Compare commits
2 Commits
042bc63f97
...
d4a2a516e4
Author | SHA1 | Date |
---|---|---|
humanacollaborator | d4a2a516e4 | |
humanacollaborator | 0c8c612584 |
|
@ -7,27 +7,35 @@ The following forges have no significant ethical issues:
|
|||
|
||||
| *forge* | *registration publicly open* | *software* | *Tor-hostile* | *sensitive info exposed to CloudFlare* | *forced re/hCAPTCHA* | *forced execution of non-free software* | *notes* |
|
||||
|---|---|---|---|---|---|---|---|
|
||||
([🧅](http://githidep2hynhdmutuv7n2tei4iie2c7lyqz5fes3r5zzoxe5dshtxyd.onion))|💀|other/unknown|n|n|n|n|**dead site**|
|
||||
([🧅](http://githidep2hynhdmutuv7n2tei4iie2c7lyqz5fes3r5zzoxe5dshtxyd.onion))|💀||n|n|n|n|**dead site**|
|
||||
[codeberg.org](https://codeberg.org)|🟢|Gitea|n|n|n|n|functions without any JavaScript and the JavaScript that exists is all 1st-party ([ref](https://github.com/privacytoolsIO/privacytools.io/issues/843#issuecomment-483830547))|
|
||||
[framagit.org](https://framagit.org)|🟢|Gitlab (CE)|n|n|n|n||
|
||||
[git.disroot.org](https://git.disroot.org)|🟢|Gitea 1.13.6|n|n|n|n|SSH over Tor works|
|
||||
[git.fuwafuwa.moe](https://git.fuwafuwa.moe)([🧅](http://git.fuwafuwaqtlkkxwc.onion))|🟢|Gitea|n|n|n|n|SSH over Tor broken; HTTPS over Tor works|
|
||||
[git.hardenedbsd.org](https://git.hardenedbsd.org)|🟢|Gitlab (CE)|n|n|n|n|possibly restricted to BSD efforts|
|
||||
[git.jami.net](https://git.jami.net)|🟢|Gitlab (CE)|n|n|n|n|possibly restricted to Jami efforts|
|
||||
[git.nixnet.services](https://git.nixnet.services)|🔴|Gitea|n|n|n|n|formerly git.nixnet.xyz|
|
||||
[git.sdf.org](https://git.sdf.org)|🟢|Gitea|n|n|n|n|SSH over Tor broken but HTTPS over Tor works|
|
||||
[git.slashdev.space](https://git.slashdev.space)|🟢|Gitea|n|n|n|n|SSH over Tor broken (try HTTPS over Tor)|
|
||||
[git.teknik.io](https://git.teknik.io)|🔴|Gitea|n|n|n|n||
|
||||
[git.jami.net](https://git.jami.net)|🟢|Gitlab (CE)|n|n|n|n|possibly restricted to Jami efforts; acces to help page blocked to non-members so CE/EE unknown|
|
||||
[git.nixnet.services](https://git.nixnet.services)|🔴|Gitea 1.13.1|n|n|n|n|formerly git.nixnet.xyz|
|
||||
[git.sdf.org](https://git.sdf.org)|🟢|Gitea 1.13.1|n|n|n|n|SSH over Tor broken but HTTPS over Tor works|
|
||||
[git.slashdev.space](https://git.slashdev.space)|🟢|Gitea 1.13.6|n|n|n|n|SSH over Tor broken (try HTTPS over Tor)|
|
||||
[gitlab.freedesktop.org](https://gitlab.freedesktop.org)|🟢|Gitlab (CE)|n|n|n|n|possibly restricted to Freedesktop efforts|
|
||||
[gitlab.gnome.org](https://gitlab.gnome.org)|🟢|Gitlab (CE)|n|n|n|n|possibly restricted to Gnome efforts|
|
||||
[gitlab.torproject.org](https://gitlab.torproject.org)|🟢|Gitlab (CE)|n|n|n|n|open registration; repo creation possibly restricted; Google reCAPTCHA is [allegedley](https://lists.gnu.org/archive/html/repo-criteria-discuss/2021-03/msg00000.html) used, but [not at registration time](https://gitlab.onionize.space)|
|
||||
[launchpad.net](https://launchpad.net)|🟢|Launchpad|n|n|n|n|It's [unknown](https://wiki.freephile.org/wiki/Comparison_of_git_hosting_options) whether it functions without JavaScript; no wiki|
|
||||
[notabug.org](https://notabug.org)([🧅](http://qs3zumwfci4tntnd.onion))|🟢|Gogs|n|n|n|n|based on [liberated](https://notabug.org/hp/gogs) fork of Gogs; [supports Tor](https://notabug.org/tor) (the *onion* web UI is currently disabled in response to attack but the onion site accepts git connections); supports SSH keys and SSH over Tor to NAB's onion service; no e-voting; NAB doesn't associate PGP keys to users, so PGP signed commits may be unavailable or more manual work needed.|
|
||||
[source.puri.sm](https://source.puri.sm)|🟢|Gitlab (CE)|n|n|n|n|open registration; *not* restricted to puri.sm efforts; no CAPTCHA (confirmed March 2021)|
|
||||
[source.puri.sm](https://source.puri.sm)|🟢|Gitlab (EE)|n|n|n|n|open registration; *not* restricted to puri.sm efforts; no CAPTCHA (confirmed March 2021)|
|
||||
[source.small-tech.org](https://source.small-tech.org)|🔴|Gitlab (CE)|n|n|n|n||
|
||||
[sourceforge.net](https://sourceforge.net)|⛔ (exclusive walled garden)|other/unknown|n|n|n|n|**access granted or denied based on national origin**; Important site [functionality does not work without non-free JavaScript](https://www.gnu.org/software/repo-criteria-evaluation.html); access granted or denied based on national origin|
|
||||
[sourceforge.net](https://sourceforge.net)|⛔ (exclusive walled garden)||n|n|n|n|**access granted or denied based on national origin**; Important site [functionality does not work without non-free JavaScript](https://www.gnu.org/software/repo-criteria-evaluation.html); access granted or denied based on national origin|
|
||||
[sr.ht](https://sr.ht)|🟢|Sourcehut|n|n|n|n|javascript-free|
|
||||
[yerbamate.dev](https://yerbamate.dev)|💀|Gitea|n|n|n|n|**dead site**|
|
||||
|
||||
## Graylist
|
||||
|
||||
These forges are not as seriously flawed as the blacklisted ones, but they should still be avoided if possible. Non-Cloudflare sites that use a Cloudflare NS server pose a risk for disruptions because they can trivially and spontaneously flip a switch and route all your traffic through Cloudflare, potentially cutting access to some of your contributors.
|
||||
|
||||
| *forge* | *registration publicly open* | *software* | *Tor-hostile* | *sensitive info exposed to CloudFlare* | *forced re/hCAPTCHA* | *forced execution of non-free software* | *notes* |
|
||||
|---|---|---|---|---|---|---|---|
|
||||
[git.hardenedbsd.org](https://git.hardenedbsd.org)|🟢|Gitlab (EE)|n|n|n|n|**Cloudflare NS server (they can route all traffic via CF at the flip of a switch)**; possibly restricted to BSD efforts|
|
||||
[git.teknik.io](https://git.teknik.io)|🔴|Gitea 1.9.0|n|n|n|n|**Cloudflare NS server (they can route all traffic via CF at the flip of a switch)**|
|
||||
|
||||
## Blacklist
|
||||
|
||||
These forges have severe ethical or trust issues and should be boycotted:
|
||||
|
@ -36,8 +44,8 @@ These forges have severe ethical or trust issues and should be boycotted:
|
|||
|---|---|---|---|---|---|---|---|
|
||||
bitbucket.org|🟢|Bitbucket Server|n|n|n|☣|**Amazon AWS-hosted**; needs non-free javascript that [clusterfucks uMatrix](https://github.com/privacytoolsIO/privacytools.io/issues/843#issuecomment-483830547); has some relationship with Netlify; access to source code [restricted](https://en.wikipedia.org/wiki/Bitbucket#Bitbucket_Server)|
|
||||
git.feneas.org|🟢|Gitlab (CE)|n|n|⚒|☣|reCAPTCHA impedes registration and imposes non-free s/w|
|
||||
git.openprivacy.ca|⛔ (exclusive walled garden)|other/unknown|👁|n|n|n|Tor users get 404 - suspected botnet; [listed](https://codeberg.org/crimeflare/cloudflare-tor/src/branch/master/cloudflare_users/cloudflare_supporter.txt) as a Cloudflare supporter|
|
||||
github.com|⛔ (exclusive walled garden)|other/unknown|n|n|n|☣|**access granted or denied based on national origin**; [copious ethical issues](github.md)|
|
||||
git.openprivacy.ca|⛔ (exclusive walled garden)||👁|n|n|n|Tor users get 404 - suspected botnet; [listed](https://codeberg.org/crimeflare/cloudflare-tor/src/branch/master/cloudflare_users/cloudflare_supporter.txt) as a Cloudflare supporter|
|
||||
github.com|⛔ (exclusive walled garden)||👁|n|n|☣|**access granted or denied based on national origin**; [copious ethical issues](github.md)|
|
||||
gitlab.com|⛔ (exclusive walled garden)|Gitlab (EE)|n|🌩|⚒|☣|flagship instance running the *Enterprise Edition*; uses both hCAPTCHA & reCAPTCHA; heavily restricted with discriminatory policies; [copious ethical issues](gitlab-dot-com.md)|
|
||||
libregit.org|🔴|Gitea|n|🌩|n|n|reg by invite only|
|
||||
|
||||
|
|
|
@ -1,12 +1,13 @@
|
|||
create table if not exists forgesTbl
|
||||
(url_clrnet text,
|
||||
url_onion text,
|
||||
software text check(software in ('Bitbucket Server', 'Gitea', 'gitlab_ce', 'gitlab_ee', 'Gogs', 'Launchpad', 'Sourcehut', 'other')) not null default 'other',
|
||||
software text,
|
||||
lst_kind text check(lst_kind in ('black', 'gray', 'white')) not null default 'white',
|
||||
hrecaptcha text check(hrecaptcha in ('unavoidable', 'non-essential tasks', 'never')) not null default 'never',
|
||||
dead boolean not null default 0,
|
||||
openpubreg boolean not null default 1,
|
||||
cflogin boolean not null default 0,
|
||||
cfns boolean not null default 0,
|
||||
antitor boolean not null default 0,
|
||||
forced_nfsw boolean not null default 0,
|
||||
aws boolean not null default 0,
|
||||
|
@ -14,12 +15,14 @@ create table if not exists forgesTbl
|
|||
notes text,
|
||||
primary key (url_clrnet,url_onion));
|
||||
|
||||
/* check(software in ('Bitbucket Server', 'Gitea', 'gitlab_ce', 'gitlab_ee', 'Gogs', 'Launchpad', 'Sourcehut', 'other')) not null default 'other'*/
|
||||
|
||||
insert into forgesTbl (url_clrnet, software, forced_nfsw, aws, notes) values ('https://bitbucket.org','Bitbucket Server',1,1,'needs non-free javascript that [clusterfucks uMatrix](https://github.com/privacytoolsIO/privacytools.io/issues/843#issuecomment-483830547); has some relationship with Netlify; access to source code [restricted](https://en.wikipedia.org/wiki/Bitbucket#Bitbucket_Server)');
|
||||
|
||||
insert into forgesTbl (url_clrnet, url_onion, software, notes) values ('https://notabug.org','http://qs3zumwfci4tntnd.onion','Gogs','based on [liberated](https://notabug.org/hp/gogs) fork of Gogs; [supports Tor](https://notabug.org/tor) (the *onion* web UI is currently disabled in response to attack but the onion site accepts git connections); supports SSH keys and SSH over Tor to NAB''s onion service; no e-voting; NAB doesn''t associate PGP keys to users, so PGP signed commits may be unavailable or more manual work needed.');
|
||||
|
||||
insert into forgesTbl (url_clrnet, nation_discrimination, notes) values ('https://sourceforge.net',1,'Important site [functionality does not work without non-free JavaScript](https://www.gnu.org/software/repo-criteria-evaluation.html); access granted or denied based on national origin');
|
||||
insert into forgesTbl (url_clrnet, forced_nfsw, nation_discrimination, notes) values ('https://github.com',1,1,'[copious ethical issues](github.md)');
|
||||
insert into forgesTbl (url_clrnet, antitor, forced_nfsw, nation_discrimination, notes) values ('https://github.com',1,1,1,'[copious ethical issues](github.md)');
|
||||
|
||||
insert into forgesTbl (url_clrnet, software, notes) values ('https://launchpad.net','Launchpad','It''s [unknown](https://wiki.freephile.org/wiki/Comparison_of_git_hosting_options) whether it functions without JavaScript; no wiki');
|
||||
insert into forgesTbl (url_clrnet, software, dead) values ('https://yerbamate.dev','Gitea',1);
|
||||
|
@ -29,28 +32,30 @@ insert into forgesTbl (url_onion, dead) values ('http://githidep2hynhdmutuv7n2te
|
|||
|
||||
/* Gitea */
|
||||
insert into forgesTbl (url_clrnet, software, notes) values ('https://codeberg.org','Gitea', 'functions without any JavaScript and the JavaScript that exists is all 1st-party ([ref](https://github.com/privacytoolsIO/privacytools.io/issues/843#issuecomment-483830547))');
|
||||
insert into forgesTbl (url_clrnet, software, openpubreg, notes) values ('https://git.nixnet.services','Gitea', 0, 'formerly git.nixnet.xyz');
|
||||
insert into forgesTbl (url_clrnet, software, openpubreg) values ('https://git.teknik.io','Gitea',0);
|
||||
insert into forgesTbl (url_clrnet, software, openpubreg, notes) values ('https://git.nixnet.services','Gitea 1.13.1', 0, 'formerly git.nixnet.xyz');
|
||||
insert into forgesTbl (url_clrnet, software, openpubreg, cfns) values ('https://git.teknik.io','Gitea 1.9.0',0,1);
|
||||
insert into forgesTbl (url_clrnet, url_onion, software, notes) values ('https://git.fuwafuwa.moe','http://git.fuwafuwaqtlkkxwc.onion','Gitea','SSH over Tor broken; HTTPS over Tor works');
|
||||
insert into forgesTbl (url_clrnet, software, notes) values ('https://git.slashdev.space','Gitea','SSH over Tor broken (try HTTPS over Tor)');
|
||||
insert into forgesTbl (url_clrnet, software, notes) values ('https://git.slashdev.space','Gitea 1.13.6','SSH over Tor broken (try HTTPS over Tor)');
|
||||
insert into forgesTbl (url_clrnet, software, notes) values ('https://git.disroot.org','Gitea 1.13.6','SSH over Tor works');
|
||||
insert into forgesTbl (url_clrnet, software, openpubreg, cflogin, notes) values ('https://libregit.org','Gitea',0,1,'reg by invite only');
|
||||
insert into forgesTbl (url_clrnet, software, notes) values ('https://git.sdf.org','Gitea','SSH over Tor broken but HTTPS over Tor works');
|
||||
insert into forgesTbl (url_clrnet, software, notes) values ('https://git.sdf.org','Gitea 1.13.1','SSH over Tor broken but HTTPS over Tor works');
|
||||
|
||||
/* Gitlab */
|
||||
insert into forgesTbl (url_clrnet, software) values ('https://framagit.org','gitlab_ce');
|
||||
insert into forgesTbl (url_clrnet, software, hrecaptcha, notes) values ('https://git.feneas.org','gitlab_ce','unavoidable','reCAPTCHA impedes registration and imposes non-free s/w');
|
||||
insert into forgesTbl (url_clrnet, software, notes) values ('https://git.hardenedbsd.org','gitlab_ce','possibly restricted to BSD efforts');
|
||||
insert into forgesTbl (url_clrnet, software, notes) values ('https://git.jami.net','gitlab_ce','possibly restricted to Jami efforts');
|
||||
insert into forgesTbl (url_clrnet, software, cfns, notes) values ('https://git.hardenedbsd.org','gitlab_ee',1,'possibly restricted to BSD efforts');
|
||||
insert into forgesTbl (url_clrnet, software, notes) values ('https://git.jami.net','gitlab_ce','possibly restricted to Jami efforts; acces to help page blocked to non-members so CE/EE unknown');
|
||||
insert into forgesTbl (url_clrnet, software, cflogin, hrecaptcha, notes) values ('https://gitlab.com','gitlab_ee',1,'unavoidable','flagship instance running the *Enterprise Edition*; uses both hCAPTCHA & reCAPTCHA; heavily restricted with discriminatory policies; [copious ethical issues](gitlab-dot-com.md)');
|
||||
insert into forgesTbl (url_clrnet, software, notes) values ('https://gitlab.freedesktop.org','gitlab_ce','possibly restricted to Freedesktop efforts');
|
||||
insert into forgesTbl (url_clrnet, software, notes) values ('https://gitlab.gnome.org','gitlab_ce','possibly restricted to Gnome efforts');
|
||||
insert into forgesTbl (url_clrnet, software, hrecaptcha, notes) values ('https://gitlab.torproject.org','gitlab_ce','non-essential tasks','open registration; repo creation possibly restricted; Google reCAPTCHA is [allegedley](https://lists.gnu.org/archive/html/repo-criteria-discuss/2021-03/msg00000.html) used, but [not at registration time](https://gitlab.onionize.space)');
|
||||
insert into forgesTbl (url_clrnet, software, notes) values ('https://source.puri.sm','gitlab_ce','open registration; *not* restricted to puri.sm efforts; no CAPTCHA (confirmed March 2021)');
|
||||
insert into forgesTbl (url_clrnet, software, notes) values ('https://source.puri.sm','gitlab_ee','open registration; *not* restricted to puri.sm efforts; no CAPTCHA (confirmed March 2021)');
|
||||
insert into forgesTbl (url_clrnet, software, openpubreg) values ('https://source.small-tech.org','gitlab_ce',0);
|
||||
|
||||
update forgesTbl set forced_nfsw = 1 where hrecaptcha = 'unavoidable';
|
||||
update forgesTbl set lst_kind = 'gray' where lst_kind = 'white' and (aws or (notes is not null and (notes like '%google_cloud_hosted%')));
|
||||
update forgesTbl set lst_kind = 'gray' where lst_kind = 'white' and (aws or cfns or (notes is not null and (notes like '%google_cloud_hosted%')));
|
||||
update forgesTbl set lst_kind = 'black' where cflogin or antitor or forced_nfsw;
|
||||
update forgesTbl set notes = '**Cloudflare NS server (they can route all traffic via CF at the flip of a switch)**'||case when notes is null then '' else '; '||notes end where cfns;
|
||||
update forgesTbl set notes = '**Amazon AWS-hosted**'||case when notes is null then '' else '; '||notes end where aws;
|
||||
update forgesTbl set notes = '**dead site**'||case when notes is null then '' else '; '||notes end where dead;
|
||||
update forgesTbl set notes = '**forced h/reCAPTCHA**'||case when notes is null then '' else '; '||notes end where hrecaptcha = 'unavoidable' and notes not like '%captcha%';
|
||||
|
|
|
@ -42,7 +42,7 @@ intro()
|
|||
printf %s\\n 'The following forges have no significant ethical issues:'
|
||||
;;
|
||||
gray)
|
||||
printf %s\\n 'These forges would normally be blacklisted, but due to the short whitelist they are set aside as a less evil compromise to those blacklisted. They should still be avoided if possible.'
|
||||
printf %s\\n 'These forges are not as seriously flawed as the blacklisted ones, but they should still be avoided if possible. Non-Cloudflare sites that use a Cloudflare NS server pose a risk for disruptions because they can trivially and spontaneously flip a switch and route all your traffic through Cloudflare, potentially cutting access to some of your contributors.'
|
||||
;;
|
||||
black)
|
||||
printf %s\\n 'These forges have severe ethical or trust issues and should be boycotted:'
|
||||
|
@ -109,7 +109,7 @@ table_md()
|
|||
{
|
||||
printf %s\\n "# Directory of forges"
|
||||
|
||||
for lst in white black
|
||||
for lst in white gray black
|
||||
do
|
||||
if [[ "$lst" == black ]]
|
||||
then
|
||||
|
|
Loading…
Reference in New Issue