, cannot flash their own lineageOS, and cannot handle ethereum-usernames and ringCx-hashnums for their messenger-app. It is too much trouble, too much hassle, requires some tech-wizardry.

By stark contrast, I also know for an absolute fact that everyday endusers CAN install and use firefox, signalapp, etc. To you those projects are evil incarnate, and you don't understand why everybody just does not hand-compile ungoogledChromium and memorize their RingCx hashnum and use debian-for-the-desktop and stop owning a phone. The reason is simple: it is too hard, too much trouble/hassle/etc.

Our disagreement with respect to github is different, but has the same root cause: you could care less about how much hassle and trouble and disruption and loss of participation getting rid of github and switching over to an entirely new issue-tracker and versioning-repo will cause. To you, any amount of hassle is justified, because you fantasize that there are millions of contributors that refuse to utilize github on political grounds, and if only privacyToolsIO was not using evil github, those contributors would start to contribute.

But this is nonsense: contributions are officially accepted via federated mastodon, federated riotIM, reddit, twitter, self-hosted discourse, and github. I've seen project-owners open issues on behalf of commentary in other places, too, this is not handwaving. Contributors that refuse to use any of those options, are so few in number, they will never make up for the loss of github-contributors, and thus, leaving github is a bad decision on practical grounds.

Every tool users see PTIO using or pimping is an implied endorsement

You don't care about practical grounds, to you it is all about political guilt-by-association. Microsoft drug-tests their employees, and the war on drugs is a bad political stance, and microsoft also owns github, and privacyToolsIO has some files hosted on github, and that means privacyToolsIO is practically endorsing the DEA no-knock dawn-raids... or something like that.

This is not about privacy-respecting tools, this is purely about boycott-the-firms-that-I-dislike. If you want to boycott them, do so, If you see anybody who refuses to follow your lead and join your boycott, as your enemy, then that is your error, your loss.

when the overall direction is commitment to the cause

You are talking about boycott of a supplier-of-supplier as being "implied endorsement" and conflating that with "the cause" aka the mission of the site. The mission of the site is educating people about privacy, and recommending privacy-respecting tools.

blowing an initial decrease out of proportion

No, it is looking at the practical impact of your boycott suggestion... and the ramifications thereof, such as, what happens when SomeNewPoliticallyOrientedRepoService arises that you like even better than notabug? In this very thread, you have gone from rejecting github-and-gitlab while trumpeting notabug, to liking codeberg ... liking it so much, that you would want to switch over to it, should the notabug people have any political transgressions, during 2020.

Which means yet another big switchover, yet another loss of contributor-community size, and that won't be the end of it either, because a really really really good service will come out in 2021, and so on. Tool churn is bad enough in enduser-recommentations, but tool-churn on the backend where the site is built, has realworld pragmatic downsides.

socially responsible
trading integrity for misguided guesswork
also a betrayal [of the mission]

Uh huh. You are confusing political integrity, of your own view of how privacyToolsIO functions on the backend (where the repo is hosted in this case), with the integrity of the listings in the eyes of everyday readership.

You've just supported paragraph 3 under "Privacy-compromising
consequence [for libBletchey personally] of using Github for the PTIO project".

And you are confusing yourself personally, with "The Mission". When you read the mission, it is very clear that you interpret it as 'tools to protect your privacy' being aimed at you personally. But I don't think you are the only audience of the website. You are a person who runs linux on the desktop, noscript-or-equivalent in your browser, spends a lot of time avoiding phones and phone-number-related tracking (up to and including travel to purchase a simcard not associated with your identity), and cares enough about privacy to spend a lot of hours online fighting mass surveillance.

But I don't think the audience of www.privacyTools.io is just us wizard-level-three type folks. You claim to also believe that: you want the tool-recommendations to be suitable for use by the masses. So we agree, at least, in theory. But github is not a tool-recommendation to the masses. It isn't being recommended to them.

Most of your posts favor mass surveillance.

There is little to say here. As often happens with your attempts to attack a tool, that for whatever reason you personally dislike, and in whatever way you think will best discredit the tool and/or best discredit people that disagree with you -- as usual, you don't know what you are talking about.

it shows advanced users

Right... "advanced users" meaning you and all the people that are just like you (people that demand everybody boycott github and treat anybody who does not as just-as-evil-as-billg). People that don't understand logical fallacies, in other words. People for whom the ends justify the means, any means, in other words.

that PTIO staff is not committed to their own mission

No, it shows you cannot comprehend the mission, because you don't see any distinction between yourself and people of your mindset, and the intended audience of the website. Which is everyday readership that needs to be more educated about privacy: people that are using Windows10, people that are using Chrome, people that are using Gmail, people that are on Facebook, people that are using WeChat or Whatsapp or unencrypted SMS.

Boycott-github because guilt-by-association, is so far from being relevant to that slice of the readership -- aka the majority of humanity -- it is almost unfathomable that you are really confused here. You run Debian, UngoogledChromium, NeoMutt, Fediverse, and Jami or Wireapp. Even though wireapp is on AWS ... you made a pragmatic decision that you wanted to be able to talk to your mother. You are here, on github, and you made a pragmatic decision -- even though it runs on AWS and even though Microsoft owns it and drug-tests their employees -- to be here on github, fighting mass surveillance. I think those are good decisions that you made, without exception. All of them are fine choices.

The only downside here is that you want everybody to follow your lead. You want to boycott github, even though you didn't want to boycott github back when you signed up. Because circumstances have changed, and you believe notabug is "just as good" despite the "minor downsides". You believe that there will be a vast influx of notabug contributors, VAST influx, completely overcoming the loss of contributor-community when github is boycott'd.

Here is my advice: if you can get your mom and ten of her over-age-fifty friends, to all hand-compile their own ungoogledChromium, to install (without your doing it for them) their own Linux-for-the-desktop distro onto all their x86-based systems, stop using anything but neoMutt for their email needs, delete their facebook/twitter/amazonDotCom/Microsoft/gmail accounts and entirely switch over to the fediverse, and stop using PSTN/fbookMsgr/skype/wechat/whatsapp/wireapp/signalapp and completely go cold-turkey Jami or Tox or nothing, then I will believe you that the everyday endusers are ready to boycott github. Heck, I will immediately boycott github, if you can manage that.

Unless your mom works at CERN as a nuclear physicist or something, I'm assuming here that your mom is an everyday person ;-) But you won't be able to do it. For yourself: yes, sure, I believe you can do it. But not for a dozen everyday people born when the Berlin Wall was still standing; no chance. I've spent a lot of years trying to get people to not give their friends and relatives into the maw of facebook, stop running windows when all they really need is LibreOffice, stop using gmail when protonmail or tutanota is good enough, and pick smartphone handsets that allow them to install software they can get a modicum of trust whilst using. I have failed, that entire time, by and large. Not for myself, but I'm willing to go the extra mile... most people are not willing.

The tide is shifting though: there is starting to be a backlash. Everyday people are starting to think... hey maybe I don't have anything MUCH to hide, but does that mean I want everything I do and everyone I ever contact, to be spied upon by shady overlords? PrivacyToolsIO is here to help them upgrade their tools and to educate them about the broad issues. It is not here to insist they hand-compile UngoogledChromium or they are evil, it is not here to say "if you run windows you are implicitly endorsing github so you are an enemy of privacy and a friend of mass surveillance." That is [insert appropriate term].

Github is just one of half-a-dozen options, for the hardcore folks like ourselves that really care about privacy, to contribute on the backend. If you really cannot ethically stand contributing on github, which is hosted on AWS, and which is owned by a corporation which drug-tests their employees, then you have a bunch of other options: mastodon, discourse selfhosted at forum.privacytools.io ... et cetera. You can stay here, and that is making a pragmatic choice: you want to be involved directly on github-threads, rather than only being able to indirectly comment via riotim.privacytools.io chatrooms, and you want your words to be visible in google and bing and other non-privacy-respecting search engines. Well, okay then, do that then.

But pretending that it is only 'guesswork' to predict that switching around the repo and the issue-list from provider to provider to provider, will have a detrimental effect (vastly dwarfing any hypothetical salutory effect)... not to mention the opportunity cost where the project-maintainers have to spend a bunch of time and effort on the move to yet another new backend system rather than on improving the listing... no, that is not going to fly.

@jonaharagon
Copy link
Contributor

I'm going to close this issue for the same reason @Shifterovich closed #763: I think @BurungHantu1605 and the rest of the team is pretty firm on sticking with GitHub.

The entire premise of this thread is that we somehow recommend and endorse all of GitHub's actions. GitHub is a tool we use for development, just as Reddit and Twitter are tools used for outreach. Nothing more.

@Mikaela
Copy link
Contributor

Mikaela commented May 12, 2019

Is it just me or is this issue unfindable with search? I again looked for this a long time to point to https://github.com/privacytoolsIO/privacytools.io/issues/843#issuecomment-485375779 (my list of GitLab issues) and I had to come here through another issue even if I wrote search term ❌ Software Removal | github where I copy-pasted the beginning from another issue. Maybe GitHub doesn't like the ghost author?

@five-c-d
Copy link

is this issue unfindable with search?

Can confirm this is "invisible" somehow.

Github's internal search-engine is awful though.

the ghost author?

That could be the root cause why github-search is refusing to show 843 in the list... is there a way for the repo-project-team, to be able to change from ghost-owner to Mikaela-owner, and then put a note at the top "this issue 843 was originally filed by another github-username who is no longer registered on github with that identity" or something?

@Mikaela Mikaela self-assigned this May 12, 2019
@Mikaela
Copy link
Contributor

Mikaela commented May 12, 2019

Maybe if I assign it to myself, reopen and close again...

@Mikaela Mikaela reopened this May 12, 2019
@Mikaela Mikaela closed this as completed May 12, 2019
@Mikaela Mikaela pinned this issue May 12, 2019
@Mikaela
Copy link
Contributor

Mikaela commented May 12, 2019

Ridiculous and not a good solution.

Screenshot from 2019-05-12 16-38-02

@Mikaela Mikaela reopened this May 12, 2019
@Mikaela
Copy link
Contributor

Mikaela commented May 12, 2019

And being open changes nothing, I think I will need to contact support after reading if I can find any documentation about this issue.

@Mikaela Mikaela closed this as completed May 12, 2019
@Mikaela Mikaela unpinned this issue May 12, 2019
@five-c-d
Copy link

five-c-d commented May 12, 2019

I am able to see 843 with the following URL == https://github.com/privacytoolsIO/privacytools.io/issues?q=sort%3Aupdated-desc So it is still "in github" and visible to the githubSearch. (edit) And after a bit of searching, I am not able to find "okay one of the participants in my repo deleted their account and suddenly I cannot search for issues they filed" ... the keywords are 'too meta' so I either get millions of hits or zero. Probably best bet is to email a human at github support, with screenshots that carefully illustrate the way githubSearch behaves now, versus the way duckduckgo site-search of github behaves now, and point out that with the issue-list-query I gave above 843 does still appear in SOME kinds of search-results. They will either offer a workaround, or fix the underlying bug with any luck. Frustrating software

@Mikaela Mikaela added the Ghost label May 20, 2019
@Mikaela
Copy link
Contributor

Mikaela commented May 20, 2019

https://github.com/privacytoolsIO/privacytools.io/issues?utf8=%E2%9C%93&q=label%3A%3Aghost%3A 😈

@Mikaela
Copy link
Contributor

Mikaela commented Jul 29, 2019

I opened a new issue for this again due to new information https://github.com/privacytoolsIO/privacytools.io/issues/1062 and I wanted to add here for future readers that Notabug.org is said to be full of bugs and Cloudflare-Tor has moved from there to Codeberg.org.

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Projects
None yet
Development

No branches or pull requests

4 participants