FSF Migrating From Savannah to Gforge

bluestrain writes "It's been almost 4 months since Savannah was hacked. The site is still not completely functional, no new projects have been accepted since December 2003. Now it seems that the FSF is abandoning Savannah in favor of Gforge. RMS himself has confirmed the plans. A few developers are questioning the change. Hopefully the dust will settle and savannah can start accepting projects again."

There are some pretty big sites running GForge...

[tcopeland]

...already. Savannah moving over is certainly a big one, though.

Stuff like this is why we're continuing to optimize GForge's SQL...

good news!

[larry+bagina]

No offense to the OSDN/Slashdot guys, but sourceforge has started to suck dick lately. Constant downtime, searches that don't work, CVS running a week late, and now PBS-style appeals for money on the front page.

If you just need a good (and free) public CVS server, what other options are there besides sf and gforge?

Re:good news!

[Queuetue]

Lately? I groan every time I see a project is hosted at sf - it means 20-minute mailing list searches, regular downtime, and the whole download-roulette game where you try to deal with the klunky interface and find a not-completely-dead mirror.

Re:good news!

[FreeLinux]

but sourceforge has started to suck dick lately.

I hadn't heard about this new feature. It could be rather interesting. But SourceForge has been having too many problems for too long. It seems as though no one is maintaining it, they simply disable a feature when it breaks. Additionally, I have always been concerned about having so many projects and information sites in a single OSDN basket. One never knows what the future holds for OSDN.

Re:good news!

[daishin]

Well, why dont you invest lots of money like SourceForge into servers and making it as good as it can be, I mean being over-loaded with people such as you who then complain that its starting to suck, well ofcourse it is and if its a problem you should help those good people out and donate resources to them.

Re:good news!

[sbrown123]

and now PBS-style appeals for money on the front page.


God Im gonna get flamed for this.

Anyways, maybe its not such a bad idea if Sourceforge required paid membership (like $50 a year) for file and cvs access. Seriously, I'd pay if the moneys right for better service and quicker file and cvs access.

Re:good news!

[0x0d0a]

I wouldn't work on an Open Source project that required me to pay to work on it. It's just not reasonable.

I can understand them providing additional services, like POP3 email access @sourceforge rather than just email forwarding, or something like that, for money. However, if SF tries doing something like this, they are, simply and plainly, going to go away.

Re:good news!

[scrytch]

> sourceforge has started to suck dick lately

That's what I call a feature.

thankya, I'll be here all week.

Re:good news!

[tcopeland]

> it means 20-minute mailing list searches,

Although SourceForge will be much faster now that PlayFair has moved to Sarovar :-)

No, but seriously, folks. If the top 10 projects moved off of SourceForge, I bet that'd eliminate 75% of the load. eMule alone gets downloaded a quarter-million times a day...

Open Source/Free Software

[0x0d0a]

I consider SourceForge to be representative of Open Source Software, and Savannah to be representative of Free Software.

It's amazing how accurately they seem to portray their respective ideologies.

Re:Open Source/Free Software

[Smitty825]

IIRC, back in the day (during the boom), SourceForge was released under the GPL. After the bust, they changed the license of the SF software to proprietary, and tried to sell it to the highest bidder.

I think that Savannah was forked from the GPL-based Sourceforge...

Ok, lets get this out of the way

[SuperBanana]

"Shouldn't that be GNU/Forge?"

"I for one welcome our Gnu project management overlords"

"In Soviet Russia, projects manage gnu!"

I can understand that.

[ideatrack]

This is probably uneducated on the matter, but I can understand why they want to move.

Frankly 4 months is way too long for the site to be "not completely functional" and it can't help but make you doubt the quality of the administration of the site if there weren't sufficient provisions in place for this eventuality. Any website is a target so any webadmin should have a plan in place.

When there are seemingly more secure options out there, more reliable anyway, then you'd go with them. Being faithful is one thing, but you can only do that for so long.

RMSs history on security

[Rapid+Home+Offer]

For Stallman, the opposition to security was both ethical and practical. On the ethical side, Stallman pointed out that the entire art of hacking relied on intellectual openness and trust. On the practical side, he pointed to the internal structure of ITS being built to foster this spirit of openness, and any attempt to reverse that design required a major overhaul. -- Free as in Freedom

The decision to move to GForge was made by Bradley Kuhn and the system adminitrators, according to Richard Stallman. They considered Savane could not be made secure enough. -- Sylvain Beucler, 2004

Seems like Stallman has lost sight of his roots!

Re:RMSs history on security

[winkydink]

Seems like Stallman has lost sight of his roots!

or he's starting to show signs of being realistic.

Re:RMSs history on security

[JamesKPolk]

Did you read the words you quoted? "The decision.. was made by Bradely Kuhn and the system administrators."

What do Stallman's roots have to do with it? Do you expect him to wield supreme veto power over anything done by anyone at the FSF?

Re:RMSs history on security

[Sunnan]

or he's starting to show signs of being realistic.

Yes. This is an increasing problem in our community - witness the GFDL debate. The RMS of old was wildly - some would say blindly - utopian. "No passwords", "Everyone can learn how to program", "It's possible to write a free operating system including compiler tools and editor".

We owe a lot of the results we've seen to that lovely, crazy optimism.

Sometimes you're wrong, of course, and get bitten - but sometimes you are very right. The success of the free software movement is testament to this.

Subversion support?

[jared_hanson]

Anyone know if they can get subversion support in their as long as they are going through the effort to switch? I'd really like to see a free OSS hosting solution using all the latest and greatest tools. That and I'm not to sure about trusting the future of SourceForge, given VA's seemingly complete retraction from the open source community.

Re:Subversion support?

[Electrawn]

I don't think Subversion has taking the beating CVS has at Sourceforge and Savanah. If they offered CVS and Subversion concurrently, that would be great, but with the penetration of subversion clients in IDEs and the like, I'd like to see CVS stick around a bit.

Sourceforge is now a commercial product with commercial bugs. A perfect case study of what not to do with OSS code. No significant alternatives have appeared to challenge SourceForge other than Savannah. Considering the bandwidth costs I doubt any others will step up.

-Electrawn

-Electrawn

Re:Subversion support?

[monac]

Somebody was working on gforge supporting subversion through webdav. His project name was Dforge or something. Can't check it atm. Gforge site seems slashdotted and down now. I remember he made a working alpha or beta version of Dforge when i checked a few days ago.

Subversion is so convenient and I also switched to subversion recently. Supporting subversion or Webdav may have many potential advantages in its flexible architecture. I hope webdav be integrated into Gforge into its next mainstream version.

Re:Subversion support?

[tcopeland]

> His project name was Dforge or something

Yup, it's DForge; Sung Kim is working on it. You can read his post about it here.

Gforge is very specialized.

[Electrawn]

Gforge may be great for high traffic sites like Savanaah, but for low traffic 1-10 project sites I use Xoops+MyXoopsForge or Novell Forge. I think Savanahh made a good choice here, but they are stuck once they port. Novell Forge is the other choice.

GForge uses some highly optimized transaction stuff and database functions inside postgres that probably should be in the PHP layer.

Reminds me to port MyXoopsForge to postnuke to take advantage of ADODB! Compatibility or speed?

-Electrawn

Re:Gforge is very specialized.

[LWATCDR]

Why have the transactions in the PHP layer? Lots of databases now support transactions including MySQL.

Re:Gforge is very specialized.

[Electrawn]

Why have the transactions in the PHP layer?

Compatibility vs. Speed. I don't like the fact Gforge is highly optimized for Postgres only. And in the Faq that they refuse to accept MySql patches. Thats pretty arrogant, but it's their project.

I like abstraction layers like ADODB or php PEAR. Either allows you to migrate from say MySql to Oracle or Postgres to DB2 with 1 or 2 PHP code chages. Moving the data is a different story, but it can be done.

-Electrawn

Re:Gforge is very specialized.

[tcopeland]

> And in the Faq that they refuse
> to accept MySql patches

It's not that simple. It'd be a fair bit of work to port GForge to MySQL, and for what gain? PostgreSQL is fast, stable, and open source. And targeting PostgreSQL means we can write stored procedures to make hotspots faster.

I agree that abstraction layers are good, though - we've chatted on the forums a bit about the pros and cons of refactoring towards PEAR.

Re:Gforge is very specialized.

[Electrawn]

Wouldn't be to MySQL per-se, would be more porting to an abstraction layer like PEAR or ADODB (ADODB fan myself for speed).

The ability to support MySQL or Sqllite or whatever would just be an side benefit of the abstraction layer, the real benefit is now you can hook into oracle or IBM dbs.

Just have to give up those in the DB functions.

-Electrawn

RMS in hospital?

[slipgun]

I don't have time to discuss this further. I am in the hospital and falling behind on my other work.

He's in hospital? Nothing serious, I hope.

Re:RMS in hospital?

He's got FLU/Linux

Re:RMS in hospital?

[Original+AIDS+Monkey]

Every few months, the cops come get him and force him to take a sponge bath, it's not big deal.

Re:RMS in hospital?

[JLyle]

He's in hospital? Nothing serious, I hope.

Umm, why is this comment modded as "+3, Funny"?

Re:RMS in hospital?

Aparently he had a broken arm last October (Inqurier article too). Related problem? He's only 51. There's no mention of any other event on his personal homepage.

Richard Stallman in hospital

Let everyone hope that Richard Stallman gets well soon.

Re:Richard Stallman in hospital

[Paul+Fernhout]

I hope he gets well soon too. He's a remarkable person who has made a great contribution to society (whether one agrees with all his philosophy or not).

VA is pimping SourceForge as tool for outsourcing.

Go look for yourself. VA is pimping SourceForge off as a tool to help companies ship jobs overseas. They don't even hide the fact.

Have a look for yourself: VA Software

Re:Open Source at its finest

Windows: Years in the making, hacked every day, still not working.

Mountain? Mole-hill?

[mellon]

It sounds like a total of two people are questioning this decision, which is a small number given how many people use savannah. I have rarely seen a controversy about GNU end so quickly - there were a total of about ten messages in the thread. There is always someone for whom any change is a big tragedy.

As to losing track of roots, maybe RMS is getting a little bit more pragmatic in his old age. It's all very well and good to say "we should do X" when you have the resources to do X, but if you don't have the resources to do X, then saying "we should do X" is just stupid.

The diff between GForge, SourceForge and Savannah

1) Savannah is insecure.
2) GForce is nice.
3) VA advertises SourceForge as a tool to help companies ship jobs overseas. Go look at their website for yourself if you don't believe it. They're not even bashful about it. I'm not surprised people are leaving it in droves, if not for sucking, but for the fact they're (the developers) are getting dicked as well.

Re:gforge slashdotted?

[jared_hanson]

GForge doesn't actually host projects (besides its own). It is simply a software package used to maintain and coordinate development efforts. If/when the FSF switches to GForge, it will be up to them to provide the resources necessary to handle the large amounts of traffic and projects. That responsibility does not fall on GForge.

Re:VA is pimping SourceForge as tool for outsourci

[sashako]

What's so wrong with using the techinical tools for outsourcing. If you don't like this trend, I understand you. But the best way to fight IMHO is to promote a law that requires paying the US (or watever country's corporation is outsourcing) minimal wages to the workers in India, Russia, etc. This will not allow them (us) compete only on price.

You're out of context, and way off

[Rapid+Home+Offer]

The very next words I quoted said, "according to Richard Stallman". Well, I guess you see that as him throwing his hands up in the air and giving up. You don't know Stallman very well, do you? If you recognized the way RMS works, you'd know that on religious differences like this, he is very pedantic and doesn't stop.

I mean, read the following made up quote to realize that I'm right: "The decision to move to MS IIS was made by Bradley Kuhn and the system adminitrators, according to Richard Stallman. They considered Apache could not be made secure enough."

Sure, this comparison isn't exactly valid because GForge is GPL'd and Apache is way more secure than IIS, but Richard "St. Ignucius" Stallman's brain is not wired like most people's, and believe me, he has veto power on all religious issues.

Re:For Benefit of Lazy Bastards...

[Electrawn]

Sourceforge, also code named Alexandria. Original concept of a public development and collaboration for Open Source Projects. Last code base available was about 2000 before VA took the project Closed source for commercial purposes.

Savannah: Fork of Alexandria code for GNU projects. I evaluated it but it was too kludgy to understand.

GForge: Fork of Alexandria code by former Sourceforge developer. Rips out foundries and is for optimized PHP and Postgresql and Apache. Patches for Oracle in beta, refuses mysql patches.

Novell Forge: Fork of XoopsForge that uses LDAP and Novell directory server. Needs Xoops 2.0 to run.

XoopsForge: Fork of Alexandria that runs as a module in Xoops. Not much Dev activity, most dev in Novell Forge.

MyXoopsForge: Fork of XoopsForge that has some active development. Used for forge.xoops.org

The only thing that may compete in the same space that is somewhat similar is PHPGroupWare.

-Electrawn

About gna.org

Many of the previous savannah contributors have already moved to gna.org, which is sometimes referred to as savannah's successor.
I have already moved all my projects to gna a month ago. Gna is way more stable and way faster than savannah. I love it.

The full quote sheds some light

[eldacan]

Thank you for providing a link to the text, which confirmed my impression that we're speaking about different kinds of "security" (and that the way you presented the quotes is misleading).

Here is a more comprehensive quote:

At the AI Lab, Stallman's political activities had a sharper-edged tone. During the 1970s, hackers faced the constant challenge of faculty members and administrators pulling an end-run around ITS and its hacker-friendly design. One of the first attempts came in the mid-1970s, as more and more faculty members began calling for a file security system to protect research data. Most other computer labs had installed such systems during late 1960s, but the AI Lab, through the insistence of Stallman and other hackers, remained a security-free zone.

For Stallman, the opposition to security was both ethical and practical. On the ethical side, Stallman pointed out that the entire art of hacking relied on intellectual openness and trust. On the practical side, he pointed to the internal structure of ITS being built to foster this spirit of openness, and any attempt to reverse that design required a major overhaul.

"The hackers who wrote the Incompatible Timesharing System decided that file protection was usually used by a self-styled system manager to get power over everyone else," Stallman would later explain. "They didn't want anyone to be able to get power over them that way, so they didn't implement that kind of a feature. The result was, that whenever something in the system was broken, you could always fix it."9

Through such vigilance, hackers managed to keep the AI Lab's machines security-free. Over at the nearby MIT Laboratory for Computer Sciences, however, security-minded faculty members won the day. The LCS installed its first password-based system in 1977. Once again, Stallman took it upon himself to correct what he saw as ethical laxity. Gaining access to the software code that controlled the password system, Stallman implanted a software command that sent out a message to any LCS user who attempted to choose a unique password. If a user entered "starfish," for example, the message came back something like:

I see you chose the password "starfish." I suggest that you switch to the password "carriage return." It's much easier to type, and also it stands up to the principle that there should be no passwords.10

Users who did enter "carriage return"-that is, users who simply pressed the Enter or Return button, entering a blank string instead of a unique password-left their accounts accessible to the world at large. As scary as that might have been for some users, it reinforced the hacker notion that Institute computers, and even Institute computer files, belonged to the public, not private individuals. Stallman, speaking in an interview for the 1984 book Hackers, proudly noted that one-fifth of the LCS staff accepted this argument and employed the blank-string password.

Clarification

[0x0d0a]

Savannah is lesser used -- there are fewer adherents of Free Software than Open Source.

The Open Source stance (as exemplified by ESR) is a more pragmatic one than an ideological one -- that people should use Open Source rather than Free Software because it *works better* than closed source, not because of a moral or philosophical mandate. The primary issue that SourceForge detractors bring up is that the current codebase is not available; this is an issue to a number of people strongly ideologically aligned with Free software, who want to interact with nothing but Free software. There is a parallel here. Since SF costs nothing, works well, and helps spread and facilitate open source software, there are few pragmatic issues with SourceForge that Savannah solves. Thus, the issues with Open Source that Free advocates have are mostly the same complaints that are raised about SourceForge.

Savannah's main issues are caused by a lack of people working on it, and it is currently less ready-to-go than SourceForge. It's HURD and Linux in a mirror.

Savannah makes its feelings on the importance of Free software very clear with the nongnu and gnu names. The SF people don't particularly place a lot of emphasis on someone being associated with a project or having a particular license -- there's no sourceforge.sortaopen.net for BSD-licensed projects, for instance.

Finally, while this is more germane to this story than to SF in general, the politics in the linked-to story remind me a good deal of the complex and never-ending debates about Free software purity that come up more frequently in the Free Software world.

I suppose that a lot of Free advocates are going to view this as a bit flamish -- I guess it's a bit cutting in that it identifies that Savannah hasn't been operating as well as SourceForge, but I don't feel that it's particularly false or misleading.

I use the GNU utilities as well as Apache every day -- I like both chunks of software.

I also, as people who read my posts frequently know, tend to often feel a bit frusterated with Free advocates. I do, not infrequently, think that Free folks can come off as a bit too rabid to the general public -- this mainly becomes an issue when media, desperate for some kind of figurehead for the open source world, settle on RMS, and he propagates his (intimidating to a CTO) views on intellectual property. I also remember when the Crystal Space team (an excellent LGPLed 3d engine), wanted to be absolutely correct WRT the GPL and valuing Stallman's input, wrote him to ask for a bit of clarification on a licensing detail. Stallman's response, an enlightening read, highlights a good deal of what I consider the difference between Open Source folks like Jorrit and Free folks like Stallman.

Re:Clarification

[Brandybuck]

there's no sourceforge.sortaopen.net for BSD-licensed projects, for instance.

That's because the BSD license is 100% Free Software, with the imprimatur of Richard M. Stallman himself, and 100% Open Source Software, certified by the Notorius Public at OSI.

It is not "sortaopen", it is open!

Re:Clarification

[0x0d0a]

Really? What makes you think OSDN won't start charging for SourceForge.net in the future? If so, what's your plan to migrate your projects to another server? If the SourceForge code were available, anybody would have the Freedom to start up a successor. That's what GForge is for.

Don't you view that as a sort of paranoid approach?

I mean, sure, if GForge works as well as SF, then it might be a good choice. But slamming SF because you think that they're suddenly going to clamp down on all the data they serve, without any evidence to support such a claim...that's paranoid. I recognize that there is a risk, but there's risks everywhere -- it's essentially impossible to eliminate everything. What if the FSF goes bad? Perhaps more plausibly, what if Stallman has a heart attack and a corporation manages to gain control (via bribery or whatnot) of the FSF, and hence has the freedom to write the GPLv3, with which GPL software by default can be automatically moved to. There was some discussion of giving special privileges to GPL-friendly companies, which IIRC what started Linus on his "I'm releasing my software under GPLv2 only" kick. The GPL controls a phenomenal amount of IP, probably more than any other legal document in history -- the ability to affect that document would be worth almost anything.

We have no way of knowing for certain who will turn out to be a baddie. We just try to generally reduce risk and react as things happen. Thus far, I've been pleased with the services provided by SourceForge, and have no reason to think that they will change their stance in the future.

The only difference between nongnu.org projects and gnu.org projects is that Free Software Foundation Inc owns the copyright in the source code of gnu.org projects.

Sure, but given all the domain names in the world, Savanah chose to use the domain name "nongnu.org", and proposes that software projects on SourceForge move there. Frankly, that's a political message that they propose that an awful lot of people should look at each day.

Free Rider Problem; Tragedy of the Commons

[David+Hume]

Well, why dont you invest lots of money like SourceForge into servers and making it as good as it can be, I mean being over-loaded with people such as you who then complain that its starting to suck, well ofcourse it is and if its a problem you should help those good people out and donate resources to them.

I understand your point. I too don't like it when somebody complains about a good or service that is provided free or at below cost.

However, the post to which you are responding may also have a point. The free rider problem and the tragedy of the commons (or, perhaps more precisely, tragedy of the net-commons) are inherent and endemic problems with Open Source software and projects.

Let's face it, Open Source projects are classically Marxist -- i.e., To each according to their needs, from each according to their ability. I'm not saying that to red-bait. On the contrary, I think it is kind of nice. :) However, it does require certain assumptions regarding human nature -- e.g., that people will act from good will, not be "lazy" (or place a different value on leisure), not freeload, etc.

Which I guess is my way of saying that, given these problems, I'm always surprised when people are surprised when an Open Source or Free Software project is over-burdenend and/or under-supported.

Re:Free Rider Problem; Tragedy of the Commons

[David+Hume]

Yeah, minor issue though - SourceForge is owned by VA Software (LNUX on Nasdaq) who has reaped millions from their IPO. Sourceforge is no more open source than www.microsoft.com is.

VA Software may be a for profit company, but SourceForge still "provid[es] free hosting to tens of thousands of projects." If that isn't sufficient to create a free rider problem and a bandwidth tragedy of the commons, nothing would.

And while VA Software may have "reaped millions from their IPO," one may wonder where all of that money is now.

Slashcode is specialized too

[Electrawn]

I could be, but who uses slashcode? If you want blogging software you can use Moveabletype or livejournal.com / greatestjournal.com .

Oh? Slashdot a news site? Sorry. Xoops for Mission Critical stuff, Php-nuke, Post Nuke and any derivatives, tikiwiki or some other CMS derivative.

No one cares about Slashcode because no one uses it other than Slashdot.

-Electrawn

Not exactly.

[devphil]

There are two reasons this decision is somewhat controversial for those of us maintaining FSF-related projects:

1. The decisions are made in a closed environment.
2. The Savannah admins have not demonstrated sufficient competence nor responsiveness. (Not meant to be a personal attack; I think they only have a few part-time volunteers.)

For example, GCC is under constant pressure by RMS to move from its own server (that happens to be hosted at Red Hat) and onto Savannah. But this pressure has been resisted for the same reasons, and it will continue to be resisted regardless of what "packaged development environment" Savannah is using.

With regard to the pair above, (1) the GCC maintainers have never been invited to share their concerns with the Savannah maintainers; when they speak up, they're ignored, and (2) Savannah gets fscked up on a regular basis, and complaints are ignored. For example, Savannah is supposed to be mirroring the GCC CVS repository, but it falls over constantly, leading to even higher load on the GCC servers as users switch over. The Savannah team has a long long way to go if they want to hold themselves up as a reliable open development site.

Re:There are some pretty big sites running GForge.

[NightSpots]

It's unfortunate, because the code is insecure as hell.

For instance, 'source.php' lets you view the source of files, but only if 'sys_view_source' (a global) is set in the config.

Of course, they don't check to see HOW it is set, but rather, allow you to pass it on the _GET global, which overrides the config, which, of course, lets you view the source of any file:

Compare:

http://gforge.org/source.php?file=source.php


http://gforge.org/source.php?sys_show_source=tru e& file=source.php

Nice, eh?

Re:There are some pretty big sites running GForge.

[gavinroy]

This would seem to be more a function of how *PHP* on the gforge server is setup. If register_globals is on, this will happen, if register_globals is off, which it is by default in the recent (read at least 1 year or more) stock php tarballs, this would not occur.

Re:There are some pretty big sites running GForge.

[gavinroy]

The PostgreSQL community is also migrating to GForge from GBorg. I'm pretty excited to see the outcome. There are some things I'd like to see in GForge, which can easily happen if enough people take the time to submit patches, such as modular support for revision control systems. Remember GForge is a fork of Sourceforge, maintained by one of the original architects and authors of Sourceforge.

Re:Time for IWW?

[sashako]

International union might not help here, because e.g. my income is 4 times greater than average income in Russia, and it is sufficient for sustaining a very comfortable life here. So, the union of this sort here will not succeed because there will _always_ be too many people who will agree on the smaller salaries. So US workers who's jobs are being stolen are the _only_ force that is interested in this legislation.

P.S. I am not in the outsourcing business right now,quit it 2 years ago, but it is still setting the compensation levels for software engineers here.

My thoughts on Savannah

[dyfet]

I have always felt that, rather than having a single mass community site, like a master sourceforge or Savannah site, where most projects congregate, it would be much better to have a lot of little "xforge" sites scattered about and that can then be more specialized to the needs of different groups and projects over time; that individual universities, companies, and even individual project maintainers, could easily setup and deploy locally or through common hosting services; and then to have specialized master search or index sites that could locate and aggregate projects easily from remote xforge's...

The problem of the single Sourceforge site or Savannah site is that it is a single point of failure. Many projects will be down if sourceforge or Savannah, for example, are down for extended periods of time. Having smaller project sites will at least mean failures will be far more localized and far less disruptive to the community as a whole.

The problem in the original sourceforge code is that it was impossible to easily customize or deploy, and this remained fairly true even after the heavy hacking done on the Savannah branch. If gforge has finally solved this problem, and makes it relatively easy to deploy xforge-like sites, then I see this as a very promising development indeed.

Re:There are some pretty big sites running GForge.

[imr]

Incredible, it's the same exact example that i found by following the link in the article.
http://mail.gnu.org/archive/html/savanna h-hackers/ 2004-04/msg00191.html
You must be its author!

Re:There are some pretty big sites running GForge.

[gavinroy]

Of course the ultimate solution to this particular "problem" is to use $_GET, $_POST, or $_REQUEST, instead of relying on register_globals, and in the case of source.php that would be what, a 2 minute fix?

Re:Mountain? Mole-hill?

[tcopeland]

> what's the GForge license?

GPL.

Re:VA is pimping SourceForge as tool for outsourci

Since when has the "community" been restricted to citizens of the USA only? In case you missed it, the USA has been siphoning jobs and people away from the rest of the world for DECADES now. But I guess when it is India losing people to the USA everything is fine, hmm?

Re:For Benefit of Lazy Bastards...

[Dark+Lord+Seth]

GForge: Fork of Alexandria code by former Sourceforge developer. Rips out foundries and is for optimized PHP and Postgresql and Apache. Patches for Oracle in beta, refuses mysql patches.

Why? No seriously, I wouldn't support a project once I encounter this kind of attitude. People often go "Well, it's their project so they have the final say about it.", which is bullshit. If you're going to start your own OS project and be a complete jackass to people who use it, ( In short, your developers, bugtesters, QA people, support staff AND users all in one. ) then DO NOT START A DAMNED OS PROJECT. Look what's happening to Xfree86 for example; they went anal about licensing and voila, the OS community gave them the collective middle finger and it's highly likely that in a few years time Xfree86 wil be nothing more then an interesting little footnote in computing history. Remember people, don't just open your source, alos open your mind. And for the love of Eris, get rid of that crap "No matter how fucked up/lacking things are, my will be done. Infidel." attitude.

On a slightly different note, doesn't this whole idea about SF, one of the flagships of the OS community, is actually closed source and used to promote offshore outsourcing seem painfully ironic? Especially when one considers Slashdot is actually part of VA Software? Don't you subscribers love to know that your hard-earned money might one day be used to A) buy these people a penis extension on four wheels with an engine and B) fire this guy and replace him with Deeptendu Chakrapani from Bangladesh? At least the spelling will improve, though...

Yet another app that's hardcoded to hell and back

[Tadghe]

From the gforge faq, on why it doesn't support Mysql (see http://gforge.org/docman/view.php/1/24/faq.html)

"You could do it, but why bother? To quote Tim Perdue - "GForge could not be made to run on the primitive MySQL database without serious hacking, and I won't accept those kinds of changes back into the system. For the amount of work involved in such a project, you'd be better off taking an hour to learn postgres. It's a superior database in every way, with the only point of debate being speed on simple 'hello world' type applications".

It'd be a lot of work because:

1. GForge uses Postgres stored procedures, so you'd have to convert those into PHP functions

2. GForge uses Postgres functions like pg_connect, so you'd have to replace those with the MySQL equivalents

3. GForge uses subselects, so you'd have to rewrite those to use temporary tables or whatever (MySQL 4.1 supports subselects, so once it becomes production-ready, this won't be a barrier anymore)
"

So what they are telling me is that this thing is hard coded around PG specific routines..... That's NOT a good thing, I don't care what they think about Mysql (ditto applies to DB2, SapDB (Now MaxDB), Informix or Sybase).

Someone call me when these guys get a clue.

Re:Marxism is irrelevant

[David+Hume]

Let's face it, Open Source projects are classically Marxist...

No, they aren't.

Marxism was an 19th-century economic theory. 19th-century economics treated the existence of scarcity as an axiom. Because of this and other reasons, neither it nor classic capitalism can explain what's going on in the open source movement.

I can't address your "other reasons" because you don't specify what they are. I can, however, address the issue of "scarcity."

Scarcity still exists. With regard to Source Forge, bandwidth is limited and still costs money. With regard to Open Source and Free Software projects, the great and continuing scacity is that of time.

How do you want to spend your time? Playing with your children? Helping them with their homework? With you wife? Working for money?

Or working on an Open Source or Free software project that many people will download and use without making compensation or making a contribution? If the latter, I thank you, and I mean that sincerely. However, the problem of scarcity -- the scarcity of your time -- remains.

Re:VA is pimping SourceForge as tool for outsourci

[MenTaLguY]

I might take that as a valid comparison if either gcc or the Internet were proprietary products explicitly advertised as being tools for shipping work overseas.