We need something like Forgejo, but decentralized and federated, like Lemmy. I don’t want to create a new account for every Forgejo instance, just to be able to report a bug…
Forgejo is in fact working on being decentralized, just like the underlying git structure is. There are some first federation things in there, but the full implementation is still pretty far out.
You know, git initially was that kind of thing where people would send diff commits on mailing lists. Git is perfectly decentralized already. And there’s no need for federation.
Forgejo is already decentralized too. You could host your own instance right now, if you’d want.
There is no command git issue create [hostname][title][description] and if there was such a command, it’d require authentication on the specific instance to prevent spam.
You still need to create an account on each Forgejo instance to report a bug there…
And even, if you commit code or make a pull request… Git might be decentralized (you can develop with your friend independently from each other and merge it), but try to commit code to a GitHub project, GitLab instance or Forgejo instance without having an account there to authenticate yourself… It won’t work.
My point was from the beginning that I don’t want to create 2 accounts when I report a bug a bug on Forgejo instance 1 and on instance 2.
The suggestion whether I have heard about git does not solve anything about that…
Some one else here mentioned that it’s possible to login with Mastodon on each of the instance, which is the correct direction (allows to report a bug on both instances via an external account). Disadvantage is still: My 2 bug reports are not linked to each other, because there is no shared Forgejo profile, which would actually require something like federation.
I think that’s bad (for my personal use) because if I accidentally commit a secret key, how do I claw it back? Basically, how would I claw anything back if it’s on a blockchain aka on thousands/millions of computers already (you can’t).
Yeah please just rotate the secret if that happens. Doesn’t matter what platform it is, this is true of GitHub as well. Secrets that are accidentally published are no longer secret.
Yeah it’s not an insurmountable problem but it has happened to me where I push some commits and I realize “oh lemme remove this code because it leaks a little info about me personally” etc
that’s already a concern. what if someone just cloned your repo? there’s also plenty of people that mirror public repos to their personal forgejo server. forgejo makes it very easy.
the only solution to mitigate such a mistake is to 1) invalidate the token
2) remove the commit
I did not mean decentralized hosting of the projects (e.g. your project will be on all instances).
I meant decentralized account usage (e.g. you can use your example.com forgejo account to create an issue on otherexample.org)… Just like Lemmy… I could use my reddthat.com lemmy account to create a post on your instance lemmy.world without having to register there.
I do, what I don’t know is how Forgejo works. Doesn’t having to make an account for every project mean it’s already decentraliced, but just doesn’t communicate between instances?
We need something like Forgejo, but decentralized and federated, like Lemmy. I don’t want to create a new account for every Forgejo instance, just to be able to report a bug…
Edit: Added “and federated”
Forgejo is in fact working on being decentralized, just like the underlying git structure is. There are some first federation things in there, but the full implementation is still pretty far out.
Git is decentralized itself… You don’t even need forgejo to host your changes
Git is already decentralized, nothing is stopping you from adding multiple remotes to your repo.
Federation is on their roadmap
https://forgejo.org/faq/#is-there-a-roadmap-for-forgejo
You know, git initially was that kind of thing where people would send diff commits on mailing lists. Git is perfectly decentralized already. And there’s no need for federation.
Forgejo is already decentralized too. You could host your own instance right now, if you’d want.
There is this, havent tried
https://radicle.xyz/
Gitea has basic federation, I believe
Gitea is where Forgejo forked from.
if you are looking for decentralised vcs you can try radicle, I tried a while ago pretty good. FYI Forgejo supports mastodon login
That’s interesting. Did not even know, Mastodon supported doing something like this…
There is still a difference: There is no profile in the end. I might create 2 bug reports, bit they won’t be linked to each other.
Have you heard of … Git?
:-)
Edit: I was jesting, got interesting responses!
There is no command
git issue create [hostname] [title] [description]and if there was such a command, it’d require authentication on the specific instance to prevent spam.You still need to create an account on each Forgejo instance to report a bug there…
And even, if you commit code or make a pull request… Git might be decentralized (you can develop with your friend independently from each other and merge it), but try to commit code to a GitHub project, GitLab instance or Forgejo instance without having an account there to authenticate yourself… It won’t work.
You mean git inherently requires you to identify yourself?
Huh, shock
I’m not sure what you are trying to say.
My point was from the beginning that I don’t want to create 2 accounts when I report a bug a bug on Forgejo instance 1 and on instance 2.
The suggestion whether I have heard about git does not solve anything about that…
Some one else here mentioned that it’s possible to login with Mastodon on each of the instance, which is the correct direction (allows to report a bug on both instances via an external account). Disadvantage is still: My 2 bug reports are not linked to each other, because there is no shared Forgejo profile, which would actually require something like federation.
git identification has nothing to do with authentication, as any sane person with git experience knows
I think that’s bad (for my personal use) because if I accidentally commit a secret key, how do I claw it back? Basically, how would I claw anything back if it’s on a blockchain aka on thousands/millions of computers already (you can’t).
If you push a secret key you should definitely generate a new one. Way to many bots out there that scan new commits for exactly that reason
Yeah please just rotate the secret if that happens. Doesn’t matter what platform it is, this is true of GitHub as well. Secrets that are accidentally published are no longer secret.
Yeah it’s not an insurmountable problem but it has happened to me where I push some commits and I realize “oh lemme remove this code because it leaks a little info about me personally” etc
Obviously you go and change the key instead?
You can make commits on your system without pushing them to the remote server, and that’s the default behavior.
that’s already a concern. what if someone just cloned your repo? there’s also plenty of people that mirror public repos to their personal forgejo server. forgejo makes it very easy.
the only solution to mitigate such a mistake is to
1) invalidate the token
2) remove the commit
In that order.
I did not mean decentralized hosting of the projects (e.g. your project will be on all instances).
I meant decentralized account usage (e.g. you can use your example.com forgejo account to create an issue on otherexample.org)… Just like Lemmy… I could use my reddthat.com lemmy account to create a post on your instance lemmy.world without having to register there.
You are correct in principle, but Lemmy isn’t on a blockchain. It’s much less permanent.
Wouldn’t it be the other way around, having someone centralized so with one account you can report bugs in any public project?
Do you know how lemmy works?
I do, what I don’t know is how Forgejo works. Doesn’t having to make an account for every project mean it’s already decentraliced, but just doesn’t communicate between instances?
I agree that it’s already kind of decentralized, so I also added the word “federated” to my original post.
Okay, that makes it way more clear ;b
deleted by creator
Rather have it on IPFS or something like OrbitDB, so no one can just lock/delete stuff.