> Regardless of whether GitHub is here to stay or projects find new homes, what I would like to see is some public, boring, well-funded archive for Open Source software. Something with the power of an endowment or public funding to keep it afloat. Something whose job is not to win the developer productivity market but just to make sure that the most important things we create do not disappear.
They are getting access to a supercomputer soon, and will be scanning all their archive for licensing information (using scancode and ort), security information, and other metadata.
The problem is GitHub spends on the order of $100m/year on providing free CI. Nobody else can compete with that. It's possible they could make it shit enough that a large number of projects will say "screw this we'll just pay for CI", but people really like free (and easy!) things so I think we are a long way from that point.
It doesn't need to be thousands of developers. Whoever owns the project can use their machine for builds, or spend a few bucks a month on a VPS, or find a sponsor to pay a few bucks for them or provide their own machine (should be easy if the project is any size at all).
My theory is that we waste lots of resources on CI because it's invisible. If you can hear your fans spin up you might try to optimize more, even if the financial cost is still negligible. Back when every developer built the software and ran the tests on their own machine, slow-building projects were the exception not the norm. There was also a much faster feedback cycle for changes to the build and test processes.
Tooling around a self-hosted CI workflow really needs some work to make it as convenient as even the very difficult GitHub Actions.
> make a WASM slave and thousands of developers can give their CPU/Memory/Disk for build slaves
WASM isn't a magic bullet for sandboxing. CI environments assume a full Linux. So you need to either ran a VM (with the attack surface that implies) or a write an x86 emulator in WASM (which would be very slow).
You also need anti-abuse to stop bitcoin miners from using your system. GitHub probably have full-time employees working on it.
> Like bitcoin mining, there could be some competition between 3 parallel builds to pick the winner if the output is the same.
It's a lot more complicated because many builds are not deterministic, you need to store artefacts, build secrets, etc.
Companies like golem.network or iex.ec have been working on this problem for a decade and they are still not easy to use.
And yet, GitHub Actions are notoriously broken, and serious customers are self-hosting their runners.
Codeberg does have some free CI runners, although I’m not sure what capacity they currently have, and how well it would work out if everybody decides to switch from GitHub today. They do encourage you to pick the smallest runner that works for you, and keep the workflows lean: https://codeberg.org/actions/meta
Or you can self-host your own runners too, of course.
Edit: there’s one caveat – Forgejo Actions are Linux only. If you need Windows or macOS runners, this won’t work for you. But... you could have a readonly GitHub mirror (which you should probably do if you want people to discover your project), and use the GitHub Actions runners for free :-)
You're asking/trusting an agent to do powerful things. It does.
In every session there is the risk that the agent becomes a rogue employee. Voluntarily or involuntarly is not a value system you can count on regarding agents.
Well I think the story is that they didn't ask it or trust it. They were caught by its ability to fuck up everything because a key was in the codebase.
My current frustration with Markdown is that Gemini is very bad at producing them.
Just because gemini.google.com uses Markdown for its output, it doesn't seem to be able to properly output Markdown from Markdown: always corrupted.
Just yesterday I asked gemini.google.com to write a README.md for a software project: the Markdown was broken from the closing first code block "```bash" and the rest of the doc was in the output like if it wasn't the doc anymore. An escaping issue. So I asked it to give me the same README.md encoded as Base64: once decoded the content was broken from the same point, but after that that wasn't Markdown anymore but binary data. It looks like Gemini leaked raw binary tokens in the Base64.
Very reliable tech. Is is too much to expect reliable Markdown escaping? Shouldn't this be a solved problem long ago?
Wow, I think I remember that talk, too. And I remember thinking, "why would anyone want to run a video inside a terminal?!" I still don't want to do that, but it was cool that enabling that feature only required a few lines of code, since EFL(?) already supported it, was already linked in, and the code to start it was minimal.
I would question the framework design: the method is called "UpdateUser", so it should be executed in a transaction, so it should be a parameter of the service, and the transaction logic handled by the framework.
In that instance, you are right, but there are often cases where you need to do multiple queries / updates spanning multiple tables in a single transaction, then you do need a generic transaction wrapper.
reply