Introducing the new SourceForge(sourceforge.net) |
Introducing the new SourceForge(sourceforge.net) |
What exactly is "new" besides the brutally awful design and color scheming? I see the same malware laden downloads that can be found anywhere else on the internet, surrounded by ads as was there before. Over 600 separate HTTP requests and counting on a project page? Really? You seriously expect developers to use this?
But holy crap this is terrible. 101 requests while using an adblocker, 116 without. Of those requests I count 62 of them being to download Javascript. More than half?!
Out of curiosity, retried using pingdom's tools: https://tools.pingdom.com/#!/z7f8e/https://sourceforge.net/p...
It gets a solid D, unsurprisingly. They saw over 200 requests, 43% were javascript calls, and javascript made up more than 52% of the final page content loaded. That's just nuts, considering what the site actually is.
I don't like to pick on websites and developers that much, but holy crap what were they thinking? Did they even consider what the experience is like outside of their dev laptop or using a fast network?
I got 7 ad-warnings on "uBlock Origin" and the page is lean.
But maybe they stopped injecting ads into open-source downloads at least? Can't imagine why anyone would trust them again.
3rd line of the article and first of the "what's new" bullet points:
> Removed bundled adware from projects
Even logged in I still get a ridiculous number of things loaded. The biggest culprits look to be the foundation javascript stuff (I'm assuming that's a javascript framework) being loaded from fsdn.com. Every request made, hurts, unless you're lucky to be using HTTP/2.0 (they don't support 2.0), and even then you've got to think about interpreter starting/loading/parsing/executing time. For every script.
They're also passing parameters in the javascript urls (e.g. handlebars.js?1515608140) which really meddles with caching etc.
The latency situation gets even worse if you're anywhere but on a fast connection (so lots of end users in their global target market).
I like the overall look of the new site, but it's a performance nightmare.
However, if you could publicize -- anywhere -- how you plan to monetize, that would be very useful in building back user trust (just my 2c).
Also, re design - it would be very useful to have something comparable to Github/Bitbucket (and Gitlab I guess), all of which are in a similar space. Perhaps one for the roadmap?
Thanks again!
What does sf.net have to offer that github (or gitlab which is the "open source not-github github", or bitbucket) doesn't?
Look, I think the brand has a lot of baggage with the tech community. You just can't put ads in downloads and expect it to all blow over.
I don't know how you go about re-building trust after something like that.
Bug: The floating bar on the right side, "Recent Posts" etc. I can never see the last box. When I get to the bottom of the page it's still covered.
EDIT: There's also this[1] alignment issue in the settings wrt to "City of residence" where the text field is off by ~1 pixel.
EDIT2: On the page where I uploaded my SSH key[2], it says updates occur after a small delay. The linked page in the docs says that this delay is ~30 minutes. In any case, I was able to begin using SSH immediately. If that info is no longer fresh, I suggest removing it, especially since it's probably a turnoff for a lot of users.
EDIT3: When I run sf-help --web at the shell, it prints an error:
[colbyrussell@shell-22009 ~]$ sf-help --web
Use of uninitialized value $user in concatenation (.) or string at /usr/bin/sf-help line 96
Obviously the malware thing was really bad, but in general I think it gets a bad rap because it wasn't the trendy new thing. I personally liked the old UI, but I'm happy for the new change because it's good for the future of the platform.
Edit: now that I think of it, ive used a githook in bitbucket too.
|Browse|Blog|Deals|Help|Create|Join|Login|
Then when you scroll down, the top menu changes to:
| Articles | Internet Speed Test | Menu |
| |
| BIG AD BANNER |
| |
I appreciated Sourceforge and it was a big part of my gateway experience into opensource, but now it just looks like an amateur startup :(
(In a large-ish FOSS project, we are trying to move to self-hosted Gitlab, but the lack of sync means that people have to fully buy-in or manually sync their extensions/modules, which is causing major friction)
Also, the awesome SF hosting (SSL and a SQL DB included), much better than GH Pages IMO.
I used Slashdot for many years, starting when Rob Malda ran the site. The past year or so has been the worst, in my opinion, even when considering the Beta era of discontent.
The stories used to be primarily about tech (or related subjects), with a minor focus on politics. But lately I think it has been the opposite. There is much more emphasis on general politics, with tech being a minor focus, in my opinion.
While I'm not very interested in politics to begin with, what bothers me the most is how partisan I think things have gotten. The stories have what I consider a rather left-wing bias. The same goes for the modding, where I think it's common to see centrist and right-wing comments often downmodded, even when they express a very reasonable and relevant set of ideas.
I feel that Slashdot has moved from perhaps being an open, varied, quasi-libertarian environment to one that's much less open, much less diverse, and much less enjoyable.
So I stopped visiting it about a month ago, and I don't miss it at all.
I left for basically the same reason, but quite a while ago. I forget which of the editors it was, but he would interject politics into everything. And even after people asked for a politics section (which could then be turned off), to keep politics out of the tech stuff, he would still put political stuff all over the place.
Not attacking the Abbotts and their SlashDotMedia and BizX web media influencer conglomerate, 100% legitimate way of doing business, but an overall observation on services that can't be operated as standalone businesses.
Also an illustration how big the tech dependency on advertising is, from Google to this. Remove ads from the web and a shitload of stuff disappears.
GitHub is a paid for service that is profitable and provides the same as sourceforge.
No idea if anyone working on sourceforge is likely to be here or not but I would love to know if I could get an API of the projects there or even just a list. I would like to add more of souceforge into searchcode.com and would prefer to not scrape the site.
It feels.. strange, and more responsive than the old stuff. I guess that's just change.
I never was a fan of github, I always preferred the geodistribution of SF, and of course it was so easy to make binary packages for end users. It's a shame the other people had to ruin a great place with selling the adware space, and Im so glad it's all gone.
I just fear in this environment of hipster flash with no substance, that a well rounded site like SF will never get the hipster VC financing that github does.
I hope you guys don't shutter any time soon, I love SF!
- the ticket system (connectors to external systems, boards, etc.)
- CI connectors
- integrations for team systems (Slack, MS Teams, ...)
The new design looks pretty good, or at least more modern. Also I just wanted to emphasize with you that you had to field the same "do you still bundle malware" question...eight times by my count.
Any plans to add this feature? Or is there a control to enable it that I'm missing?
Is it a got repo? Mercurial? Something else completely?
I'm honestly not sure if you wouldn't be better off changing the name of the service to something else at this point. People who just want to download binaries won't care what the name is, and developers who want to use the full spectrum of services will have enough bad associations with the name "SourceForge" at this point that keeping it could end up driving away more users than it attracts. And all the time and energy it'll take to rehabilitate the SourceForge brand could just as easily go towards building up some new brand instead, without all the baggage the old name carries.
(It's possible I'm overestimating how long peoples' memories are here, of course. But when I hear "SourceForge" I still think of all the bad stuff they did in the past, so presumably there are at least a few others out there like me as well.)
> My company acquired SourceForge
It's interesting how often you mention they were acquired by someone else but not by whom. It cannot be a secret, but you don't seem to want the parent company known either.
I just spent an hour going down the rabbit hole. Every time I click the "owned by" link, another "owned by" reference appears.
position: sticky; /* Frames are back, baby! */I'm never going to interact through that as a developer on daily basis. Not even considering the poor UI for just every feature in SF.
The only thing SF has for it, currently, is a mailing list for each project. GitHub and GitLab should have this. Interaction and discussion though "issues" is horrible.
The SourceForge sync tool appears to only include release syncing as far as I can tell (the wording is ambiguous and the docs only mention import, not active sync, so I'm not sure what they provide?).
For what it's worth, GitLab does have import tools in CE[2]. You can also use repository mirroring (along with any other Enterprise Edition features) if you're an open source project on GitLab.com.
[0]: https://gitlab.com/gitlab-org/gitlab-ce/issues/18732 [1]: https://gitlab.com/gitlab-org/gitlab-ce/issues/18732#note_47... [2]: https://docs.gitlab.com/ee/user/project/import/github.html
We could duct tape a solution, or coerce people to do it manually, but we manage a lot of custom scripts already, which we hope to deprecate thanks to Gitlab. It also affects negatively the perception that we are using the right tool for the job. Our community is divided between those who want to use only Github, and those who want to avoid depending on it.
We currently have around 300 active users, and we are projecting around 500 users next year (as we move more and more projects into it). At USD$40/user/year, that would be between $12k to $20k/year? Our project is oriented at non-profits, and everything runs on small margins, lots of volunteers. We can afford some financial support, but not $12k/year. I wrote to Gitlab sales but never received a response.
(apologies for the off-topic)
In this context I think they're referring to tools to automatically sync your git/wiki/releases etc from Github to other platforms like Gitlab.
* Removed bundled adware from projects
* Implemented malware scans for every single project on SourceForge
* Built an HTML5 speed test
* Added multi-factor authentication
* Created an ad reporting tool and team to eliminate bad and/or deceptive ads
* Removed ads for developers (logged in users will not see any ads)
* Added HTTPS support for project website hosting
This is like a restaurant advertising "we've stopped intentionally poisoning our food!"
They don't deserve any chances after that. They're done.
- Add a bunch of hooks into GitLab that allow it to "hand-off" at sensible points to a list server such as Mailman
- Mailman has a huge Python API (http://mailmanclient.readthedocs.io/en/latest/). The biggest potential gain is likeliest to come from the people who want this coming up with the integrations themselves, but the roadblock there is lack of knowledge of GitLab's internals
- I'm not sure what the best way would be to handle #2. I wonder how good the community's mental model of GitLab is.
The download stats are misleading too -- the top 2 projects are MS's truetype fonts and an old (outdated) Notepad++ plugin repo that is encouraging you to go to Github instead.
I can't think of a good reason to use SourceForge for anything.
Agreed. It would be a huge win for GitHub or GitLab to provide this service. There really are no great alternatives beyond hosting a mailman server yourself.
I've never really needed to interact with devs much, so I'm quite naive on mailinglists vs issues. The biggest thing I guess I see missing with modern systems is the lack of threading.
What capabilities/benefits do mailinglists have over modern approaches? What functionality has been lost?
Mailing lists are completely terrible for anything.
I don't know if I'm representative of the majority, but if I need to download some software and find that it's hosted on Sourceforge, my first few thoughts are typically: 1) Wait, SourceForge injected adware. I wonder if they still do? 2) This project is probably dead, because it's still on SourceForge.
I'm sure I can be trained out of that, but I'm surprised you guys reckon it's worth the effort, rather than just using a new name.
This very thread - with repeated posts about malware - demonstrates what "SourceForge" means these days to so many people.
It doesn't make sense to me that if the site is back to being one of the good guys, it keeps a name now mostly famous/notorious for bad practices.
Also, since I'm on the topic, any chance slashdot will go back to an open source code model?
https://trends.google.ca/trends/explore?date=all&q=github,so...
It's not so much about being a non-profit, but being an open source project. It's difficult to budget with a per-person fee (considering 70% of people might post on our gitlab only once or twice per year). How would it work if Debian or Gnome adopted Gitlab EE?
https://web.archive.org/web/20131208023450/http://www.h-onli...
And you could say their ethics were rather... dicey.
(Forgive me.)
The others, though, yeah. Those are handy.
Gitlab definitely does this automatically for you if you mirror the repository. Or am I misunderstanding how this feature works?
Just did it, it works just fine.