Arc Forumnew | comments | leaders | submitlogin
Advanced search for news.arc (notabug.org)
3 points by hjek 2297 days ago | 22 comments


3 points by shader 2295 days ago | link

This isn't actually related to the work you are doing, but I was curious why you chose to use notabug.org over, say, gitlab.com. I hadn't actually seen the service before you linked to it on this forum.

-----

3 points by i4cu 2295 days ago | link

Under knarks "Why the fork?" section hjek links to the 'ethical repository'[1]. Since notabug.com is only for open source projects then the repo's will likely be considered 'free software' which I believe makes it grade A in 'ethical repository' terms.

Personally I find the term 'ethical repository' offensive. It insinuates that non-free software is unethical when the majority of non-free software has no nefarious intent or code. Not exactly the greatest sales pitch in my book.

1. https://www.gnu.org/software/repo-criteria-evaluation.html

-----

3 points by shader 2294 days ago | link

Yes, that's what I assumed as well; I just thought it would be an interesting discussion, and was wondering if there might not be other reasons for choosing that particular repository.

I suppose for me, the distinction between an 'open source' repository (Gitlab) and an 'ethical(?)' repository wasn't a very important one, so I was curious for the motivation behind it.

-----

1 point by hjek 2290 days ago | link

I think free (or "open source") and ethical mean the same in most cases.

Exceptions might include something like Facebook, which is technically somehow usable w/o non-free JS when using their basic mobile web page, but where the company is still engaging in other unethical activities, like selling user data to sway elections.

Or something like Amazon, where you might possibly be able to buy something w/o non-free JS (haven't checked), but where the treatment of their employees is unacceptable.

But, I think, when we're talking git hosting sites, there's no difference?

But FSF considers Gitlab ethical enough for hosting GNU packages[0].

[0]: https://www.fsf.org/news/gnu-releases-ethical-evaluations-of...

-----

3 points by i4cu 2290 days ago | link

As I understand it - the 'Open Source' movement concerns itself with improving the software by making the code openly accessible, where as the 'Free Software' movement concerns itself with a fighting for users rights (i.e. having the freedom to access, modify and distribute the code in a manner that empowers the user).

And so, an 'Open Source' repository holds code that is openly accessible for the purpose of improving the software. Where as an 'Ethical Repository' holds code that is graded by its' ability to guarantee users rights according to a specific set of morals (established by free software foundation). It so happens that open source repos tend to align well the ethics associated with free-software, but they should not be mistaken for each other. As an example to illustrate: If a repo SaaS were built for open source code, but restricted users from a certain country it wouldn't rank high in ethical repository grading. This is because while having the code openly accessible leans towards a Grade A rating (excellent), the restricting some users part puts it at a Grade F rating (unacceptable).

-- additional info --

https://en.wikipedia.org/wiki/Open-source_software

"Despite initially accepting it,[31] Richard Stallman of the FSF now flatly opposes the term "Open Source" being applied to what they refer to as "free software". Although he agrees that the two terms describe "almost the same category of software", Stallman considers equating the terms incorrect and misleading.[32] Stallman also opposes the professed pragmatism of the Open Source Initiative, as he fears that the free software ideals of freedom and community are threatened by compromising on the FSF's idealistic standards for software freedom.[33] The FSF considers free software to be a subset of open-source software, and Richard Stallman explained that DRM software, for example, can be developed as open source, despite that it does not give its users freedom (it restricts them), and thus doesn't qualify as free software.[34]"

-----

3 points by hjek 2294 days ago | link

> It insinuates that non-free software is unethical when the majority of non-free software has no nefarious intent or code.

The term can also be used by people who consider it unethical to even give programmers the possibility to hide nefarious code from users, regardless whether they actually do or not.

-----

3 points by i4cu 2294 days ago | link

> The term can also be used by people who consider it unethical to even give programmers the possibility to hide nefarious code from users, regardless whether they actually do or not.

But that's not what's happening here. They are categorically demonizing innocent people.

-----

3 points by hjek 2294 days ago | link

> They are categorically demonizing innocent people.

I'm sorry; that was not my intention.

Perhaps I can make a comparison to clarify? As an example, some people think that guns are unethical because they may be seen as an unjust instrument of violence. Even if a particular gun hasn't killed anyone (yet), or even if most guns happened not to be used to kill, then surely it can still be legitimate for people to object to the passive presence of guns, because it gives gun owners the power to kill, and that power may be considered unjust by principle.

Similarly, some people think that non-free software is unethical because it gives programmers the power to do bad stuff, regardless of whether some particular non-free program is actually malware (yet).

(Sorry in advance if I've derailed this discussion into a more controversial subject.)

-----

3 points by shader 2294 days ago | link

(continuing the discussion for clarity... no emotional connotation is intended)

I realize this is a comparison for clarification, but isn't it still just 'categorically demonizing innocent people'?

You picked a more controversial topic where more people are likely to agree with the demonization I suppose, but your assertion that the power to kill "may be considered unjust by principle" is not well supported by vague assertions that "some think" guns "may be seen as" unjust instruments of violence. I fully support everyone's right to object to something they see as dangerous; opinion does not constitute principle, however.

To me, something is just or unjust based on whether or not it aligns with or infringes anyone's rights. So, I suppose I might actually agree that a power could be "unjust in principle" if it could be shown that the power could not be used justly - that is, without infringing on anyone else's rights. For some powers, mostly political ones, this is the case. In this case I think guns may be a poor comparison, because they actually can be used in ways which are just (defense, etc.), even if you believe that those cases are unlikely and so desire strict gun control, etc.

In contrast, it may be that producing nonfree software is always 'wrong' (in that it infringes on the supposed rights of the users to understand and modify the program they are running) and therefore having or providing the power to do so would be 'unjust in principle'. If the concern is merely that some may produce malware, and there are actually legitimate reasons for producing nonfree software, then it is not unjust in principle to do so, or to provide someone with said power.

I hope I've understood all that correctly, and restated it well. I'm not sure that I agree with the idea that nonfree software is always bad, but I am open to it. Perhaps what I'm missing is a clear understanding of the specific rights that nonfree software violates.

-----

3 points by i4cu 2294 days ago | link

No worries, I know you (as well as the authors) are simply trying to apply implicit safety measures to counter bad actors. And I'm certainly not offended by you adopting the program. It's my feeling, however, that their approach is horribly wrong and bordering on corruption. I simply don't believe they will have any success when trampling over the good actors in their process of trying to better the world. IMO; If they really wanted to make a dent, they should push for a regulation requiring that browsers provide functionality that enforces a free-software configuration OPTION. Then allow society to decide for themselves (this is a free world after all). I'd even be ok if the default setting was on. But as it sits right now they will get nowhere really fast.

edit: oh and as for the gun analogy... I'm from Canada and fully support gun control (we have it), but I'm not going around and implying that every gun owner is unethical in the process of asking for gun control. That would be shooting myself in the foot!

-----

2 points by hjek 2291 days ago | link

> IMO; If they really wanted to make a dent, they should push for a regulation requiring that browsers provide functionality that enforces a free-software configuration OPTION.

Sounds interesting. Apart from the regulation part, it sounds a bit like LibreJS[0].

[0]: https://www.gnu.org/software/librejs/

-----

2 points by i4cu 2291 days ago | link

Actually, I got the notion from Stallman's original post 'The Javascript Trap' [1].

"Finally, we need to change free browsers to detect and block nontrivial nonfree JavaScript in web pages. The program LibreJS detects nonfree, nontrivial JavaScript in pages you visit, and blocks it. LibreJS is included in IceCat, and available as an add-on for Firefox."

However I am opposed to that call for action given it's an all-or-none implementation. I feel it's the role of each country to regulate, which is why I expressly suggested it as a configuration option (ideally it could be enforced at the browser level country by country and if not then user by user).

1. https://www.gnu.org/philosophy/javascript-trap.html

-----

1 point by krapp 2291 days ago | link

It seems like the thesis here is that whether or not "non-trivial" Javascript (which is just about all Javascript in the wild) should be trusted depends on the presence of an explicit GPL license. If so, that doesn't seem like a reliable heuristic for a script blocker to me.

-----

2 points by i4cu 2291 days ago | link

I'm pretty sure it would be similar to ad-blockers. The initial implementations are trivial and easily circumvented, but as they evolve they become more useful overall.

Plus note that I was just suggesting that it would be more effective than a social movement with 'ethical repositories'. Just imagine if the ad-blocker devs tried the same strategy...

-----

3 points by i4cu 2295 days ago | link

eh, hem, hem!

I've made an assumption as to why hjek selected notabug. I should know better than to make assumptions... apologies.

-----

3 points by hjek 2294 days ago | link

Well, correct assumption!

-----

3 points by hjek 2294 days ago | link

I think Gogs/Gitea is interesting in that it's super lightweight and shipped a self-contained binary, that's up and running in seconds. (Gitlab recommends at least 4GB of free memory[0])

Perhaps that is not relevant when someone else is doing the hosting, but I've gotten used to Gogs/Gitea now.

[0]: https://about.gitlab.com/installation/

-----

3 points by shader 2294 days ago | link

Interesting. That does sound somewhat attractive. I do occasionally try to run a git repository myself, and while I appreciate that Gitlab is open source, it was a bit cumbersome to set up.

I note that notabug said it was powered by a liberated version of gogs. What are they referring to there? Was something not sufficiently free about the original?

-----

2 points by hjek 2291 days ago | link

Good question. I'm not sure, but I think it may have to do with removing Gravatar support?

-----

2 points by akkartik 2295 days ago | link

Huh, surprising to me that I'm listed as an owner of the arc organization on notabug.org! Did I click on something without realizing what I was doing? I don't see any email from notabug.org about the new organization in my email or trash..

Sorry, it seems I'm not wholly attentive lately.

-----

2 points by hjek 2294 days ago | link

I clicked Invite but it must have just added you?

-----

1 point by akkartik 2294 days ago | link

Do you happen to remember how long ago this was? If it was more than 30 days ago I may well have accepted and forgotten, and see no trace of it in my email's trash.

Adding people to organizations without informing them seems like a bad idea. It's also not what GitHub does, and GitHub is who all these sites are copying, so shouldn't be happening.

-----