this post was submitted on 28 Mar 2024
170 points (96.7% liked)

Selfhosted

40734 readers
339 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don't duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 2 years ago
MODERATORS
 

This is from last month, but I haven't seen any discussion of it. Seems like Forgejo is now a hard fork of Gitea, instead of being a soft fork like it was over the previous year.

The main reason I'm posting it now is this: "As such, if you were considering upgrading to Forgejo, we encourage you to do that sooner rather than later, because as the projects naturally diverge further, doing so will become ever harder. It will not happen overnight, it may not even happen soon, but eventually, Forgejo will stop being a drop-in replacement."

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 91 points 9 months ago (2 children)

Because gitea is fully the victim of corporate capture. Any PRs that make gitea better in a way that would reduce the main corporate “sponsor” profit are rejected.

The company has a conflict of interest with the community and it shows. Forgejo is sponsored by a non profit open source cooperative.

[–] [email protected] 21 points 9 months ago (1 children)

Any examples of this? PRs that are good overall but not for corporate sponsor?

[–] [email protected] 33 points 9 months ago* (last edited 9 months ago) (1 children)

https://codeberg.org/forgejo/discussions/issues/67

The biggest issue is they require your to give them your rights as they pertain to copyrights.

That means even if you submit MIT or GPL licensed code they can just instantly say “we relicense this code as proprietary” and there is nothing anyone can do.

They rejected a bunch of valid PRs. Including the one linked here because the author refused to assigned their copyrights to the Gitea corporation.

[–] [email protected] 24 points 9 months ago* (last edited 9 months ago) (3 children)

Thanks for the link. But is this really unseen in FOSS? My understanding is some FOSS projects do this so that it is easy to make major decisions without having to bring every person that has ever contributed to the project, kinda like how ZFS is stuck with license issues because they can't bring all contributors together to approve a license change.

[–] [email protected] 8 points 9 months ago* (last edited 9 months ago) (1 children)

No, it can happen when the organization that owns the product decides to change the license, to include making a product closed-source. Redis just changed from BSD to dual-license SSPL and a custom license, for example.

Because Gitea is MIT-licensed, Gitea Ltd. is well within their rights to change the license on Gitea to any license they please, including the "fuck you all rights reserved" license. However, unless specified in the license, you cannot revoke a previous license. So even if it's closed going forward, you can still continue to use the last MIT version under that license.

You cannot do this with GPL code, however, because the GPL states that any work derived from something under the GPL must also be licensed under the GPL ("copyleft"). The person you are replying to seems to not know that the MIT license has no such requirement.

[–] [email protected] 1 points 9 months ago* (last edited 9 months ago)

Well yeah, that's how licenses and copyright work - licenses can change. And sure on an adversary take-over (or corporate overloads taking control), that's problematic. However the beauty is, it's still MIT code: It can be forked (see what's happening with redis). However a project copyright (and DCO) is not in place to enable just that, it's in place to enable any license change by the project. Say a license is updated and there are good reasons for the project to move to the updated license - I think it's pretty reasonable that the project would like to be able to do that and therefore retain copyright. Of course you are also free not to contribute such a project. However claiming it's a license violation or unheard of is pretty disingenuous (formerly ingenious, thanks :) ).

This has nothing to do with GPL or MIT: If you own copyright of a GPL licensed code-base, you can change that license at any time. Of course that only applies to new code. And that's the same for GPL or MIT or any other license.

[–] [email protected] 4 points 9 months ago (1 children)

I'm not one to fight for software taken over by a corporate that is against FOSS. If you like Gitea, stick with it till you have a problem

[–] [email protected] 1 points 8 months ago (1 children)

My concern is that this hard fork means "till you have a problem" might be too late for a smooth switch.

[–] [email protected] 1 points 8 months ago (1 children)

I'm not going to be able to convince people to move. I'm sticking with Forjego until something goes wrong.

[–] [email protected] 2 points 8 months ago

I'm not trying to start an argument, just looking for that balance between "gitea hasn't done anything wrong yet" and "what if forgejo runs out of steam and the project stalls"

[–] [email protected] 3 points 9 months ago (1 children)

There are some advantages but generally it's better for everyone to keep their on copyright to prevent a company being able to take over and then deny users the software freedoms intended by the original license.

[–] [email protected] 1 points 9 months ago (1 children)

But everyone does keep their license. A company can not really take over in the sense that you lose your old code. They can stop developing in public but keep using your code, but so can you keep using the last public version and keep developing it. Or you can take your contribution and apply it elsewhere.

[–] [email protected] 1 points 9 months ago* (last edited 5 months ago)

You're right that the former license can't be taken away from other instances.

Some projects chooses a license specifically to stop people taking code without sharing code back upon redistribution via copyleft (ShareAlike). Getting around that by changing the license defeats the purpose (projecting users software freedom).

[–] [email protected] 3 points 9 months ago (2 children)

Interesting. Is there a migration path?

[–] [email protected] 25 points 9 months ago

Right now Forgejo is a drop in replacement. This article is them announcing that Forgejo will eventually not be one.

[–] [email protected] 9 points 9 months ago (1 children)

If you deployed with docker composr you just change the image and hit redeploy. Super simple.

[–] [email protected] 2 points 9 months ago (1 children)

Appreciate that, sounds super easy

[–] [email protected] 1 points 9 months ago (1 children)

It is. Did that when this was first announced

[–] [email protected] 0 points 9 months ago (1 children)

Huh, using their instructions for docker compose, I use docker pull codeberg.org/forgejo/forgejo:7.0.0 and it errors for manifest unknown. Removing the version tag so it default to latest doesn't help.

Do I need to make an account and docker login? That seems like it should be unnecessary for a simple pull.

[–] [email protected] 2 points 9 months ago (1 children)

Login isn't necessary, but there is no :latest tag published so you need to pull a version that exists. The current version is at codeberg.org/forgejo/forgejo:1.21.8-0 or at :1.21 if you want one that tracks patch updates (as found in the container registry).

[–] [email protected] 2 points 9 months ago

Ah, the docs reference V.7.0.0 so that's what I was trying with.

TY, that got her transitioned. The config actually pops a notice that 1.21.9 is available but I don't see that it's in the registry yet. I do like the :latest tag because then I can use watchtower, but I can understand why some people would want to specify the version.