2209
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
this post was submitted on 28 Mar 2025
2209 points (100.0% liked)
Technology
68723 readers
3304 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related news or articles.
- Be excellent to each other!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
- Check for duplicates before posting, duplicates may be removed
- Accounts 7 days and younger will have their posts automatically removed.
Approved Bots
founded 2 years ago
MODERATORS
We need something like Forgejo, but decentralized and federated, like Lemmy. I don't want to create a new account for every Forgejo instance, just to be able to report a bug...
Edit: Added "and federated"
Forgejo is in fact working on being decentralized, just like the underlying git structure is. There are some first federation things in there, but the full implementation is still pretty far out.
Git is decentralized itself... You don't even need forgejo to host your changes
Git is already decentralized, nothing is stopping you from adding multiple remotes to your repo.
The issue tracker is usually the concern
Yeah, that was my point in the first comment... But not only that...
The development with multiple people is decentralized, yes...
But even, if I add 3 remotes to my repo (1 to GitHub, 1 to Forgejo instance A and 1 to Forgejo instance B), guess what happens, if you don't have an account on each of these... Try pushing code or making a pull request and see how it fails, because you are not authenticated...
Federation is on their roadmap
https://forgejo.org/faq/#is-there-a-roadmap-for-forgejo
You know, git initially was that kind of thing where people would send diff commits on mailing lists. Git is perfectly decentralized already. And there's no need for federation.
Forgejo is already decentralized too. You could host your own instance right now, if you'd want.
There is this, havent tried
https://radicle.xyz/
Have you heard of ... Git?
:-)
Edit: I was jesting, got interesting responses!
There is no command
git issue create [hostname] [title] [description]and if there was such a command, it'd require authentication on the specific instance to prevent spam.You still need to create an account on each Forgejo instance to report a bug there...
And even, if you commit code or make a pull request... Git might be decentralized (you can develop with your friend independently from each other and merge it), but try to commit code to a GitHub project, GitLab instance or Forgejo instance without having an account there to authenticate yourself... It won't work.
You mean git inherently requires you to identify yourself?
Huh, shock
I'm not sure what you are trying to say.
My point was from the beginning that I don't want to create 2 accounts when I report a bug a bug on Forgejo instance 1 and on instance 2.
The suggestion whether I have heard about git does not solve anything about that...
Some one else here mentioned that it's possible to login with Mastodon on each of the instance, which is the correct direction (allows to report a bug on both instances via an external account). Disadvantage is still: My 2 bug reports are not linked to each other, because there is no shared Forgejo profile, which would actually require something like federation.
git identification has nothing to do with authentication, as any sane person with git experience knows
if you are looking for decentralised vcs you can try radicle, I tried a while ago pretty good. FYI Forgejo supports mastodon login
That's interesting. Did not even know, Mastodon supported doing something like this...
There is still a difference: There is no profile in the end. I might create 2 bug reports, bit they won't be linked to each other.
Gitea has basic federation, I believe
Gitea is where Forgejo forked from.
I think that's bad (for my personal use) because if I accidentally commit a secret key, how do I claw it back? Basically, how would I claw anything back if it's on a blockchain aka on thousands/millions of computers already (you can't).
If you push a secret key you should definitely generate a new one. Way to many bots out there that scan new commits for exactly that reason
Yeah please just rotate the secret if that happens. Doesn't matter what platform it is, this is true of GitHub as well. Secrets that are accidentally published are no longer secret.
Yeah it's not an insurmountable problem but it has happened to me where I push some commits and I realize "oh lemme remove this code because it leaks a little info about me personally" etc
Obviously you go and change the key instead?
that's already a concern. what if someone just cloned your repo? there's also plenty of people that mirror public repos to their personal forgejo server. forgejo makes it very easy.
the only solution to mitigate such a mistake is to
1) invalidate the token
2) remove the commit
In that order.
I did not mean decentralized hosting of the projects (e.g. your project will be on all instances).
I meant decentralized account usage (e.g. you can use your example.com forgejo account to create an issue on otherexample.org)... Just like Lemmy... I could use my reddthat.com lemmy account to create a post on your instance lemmy.world without having to register there.
You are correct in principle, but Lemmy isn't on a blockchain. It's much less permanent.
You can make commits on your system without pushing them to the remote server, and that’s the default behavior.
Wouldn't it be the other way around, having someone centralized so with one account you can report bugs in any public project?
Do you know how lemmy works?
I do, what I don't know is how Forgejo works. Doesn't having to make an account for every project mean it's already decentraliced, but just doesn't communicate between instances?
I agree that it's already kind of decentralized, so I also added the word "federated" to my original post.
Okay, that makes it way more clear ;b
Rather have it on IPFS or something like OrbitDB, so no one can just lock/delete stuff.