this post was submitted on 03 Jul 2025
136 points (99.3% liked)

Fediverse

35167 readers
352 users here now

A community to talk about the Fediverse and all it's related services using ActivityPub (Mastodon, Lemmy, KBin, etc).

If you wanted to get help with moderating your own community then head over to !moderators@lemmy.world!

Rules

Learn more at these websites: Join The Fediverse Wiki, Fediverse.info, Wikipedia Page, The Federation Info (Stats), FediDB (Stats), Sub Rehab (Reddit Migration)

founded 2 years ago
MODERATORS
ruud@lemmy.world
Xylinna@lemmy.world
MrCenny@lemmy.world
TragicNotCute@lemmy.world
automodbeta@lemmy.world
woelkchen@lemmy.world
136
GitLab abandons federation plans! (gitlab.com)
submitted 3 days ago by thann@lemmy.dbzer0.com to c/fediverse@lemmy.world
36 comments fedilink hide all child comments
 

After 5 years of foot-dragging they finally close the ticket to community protest:

This feature request is being closed as our current focus isn't in this area.

We appreciate your input and contribution to improving our product. While this feature may have merit, we need to prioritize our efforts elsewhere at this time.

If you'd like to provide additional context about why this feature is important, please feel free to leave a comment on this issue. This will help us better evaluate the feature if we revisit this area in the future.

Thank you for your understanding and continued support in helping us build a better product.

all 37 comments
sorted by: hot top controversial new old
[–] NuXCOM_90Percent@lemmy.zip 42 points 3 days ago (5 children)

For those who were out of the loop:

What exactly is the idea of federated gitlab? Git is already inherently distributed and automagically mirroring to other remotes is generally like three lines in any CI syntax (and there is probably a precommit hook for it too).

Also: I can see a LOT of security issues with not having a centralized source of truth on what the commit hashes should be and so forth. is fedgit dot zip the source of truth for this app or fedgit dot ml or fedgit dot ca? Theoretically that is where signing comes into play but that gets back to: What advantage does a "fediverse" frontend have?

[–] green_copper@kbin.earth 48 points 3 days ago (1 children)

I think the federation was more about interacting with other instances. Like creating issues and pull-requests without needing to create a new account for every instance.

I think this would be useful, as reporting bugs on GitLabs can be annoying if you have to create an account first.

[–] NuXCOM_90Percent@lemmy.zip 8 points 3 days ago (5 children)

As one of the core contributors for even a moderately sized project on Github: HELL NO.

We already get more than enough drive by spam from everyone who just makes an account to complain that our code doesn't do something we never said it did. And if they don't even have to do that? Ugh.

I do firmly believe that more projects need to understand the implications of where they host something (similar to the IOS app that alerts you if ICE is in your area). But if someone can't be bothered to even use a throaway protonmail address to file a bug report or feature request? Quite frankly, what they have to say wouldn't have been worth our limited time anyway.

[–] cecilkorik@lemmy.ca 17 points 3 days ago

But if someone can’t be bothered to even use a throaway protonmail address to file a bug report or feature request? Quite frankly, what they have to say wouldn’t have been worth our limited time anyway.

You don't know that, because you've never once heard what someone didn't say. Their time is limited too.

[–] corsicanguppy@lemmy.ca 15 points 3 days ago

HELL NO.

"May federate" doesn't necessarily mean "must federate." Your concerns could be met if they include the standard kill switch in gitlab.rb .

(Now show me the kill switch for the bloated crappy web editor)

[–] irelephant@lemmy.dbzer0.com 9 points 3 days ago

You don't have to federate if you don't want to.

[–] iopq@lemmy.world 3 points 2 days ago* (last edited 2 days ago) (1 children)

Then I sign up and verify my email just to find out I need to be approved by an admin. An admin never approves me. I just wasted my time

[–] lambalicious@lemmy.sdf.org 1 points 2 days ago

Hey, you got a free e-mail account!

[–] ademir@lemmy.eco.br 4 points 3 days ago (1 children)

We already get more than enough drive by spam from everyone who just makes an account to complain that our code doesn’t do something we never said it did. And if they don’t even have to do that? Ugh.

That's easy to solve by allowing no one to open issues at all. JK.

[–] NuXCOM_90Percent@lemmy.zip 4 points 2 days ago

I mean... that is kind of what happens with a lot of these projects.

As they get larger you get more and more of those obnoxious jerks who will close ANY issue if it even slightly is related to something in the past or isn't formatted correctly and so forth.

Personally? I am a firm believer in working with (actual) users to make things better. But I have definitely had weeks where it is just "Yup. We got mentioned by Youtuber X again" and we more or less ignore any issue not made by an established contributor.

[–] rglullis@communick.news 34 points 3 days ago

What advantage does a “fediverse” frontend have?

Github's dominance comes from the network effects. Everyone's on github, so if you have your project on a different repo, you won't get as many visibility. If your project is on gitlab only and someone wants to report a bug, they need to:

  • Find your instance.
  • Create an account.
  • Deal with an unfamiliar interface
  • Create the ticket
  • Hope it gets seen.
  • Potentially forget about it, unless they set up notifications.

A Federated forge solves all of that.

  • You follow remote projects without having to create an account in the remote instance.
  • You open an issue on the remote forge without having to open in an account in the remote instance, and you do it from your local server.
  • If you have a PR ready, the remote instance gets notified.
  • It makes a lot easier to separate CI/CD from source management.
  • It makes a lot easier to separate source management from issue tracking.
  • etc
  • etc
  • etc
[–] russjr08@bitforged.space 19 points 3 days ago (3 children)

I always assumed it was more or less targeting the federation of issues/MRs.

The git side of things is already distributed as you said, but if you decide to host your random project on your own GitLab instance you'll miss out on people submitting issues/MRs because they won't want to sign up for an account on your random instance (or sign in with another IdP).

This is where a lot of the reliance of GitHub comes from, in my opinion.

[–] ademir@lemmy.eco.br 9 points 3 days ago

This is where a lot of the reliance of GitHub comes from, in my opinion.

100% agree with you here.

[–] lambalicious@lemmy.sdf.org 1 points 2 days ago

People could just submit issues by e-mail, tbh.

I have most of my projects on either notabug or chiselapp (Fosil, not Git) and to this day I get e-mails asking for stuff or notifying about issues, so it's not like the "social" / "Hub" aspect of "GitHub" is needed.

[–] Fizz@lemmy.nz 1 points 2 days ago

Couldnt this be done with email reminders and single sign on?

[–] Aatube@kbin.melroy.org 7 points 3 days ago

Every GitLab instance requires you to have an account there to comment and submit PRs. Projects are often hosted on different instances.

[–] onlinepersona@programming.dev 3 points 3 days ago* (last edited 3 days ago) (1 children)

Git is already inherently distributed and automagically mirroring to other remotes is generally like three lines in any CI syntax (and there is probably a precommit hook for it too).

Git is, but what about everything else? When you clone a project on gitlab or github, does it come with all the issues, discussions, MRs, and so on?

I can see a LOT of security issues with not having a centralized source of truth on what the commit hashes should be and so forth.

That's what signed commits are for. Also, pull/merge requests and issues are sent to the origin instance, just like in the fediverse. Like now, you made a comment on a post on Fediverse@lemmy.world through your instance lemmy.zip. The same would happen with your comments, pull/merge requests, issue reports, and so on. There's no need for a "central authority".

Anti Commercial-AI license

[–] NuXCOM_90Percent@lemmy.zip 0 points 3 days ago (1 children)

Partially addressed in the other branch but:

Issues from people who can't even be bothered to make a burner account are almost never useful. And issue tracking that is not fed directly to passionate people who care about maintaining a project is worse than worthless.

That’s what signed commits are for

Then it is a good thing I addressed the existence of those. And... those also more or less need a semi-centralized source of truth that is independent of gitlab/hub/whatever.

Also, pull/merge requests and issues are sent to the origin instance, just like in the fediverse

So everything would still happen on the single source of truth for an a project? But you can have an account on whatever service you want?

Homie? You just described oauth.

[–] onlinepersona@programming.dev 0 points 3 days ago (1 children)

The comparisons you're making are off base and it feels like you're mocking something you don't understand, while doing so with a lot of confidence. I'd suggest you either read an article, watch a video, or read the ActivityPub spec's intro. It isn't long and should help you understand the basics. Then you can move on the ForgeFed spec which is the ActivityPub extension for source forges. And you can always ask an LLM to summarise it for you if you really don't understand.

Anti Commercial-AI license

[–] NuXCOM_90Percent@lemmy.zip -1 points 2 days ago

If your goal is to actually make a point or argument: make it. Don't just tell people to read a manifesto until they agree with you.

[–] QuazarOmega@lemy.lol 29 points 3 days ago

That sucks majorly, I knew GitLab isn't our friend, but to plain dismiss a development effort that didn't even come from their own employees is just spitting in our face.
Forgejo federation can't come any sooner ✊

[–] jaredwhite@piefed.social 16 points 2 days ago

This was literally the only reason I had any potential interest in GitLab. What a joke. 😠

[–] fxomt@lemmy.dbzer0.com 17 points 3 days ago (2 children)

Damn, that's incredibly disappointing...

I use forgejo and it's expected to have federation eventually, but it would've been amazing for gitlab to have AP support. Hopefully in the future it might be picked up again.

[–] irelephant@lemmy.dbzer0.com 6 points 3 days ago (1 children)

It annoys me that we have on one atproto, but there's no fediverse one.

[–] fxomt@lemmy.dbzer0.com 1 points 2 days ago

It's cool af (i don't know much abt atproto, but my friend who knows much more about the technical stuff of fedi/matrix/etc likes it more than AP :shrug:) but i wouldn't trust my sensitive repos with it for now. But i guess its the best we have right now :c

[–] corsicanguppy@lemmy.ca 3 points 3 days ago (1 children)

Oh noo; forgejo is still not connected? I had high hopes. What's the timeline?

(Honestly, but for the wonky CI spec language I may have switched already)

[–] fxomt@lemmy.dbzer0.com 2 points 3 days ago

I'm not sure, it hasn't been announced. They're waiting for forgefed to finish being developed until they implement federation

[–] Ulrich@feddit.org 9 points 3 days ago (1 children)

It's hard for me to imagine how this benefits a for-profit company, and probably requires significant resource dedication so it's not surprising.

[–] corsicanguppy@lemmy.ca 7 points 3 days ago (1 children)

Company A permits federation of project 2 with contractor B who agrees. Oh look! No need to add 21 people to your AD. Contract done? De-fed.

Google feds with GH for AOSP dev, because it's 2023. Users don't need to even know where the repo is hosted or whether the real meat is another hop inside.

Company "BCFerries", an imaginary organization, happens to run the largest fleet of mobile DCs in the country, with each mobile DC being 6 HA racks, three on a side, dehumidifiers o-plenty. Engineers stationed aboard need to lob tickets and hot fixes on the go, and sub them for review when the mobile DCs get a good link, 30 min out of every 2 hours. Roaming 2/2/2tb node swaps spit with the stationary nodes when it smells the VPN, and then gets ready to go again.

Repeat that above, but say 'Maersk'. I'm betting evergreen/evergiven is on VSS.

Enough examples?

Running a federated GL is conceivably a set-it-and-forget-it like a lot of federated stuff already is, and you debug the glitches and patch like normal.

Given the 5GLs I still run were all installed by VMware/terraform/chef/RPM, patched automatically with package promotion and watched for anomalies, it's already negligible effort. Double nothing is ...let's see ..carry the 0 ...integrate the square ...nothing.

[–] Ulrich@feddit.org 5 points 3 days ago

I don't understand anything you just said.

[–] Cris_Color@lemmy.world 5 points 3 days ago

Awww :(

[–] nroth@lemmy.world 2 points 2 days ago (1 children)

Git itself is a distributed VCS...

[–] oysvendsen@lemmy.world 8 points 2 days ago

Tha is true, but the social aspect of sharing and following projects does not itself have distributed protocol. This is were AP makes sense.

[–] W3dd1e@lemmy.zip 1 points 3 days ago (1 children)

Does anyone know if there is another federated version of GitLab/GitHub? That’s something I wouldn’t absolutely switch to.

[–] thann@lemmy.dbzer0.com 3 points 2 days ago

ForgeJo

[–] GreenKnight23@lemmy.world -3 points 3 days ago

I love that this thread is filled with opinions of people who have no clear idea of what a federated gitlab does or looks like and yet still believes that federation is the only answer just "because".