We need a federation of forges

Posted by icy 19 hours ago

We need a federation of forges(blog.tangled.org)

563 points | 352 commentspage 5

zeafoamrun 17 hours ago|

I really like the concept of federated social networks and it's the next thing I want to get into. Maybe even work on it as a job but I doubt there are any that pay well.

I think sovereignty over what information you consume is more important than ever. I had to use Twitter for work to get news about <topic> but the amount of virulent propaganda, totally unrelated to <topic>, that you end up absorbing is unforgivable. Even if you think you're smart and don't pay attention to propaganda, by design it hits you at the subconscious level so you can't block it. The only social media I have left is LinkedIn and I really hate it but it has made a direct positive material impact in my life ($$$) so I try to hold my nose while I use it. I really would rather use some kind of federated LinkedIn, but when I last checked nothing like that existed yet.

jauntywundrkind 7 hours ago||

Oh! Posted some replies here, but: I forgot to mention one other incredibly awesome atproto based social coding decentralization system! Jeremie Miller's v-it, which lets folks share "caps" changes, "vouch" for each others caps, share skills. https://v-it.org/

It's so so so early. But I love how it moves from a world of maintainers & pull requests to a more ambient "this is what is working for me". I think this really is a next kind of leap. I don't know if we can keep relying on maintainer folks to guide each project forward like we have, if our agentic selves can be bandwidth limited & still go where we need to, channeling all our energy through individuals.

We need a federation of maintainers. A distributed of maintainers. Maintain ought be social. Tangled is great and I hope we can go beyond federation to many tangled, to widely widely tangled. And I hope we can go past maintainers too, past pressuring single people to have to decide it all. I think v-it really preceeda such an interesting agentic leaping off point that we are at, so interestingly.

toastal 19 hours ago||

Why do we need to stick to Git? We need better tooling around the Patch Theory-based VCS which are better for decentralized working to begin with.

MarsIronPI 9 hours ago|

Immutable commits seem like a pretty good base for a decentralized VCS for me. In fact, Git was designed for this use case in the first place.

ddosmax556 19 hours ago||

This looks cool but the issue github is dealing with is exponential usage. They're trying to 30x their capacity right now - let that sink in! Microsoft here or there, any company would be struggling under this load. And I frankly don't think that any ideology driven alternative will ever be able to provide better uptime under the same load - or any alternative period, for that matter. We're just living in times where everyone is catching up with the capabilities of agents, and it was obvious that things like this will happen 12 months ago. Good luck for your project though!

hauleth 19 hours ago||

I agree that any company would struggle in such case. The thing is that everyone see that GH is pushing for more agents, their Copilot thingy, and AI everywhere, while basic functionality that people relies on is constantly failing.

If you push a lot of new features but your baseline is constantly failing, then something is wrong.

ddosmax556 18 hours ago||

If you're seriously using agents, you'll know that if they didn't offer that then people would rapidly switch platforms if they didn't. Maybe not all of them yet, but soon it will be all.

Synthetic7346 17 hours ago||

Switch platforms to what?

ddosmax556 12 hours ago||

Switch to a git provider that offers agentic augmentation of your workflow. And I don't necessairly mean the way it works right now - it's being refined & adjusted & infrastructure is being built as we speak.

For example, in our company, most commits on main currently have 3-5 authors (we squash): 1-2 humans, 1-3 agents (cursor cloud agent getting started, ppl pulling it into cursor locally to continue, then review using copilot review, modify using copilot agent) then use a vibe coded github app offloading UI test execution to a beefy baremetal machine to adjust baselines.

Copilot review in particular is just so good, better than any agent i know (incl opus 4.7). It just allows you to skip the first few review rounds by humans and fix simple but hard to spot logical bugs, keep docstring & style up to date across the codebase, before you give it to a human - which means everyone can focus on writing more code.

Setting all of this up, at a massive scale, is just not feasible for any of these projects.

hmokiguess 19 hours ago||

You frame the symptom as the problem though. Others seem to be attributing this to Azure migration and Copilot overhead tightly coupled to GitHub infrastructure.

ddosmax556 18 hours ago||

No the problem is that github has to stem exponential usage increase and prepare 30x of their capacity, that's not symptom, that's problem.

hmokiguess 17 hours ago||

It's both and, it's a symptom of exponential usage and a problem with infrastructure. The question you aren't asking is "Why is it a problem with GitHub's infrastructure?" the answer to that lies somewhere in between: Microsoft + Azure + Copilot. Now tell me which of those have anything to do with GitHub as we know it?

ddosmax556 12 hours ago||

Why is it a problem with Githubs infrastructure!? Bcs any website on the planet will struggle when they have to fulfill 30x capacity within 1-2y, no matter which tech stack they're built on, including federated networks. I'm not sure why you're throwikg Copilot in there, you don't like it?

Github as we know it is gone, forever, it will never come back, except for niche hobby clones with .001% capacity that nobody will use. Agents are re-defining what software engineering means, they already have, right now,and are continuikg to do so, it's just that hackernews is lagging 6 months behind for some reason.

hmokiguess 9 hours ago||

I guess you’re right, in part I’m attributing the growth to Copilot and over prioritization of it alongside the AI feature factory galore and that’s where I’m coming from, but thinking again a lot of the acceleration of normal usage comes from AI usage through other vendors ending up in GitHub too.

I don’t know their internals, though clearly they choose to tightly couple every major GitHub system to the AI offering, in my eyes that seems like part of the problem (plus Azure cloud migration on top because Microsoft sounds like a disaster).

Anyways, you sound angry.

ddosmax556 1 hour ago||

Not with you, just a little frustrated with the general vibe and tone in hackernews :) Nad it's not anyone's fault either everyone is just doing their best to follow what's happening. But I think hackernews is currently way off base when it comes to what's really happening, which is kinda sad considering it use to be "the place" to see what's currently going on. The AI revolution is here, anyone that's cussing about claude code max for 100/month getting rate limited doesn't understand it's already with 2k/month, everyone who's upset that github is focussing on copilot doesn't understand that this is the single modt important product they have to jump on asap or geit their lunch eaten by base44, cursor, linear etc.

I like to talk trash about Microsoft as much as anyone, they made insanely bad product descisions in the past (copilot in ms word is one of many) but this is not one of them.

short_sells_poo 19 hours ago||

Slight tangent: the post says that github is crumbling. Can someone get me up to date on what's going on please? Admittedly I'm not following tech drama particularly closely, but I thought I'd have heard if a major thing like github was going down the chute.

AnEro 19 hours ago||

So there has been increasing issues form the github side for the past year and I believe they also just lost alot of customer/user data on top of several critical vulnribilities and bugs in base service and in actions.

My POV: Github actions are inconsistent in billing, security and require alot of attention to do right. Github has worse uptime than alot of free online videogame services, when most enterprise and business world leans on it for developers. Leaving a lot of users with terrible experience the past year having to constantly examine github firefighting for issues around availability, security, and billing instead of doing work that makes the company/people money.

Example walk through of securing github actions for ci/cd and managing SBOM python dependancy/supply chains (giant complexity) [1], Github has remote code execution[2], Uptime by 3rd party tracker shows 86% past 90 days. (First quarter in 2 years where they didn't have atleast one month above 90% uptime) [3]

[1] https://astral.sh/blog/open-source-security-at-astral [2] https://www.wiz.io/blog/github-rce-vulnerability-cve-2026-38... [3] https://mrshu.github.io/github-statuses/

gempir 19 hours ago|||

A simple search holds the answers https://hn.algolia.com/?dateRange=pastMonth&page=0&prefix=fa...

radicalriddler 19 hours ago|||

It’s had horrific uptime, to the point of hitting 88.x uptime percentage.

This is likely on the back of Mitchell Hashimoto (Hashicorp founder) announcing he’s moving off of Github as well.

And really just years of Github feeling inconsistent, bad UX, no good solutions for open source developers in terms of AI spam etc.

embedding-shape 17 hours ago|||

> but I thought I'd have heard if a major thing like github was going down the chute.

Wow, it was a really long time ago it started going down the lane of the chute, can't believe someone missed it, made big news at the time back in 2018! This was the turning point: https://news.ycombinator.com/item?id=17221527

ramon156 19 hours ago|||

88% uptime, search index incident, CVE's to name a few.

Check a local repo and go to pr's, there's a big banner telling you there's an ongoing ncident

mbStavola 19 hours ago|||

https://www.githubstatus.com/

In particular:

https://www.githubstatus.com/history

MYEUHD 19 hours ago|||

Github has frequent downtime: https://mrshu.github.io/github-statuses/

dreamcompiler 19 hours ago||

https://news.ycombinator.com/item?id=47940921

kordlessagain 19 hours ago||

If anything starts with "we need" I just laugh.

Synthetic7346 17 hours ago|

We need more humor in the world

renewiltord 15 hours ago||

I only use GitHub for unified login git access to a bunch of repos. These other “forges” (didn’t know that was the term - cool) are all almost certain to put Anubis in front and make a logged out user be unable to access the code. I get why, but it seems inevitable. I think Codeberg already does and for some reason it takes ages to complete the challenge on my phone.

Undoubtedly these various hosts will come under pressure from spammers and the like and they will react by placing extraordinary barriers around accessing the code.

That’s fine but it reminds me of the later stages of online forums, where it was impossible to browse most threads because you had to create an account and then build up community points until the screenshot of the kernel panic on the ZTE phone would be visible so you could see if it’s the same problem as yours.

GitHub was big and powerful enough to not need all of this but now we’re going back to the era of decentralization and I suppose with that come the pros and cons.

fiatjaf 16 hours ago||

A federation of forges makes no sense if everything gets centralized again in the hands of the people operating Tangled (sure, someone else could run an alternative AppView, but then if you are only on the alternative you are invisible to anyone who is only on Tangled).

https://gitgrasp.com/ fixes this.

firebot 16 hours ago||

The problem with GitHub is from ... we all know it...

AI.

They're working on the scaling issues apparently due to huge demand.

0xbadcafebee 17 hours ago|

I'm sorry but I will never use this. I don't want a federated protocol and I absolutely do not want "social". The Git protocol is enough to distribute my source code to any Git server, so that part is complete. What I need, in addition and separate from Git, is a standard API schema for all the other SDLC bits: CI/CD, PRs, Issues, Packages, Containers, Branch Protection, etc. The API should not be a specific transport implementation, like HTTP, or AT. It should merely describe the schema, and then you implement that schema on anything else.

"createIssue(title=string, body=string, labels=[string])" would be the same in Git's source code as it would be on a REST API server. The point of this is to standardize the software development lifecycle everyone uses around Git. That way you can do all the work we all need, with any VCS, without tight coupling. That's been the missing piece that nobody has made yet.

Want just the CI/CD component? Use that part of the schema. Want just the Issues? Use that part of the schema. Now you can write any tool you want, and just implement the features you want, and say "this follows the SDLC v1 CICD standard", or "the follows the SDLC v1 Issues standard". Much simpler to add extensions or support different use cases, without implementing everything you don't need. Yet everything's compatible.

We need that implementation-agnostic standard, so we can make transport-agnostic protocols, so different providers, clients, and servers can all talk to each other, without a hundred different bespoke "things". Rather than write your plugin-downloading app only against GitHub or against Federated-Whatever, you write it to use "httpSLDCs://some-server/v1". Don't want to use https? Use "grpcSDLC://some-server/v1", or "atSLDC://some-server/v1". You layer the application-specific protocol on top of the transport protocol, and express that in a URL. That's how we did 'federation' in the 80's/90's/2000's.

(also: did nobody come up with a better name? Tangled? Knot? you want your solution to be a tangled knot?!)

taintlord 14 hours ago|

[dead]

More comments...