Dear committers, dear community, Since its acquisition by a private equity firm [1], Travis CI’s quality of service has decreased drastically.
Recently, Travis CI suffered from a flaw that exposed secrets of thousands of open source projects [2]. The way the incident has been handled is unacceptable and supports the idea that Travis CI is in very low maintenance mode. We are currently scanning our organizations / repositories and we will reach out to projects that could have been affected by this flaw. In addition to this security issue, Travis CI has lowered its free OSS offering: while ceasing travis-ci.org in favor of travis-ci.com, they changed their pricing model [3, 4] and now only offer a fixed, one time amount of free credits for open source. Once consumed, one needs to beg for more. This causes issues in many OSS projects [5]. Projects hosted by the Eclipse Foundation are also concerned, and bug 574335 [6] is one example of the issue. We expect many more similar ones. When we asked for renewable credits, we got the following answer: > Thanks for your reply, at the current moment our OSS credit grants are a > manual > process. When your credits begin running low again, please reach back out to > the > Support team. That would not be too much of a bummer if the credits were allocated to all the organizations we manage, but this is on a per organization basis. It means we would need to follow credits evolution and send those requests for each organization running low on credits. This does not scale. Due to the issues mentioned above, the Eclipse Foundation will stop supporting Travis CI on GitHub organizations it manages. From now on, we won't configure any new repository / organization and we plan on removing the TravisCI GitHub app from all organizations we manage on October 20th. If you still rely on Travis CI to build your projects, feel free to reach out to us, we can help you migrate to our in-house Jenkins farm https://wiki.eclipse.org/Jenkins. Thanks. [1] https://blog.travis-ci.com/2019-01-23-travis-ci-joins-idera-inc <https://blog.travis-ci.com/2019-01-23-travis-ci-joins-idera-inc> [2] https://arstechnica.com/information-technology/2021/09/travis-ci-flaw-exposed-secrets-for-thousands-of-open-source-projects/ <https://arstechnica.com/information-technology/2021/09/travis-ci-flaw-exposed-secrets-for-thousands-of-open-source-projects/> [3] https://blog.travis-ci.com/2020-11-02-travis-ci-new-billing <https://blog.travis-ci.com/2020-11-02-travis-ci-new-billing> [4] https://blog.travis-ci.com/oss-announcement <https://blog.travis-ci.com/oss-announcement> [5] https://www.jeffgeerling.com/blog/2020/travis-cis-new-pricing-plan-threw-wrench-my-open-source-works <https://www.jeffgeerling.com/blog/2020/travis-cis-new-pricing-plan-threw-wrench-my-open-source-works> [6] https://bugs.eclipse.org/bugs/show_bug.cgi?id=574335 <https://bugs.eclipse.org/bugs/show_bug.cgi?id=574335> Mikaël Barbero Manager — Release Engineering and Technology | Eclipse Foundation 🐦 @mikbarbero Eclipse Foundation <http://www.eclipse.org/>: The Platform for Open Innovation and Collaboration
signature.asc
Description: Message signed with OpenPGP
_______________________________________________ cross-project-issues-dev mailing list cross-project-issues-dev@eclipse.org To unsubscribe from this list, visit https://www.eclipse.org/mailman/listinfo/cross-project-issues-dev
