From 73c3dc4489c8c44ecb464a5c274f65620bc984df Mon Sep 17 00:00:00 2001 From: humanacollaborator Date: Wed, 27 Apr 2022 09:51:24 +0200 Subject: [PATCH] update graylist rationale --- forge_comparison.md | 4 ++-- input_data/forges.sql | 2 +- tools/gen_forge_table.sh | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/forge_comparison.md b/forge_comparison.md index 9829a61..797dbe6 100644 --- a/forge_comparison.md +++ b/forge_comparison.md @@ -8,7 +8,6 @@ The following forges have no significant ethical issues: | *forge* | *registration publicly open* | *software* | *Tor-hostile* | *Cloudflare MitM* | *forced re/hCAPTCHA* | *forced execution of non-free software* | *notes* | |---|---|---|---|---|---|---|---| [git.fsfe.org](https://git.fsfe.org)|✅|Gitea|n|n|n|n|Access intended only for FSFE projects and very small projects; SSH port: 22| -[gitnet.fr](https://gitnet.fr)|✅|Gitea|n|n|n|n|Forge is resource deprived. The admin (simonv) had to ask a project to leave his forge for [performance reasons](https://framagit.org/dCF/deCloudflare/-/issues/46)| [git.fuwafuwa.moe](https://git.fuwafuwa.moe)([onion](http://git.fuwafuwaqtlkkxwc.onion))|✅|Gitea 1.13.6|n|n|n|n|SSH port: 22; SSH over Tor [broken](http://git.fuwafuwaqtlkkxwc.onion/levena/fuwafuwa/issues/1); HTTPS over Tor works; onion site dead (maybe they have an onion v3 address now?)| [dev.sum7.eu](https://dev.sum7.eu)|✅|Gitea 1.14.0[⚠][gitea-bug]|n|n|n|n|| [git.eta.st](https://git.eta.st)|✅|Gitea 1.15.0[⚠][gitea-bug]|n|n|n|n|| @@ -38,12 +37,13 @@ The following forges have no significant ethical issues: ## Graylist -These forges are not as seriously flawed as the blacklisted ones, but they should still be avoided if possible. Non-Cloudflare sites that use a Cloudflare NS server pose a risk for disruptions because they can trivially and spontaneously flip a switch and route all your traffic through Cloudflare, potentially cutting access to some of your contributors. Dead sites are also graylisted because if they come back online, they are known to be unreliable. Codeberg is graylisted for falsely accusing a repository of illegal conduct and deleting the content of all forks from that project without evidence or redress. +These forges are not as seriously flawed as the blacklisted ones, but they should still be avoided if possible. Non-Cloudflare sites that use a Cloudflare NS server pose a risk for disruptions because they can trivially and spontaneously flip a switch and route all your traffic through Cloudflare, potentially cutting access to some of your contributors. Sites that are dead or previously dead are also graylisted because if they come back online, they are known to be unreliable. Resource deprived instances are graylisted because they may become unstable or unreliable in the future, or if your repo is resource heavy you may be asked to leave. Codeberg is graylisted for falsely accusing a repository of illegal conduct and deleting the content of all forks from that project without evidence or redress. | *forge* | *registration publicly open* | *software* | *Tor-hostile* | *Cloudflare MitM* | *forced re/hCAPTCHA* | *forced execution of non-free software* | *notes* | |---|---|---|---|---|---|---|---| ([onion](http://githidep2hynhdmutuv7n2tei4iie2c7lyqz5fes3r5zzoxe5dshtxyd.onion))|❌||n|n|n|n|**dead site**| [gitea.shuishan.net.cn](https://gitea.shuishan.net.cn)|❌|Gitea|n|n|n|n|**dead site**| +[gitnet.fr](https://gitnet.fr)|✅|Gitea|n|n|n|n|Forge is resource deprived. The admin (simonv) had to ask a project to leave his forge for [performance reasons](https://framagit.org/dCF/deCloudflare/-/issues/46)| [yerbamate.dev](https://yerbamate.dev)|❌|Gitea|n|n|n|n|**dead site**| [de.edumat.io](https://de.edumat.io)|❌|Gitea 1.5.2|n|n|n|n|**dead site**; no SSH| [git.teknik.io](https://git.teknik.io)|❌|Gitea 1.9.0|n|n|n|n|**Cloudflare NS server** (they can route all traffic via CF at the flip of a switch)| diff --git a/input_data/forges.sql b/input_data/forges.sql index fd81829..24790b7 100644 --- a/input_data/forges.sql +++ b/input_data/forges.sql @@ -96,7 +96,7 @@ insert into forgesTbl (url_clrnet, software, openpubreg, cfns, notes) values ('h insert into forgesTbl (url_clrnet, software) values ('https://git.stuxhost.com','gitlab_ce'); update forgesTbl set forced_nfsw = 1 where hrecaptcha = 'unavoidable'; -update forgesTbl set lst_kind = 'gray' where lst_kind = 'white' and (aws or cfns or dead or nation_discrimination or (notes is not null and (notes like '%google_cloud_hosted%' or notes like '%censor%' or notes like '%previously_down%'))); +update forgesTbl set lst_kind = 'gray' where lst_kind = 'white' and (aws or cfns or dead or nation_discrimination or (notes is not null and (notes like '%google_cloud_hosted%' or notes like '%censor%' or notes like '%previously_down%' or notes like '%resource_deprived%'))); update forgesTbl set lst_kind = 'black' where cflogin or antitor or forced_nfsw; update forgesTbl set notes = '**Cloudflare NS server** (they can route all traffic via CF at the flip of a switch)'||case when notes is null then '' else '; '||notes end where cfns; update forgesTbl set notes = '**Amazon AWS-hosted**'||case when notes is null then '' else '; '||notes end where aws; diff --git a/tools/gen_forge_table.sh b/tools/gen_forge_table.sh index 56904c1..573e8ed 100755 --- a/tools/gen_forge_table.sh +++ b/tools/gen_forge_table.sh @@ -53,7 +53,7 @@ intro() printf %s\\n 'The following forges have no significant ethical issues:' ;; gray) - printf %s\\n 'These forges are not as seriously flawed as the blacklisted ones, but they should still be avoided if possible. Non-Cloudflare sites that use a Cloudflare NS server pose a risk for disruptions because they can trivially and spontaneously flip a switch and route all your traffic through Cloudflare, potentially cutting access to some of your contributors. Dead sites are also graylisted because if they come back online, they are known to be unreliable. Codeberg is graylisted for falsely accusing a repository of illegal conduct and deleting the content of all forks from that project without evidence or redress.' + printf %s\\n 'These forges are not as seriously flawed as the blacklisted ones, but they should still be avoided if possible. Non-Cloudflare sites that use a Cloudflare NS server pose a risk for disruptions because they can trivially and spontaneously flip a switch and route all your traffic through Cloudflare, potentially cutting access to some of your contributors. Sites that are dead or previously dead are also graylisted because if they come back online, they are known to be unreliable. Resource deprived instances are graylisted because they may become unstable or unreliable in the future, or if your repo is resource heavy you may be asked to leave. Codeberg is graylisted for falsely accusing a repository of illegal conduct and deleting the content of all forks from that project without evidence or redress.' ;; black) printf %s\\n 'These forges have severe ethical or trust issues and should be boycotted:'