About a month ago I moved most of my ongoing projects off GitHub and onto Sourcehut (a rival software forge). This post outlines my reasons for doing so.
Modular
Each part of Sourcehut’s platform can be self hosted and individually deployed. The byproduct of this design is that each module can be used independent of the others. You can use what makes sense for your project without being burdened by the rest. For example, the fact that the build module (CI, CD, etc) can be used independent of a repository makes it usable for a broader scope.
Own Your Data
Sourcehut leverages a universal system (email) to ensure that you aren’t tied to the platform. Meanwhile, on most other software forges the data outside your repo, such as reviews, is bound to the forge. Email also happens to be how git was designed to be used in the first place1.
Accessible
I am privileged to be using the computer hardware I am, with my five senses intact (for the most part)2. I know that isn’t the case for everyone, and I appreciate the fact that Sourcehut takes this into account through its minimalist design. It was even part of the inspiration for this blog.
Better Project Metrics
When deciding whether a software project is “safe” to use, people often leverage metrics such as:
- how many commits does it have?
- how many issues does it have?
- how many “stars” does it have?
I don’t believe any of these are very good metrics to determine whether you can trust a project. For example, people commit with different frequencies. Viewing “lots of commits” as a positive metric can lead to someone making more commits than necessary. Especially when we consider that a single commit should be a functional unit of work. Likewise, some projects might use issues to keep track of tasks, causing their issue count to be inflated. And stars are really a measure of “how many people spent one minute looking at this project and liked it”. Most have probably never looked at the code.
I prefer metrics3 such as:
- what third party software does it depend on?
- what is the quality of the code?
- what priorities are indicated by reviews/discussions?
- how many people are involved?
- what bugs exist in the project?
- what bugs have been fixed?
- what processes are in place to increase confidence?
- what is the scope?
These are all questions that require more than a cursory glance at a project to investigate. They are also all related to the actual work, rather than being related to social features such as GitHub stars. Sourcehut doesn’t have social features, just features relating to the actual work. In having fewer metrics available, it forces you to dig into those that matter.
Not Owned By Microsoft
One day I will write a full post about why I don’t like Microsoft. I’ve worked at companies heavily invested in their ecosystem, and grew to despise how Microsoft does business. With projects like GitHub copilot making headlines recently, leveraging GPL licensed code to build proprietary products, I think it’s a sign of Microsoft’s influence firmly setting in at GitHub. And I want no part in it.
Drew Devault, the person behind Sourcehut, has shown through both words and actions that he is deeply committed to open source and is of strong moral fiber. I trust him far more than Microsoft. Don’t take my word for it though, I’d invite you to read his blog and look at some of his work.