edit: Im also pretty excited about the anti-crawler enhancements that went in the latest major release
edit: Gitea is fully MIT and per our governance charter that cannot change
> what happens when a community member wants to implement SAML for the community edition
It's surely just business model, but I was intrigued and thought that maybe there were some kind of incompatible licensing in popular libraries people use for these so-called "premium features"
EDIT (bit better source):
> Gitea Enterprise is an offering of CommitGo, not the Technical Oversight Committee of Gitea or the Gitea project itself. CommitGo remains committed to contributing back functionality to Gitea under the MIT license.
I'm always dubious of freemium software, because the free version is always gimped in some way, be it SSO compatibility (OK, yours supports OIDC it seems so that's not _terrible_), role-based access controls, high availability, etc.
I will concede that businesses probably _should_ be paying for good software that is critical to their business to help support the vendors, but given how important cost savings are to companies these days, one can hardly blame engineers looking for cheaper offerings.
The SSO tax in particular is ridiculous.
Functionality like HA or SSO being gated behind enterprise licenses only makes it harder for smaller businesses to “get there”. My business is comprised exclusively of technology professionals. We tend to be really cheap customers to have because we typically only raise a ticket when something beyond our responsibility breaks.
And from the community side — I already have enough credentials to maintain in my personal life. It’s annoying when you can’t use SSO with a community edition product. I like having SSO at home. It makes life so much better, and it also makes me more likely to use a product in my business, which makes it more likely I’ll buy a license to backstop support.
Edit: Gitea has LDAP, OAuth2/OIDC, OpenID, SMTP, reverse proxy, and others as SSO options.
[1] mentions changes to the election process that mandates half of the oversight committee to be appointed by the Gitea company. Doesn't that conflict with your assertion that the "same yearly elections" have been around?
Where can one find the governance charter for the Gitea project?
I also was somewhat skeptical that a git hosting platform that had a business behind it with enterprise oriented offerings wasn’t yet self-hosting in the technical sense.
I'm glad I made the switch.
I liked it, it was pretty cool and seemed to be pretty comparable to Github, but I ended up just moving back to Github since I didn't really want to run my own infrastructure for a git repo.
Still, I would definitely consider it if I were running a company; if nothing else it wouldn't be scanned by Microsoft for training.
Luckily the Gitea devs had recently implemented `REQUIRE_SIGNIN_VIEW = expensive` as a fix. It was minimally invasive for regular users, most pages can still be accessed without login, and it completely solved the AI bot problem, my traffic and load averages are back to normal.
Thank you Gitea devs for a great product, happy user for over a decade both personally and professionally.
Keep making an amazing product for us who want to self-host.
IMO this covers pretty much all the bases, it just doesn't have a flashy GUI. There's way less to configure though and one of the worst ways to spend time is configuring other people's software.
I'm perfectly happy setting up my Git repos on a fileserver I have to access via SSH. That's easy enough. It works fine. But it falls down when I want to share my code with my buddy, and now I have to make a user for him. Or suppose I want some code to be world-readable because it's not sensitive and I want to clone it onto VMs that I don't want to configure to SSH into my dev server. Or I want to put a sensitive repo behind some kind of authorization, and I want full read-write access to it, but I only want my pal to have read-only access.
You can do all these things yourself using standard Unix tools. I've done it. It's possible, but wow, it's way more of a pain in the neck than just installing Forgejo and saying "put repo A behind authentication, make repo B publicly read-only, and grant my clumsy friend read-only access to repo B (but allow him to open a PR if he wants to make a change to it)". Those are all real-world things I want to do, and Forgejo and friends are way easier to configure correctly than Unix permissions and a handful of SSH pub keys.
My instance is mostly used for archiving / mirroring interesting repos, more so since I had a glancing brush with censorship on github: a contributor to one of my repos was banned, which means entire issues and discussions and PRs they started were vanished overnight. This person was prolific and opened a lot of issues, so my repo became a graveyard of broken references and missing threads with conclusions and plans I no longer remember. Despite the minor scale of my project, this incident was rage inducing; it felt like github rebased my master branch to remove historical commits because someone was offended. Completely inappropriate imo.
For self-hosting an archival-oriented mirror, a few features would be nice:
1. Automatically mirror every repo I star on github
2. Continuously mirror issues, discussions, and PRs
3. "safe" mirroring (see #14076), so non-ff/force-push head updates have the old head tagged to preserve historybut is it web scale?
What is the scoop on the schism leading to forgejo? Like, the actual reason - is it just the existence of a for profit company with partial governance over gitea or is there more of a story? And does forgejo have substantially different plans for feature development vs gitea?
Secondly, how do get in contact with contributors for sponsored work? Ideally that would be the maintainers but I feel like they have a conflict of interest with anybody trying to offer gitea to third parties…
My 2c as an outside observer - It is all about sponsored work.
Gitea long wanted a CI feature but from the outside, all anyone could see, was a Drone/Woodpecker integration. Codeberg started to spend a lot of time investing in this.
Then one day, Lunny(? i think) appeared suddenly with a fully compliant and working Github Actions CI implementation. The development had been done under a private sponsored contract.
It's great that Actions was managed to be open sourced. It's significantly better. But Codeberg really took it the wrong way and started agitating and sponsoring a fork. Nobody wants to be left in the dark.
There is a huge amount of interest in Gitea (and its forks). Everyone wants this to remain MIT, and it obviously will since there's no CLA. IMO all the "gitea company" stuff is about having a better legal structure for contract work on big features like that. That contracting is happening anyway so it may as well have a good legal structure.
Forgejo PR managed to twist that good announcement into seeming as a conflict of interest, because the "Gitea" name was reused for two different concepts. Now that it's CommitGo as the (legally independent) contract development agency, it's much clearer. There is a Gitea company as well but it just needs to hold trademarks and domain names and cloud stuff.
It's really a story of some great developers maturing into a more sophisticated legal and contractual level. The model is quite good, similar to e.g. Debian being the community project and Freexian being one of many commercial contractors for it.
Anyways, compared to Forgejo today, Gitea has the most development activity, all of the core developers, and Forgejo have given up tracking Gitea's main branch and are now adrift. Best of luck to them.
> Secondly, how do get in contact with contributors for sponsored work?
CommitGo is the legal vehicle for contracting the core developers. For other contributors, bounties are managed via https://algora.io/go-gitea/home
Isn't the Gitea company for-profit? Wasn't the leadership committee restructured to mandate half of its members are elected by the for-profit?
Browsing the blog archives, there doesn't appear to be any indication that the concerns that were brought up around the incorporation of the for-profit have been resolved.
techknowlogick•6mo ago
thrill•6mo ago
techknowlogick•6mo ago
weitendorf•6mo ago
Also, I’m curious about xorm and how you guys are using your internal database. Is it atypical to perform database operations outside of gitea or integrate with eg a third party users table?