humanacollaborator/humanacollabora
2
2
Fork 1
Code Issues Pull Requests Projects Releases Wiki Activity

graylist dead sites & discriminatory forges, sort by s/w

Browse Source
This commit is contained in:
humanacollaborator 2021-04-04 22:21:59 -04:00
parent d4a2a516e4
commit f9ac8a9d40
3 changed files with 22 additions and 22 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

34
forge_comparison.md
View File

@ -7,34 +7,34 @@ The following forges have no significant ethical issues:
| *forge* | *registration publicly open* | *software* | *Tor-hostile* | *sensitive info exposed to CloudFlare* | *forced re/hCAPTCHA* | *forced execution of non-free software* | *notes* |
|---|---|---|---|---|---|---|---|
([🧅](http://githidep2hynhdmutuv7n2tei4iie2c7lyqz5fes3r5zzoxe5dshtxyd.onion))|💀||n|n|n|n|**dead site**|
[codeberg.org](https://codeberg.org)|🟢|Gitea|n|n|n|n|functions without any JavaScript and the JavaScript that exists is all 1st-party ([ref](https://github.com/privacytoolsIO/privacytools.io/issues/843#issuecomment-483830547))|
[framagit.org](https://framagit.org)|🟢|Gitlab (CE)|n|n|n|n||
[git.disroot.org](https://git.disroot.org)|🟢|Gitea 1.13.6|n|n|n|n|SSH over Tor works|
[codeberg.org](https://codeberg.org)|🟢|Gitea|n|n|n|n|censored an anti-Cloudflare project; functions without any JavaScript and the JavaScript that exists is all 1st-party ([ref](https://github.com/privacytoolsIO/privacytools.io/issues/843#issuecomment-483830547))|
[git.fuwafuwa.moe](https://git.fuwafuwa.moe)([🧅](http://git.fuwafuwaqtlkkxwc.onion))|🟢|Gitea|n|n|n|n|SSH over Tor broken; HTTPS over Tor works|
[git.jami.net](https://git.jami.net)|🟢|Gitlab (CE)|n|n|n|n|possibly restricted to Jami efforts; acces to help page blocked to non-members so CE/EE unknown|
[git.nixnet.services](https://git.nixnet.services)|🔴|Gitea 1.13.1|n|n|n|n|formerly git.nixnet.xyz|
[git.sdf.org](https://git.sdf.org)|🟢|Gitea 1.13.1|n|n|n|n|SSH over Tor broken but HTTPS over Tor works|
[git.disroot.org](https://git.disroot.org)|🟢|Gitea 1.13.6|n|n|n|n|SSH over Tor works|
[git.slashdev.space](https://git.slashdev.space)|🟢|Gitea 1.13.6|n|n|n|n|SSH over Tor broken (try HTTPS over Tor)|
[notabug.org](https://notabug.org)([🧅](http://qs3zumwfci4tntnd.onion))|🟢|Gogs|n|n|n|n|based on [liberated](https://notabug.org/hp/gogs) fork of Gogs; [supports Tor](https://notabug.org/tor) (the *onion* web UI is currently disabled in response to attack but the onion site accepts git connections); supports SSH keys and SSH over Tor to NAB's onion service; no e-voting; NAB doesn't associate PGP keys to users, so PGP signed commits may be unavailable or more manual work needed.|
[launchpad.net](https://launchpad.net)|🟢|Launchpad|n|n|n|n|It's [unknown](https://wiki.freephile.org/wiki/Comparison_of_git_hosting_options) whether it functions without JavaScript; no wiki|
[sr.ht](https://sr.ht)|🟢|Sourcehut|n|n|n|n|javascript-free|
[framagit.org](https://framagit.org)|🟢|Gitlab (CE)|n|n|n|n||
[git.jami.net](https://git.jami.net)|🟢|Gitlab (CE)|n|n|n|n|possibly restricted to Jami efforts; acces to help page blocked to non-members so CE/EE unknown|
[gitlab.freedesktop.org](https://gitlab.freedesktop.org)|🟢|Gitlab (CE)|n|n|n|n|possibly restricted to Freedesktop efforts|
[gitlab.gnome.org](https://gitlab.gnome.org)|🟢|Gitlab (CE)|n|n|n|n|possibly restricted to Gnome efforts|
[gitlab.torproject.org](https://gitlab.torproject.org)|🟢|Gitlab (CE)|n|n|n|n|open registration; repo creation possibly restricted; Google reCAPTCHA is [allegedley](https://lists.gnu.org/archive/html/repo-criteria-discuss/2021-03/msg00000.html) used, but [not at registration time](https://gitlab.onionize.space)|
[launchpad.net](https://launchpad.net)|🟢|Launchpad|n|n|n|n|It's [unknown](https://wiki.freephile.org/wiki/Comparison_of_git_hosting_options) whether it functions without JavaScript; no wiki|
[notabug.org](https://notabug.org)([🧅](http://qs3zumwfci4tntnd.onion))|🟢|Gogs|n|n|n|n|based on [liberated](https://notabug.org/hp/gogs) fork of Gogs; [supports Tor](https://notabug.org/tor) (the *onion* web UI is currently disabled in response to attack but the onion site accepts git connections); supports SSH keys and SSH over Tor to NAB's onion service; no e-voting; NAB doesn't associate PGP keys to users, so PGP signed commits may be unavailable or more manual work needed.|
[source.puri.sm](https://source.puri.sm)|🟢|Gitlab (EE)|n|n|n|n|open registration; *not* restricted to puri.sm efforts; no CAPTCHA (confirmed March 2021)|
[source.small-tech.org](https://source.small-tech.org)|🔴|Gitlab (CE)|n|n|n|n||
[sourceforge.net](https://sourceforge.net)|⛔ (exclusive walled garden)||n|n|n|n|**access granted or denied based on national origin**; Important site [functionality does not work without non-free JavaScript](https://www.gnu.org/software/repo-criteria-evaluation.html); access granted or denied based on national origin|
[sr.ht](https://sr.ht)|🟢|Sourcehut|n|n|n|n|javascript-free|
[yerbamate.dev](https://yerbamate.dev)|💀|Gitea|n|n|n|n|**dead site**|
[source.puri.sm](https://source.puri.sm)|🟢|Gitlab (EE)|n|n|n|n|open registration; *not* restricted to puri.sm efforts; no CAPTCHA (confirmed March 2021)|
## Graylist
These forges are not as seriously flawed as the blacklisted ones, but they should still be avoided if possible. Non-Cloudflare sites that use a Cloudflare NS server pose a risk for disruptions because they can trivially and spontaneously flip a switch and route all your traffic through Cloudflare, potentially cutting access to some of your contributors.
These forges are not as seriously flawed as the blacklisted ones, but they should still be avoided if possible. Non-Cloudflare sites that use a Cloudflare NS server pose a risk for disruptions because they can trivially and spontaneously flip a switch and route all your traffic through Cloudflare, potentially cutting access to some of your contributors. Dead sites are also graylisted because if they come back online, they are known to be unreliable.
| *forge* | *registration publicly open* | *software* | *Tor-hostile* | *sensitive info exposed to CloudFlare* | *forced re/hCAPTCHA* | *forced execution of non-free software* | *notes* |
|---|---|---|---|---|---|---|---|
[git.hardenedbsd.org](https://git.hardenedbsd.org)|🟢|Gitlab (EE)|n|n|n|n|**Cloudflare NS server (they can route all traffic via CF at the flip of a switch)**; possibly restricted to BSD efforts|
[git.teknik.io](https://git.teknik.io)|🔴|Gitea 1.9.0|n|n|n|n|**Cloudflare NS server (they can route all traffic via CF at the flip of a switch)**|
([🧅](http://githidep2hynhdmutuv7n2tei4iie2c7lyqz5fes3r5zzoxe5dshtxyd.onion))|💀||n|n|n|n|**dead site**|
[sourceforge.net](https://sourceforge.net)|⛔ (exclusive walled garden)||n|n|n|n|**access granted or denied based on national origin**; Important site [functionality does not work without non-free JavaScript](https://www.gnu.org/software/repo-criteria-evaluation.html); access granted or denied based on national origin|
[yerbamate.dev](https://yerbamate.dev)|💀|Gitea|n|n|n|n|**dead site**|
[git.teknik.io](https://git.teknik.io)|🔴|Gitea 1.9.0|n|n|n|n|**Cloudflare NS server** (they can route all traffic via CF at the flip of a switch)|
[git.hardenedbsd.org](https://git.hardenedbsd.org)|🟢|Gitlab (EE)|n|n|n|n|**Cloudflare NS server** (they can route all traffic via CF at the flip of a switch); possibly restricted to BSD efforts|
## Blacklist
@ -42,10 +42,10 @@ These forges have severe ethical or trust issues and should be boycotted:
| *forge* | *registration publicly open* | *software* | *Tor-hostile* | *sensitive info exposed to CloudFlare* | *forced re/hCAPTCHA* | *forced execution of non-free software* | *notes* |
|---|---|---|---|---|---|---|---|
bitbucket.org|🟢|Bitbucket Server|n|n|n|☣|**Amazon AWS-hosted**; needs non-free javascript that [clusterfucks uMatrix](https://github.com/privacytoolsIO/privacytools.io/issues/843#issuecomment-483830547); has some relationship with Netlify; access to source code [restricted](https://en.wikipedia.org/wiki/Bitbucket#Bitbucket_Server)|
git.feneas.org|🟢|Gitlab (CE)|n|n|⚒|☣|reCAPTCHA impedes registration and imposes non-free s/w|
git.openprivacy.ca|⛔ (exclusive walled garden)||👁|n|n|n|Tor users get 404 - suspected botnet; [listed](https://codeberg.org/crimeflare/cloudflare-tor/src/branch/master/cloudflare_users/cloudflare_supporter.txt) as a Cloudflare supporter|
github.com|⛔ (exclusive walled garden)||👁|n|n|☣|**access granted or denied based on national origin**; [copious ethical issues](github.md)|
gitlab.com|⛔ (exclusive walled garden)|Gitlab (EE)|n|🌩|⚒|☣|flagship instance running the *Enterprise Edition*; uses both hCAPTCHA & reCAPTCHA; heavily restricted with discriminatory policies; [copious ethical issues](gitlab-dot-com.md)|
bitbucket.org|🟢|Bitbucket Server|n|n|n|☣|**Amazon AWS-hosted**; needs non-free javascript that [clusterfucks uMatrix](https://github.com/privacytoolsIO/privacytools.io/issues/843#issuecomment-483830547); has some relationship with Netlify; access to source code [restricted](https://en.wikipedia.org/wiki/Bitbucket#Bitbucket_Server)|
libregit.org|🔴|Gitea|n|🌩|n|n|reg by invite only|
git.feneas.org|🟢|Gitlab (CE)|n|n|⚒|☣|reCAPTCHA impedes registration and imposes non-free s/w|
gitlab.com|⛔ (exclusive walled garden)|Gitlab (EE)|n|🌩|⚒|☣|flagship instance running the *Enterprise Edition*; uses both hCAPTCHA & reCAPTCHA; heavily restricted with discriminatory policies; [copious ethical issues](gitlab-dot-com.md)|

6
input_data/forges.sql
View File

@ -31,7 +31,7 @@ insert into forgesTbl (url_clrnet, software, notes) values ('https://sr.ht','Sou
insert into forgesTbl (url_onion, dead) values ('http://githidep2hynhdmutuv7n2tei4iie2c7lyqz5fes3r5zzoxe5dshtxyd.onion', 1);
/* Gitea */
insert into forgesTbl (url_clrnet, software, notes) values ('https://codeberg.org','Gitea', 'functions without any JavaScript and the JavaScript that exists is all 1st-party ([ref](https://github.com/privacytoolsIO/privacytools.io/issues/843#issuecomment-483830547))');
insert into forgesTbl (url_clrnet, software, notes) values ('https://codeberg.org','Gitea', 'censored an anti-Cloudflare project; functions without any JavaScript and the JavaScript that exists is all 1st-party ([ref](https://github.com/privacytoolsIO/privacytools.io/issues/843#issuecomment-483830547))');
insert into forgesTbl (url_clrnet, software, openpubreg, notes) values ('https://git.nixnet.services','Gitea 1.13.1', 0, 'formerly git.nixnet.xyz');
insert into forgesTbl (url_clrnet, software, openpubreg, cfns) values ('https://git.teknik.io','Gitea 1.9.0',0,1);
insert into forgesTbl (url_clrnet, url_onion, software, notes) values ('https://git.fuwafuwa.moe','http://git.fuwafuwaqtlkkxwc.onion','Gitea','SSH over Tor broken; HTTPS over Tor works');
@ -53,9 +53,9 @@ insert into forgesTbl (url_clrnet, software, notes) values ('https://source.puri
insert into forgesTbl (url_clrnet, software, openpubreg) values ('https://source.small-tech.org','gitlab_ce',0);
update forgesTbl set forced_nfsw = 1 where hrecaptcha = 'unavoidable';
update forgesTbl set lst_kind = 'gray' where lst_kind = 'white' and (aws or cfns or (notes is not null and (notes like '%google_cloud_hosted%')));
update forgesTbl set lst_kind = 'gray' where lst_kind = 'white' and (aws or cfns or dead or nation_discrimination or (notes is not null and (notes like '%google_cloud_hosted%')));
update forgesTbl set lst_kind = 'black' where cflogin or antitor or forced_nfsw;
update forgesTbl set notes = '**Cloudflare NS server (they can route all traffic via CF at the flip of a switch)**'||case when notes is null then '' else '; '||notes end where cfns;
update forgesTbl set notes = '**Cloudflare NS server** (they can route all traffic via CF at the flip of a switch)'||case when notes is null then '' else '; '||notes end where cfns;
update forgesTbl set notes = '**Amazon AWS-hosted**'||case when notes is null then '' else '; '||notes end where aws;
update forgesTbl set notes = '**dead site**'||case when notes is null then '' else '; '||notes end where dead;
update forgesTbl set notes = '**forced h/reCAPTCHA**'||case when notes is null then '' else '; '||notes end where hrecaptcha = 'unavoidable' and notes not like '%captcha%';

4
tools/gen_forge_table.sh
View File

@ -42,7 +42,7 @@ intro()
printf %s\\n 'The following forges have no significant ethical issues:'
;;
gray)
printf %s\\n 'These forges are not as seriously flawed as the blacklisted ones, but they should still be avoided if possible. Non-Cloudflare sites that use a Cloudflare NS server pose a risk for disruptions because they can trivially and spontaneously flip a switch and route all your traffic through Cloudflare, potentially cutting access to some of your contributors.'
printf %s\\n 'These forges are not as seriously flawed as the blacklisted ones, but they should still be avoided if possible. Non-Cloudflare sites that use a Cloudflare NS server pose a risk for disruptions because they can trivially and spontaneously flip a switch and route all your traffic through Cloudflare, potentially cutting access to some of your contributors. Dead sites are also graylisted because if they come back online, they are known to be unreliable.'
;;
black)
printf %s\\n 'These forges have severe ethical or trust issues and should be boycotted:'
@ -133,7 +133,7 @@ $(intro $lst)"'
case when forced_nfsw then '${sym[biohaz]}' else 'n' end,
case when notes is null then '|' else notes||'|' end
from forgesTbl where lst_kind = '$lst'
order by url_clrnet collate nocase;"
order by software,url_clrnet collate nocase;"
printf $'\n'
done
};#table_md