337
announcing freenginx.org (mailman.nginx.org)
submitted 9 months ago by exception4289@lemmy.world to c/linux@lemmy.ml

Maxim Dounin announces the freenginx project.

As such, starting from today, I will no longer participate in nginx development as run by F5. Instead, I’m starting an alternative project, which is going to be run by developers, and not corporate entities:

top 50 comments
sorted by: hot top controversial new old
[-] BreakDecks@lemmy.ml 81 points 9 months ago

The name of this project is a death sentence. F5 owns the NGINX trademark. A successful fork of this will need to have a new name.

When Oracle ruined Hudson, the community forked it and renamed it to Jenkins, and Oracle lost their investment. The same should be possible with NGINX (BSD vs. MIT, IANAL).

[-] devfuuu@lemmy.world 19 points 9 months ago

He's russian. Trademarks and copyright doesn't matter.

[-] Anarch157a@lemmy.world 26 points 9 months ago

That might be true inside Russia, but not in the rest of the world. F5 could sue in the US and force the registrar responsible for the .org TLD to hand the domain to them.

In his place, I would chosen something related but different enough to avoid trademark infringement, like "Freeginx". IANAL, but I believe sometimes all it takes is one letter to keep lawyers away.

[-] electricprism@lemmy.ml 2 points 8 months ago

IMO he would have been better off reversing the letters to something like XNGIN2 or some other clever play on the old theme.

Besides the new name being problematic it's plain aweful.

Feels like Gentoo ==> Funtoo -- Gentoo is a infinitely better name IMO.

[-] fmstrat@lemmy.nowsci.com 62 points 9 months ago* (last edited 9 months ago)

TLDR; F5 owns Nginx. Making corporate over security decisions. New community fork from one of the core devs at http://freenginx.org/. Too new to know if it will be adopted by other mainstream projects that currently leverage/embed nginx.

Note: If you use nginx and are concerned about security, consider a look at projects such as owasp/modsecurity-crs which include security layers on top of nginx.

[-] xinayder@infosec.pub 47 points 9 months ago

That doesn't seem to be the case. From what I read on HN, the dev quit because he thought it didn't make sense to submit CVEs for temporary/wip solutions, and F5 thought otherwise.

So as I see it, the developer quit because he didn't agree that a CVE should be opened for a work-in-progress solution that was live on Nginx.

[-] acockworkorange@mander.xyz 36 points 9 months ago

So basically just drama?

[-] exception4289@lemmy.world 17 points 9 months ago

That's what I read, too.
It gives a new perspective on the subject.

Sad to see the workforce being split up, though.

[-] MangoPenguin 24 points 9 months ago

Making corporate over security decisions.

I read the opposite essentially, that F5 is publishing CVEs and the dev did not want them to.

[-] towerful@programming.dev 14 points 9 months ago

Yeh, seems like the CVEs were against an alpha branch.
So, perhaps its a good reminder not to use alpha in production... But I feel it warranted a bug report instead of a "Common Vulnerabilities and Exploits" notice, normally something used to notify potentially production deployed systems of an issue.

That would be like Pepsi issuing a product recall to all retail outlers for a product that has only been tested internally (kinda)

[-] Kushan@lemmy.world 11 points 9 months ago

I think it's more like pepsi issuing a product recall for something that has been accidentally left on the side of the road. You know you should not be drinking it anyway, but you also know someone would try it.

[-] Bene7rddso@feddit.de 3 points 9 months ago

It was on purpose on the side of the road so people could gice feedback. But the issue wasn't a health issue (privilege escalation, etc), it just wasn't tasty (DoS). Something you really don't want to sell in the store, but in an alpha/beta version it's no big deal

[-] BaumGeist@lemmy.ml 1 points 9 months ago

I'll justbuse this excuse to repost my thoughts from the other threas https://lemmy.ml/comment/8358568

[-] QuazarOmega@lemy.lol 35 points 9 months ago

Sad to see such an established project split up

[-] GravitySpoiled@lemmy.ml 31 points 9 months ago
[-] NotSteve_@lemmy.ca 22 points 9 months ago* (last edited 9 months ago)

Does it actually make sense to call it free nginx? It seems like that'd just cause confusion, especially if the projects diverge. Most of the time when this happens they choose a new name (like MariaDB vs MySQL)

That being said, I wish the project all the best. I use nginx both professionally and personally so I'll be keeping an eye on this.

[-] Kerb@discuss.tchncs.de 11 points 9 months ago

probably wont be the name for long anyway.

aparently F5 Networks. owns a trademark for nginx.

[-] NotSteve_@lemmy.ca 7 points 9 months ago

That makes it even worse then 😅. The whole thing seems kind of silly

[-] admin@lemmy.my-box.dev 15 points 9 months ago

A few years ago some other nginx devs also split off to create the fork Angie. I wonder why they didn't join forces. My guess would be egos.

[-] ResoluteCatnap@lemmy.ml 3 points 9 months ago

The "angie" fork shares the same problem as nginx run by F5: it's run by a for-profit corporate entity. Even if it's good enough now, things might change unexpectedly, like it happened with F5.

https://mailman.nginx.org/pipermail/nginx-devel/2024-February/YIFSHIYSKDFBYZ2QRA3WF6SRPGIBDBKI.html

[-] haui_lemmy@lemmy.giftedmc.com 13 points 9 months ago

Sounds great. I hope this project succeeds.

[-] boo_ 7 points 9 months ago

Does nginx give me anything over apache httpd in the year of our lord 2024? I've used both for hosting servers but never really understood the difference, as apache seems to have incorporated the important improvements that nginx made iirc.

[-] wolf@lemmy.zip 2 points 8 months ago

Using both, too.

Supposedly NGINX gives you better peak performance and the configuration file format is more popular.

I would guess that peak performance is only a concern when being google/netflix/amazon, otherwise I would bet the bottleneck is somewhere else.

Further, NGINX seems to have become the default reverse proxy for all start ups, companies etc. around 10 years ago and thanks to group thinking by now one has to explain when using something else than NGINX.

What I really miss from Apache is Apaches awesome letsencrypt module w/o the need for certbot. (If somebody knows about a module for NGINX which takes care of letsencrypt w/o certbot, please enlighten me.)

In summary: Technical Apache and NGINX are IMHO mostly interchangeable (outside of peek performance demands), but the market/herd/group think prefers NGINX.

[-] Slotos@feddit.nl 1 points 8 months ago

Sorry, but you don’t get to claim groupthink while ignoring state of Apache when Nginx got released.

Apache was a mess of modules with confusing documentation, an arsenal of foot guns, and generally a PITA to deal with. Nginx was simpler, more performant, and didn’t have the extra complexity that Apache was failing to manage.

My personal first encounter was about hosting PHP applications in a multiuser environment, and god damn was nginx a better tool.

Apache caught up in a few years, but by then people were already solving different problems. Would nginx arrive merely a year later, it would get lost to history, but it arrived exactly when everyone was fed up with Apache just the right amount.

Nowadays, when people choose a web server, they choose one they are comfortable with. With both httpds being mature, that’s the strongest objective factor to influence the choice. It’s not groupthink, it’s a consequence of concrete events.

[-] matcha_addict@lemy.lol 1 points 8 months ago

Does Apache have something like nginx's OpenResty? That may be a significant benefit too.

load more comments (2 replies)
[-] baatliwala@lemmy.world 5 points 9 months ago* (last edited 9 months ago)

It's weird but I'm siding with the company on this one. With what little context we've been given the dev sounds like a stereotypical reddit moderator.

[-] rwhitisissle@lemmy.ml 2 points 9 months ago

"Freen Ginks"

[-] scratchandgame@lemmy.ml 2 points 9 months ago

I hope they will not switch to AGPL.

[-] lemmylem@lemm.ee 1 points 9 months ago
[-] AMDIsOurLord@lemmy.ml 11 points 9 months ago

No, it's very good, corpo lovers however hate it because it cuts the hands of corpo trash and also lax licenses

[-] scratchandgame@lemmy.ml 2 points 9 months ago* (last edited 9 months ago)

It's really good that I cannot statically link with something GPL or AGPL licensed without licensing my software GPL?

GNU is failing, in the rise of Chimera Linux.

corpo lovers however hate it

(After capitalism is socialism. When corpo can't exist along with the society, we will help you in political and you will help us to get from poverty to capitalism, to achieve socialism as soon as possible?)

because it cuts the hands of corpo trash and also lax licenses

So *GPL aren't considered free software, they are just open source, because they restrict modification and redistribution. Then you borned the term FOSS which is superfluous, to get the BSD license and GPL in the same house?

(GNU still illegally use the term "free software")

[-] AMDIsOurLord@lemmy.ml 11 points 9 months ago

Actually, GNU is free software because it not only preserves the freedom of the user but it also preserves the freedom of the entire ecosystem. Lax licenses allow those freedoms to be taken away, a corporation can use that software to create a proprietary alternative and outcompete the open source one. With GPL, such maneuver is impossible.

[-] scratchandgame@lemmy.ml 1 points 9 months ago* (last edited 8 months ago)

No, free software does not have any restriction in any granted right, it is a requirement if they (authors) want themselves attributed.

GNU put restriction on modification and redistribution. Then they are just "open source", then they have do define the term "Free and Open source software" which use more words to describe the same thing (assume free software = foss, because GNU always claimed they are making free software).

With GPL, such maneuver is impossible.

Much innovations is impossible.

And such long word for a license, I don't want it fill up my A4.

[-] lemmylem@lemm.ee 6 points 9 months ago* (last edited 9 months ago)

Well, it hinges on your philosophical stance. GNU prioritizes user freedom by licensing every software piece and its derivatives under Free Software licenses like GPL. The advantage lies in creating an environment where constant license checks are unnecessary, providing a more streamlined and freedom-focused user experience.

[-] AMDIsOurLord@lemmy.ml 2 points 9 months ago

Yes it is, that's the point

Look at the corporate exploitation of free software and see that Stallman was right

[-] scratchandgame@lemmy.ml 1 points 9 months ago* (last edited 9 months ago)

Chimera Linux is the point.

But it is project's philosophy, both BSD and GNU project will flame us if you teach them about licensing things

Disaster comes from our mouth

[-] AMDIsOurLord@lemmy.ml 5 points 9 months ago

Lol some shitty distro used by almost nobody, and serves no interest other than corpo lover's interests

[-] scratchandgame@lemmy.ml 1 points 8 months ago

About Chimera Linux is shitty, no, it is accessible for script kiddies since it use GNOME. It might gain popularity... some day... but I don't think the day is too far

And enthusiasts will love it. But you hate it because you like to war on what license to use than to patch a bunch of software to make it work for musl (and perhaps, clang). You can only see they are "corpo lovers" but not realize that they are different from most linux by popularizing softwares that are unpopular if they are intended to be "superior".

I hope you can get on realistic communism and understand that communism (socialism is much near) with infinite high tech is built on capitalism, and any communism that is not built on capitalism can only exist when people do not have enough food and aren't developed. When you haven't reach high capitalism (like Viet Nam) corpo + single party government that protect the rights of workers is the only way to do.

Lenin wrote: "The age of referencing books to discuss about socialist revolutionary credo has forever passed. I deeply believe that that era is over to never return. Today, we can only base our debates on socialism on the basis of experience." (perhaps poorly translated.)

[-] scratchandgame@lemmy.ml 1 points 9 months ago* (last edited 9 months ago)

At least I escape unreadable and unmodifiable GNU stuff

I saw your interest in Marxism-Leninism. Marx taught: Labor productivity is the premise for this society to win over the old society (poorly translated because I read translated textboot)

(Năng suất lao động là tiền đề để xã hội này chiến thắng xã hội cũ)

So the communists must learn to do business. Otherwise it is dogma, moralism (and soon become revisionism). Look at Viet Nam, we would have a pure capitalist government if we don't switch to market economy (reactionalists backed by US would rebel and they are supported by 3/4 Vietnamese poor people). Now poverty has fallen into history.

[-] AMDIsOurLord@lemmy.ml 4 points 9 months ago

Nothing prevents GNU software to do business, as already proven by quite many successful corporations. BSD and MIT licenses will only result in exploitation, e.g Sony and Apple who take fruits of open source labor and give nothing back. The bourgeoisie is only inclined to enslave the proletariat and it's labor, GPL stands in it's way.

[-] scratchandgame@lemmy.ml 1 points 9 months ago* (last edited 9 months ago)

Nothing prevents GNU software to do business

GNU already stated themselves, but they prohibit modification and redistribution: any modification must also fall under GPL. Perhaps I want my code public domain or 0BSD? In practical, commercial also mean modified.

From your writing I have seen you as a dogmatism of Marxism-Leninism. That's revisionism. Nowadays new Marxism learn about Marxism-Leninism, then talk about how the business could get better, and competitive with other Marxism (to make money for the capitalists.) to produce more high-quality products

Anyone dislike? Marxism is always against dogmatism.

[-] merthyr1831@lemmy.world 1 points 8 months ago

I sympathise with the dude dev but corporate loves corporate; I dont think the project is going to attract much funding if it's purely a 'libre' fork.

this post was submitted on 15 Feb 2024
337 points (100.0% liked)

Linux

48143 readers
476 users here now

From Wikipedia, the free encyclopedia

Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).

Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word "Linux" in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.

Rules

Related Communities

Community icon by Alpár-Etele Méder, licensed under CC BY 3.0

founded 5 years ago
MODERATORS