
Cloudflare CTO: “If we did [take on GitHub] what features would you like?” - agentofuser
https://twitter.com/jgrahamc/status/1134092076382064640
======
jgrahamc
I’m amused this is here. This was a random reply to someone who thought maybe
we were doing this. To be clear: that’s all this is.

But I’m happy to hear all the suggestions.

~~~
napsterbr
Too bad, I was really excited about Gitflare :)

~~~
discreditable
Cloudgit has more buzzword power.

~~~
SargeZT
If we smash them together we'd get Gitgit, which is probably the best option.

~~~
jamesponddotco
I need a name for our internal Gitea instance, do you mind if I grab this
idea? Haha.

* gitgit.at — as in, gitgit.at/username/ * gitgit.dev * gitgit.ist — sounds funny

~~~
jamesponddotco
Thank you! Registered .dev =)

------
Cherian
Cloudflare folks. Please don’t do this. I don’t know if Mr.Cumming is serious.

As a user of CF, I hope you folks go a lot deeper than broader. Example:
Better cache management – compete with Fastly, my tickets on load balancer
bugs were open for almost 6 months, etc.

~~~
edaemon
Another example: unify all the separate "rule" types. There's page rules,
firewall rules, IP access rules, user agent rules, etc. It can get unwieldy.

~~~
jgrahamc
Agreed.

------
ocdtrekkie
The amount of business Cloudflare employees handle direct over Twitter, and
the amount of responsiveness from their higher-ups on it is... kinda
incredible. I imagine it's only practical because Cloudflare doesn't have a
lot of _public_ brand awareness beyond tech folks.

~~~
jgrahamc
We care a lot about the product and the people who use it.

~~~
antobite
If only you could say the same about potential employees. Your recruiters seem
to have a penchant for completely ghosting candidates, even when several
interviews deep into the interview process. This has happened to me twice now,
with two different recruiters, even after being told by the interviewers that
I was well qualified and surely would be moving to the next step. And after
glancing at Glassdoor reviews, this doesn't seem to be uncommon whatsoever.

~~~
jgrahamc
If you are willing please email me so I can look into this.

------
yborg
I'd like Cloudflare to not do a Google and let a thousand flowers bloom only
to let most of them wither. They seem to be taking on a lot just with their
new public VPN service.

~~~
dbancajas
still 170K on the waitlist after 2 months? haha

~~~
jgrahamc
soonhorse.jpg

~~~
LilBytes
I didn't understand the reference, so I googled the reference and this comment
is already trending #1 on Google.

[https://www.google.com/search?hl=en&q=soonhorse.jpg](https://www.google.com/search?hl=en&q=soonhorse.jpg)

Online marketing at it's best.

I'm surprised I've not seen this meme before.
[https://soon.horse/](https://soon.horse/)

------
janci5243
One feature I would love is a global code search that has the quality of the
repo (as measured by forks/stars/pagerank...) as a part of relevance ranking.
A use case is simple: I have some library and I am not exactly sure how to use
it, so I go into global code search and try to find usages of that method.
First thing that comes would be some relevant code in a big context of a well
engineered repository.

~~~
asveikau
> quality of the repo (as measured by forks/stars/pagerank...)

These two seem unrelated. Quality is not measured by popularity. There is
plenty of popular stuff that's junk, and good stuff that nobody uses.

~~~
riyakhanna1983
Precisely. For my organization, I'm looking for a way to quantitatively
measure and compare quality/security postures of repos/packages when
importing.

~~~
asveikau
Sounds tough. What are your ideas to measure so far?

For the security angle it seems the first naive thing would be to count prior
known vulnerabilities, but then, the projects that do absolute worst at that
are not going to have _discovered_ their security bugs let alone document them
well.

------
techntoke
Decentralized SCM features for issues, CI, etc. GitLab is great but it is
still mostly centralized. Creating a modern connector for IPFS would be
awesome.

------
sigstoat
cloudflare running SMTP relays for your own mail system, in both directions,
doing spam filtering, etc, could be valuable. argo, edge workers, etc could
all be useful in an email environment.

most everyone is already convinced you can't run a mail server yourself, so
perhaps the haters wouldn't think that cloudflare is ruining anything by
getting involved in mail?

------
ianstormtaylor
The most useful thing Cloudflare could do is allow us to disable the
`__cfduid` cookie. That's one of the big reasons I stopped using Cloudflare on
a public-facing API/CDN.

~~~
eeeeeeeeeeeee
Just curious, what is your concern? Is it privacy related? Or does it inhibit
consumption of APIs you tried to host with them? I don’t like the header
either and I have a public API with Cloudflare but it hasn’t caused any
technical issues as far as I know.

------
ebg13
The only non-core-business work that I really want from Cloudflare is to do
something with LuaJIT stewardship, because I thought they were supposed to be
taking the helm and the official GitHub repo is basically completely dead.

------
jgrahamc
More seriously. I’d be curious to hear about what you’d build on our network.
We are all over the world and it would be fun to hear about companies other
than GitHub that you think we should disrupt.

~~~
sladey
I'm a big supporter of Cloudflare and have been using it for almost 8 years. I
personally don't think doing something like that is what Cloudflare needs.

What Cloudflare needs is further customization, especially in regards to
caching. We actually had to migrate a certain part of our infrastructure to
Fastly due to the lack of caching customization/rules.

I'd like to see:

\- Custom caching rules similar to the new firewall rules

\- Finer granularity of the cache expiry (I'm aware Enterprise has the ability
to cache for 30 seconds, but we don't want to upgrade to Enterprise just for
that one thing).

\- Cache hit rate analytics grouped by path/domain/etc

~~~
kmf
FWIW, our Workers product is pretty good at allowing you to define custom
caching rules. We have a section in the Workers docs specifically focused on
the Cache API: [https://developers.cloudflare.com/workers/reference/cache-
ap...](https://developers.cloudflare.com/workers/reference/cache-api)

If that doesn’t help you build what you’re looking for, happy to chat via
email and hear more about what you need: kristian@cloudflare

~~~
skunkworker
I've submitted suggestions to some people but I believe with the workers it
should be possible to create your own custom pull/push CDN because of the
granularity controls they have added. It used to not be possible to interact
with the caching layer but since they have added controls for that (about a
year or so ago)

Also your link is missing a trailing slash (which is odd that their router
doesn't add that). [https://developers.cloudflare.com/workers/reference/cache-
ap...](https://developers.cloudflare.com/workers/reference/cache-api/)

------
no1youknowz
Are there any updates to the Cloudflare Registrar?

Would be awesome to have marketplace or master/sub accounts. That is, launch a
saas say a landing page builder and then allow my customers to also purchase
domains from my saas (under my brand account) and have them automagikally
configured. Instead of having the user to use namecheap/godaddy and mess
around with their crappy control panel. Maybe have an opportunity to raise the
price by a $1 [to the end user] and have revenue stream?

~~~
zackbloom
We do have a product called SSL for SaaS which handles most of the components
of that flow like DNS and TLS certificates. The actual domain registration
will take a bit longer to integrate, but I'm guessing you could make it work
using our API.

------
mike503
A couple CF items I’d like:

1) Vary by cookie for $20/mo or free plans

2) A page rule for “don’t send origin cookies” or something (useful for not
passing through those headers from the origin for assets/etc)

3) getting the peering connections better in AU so the network handles traffic
like normal instead of only $200/mo plans getting priority/local AU routing

------
ww520
If Cloudflare wants to branch out, here're an idea.

Global Memcached or Redis. Support caches near the edges. SPA or apps running
on a client's browser/machine can use the one nearby. Support pre-
populating/warm-up the caches in batch.

~~~
tracker1
CF already supports this type of thing, workers and the kv store ...

[https://www.cloudflare.com/products/workers-
kv/](https://www.cloudflare.com/products/workers-kv/)

~~~
indigodaddy
Workers-KentonVarda? Kidding of course but wouldn't be surprised if he's
working on that product... :)

------
sofaofthedamned
I'd rather they took on Jira.

------
exabrial
Permanent presence in China.

------
zzzcpan
How about Github without a big corporation? Not controlled by Cloudflare,
ddecentralized and uncensorable. Like bittorrent, but for git repos, issues,
etc.

~~~
maemilius
So... git? It's already designed to be decentralized.

Hosting a public read-only repo would be as easy as standing up NGINX and
pointing it at your repo folder, afaik.

At my previous job, we all had individual dev machines that we each had
accounts on. So, we each had a copy of our repos that we could push to/work
from. I wrote a little git alias that would add remotes for each others'
machines so we could pull directly from each other (though we couldn't push).

Hell, even a "private" git repo wouldn't be too hard as long as you don't care
about per-project permissions. Just make a user (e.g. 'git') that has
read/write access to the folder and add some SSH keys to authorized_keys.
Shazam, you have a private, self-hosted git repo at
ssh://git@yoursite.com:path/to/repo.git.

~~~
rakoo
Bare git only stores code, not issues, tickets, wiki, and all the stuff that
goes beyond source files. There are a myriad of open source solutions for
this, but there is no standard format that allows easy migration and inter-
linking.

~~~
roblabla
Well for wiki, usually a branch containing markdown will transfer well across
forges. Issues and PRs are the real issue. I’ve been hoping git appraise would
get supported by the forges for distributed PRs, but it doesn’t look like
that’ll happen.

Gitlab is implementing MRs via git send-email though, which is part of an epic
to federate Merge Requests: [https://gitlab.com/groups/gitlab-
org/-/epics/260](https://gitlab.com/groups/gitlab-org/-/epics/260) .

~~~
rakoo
Very interesting that gitlab is standardizing on the de facto standard of
patch requests! How ironic it is that the existing git-request-pull isn't used
more than needed thouh

------
SadWebDeveloper
Please no, as a TOR user f*ck Cloudflare.

