On 07/18/2017 08:35 AM, Dominik Ruf wrote:
Mads Kiilerich <[email protected] <mailto:[email protected]>>
schrieb am Di., 18. Juli 2017 um 01:10 Uhr:
Hosting of code from open source contributors requires some continous
amount of work and resources. Both for establishing trust and for
cleaning up when rogue players abuse the system anyway.
How is that different onbitbucket.org <http://bitbucket.org/>?
What kind of abuse do you suspect?
Bitbucket do (for the same reason) have a legal department, constant
monitoring, and people and process for dealing with DMCA takedown
notices and similar.
If we open loopholes where anybody can make anything available for
download, it will be abused for hosting illegal content.
But it can be
done, assuming we want to do it and establish a realistic process and
tooling.
Also, Kallithea is mainly used internally inside organisations. It has
not been optimized for hosting open source projects with "random"
contributors. I think some of the short-comings are quite obvious
Not to me.
Before I would host a fully public site with self-registration and
untrusted users, I would want more isolation between users, quotas, and
for example a concept of a user home. One current show-stopper-ish
feature is the need for subscribing to be CCed on all PRs and comments
for a repo.
- we
don't need dogfooding to find these.
It is not only about finding issues. It also send a message to
potential users.
Would you eat at McDonalds, if their employees eat at Burger King?
I would have even more dislike for McDonalds if their employees *only*
ate McDonalds food. McDonalds might be good for some purposes, but it is
not a solution to all problems and not a full diet.
Kallithea has mainly been developed and seen improvements for use inside
organizations. It is not so much built for hosting open source projects.
That would have other requirements that probably are less relevant to
the main use case. We *could* use it for Kallithea, but I don't have a
problem with admitting that this is not a use case we have aimed for so far.
It would be nice to use non-proprietary software, but I don't have a big
problem with Bitbucket as long as the repos are in a standard format
that can be used anywhere ... and are mirrored on our own infrastructure
with free software.
But if Andrew configure account for you (and other trusted
contributors), then it is perfectly fine to use our own Kallithea for PRs.
/Mads
_______________________________________________
kallithea-general mailing list
[email protected]
https://lists.sfconservancy.org/mailman/listinfo/kallithea-general
