1. 76
  1.  

  2. 31

    Regardless of how someone feels about these changes, they seem to be well implemented and alternatives readily provided through the use of standard formats. It’s nice to see these sorts of changes being communicated clearly and with plenty of time.

    1. 30

      I especially like the “and if you don’t like it, here’s how you can take all your data with you when you go”

      1. 14

        This kind of grown-up attitude & approach is alone sufficient in significantly raising my interest in the platform.

        1. 4

          It’s a really nice platform. I use it exclusively for personal projects now, and I’m loving it. I haven’t done much collaboration on the platform, so I can’t say much about that, but otherwise it’s great.

          I know Drew kind of built a reputation for himself, and think what you want of him, but he’s doing right by FOSS with Sourcehut, I feel.

    2. 27

      We will exercise discretion when applying this rule. If you believe that your use-case for cryptocurrency or blockchain is not plagued by these social problems, you may ask for permission to host it on SourceHut, or appeal its removal, by contacting support.

      I do appreciate that this isn’t a blanket statement and your project can appeal. That process alone is a deterrent for the ‘bad’ projects alluded to. There’s also nothing that prevents you from hosting AGPL’d SourceHut yourself and still contributing upstream which is more than you can say about the most popular code forges currently.

      1. 18

        While I personally wouldn’t send every blockchain-adjacent project packing if this were my sandbox, I find this refreshing. In a universe where their competitors shut off access in the middle of the night with little or no explanation, and no access to your data, SourceHut is giving people a couple months notice and telling everyone how to export their data and migrate to either a self-hosted instance or to their competitors.

        I also found this note interesting:

        We take account termination seriously, and use it only as a last resort. In the history of SourceHut, only two users have been banned. The first user was harassing maintainers and failed to respond to emails seeking to discuss their behavior. The second used SourceHut to advocate for the rights of pedophiles to sexually abuse children.

        1. 11

          Drew Devault (creator and proprietor of SourceHut) does not have an account here. If you’re interested in his comments on this decision in another forum, he was active in this Hacker News discussion (indeed, he submitted it himself):

          https://news.ycombinator.com/item?id=33403780

          1. 14

            To be precise, he does have an account here, but he was banned.

          2. 33

            Few to no legitimate use-cases for this technology have been found; instead it is mostly used for fraudulent “get rich quick” schemes and to facilitate criminal activity, such as ransomware, illicit trade, and sanctions evasion. These projects often encourage large-scale energy waste and electronics waste, which contributes to the declining health of Earth’s environment.

            True, and good riddance.

            1. 8

              I’m very much not a fan of blockchain related stuff. However it’s sad to see that code hosting platforms decide who they host based on for the lack of a better word politics and personal feelings. I can understand it when things are a legal problem to the company and I even think they should have the right to remove projects based on their opinion, but blocking a blockchain project for “social ills” feels a bit like Google banning AGPL projects from their code hosting platform.

              Like I said I think it should be the project’s right, but it’s an overall sad affair because of what it implies. I also agree that how this is handled is otherwise pretty professional. It’s also good that you can host SourceHut yourself.

              Still, I think the general trend of removing access for people outside of legal reasons especially for something as neutral as source code is a bad direction overall.

              I also think that saying that spam and abuse is a pretty good reason, given SourceHut is also known for its excellent email support. Most measures countering spam also tend to move towards some form of centralization. I’m a bit worried that people will simply find other technologies to use to scam, spam and bring upon other social ills. Actually they do, it’s just email spam is shrinking (also due to centralization) and cryptocurrencies, etc. are simply still in their hype stage.

              What I am trying to say, is that I’m pretty sure that on SourceHut (and others) there is certainly code used for some form of bad, potentially even really bad. I also think a lot of software can be used and effectively is used burn down the planet to make someone rich. As I said, I am really much not a fan of blockchain and I think not much software does so on a similar scale[1]. I think however that the question of what’s justifiable is philosophical. When we talk about energy consumption and other topics people will have different opinions on interplanetary travel, space tourism, cloth driers, fireworks, gaming rigs, Christmas and Halloween decorations, all things related to concerts, sports events, ironing, keeping the coffee warm in the coffee machine and simply trying out stuff for research or entertainment.

              In the end you have to also ask what a benefit is, what people would in reality (not just in best case) to instead and so on. This isn’t just true for blockchains, but also for other things you might throw from your platform. So if you make such decisions remaining consistent is somewhere from hard to impossible, because of the philosophical nature. So I am not really sure if it’s a good idea for any platform to really make such decisions on their own. It gets a lot more complex, of course, if you think about social networks and what they should and shouldn’t prevent, or whether they should just apply law, etc.

              [1] Even though with such things I always hope that someone ends up doing better, because it’s seemingly big and profitable enough for people to keep doing it, just like speculation with crude oil, food, etc.

              1. 12

                This viewpoint would have been very understandable in the 2000s, when forges were the only way to share code. If a popular forge back then had banned an entire license or endeavor, it would have caused an uproar. (Some forges did have a ban on licenses that they did not like, but usually the ban was phrased as “Free Software only,” which apparently was less objectionable.)

                However, today we can just distribute git bundles via Bittorrent (see e.g. gittorrent for a prototype) or magic-wormhole or any other peer-to-peer secure transport. No forge is necessary in order to broadcast code to thousands of developers. This, along with the sheer number and scale of free forges, has made it impractical to imagine censorship solely via forge policies.

                All that said, there’s two points I want to isolate from your rant. First, if source code is neutral, then why does it have owners and maintainers? I just want to highlight the contradiction; it doesn’t need a definitive answer. Second, what goes into a human’s decision besides their personal feelings? What you decry as “politics” is merely the refinement of opinions by people acting within a social context. What else could we bring to bear on the problem? Not computers; by Rice’s theorem, we can’t decide whether an arbitrary uploaded package of Turing-complete source code is bad for humanity.

                1. 1

                  Rice’s theorem just means there’s no formal way… I can still make my (political) judgment, like for example is done here on lobste.rs with flagging and voting.

                  1. 2

                    And even formally speaking, Rice’s theorem is not valid for computers. It’s only valid for fictional Turing machines, which cannot exist in reality due to their infinite memory capacity.

                  2. 1

                    First, if source code is neutral, then why does it have owners and maintainers?

                    I don’t understand that question. Houses, hammers, food, pets, lawns, etc. are all neutral to me and have owners and maintainers. I just want to highlight the contradiction; it doesn’t need a definitive answer.

                    This, along with the sheer number and scale of free forges, has made it impractical to imagine censorship solely via forge policies.

                    I wasn’t talking about censorship in that sense, but simply removing projects off a platform. I was talking about how these things are relatively inconsistent in nature.

                    All that said, there’s two points I want to isolate from your rant.

                    I wouldn’t have called it a rant, as in there was nothing I was arguing against really. Like I said I think that they have every right, but was wondering what the baseline for removing code was.

                    Second, what goes into a human’s decision besides their personal feelings? What you decry as “politics” is merely the refinement of opinions by people acting within a social context.

                    That’s exactly the point I’ve been trying to make. Law vs personal feeling/politics/philosophical reasons.

                    What else could we bring to bear on the problem?

                    Either we “outsource” it (eg. law), say we allow everything or try to formulate a baseline. Or we do nothing at all and recognize it’s just a personal decision, so effectively on the same level “on a whim”, which don’t get me wrong is absolutely fine with me. Like in this and my previous post multiple times, is just as valid. After all it’s their project, hosting. Just like you can remove pretty much everyone from your apartment if you want to, just as like you don’t have to be friends, not buy products, etc.

                    It’s more that because as you seem to agree on there is no way to say what’s “bad for humanity” I wonder how such decisions are made. So that’s why I didn’t mean it as a rant, but as more a philosophical curiosity. If you had a similar project that is a platform for people, other projects, etc. How do you make a in best case consistent decisions of what is allowed and what isn’t in the real world.

                    1. 2

                      Aha! I think that we should give an answer for the first question, then. My suggestion will be that ownership and maintainership are social constructions, and as such, they don’t actually exist. This is a neat resolution, if maybe a bit humbling: humans are silly to think themselves owners of source code, houses, pets, etc.; these things fundamentally cannot be owned, and ownership is an illusion.

                      1. 1

                        What can be owned then? If nothing that word is useless.

                        Also I see being a maintainer as someone who keeps stuff running, make sure the roof doesn’t have holes, no mold grows, etc. for the house to not fall apart or in terms of code doing chores from accepting pull requests to updating dependencies or adapting code so it can still be executed for example. I don’t really see a social construct there, because it doesn’t really define anything on the social level, like it can be the one who (legally) owns the house, it can be a group of people, it can be volunteers, etc. Maintainer is just someone who maintains, and maintaining doesn’t really feel like a social construct (in most situations).

                        For ownership. Yep, that’s a social construct, pretty much per definition. I wouldn’t call it an illusion I think, but if you mean simply that it’s not really rooted in the physical world I agree. It’s a social construct, by society, (partly) codified in law. So basically, if the society doesn’t agree upon it (for example by law), yes it doesn’t exist. But at large society seems to agree in most situations so that make it real, like as in friendships, marriages, you name it.

                        Maybe I am missing something, but I just don’t really see what that has to do with the above. A house (or a building) can have the social construct of an owner or maintainer. I’d still consider the house to be neutral.

                        I’d like to go further with what I mean by neutral. In various countries there’s bunkers, flak towers, etc. from WW2. One might say they are not neutral, because someone used them to shoot, probably defending an ideology you disagree with (cause basically all sides have them). Being hard to remove they still remain and are used for all kinds of very unrelated things, from simple monuments against war to museums, to art galleries, climbing opportunities and even aqua parks. So what I meant with neutral is two things. One is that it’s note like if one would be hosting a social media page, images, etc. where I would say things are “less neutral” (so using neutral as a scale here). I think code tends to be more neutral, because like buildings they can be used in various ways.

                        I am not arguing that you cannot write code with certain intentions or that you can act like your code is completely unrelated to you. I am arguing about what we talked earlier, that it’s very hard to see what directions code will take. Say you make a blockchain, the twelve millionth or something by now I am sure, and ten people run the code, because they are either huge fans or are developing on it. Who says that the next commit won’t be something that in a completely different context will be extremely good for humanity, similar to every now and then something that originated in military technology, never really being used that much there finds its way into other fields, GPS, internet, medicine, power generation, infrastructure, etc. After all I think that the two parts that blockchain came from are really good. Cryptographic logs (so in a way blockchain without proof of work) and hashcash (the proof of work part) are pretty good idea. If hashcash was widely implemented I think we’d spend a lot less time fighting spam and had to waste fewer computing resources on it. E-mail might be more federated (as in not as centralized as it is becoming) on top of it.

                        I even have a real life example of something related to blockchain projects. A lot of programming languages got working JSON-RPC implementations, because I think Bitcoin uses it. At least these libraries seem to always be tied to blockchain projects, when searching on GitHub or elsewhere. I am not saying this justifies it by the way. It’s just to give an example.

                        At the same time with AI/neural network/deep learning we are beginning to see really bad uses, and I think this will keep going and probably get worse. Does that mean it should be banned? I know people have very different opinions on that. I personally have no clue and certainly wouldn’t want to dictate that. At the same time I think we’ll likely see a lot of good uses there still. And people will certainly disagree which uses are good or bad.

                        We’ve seen the same with internet, cryptography, machines, vehicles, etc. And things like military nuclear technology killing many innocent people in a very cruel way found its way into healthcare, saving people’s lives.

                        What I am saying is complex and since pretty much everyone has to draw lines somewhere in live I am curious about what leads people to their decision on where they put the line. It often feels arbitrary or copying arbitrary lines of others.

                  3. 13

                    People decide things based on feelings all the time, it’s called a personal moral compass. For example, I decided based on feeling to not read your whole post because it’s very long and I didn’t feel incredibly interested.

                    1. 0

                      Are you a “code hosting platform”?

                      1. 0

                        Of course; I use a hard drive as a platform to host my own code. I should probably use more than one, such as for backups or whatever.

                    2. 6

                      something as neutral as source code

                      Source code is not neutral. Every decision a programmer or designer makes that ends up in the source code has the potential to affect the range of choices, or lack of choice, of the software user. Every choice a platform makes to host code, or not, affects the viability of certain software and software endeavors. These are political decisions already, and Sourcehut isn’t the first platform to enact a politics. I just find it refreshing that they’re being as open as they are.

                    3. 7

                      This definitely significantly lowers my opinion of SourceHut as a code hosting platform. Previously, I thought of it as something that I didn’t personally use or need to use (I run a personal Gitea instance for my own code and have Github accounts for contributing to specific projects that have chosen to use Github as their main locus of development), but that was also potentially useful for other people. With this decision I would actively anti-recommend SourceHut it to anyone for any reason. I think cryptocurrency technology is generally good, and I would like to discourage relying on the hosting services of a person who deliberately doesn’t host cryptocurrency-related free software projects, or who states “Projects which seek out cryptocurrency donations are strongly discouraged from doing so, but will not be affected by this change.”.

                      Ultimately, though, this is just another case of “the cloud is just someone else’s computer”, even when that someone else is an identifiable individual like Drew DeVault who makes principled decisions about what they are willing to use their own computers for. Any time you as an end user purchase compute resources on someone else’s hardware, you’re relying that they won’t decide to stop selling to you for their own political reasons. For this reason, I’m interested in projects like Radicle which are trying to make the hosting of content on the internet more decentralized, and therefore harder to censor by platform owners.

                      1. 7

                        While I understand that any private entity can choose its customers and change its terms at any time, I think more thought should be put into these kinds of decisions…

                        While I completely agree that any “threatening or harassing” or any other kind of illegal activity or content should be dealt with, I don’t think blockchain and crypto-currency related source code falls under any of these categories. Sure, many blockchain and crypto-currency “projects” might actually be financial ponzi schemes and detrimental to both the society and the environment, but banning all such related projects is quite an overreaction…

                        For example, on an unrelated project I’ve searched for some technical solutions and found two outcomes of crypto-currency projects that are just extremely original and useful even outside the crypto-currency context: https://github.com/BlockchainCommons/LifeHash and Bech32 encoding. Would the code for such projects be banned from SourceHut? (Perhaps not if hosted individually outside a blockchain or crypto-currency repository, but who knows, their main purpose is for crypto-currencies.)

                        Moreover it creates a precedent… If the owners of SourceHut tomorrow decide they don’t like say AI-based image generation projects will they ban those next? Or perhaps (open-source) projects that when run display ads? Where does the banning stops once it gets started?

                        While I don’t use (pay for) SourceHut myself (thus I perhaps shouldn’t have an opinion about these changes) I did keep a close eye on SourceHut developments as an alternative to GitHub, but this change in their terms made me think twice about possibly moving there…

                        As said in the beginning, it’s their company thus it’s their decision…

                        1. 16

                          The precedent to ban projects already exists across providers. They generally have terms of service that excludes certain kinds of content. Take the child abuse example from the post. This isn’t as slippery of a slope as you make it seem, and as you already pointed out they can choose their customers and their terms. It just sounds like this choice is one you disagree with.

                          1. 2

                            Look what happened when the media industry got mad at youtube-dl for “assisting piracy” or whatever–when it covers so many use cases. Meanwhile, piracy is often the best archival system we have for digital media as those corps let it rot.

                          2. 5

                            Drew definitely had put thought into it. I participated in the chat on IRC.

                            1. 4

                              I am curios what the thought process was? Which were the highlighted advantages and disadvantages of such a decision (both for the SourceHut business and for the development community at large)? How much good would banning any crypto-currency and block-chain related project achieve? (Are there many such projects hosted on SourceHut?)

                              The only reasoning behind this decision is given in the beginning of the article:

                              These domains are strongly associated with fraudulent activities and high-risk investments which take advantage of people who are suffering from economic hardship and growing global wealth inequality. Few to no legitimate use-cases for this technology have been found; instead it is mostly used for fraudulent “get rich quick” schemes and to facilitate criminal activity, such as ransomware, illicit trade, and sanctions evasion. These projects often encourage large-scale energy waste and electronics waste, which contributes to the declining health of Earth’s environment. The presence of these projects on SourceHut exposes new victims to these scams and is harmful to the reputation of SourceHut and its community.

                              Not to mention the following suggestion:

                              Projects which seek out cryptocurrency donations are strongly discouraged from doing so, but will not be affected by this change.

                              Getting back to the listed reasons:

                              • “to facilitate criminal activity” – Tor is especially useful in such scenarios; will SourceHut ban the Tor project (or other similar onion-routing projects)? also especially useful are the many “end-to-end encrypted” chat applications; should we ban them?
                              • “often encourage large-scale energy waste” – hell, the whole AI/ML landscape is another prime example of technologies that just waste energy for trivial reasons such as image generation; perhaps we should ban also this category?
                              • “electronics waste” – how about the gaming industry, which push users to continuously upgrade their good-enough hardware; should we start banning games that require newer hardware?
                              • “illicit trade” – anything actually can be used facilitate such purposes;
                              • “sanctions evasion” – and in the end, any open-source project that can be used by anyone in a sanctioned country, just allowed that country (in some manner) to evade sanctions by using the labor of the open-source developers in the sanctioning countries; should we start banning access from such sanctioned countries?
                              1. 5

                                I don’t know anything more about SourceHut’s reasoning than you - I’ve just read the same announcement - but it seems to me that it isn’t being banned because of the uses you mentioned, it’s because those are (nearly) the only uses. So the fact that other technologies can also be used for those purposes isn’t really relevant.

                                1. 2

                                  I don’t want to misrepresent Drew’s position, I think it’s best if you ask him personally by e-mail.

                              2. 4

                                We will exercise discretion when applying this rule. If you believe that your use-case for cryptocurrency or blockchain is not plagued by these social problems, you may ask for permission to host it on SourceHut, or appeal its removal, by contacting support.

                                I think this is more than fair and also answers your question. They are specifically mentioning the exact target of these terms, and they are the projects which you call ’“threatening or harassing” or any other kind of illegal activity or content ’.

                                1. 2

                                  He makes exceptions, like for example my project, see: https://news.ycombinator.com/item?id=33404815

                                  1. 2

                                    I could see those two projects being “unbanned” or whatever if they filed an appeal with Drew. I know in the past they (Sourcehut) had issues with crypto-related repositories using their CI service to mine, and ended up removing access to CI for non-paying members.

                                    I pretty much agree with the decision they made, because if something is going to be negative 99% of the time, I’m just going to automate around most cases being negative while providing an out for the 1% chance it’s positive.

                                  2. 9

                                    Being polite about this and reserving judgement as if these were just regular software projects gives undeserved legitimacy to cryptocurrencies and blockchain vaporware projects. For every “I don’t know, maybe it will work someday” scammers run with it and sell it as “you see, the revolutionary magic riches are coming real soon, invest now!”.

                                    I think it’s great when sites like this reject the scams explicitly, from position of authority. This is more meaningful than battling it out in comments.

                                    1. 5

                                      I have learned that service provider run with free software has freedom of decision-making. It is a good point that the service provider’s decision does not take away the freedom of the user to use the software.

                                      1. 2

                                        AGPL FTW!

                                      2. 13

                                        This makes me very happy, crypto is a life-destroying scam and it’s always great to see it treated as such.

                                        1. 3

                                          IMO it sets a somewhat nasty precedent, but in the end the reasoning is sound.

                                          1. 2

                                            Actually after some contemplation it is probably okay because it outlines why this decision is being made and can serve as a guideline for any similar bans in the future. So if your software isn’t much associated with fraud, crime, or financial scams, then you’re probably in the clear.

                                          2. 3

                                            I think that’s the first time I see communication from SH indicating a clear way to get your account deleted, by refusing the ToS change rather than providing a “delete my account” button. Good!

                                            My bank does the same thing occasionally “here are the new ToS for your account, go away if you don’t like them”. :)

                                            1. 2

                                              Am I the only one willing to say that as government control of every aspect of society grows, the ability to perform illicit transactions becomes more and more important? Yes, “criminals” will use it to buy things you think shouldn’t be bought, but it also allows you to buy things other people think you shouldn’t be able to have. And if you think think you’re going to live out the rest of your life without the need to buy something somebody powerful thinks you shouldn’t have, you’re dreaming.

                                              1. 1

                                                That’s a valid position, if fringe, but it’s not reasonable to expect every tool provider to adhere to it. We’re talking about one forge here, there are dozen of others to choose from.

                                              2. 2

                                                This makes github more network neutral than sourcehut, if network neutrality is still a thing.

                                                1. 2

                                                  It’s not, in this case.