Missing Legal/Terms of Service at https://greenlock.domains/app/legal.html #2
Zamknięty
by Ghost opened 6 lat temu
·
14 komentarzy
Ładowanie…
Reference in new issue
Nie ma jeszcze treści.
Usuń gałąź '%!s(MISSING)'
Usunięcie gałęzi jest trwałe i NIE MOŻE zostać cofnięte. Kontynuować?
The link is missing https://greenlock.domains/app/legal.html.
Can we please move this project back to GitHub?
I do not trust a third-party hosting, but I do truly appreciate your support on this project and continued efforts to maintain it yourself.
Thanks for creating the issue about the legal link. I'll fix it. In the mean time you can see the legal information at https://greenlock.domains/legal.html
The git repository is hosted by the creator of the software, @coolaj86. I'm not sure I understand why you would rather trust a giant corporation (ie: Github/Microsoft) than the person who wrote the software and is maintaining it (who you would have to trust anyways). In this case, the real 3rd party would actually be Github/Microsoft, not git.coolaj86.com.
I don't mean to berate you for your question. I often come across that way in text, and if I do in this case, I apologize. If you have a concern about the repository being hosted here instead of github, please open another issue and go into deeper detail about your concerns so we can try to understand them better.
We know it's not the typical way of hosting repositories these days, but we think it's a better model for the users and the developers of the repos. Please know, we are not likely to move the repositories back to Github as a result of the opened issue. We would be more likely to modify our hosting setup, build a service to help address the concern, or decided that it is an acceptable draw-back than to move the repositories back.
edit: PS. I'll let @coolaj86 go into why the repos were moved in the first place, if he would like.
Don't worry - I expected a response like this, and I apologize for not providing more detail for my reasons for posting this issue.
There are three main reasons why I am concerned it is not hosted on GitHub:
Thanks for the report.
I'm pretty committed to 1st part hosting from now on considering my experience with Github and my former startup.
Here I know it will always be available and I won't have political or legal issues.
In fact, I'm really surprised that more projects still use github when gitea requires almost no setup and makes it not just possible but easy to embed google analytics, build a community that you have direct access to, and have your own branding.
If you want to get away from 3rd party hosting, Gitea gets my full endorsement:
https://www.youtube.com/watch?v=dTvTBlzKqgg
There's a fourth reason why as well, and that's because Gitea has horrid Markdown support (hence why my post above got formatted improperly).
Also there's a link on your site that has alt-text of GitHub and an OctoCat but it points to Gitea https://coolaj86.com/ - just so you know!
DNS
I host my own DNS, so when akamai is getting DDOSed and the whole internet is down (or Githb, as happens several times a year), this is still up and ticking.
Contributors
This was a concern that I had at first, but the quality of contributors we get self-hosted is far higher than we ever got before.
OAuth
The OAuth sign-in sucks. Terribad. That's an open issue. I'll ping the designer I've been working with again about this to see if we can get something to implement here immediately after and pull request to gitea soon after.
Github isn't terribad
Gitea is just so much better in almost every metric that I care about. The OAuth thing I do want to see a resolution to.
@coolaj86 I understand that, but unfortunately if something were to happen to you - what is your back-up plan? Does someone else have access to your DNS management and admin of your servers/domains/hosting? What happens if something happens to both of you? I trust GitHub for this reason alone.
If something happens to AJ, all these repos can be forked and hosted/managed anywhere else (even github!). So, I'm not sure why this would be a big concern.
There isn't an NPM organization managing the project through, there's currently only one collaborator on NPM on all these packages as far as I can tell.
e.g. https://www.npmjs.com/package/greenlock-koa
Just having a third-party manage my SSL certificate + middleware that is at the top-level of my app is a huge security concern.
I also just tried to edit a comment here and save it and couldn't, here was JavaScript in console... :sad:
I'd gladly sponsor this project if it was all moved back to GitHub.
I would rather address your concerns in relation to publishing our team hierarchy and security posture than moving to github.
Also, I upgraded to v1.4.2, which has the comment issue fixed.
At this point we have added multiple users to the new organization on npm and are continuing to move forward with better organization. Closing this ticket for now. Thank you for the input and any further input you have on how we can improve is truly appreciated. We know we do it differently than most teams and while we aren't interested in switching to the usual way of doing things, we are genuinely striving to solve any paint-points or concerns along with our way, as we are able. We encourage you to open a new ticket at any time.