Python packaging and stability is a total mess. It has gotten to the point where I just look for alternative tools when I find out something new I found is written in Python.

the info required was there already, just you needed to put effort in

Not really. This is mostly what this is all about. The companies are insisting that open source projects should do analysis of security impacts in addition to fixing the bugs whenever some “security researcher” runs some low effort fuzzing or static analysis thing that produces large numbers of bug reports and assigns CVEs to them without the consent of the project. The problem is that such an impact analysis is significant effort (often orders of magnitude more than the fix itself) by people with deep knowledge about the code bases and only really useful to the customers of those companies who want to selectively update instead of just applying all the latest fixes.

Talking about PRs being broken and then bringing up email, just about the most broken technology still in wide-spread use, is sort of ironic.

While true essentially forking the latest stable version of the kernel to make an LTS branch or a vendor version only multiplies the problem, it also does not contribute to solving it.

Yeah, the whole commenting won’t work if the server where the repo is hosted fails or the server where the person has an account. There is no redundancy.

I could be up and running in like 10 minutes to install Forgejo or Gitea

You could maybe do that but only because you already know how unlike most developers and you completely dismiss any active maintenance like updates, moderation, debugging performance issues, resizing storage,…

The term “single point of failure” means that only that point has to fail for the entire system to become unusable. You can easily have more than one of those in a system though.

Forgefed seems to be ActivityPub based which, judging by Lemmy, doesn’t solve the redundancy issue at all, it just allows you to interact with the content hosted in a single place from your own single place, giving you two single points of failure and two points where you can be tracked instead of one. This is not really the same kind of distributed as git repositories.

Can you name an open platform that actually does distribute PRs and issues? I know there were a few that tried but I mean one that actually succeeded and is usable by people who just want to report a bug?

Also, your issues and pull requests are much more likely to be lost in your self-hosted one project instance than on GitHub if anything happens to you.

I can understand the argument against GitHub in two contexts, one is when people build features into their software that assume GitHub, e.g. when a programming language assumes it can just prepend github.com/ to your repo to find it and the other is the argument that losing GitHub would be a huge blow because so many projects are there and only there so a lot of things would have to be done at once if that ever happened.

Federation doesn’t really solve the issue that self-hosting takes effort away from working on the actual project.

The worst thing is when it happens in this way and you can’t remember even though it was your own question https://xkcd.com/979/

Yeah, but when was the last time you decided to upload hardware device data for a root server to some hardware survey? That is something almost exclusively done by the kind of people who want to show off their system in some way.

I wonder how representative that is of actual software used. I would imagine hardware probes are run from installers and live systems quite frequently. I would certainly not expect several percentage points of “neither” in practical settings.

that even the thousands of developers who wrote most of that code don’t understand how their own code works anymore?

The bugs I have fixed that were written by that idiot “me from a few weeks/months/years ago”…

Any of those 2,034 people can push malware to Fedora

Maybe, but that is still a significantly higher bar than allowing everyone to publish a package the way most language specific package repositories work (or just use any random github repo even like some others).

“you’re using it wrong” seems more like the official motto of Wayland whenever anything that isn’t working on it is brought up.

There are so many people who think sid is a distro when really, as far as the Debian project is concerned, it is a staging ground.

The ability to set static routes via DHCP server or for that matter the ability to remote boot systems via DHCP server which has similar problems if you can’t trust the DHCP server.

I would go so far as to say that languages that allow you to leave off the braces and have macros that look like functions that can generate multiple statements at the same time are just plain badly designed.