While this is still a massive problem, it does require a public fork at some point. So if you have a private repo that has never had a public fork, you should be safe.
Damn that’s a huge problem
Im thinking of self hosting Forgejo one day.
I do and it is pretty easy with docker compose.
sourcehut is much better if you can pay
Edit: Only repo hosters need to pay. Everything else is free.
I want forgejo for its upcoming federation feature tbh.
Considering that git doesn’t need federation, and email is the grandfather of federation, sourcehut has a working version of it this very moment.
Why the downvotes?
I’d guess because the same argument could be made for the website you’re on right now. Why use that when we could just use mailing lists instead?
More specifically: Sure, Git is decentral at its core, but all the tooling that has been built around it, like issue tracking, is not. Suggesting to go back to email, even if some projects still use it, isn’t the way to go forward.
Just this week I migrated all my repos from github to Gitlab. And only because I can’t host my own gits just yet, but will do it soon enough.
I tried but they demanded a phone number and credit card for “verification” and fuck that.
Codeberg is great too
Yeah, I’m just getting started, and for the life of me, haven’t found how to pull the Gitlab repos from it. But I will.
The takeaway is to not use forks if there are changes you want to keep private.
After reviewing the documentation, it’s clear as day that GitHub designed repositories to work like this.
Sounds like they wanted to find a problem but it turned out to be a feature.
a problem that is documented is obviously a feature
