> Ah, that's interesting. So my concern is whether github is a safe long-term > bet. Specifically what is there to prevent some third party from buying > github, or of github going public and the board taking the decision, or > github on its own, deciding to charge for hosting, keeping the data hostage > to extract payment? What safeguards are in place to prevent this?
> I'm not interested in "this will never happen" arguments. I'm interested in > hard data please. GitHub explicitly reserves the right to shut down without notice, however considering they have ~10M users and ~30M repositories (ranging from small one-person projects, over programming languages, to governmental programs), do you really think it is a real scenario? Thousands and thousands of extra services directly depend on github; e.g. package managers like npm or bower pull directly from GH. If they would shut down, half of the internet would follow. Now I am not saying that this can't happen, all I am saying is that worrying that they would shut down from day-to-day without any notice is baseless, so if anything you should evaluate whether such scenario is something that you should worry about (compared to your house burning down or being flooded destroying your computer, home server and all on-site backup drives, which is something that happens regularly to people). But let's assume that evil corporate aliens send a meteor shower that hits all github datacenters. What are the primary offerings of GitHub? 1) online git repository 2) bug tracker 3) online collaboration 4) wiki/github pages --- those are just another git repositories, so it's same as 1) 5) organizations 6) other cowbells (graphs, contribution charts, etc. however those are just aggregations) Git is decentralized. So even if you have some central hub, such as github, or bitbucket, or gitlab, you are not writing your code directly on the website so at least one of the contributors will have the latest code. So if you are unprepared and you are hit by this scenario you don't lose your code. However as someone already pointed out, you can lose your bugs (would that be great? :)) and comments. If you are worried about it, you can always make a plan and back it up regularly https://github.com/joeyh/github-backup The only alternative is that you host it yourself (obviously you can't just use someone else because the issues will apply again). And now you have a billion of new problems: 1) you need a home server, or _paid_ virtual server, which costs money (either in the form of VS, or buying new components and paying for electricity bills) 2) you need to maintain it, which costs you time and energy (and time = money) 3) it will be slower, have worse uptime, and break (because you are not 500 people, do not have a reliable datacenters and things always go wrong) 4) it will not scale (it may be sufficient for you, or internal projects inside walls of your company; but if you want to open it to the world (because it is open source) then you have yet another world of trouble) 5) you still need to do off-site backups So all in all you will trade security of decisions of a malicious board and exchange it for other, much more realistic problems. And if such board would do that intentionally, it would definitely end up in court. Just because they proclaim in their TOS that they are free of any responsibility doesn't mean they actually are; especially if they intentionally mean harm. (And keeping your data hostage is very likely criminal.) To summarize: 1) use github 2) make off-site backups 3) be happy Peter On Thu, Dec 17, 2015 at 6:42 PM, Esteban A. Maringolo <[email protected]> wrote: > You can have your own Git infraestructure with something like GitLab > Community Edition (Free) or Enterprise (Paid). > <https://about.gitlab.com/features> > > The "good thing" about Github is that it gives visibility to what you > do, which for Pharo/Squeak could be a big thing. If all the code in > SmalltalkHub was moved to Github, the popularity of Smalltalk would go > to the top 20. > > Regards! > > Esteban A. Maringolo > > > 2015-12-17 14:37 GMT-03:00 Holger Freyther <[email protected]>: >> >>> On 17 Dec 2015, at 18:29, Eliot Miranda <[email protected]> wrote: >>> >>> Hi Ben, Hi All, >>> >>> >> >> >>> Ah, that's interesting. So my concern is whether github is a safe >>> long-term bet. Specifically what is there to prevent some third party from >>> buying github, or of github going public and the board taking the decision, >>> or github on its own, deciding to charge for hosting, keeping the data >>> hostage to extract payment? What safeguards are in place to prevent this? >>> I'm not interested in "this will never happen" arguments. I'm interested >>> in hard data please. >> >> >> 1.) You will lose bug reports (if you decide to use bugtracker) >> 2.) You will lose comments/discussion on pull requests >> 3.) You might lose the wiki content >> 4.) Unless you and nobody else in this community has the git tree you lose >> the history of >> the project. >> >> >> 1.) You might decide not to use their bug tracker? >> 2.) You might decide not to use the pull request workflow or risk losing >> some context that >> is outside the commit message, change. >> 3.) Don't use it then. >> 4.) One can mitigate by either automatically synchronising the repo to >> another place or >> by having the primary somewhere else (which makes 2nd more hard than it >> should be). >> >> => long term. Keep a backup of the repo (and with git you always have that >> anyway) and >> if they kick everyone out, push it to another server. >> >> I hope this helps. >> >> holger >> >> >> >> PS: For my C level GSM stuff we run our own git infrastructure on >> git.osmocom.org and >> github is mirroring some of the repos to github.com/osmocom. This way people >> can discover >> our sources more easily, we discover 'forks' but right now we don't use the >> pull request system >> at all. >
