Hacker News new | past | comments | ask | show | jobs | submit login
Dear GitHub (github.com/dear-github)
1678 points by msvan on Jan 14, 2016 | hide | past | favorite | 463 comments

Hi Adam, Addy, Andreas, Ariya, Forbes, James, Henry, John-David, Juriy , Ken, Nicholas, Pascal, Sam, Sindre,

My name is Jono and I started as Director of Community back in November at GitHub. Obviously I am pretty new at GitHub, but I thought I would weigh in.

Firstly, thanks for your feedback. I think it is essential that GitHub always has a good sense of not just what works well for our users, but also where the pain points are. Constructive criticism is an important of doing great work. I appreciate how specific and detailed you were in your feedback. Getting a good sense of specific problems provides a more fruitful beginning to a conversation than "it suxx0rs", so I appreciate that.

I am still figuring out how GitHub fits together as an organization but I am happy to take a look into these issues and ensure they are considered in how future work is planned. We have a growing product team at GitHub that I know is passionate about solving the major pain points that rub up against our users. Obviously I can't make any firm commitments as I am not on the product team, but I can ensure the right eyeballs are on this. I also want to explore with my colleagues how we can be a little clearer about future feature and development plans to see if we can reduce some ambiguity.

As I say, I am pretty new, so I am still getting the lay of the land, but feel free to reach out to me personally if you have any further questions or concerns about this or any other issue. I am at jono@github.com.

An open question is how the community should provide feedback. Trello provides a decent example of how to do it well [1], but GitHub feels like a black box. I've been on GitHub since 2008 and I have been paying every month for years, but other than emailing support I have no idea how to vote for a feature request.

My personal pet peeve is not being able to mark a public repo as 'deprecated'. There are a lot of other people with the same frustration [2], but we have no idea how to get that on GitHub's roadmap.

[1] http://help.trello.com/article/724-submitting-feature-reques... [2] https://github.com/isaacs/github/issues/144

An open question is how the community should provide feedback.

Perhaps if Github used their own issues system to gather feedback on Github itself, they'd more rapidly improve it. I'm sure they'd feel a lot of these pain points in a far sharper, more visceral way if they were subjected to them daily.

Yes it is fairly bizarre that Github don't dogfood the issues function. I'm sure they have an internal system that they prefer, but even that internal system could have a public interface. Also, if the internal system is superior then its superior features could be added to the public system so that we could all benefit.

Where are you getting that they don't dogfood the issue tracker? It's a private tracker (private repository) but from what I've seen in the Github blog, they do... it wouldn't make much sense if they didn't.

If they're using it, they're doing so in completely different fashion than everyone else. That is, it's not public for viewing, submitting, commenting, etc. Indeed TFA indicates exactly the sorts of pain points that would be missed by those using the tool in such a radically different way than everyone else. If someone at GH had to wade through all the damn +1's then something would have been done about them years ago.

95% of all my github activity is in private repositories.

Ditto. Maybe 98%. I think that's a big part of the disconnect I'm seeing here in the comments. Those of us that live in private repos are likely pretty happy with how things currently work especially since we're the ones paying to use the service. If it wasn't working well for our teams, we'd find somewhere else to spend our money. That being said, we're certainly the minority when it comes to users on the platform.

I guarantee everyone maintaining a large public project on github has private repos and is paying for the service.

Open source ties in with my work. Every one of my private repos has open source dependencies hosted on github.

Privileging the priorities of my private repos over their public dependencies would be shortsighted.

> Privileging the priorities of my private repos over their public dependencies would be shortsighted

I think that’s Github’s call, but I definitely don’t disagree with you and apologize that I came off that way. Open source projects exposed me to Github and greatly benefit the projects I work on in private repos. I really do want those projects to have an effective platform for growth and stability. I don’t want to water down their needs; I just wanted to offer some balance to the discussion.

My point was simply that this probably isn’t something that is as easy for Github to solve as it may appear on the surface. Any changes they make to the issues system can’t upset the low friction way it works for repos with a modest amount of contributors (and +1’s from clients are appreciated). I hope that positive changes come out of this letter.

If Github were to leave Open Source projects high and dry, they’d lose my business.

>That being said, we're certainly the minority when it comes to users on the platform.

But you're the huge majority of people who give GitHub money. It makes sense not to prioritize the pain points of open-source projects when you lose money by hosting them.

We have the diamond level plan from GitHub and have >260 private repos at my company.

We only chose GitHub because we wanted to host our open source repos there. If they don't prioritize the open-source projects then we have no reason to pick them over BitBucket or something else like that.

That's not how it works. Happy consumers leads to happy enterprise users. They are one and the same.

I only pay Github money to host my private repos because their platform also hosts most of the open source projects I use. If enough of those projects leave for a service that does open source better, I'll be happy to follow them. Otherwise I may as well be using Bitbucket or Gitlab.

We don't pay GitHub precisely because they lack features we can implement in GitLab.

Much of that is due to the OP's requested features that are currently missing. But tbh, it is too late to get us to switch.

> Issues are often filed missing crucial information like reproduction steps or version tested. We’d like issues to gain custom fields, along with a mechanism (such as a mandatory issue template, perhaps powered by a newissue.md in root as a likely-simple solution) for ensuring they are filled out in every issue.

For instance, is something we basically implemented in our local version of GitLab but aren't sharing because our implementation pulls this from internal docs other people can't use. Our CSRs put issues into GitLab but they tend to forget steps while on the phone with a user.

We wouldn't have bothered if we had something like this when I was evaluating GitLab vs. GitHub.

GitHub pretty please, give us an option to hide our profile from search engines just like Facebook do.

What is the use-case of this?

I have an account that is only for private repos and I don't want that account to appear on search engines for my real name.

I also have a public account that I use for contributing to public projects so it could also help to avoid duplicate accounts in search results.

All accounts should be searchable for username/real name with GitHub's search anyway.

Just curious, why not have just a single account?

Your private repo's and contributions are not made public, so there's no "risk" involved.

I think a lot of companies forced this because for a while the api permissions weren't granular enough when dealing with private repos on organizations. They added the "Third-party application access policy" sometime in the last year or two. I might be wrong though.

Do you feel like your usage is typical?

I would guess that private repos have a much smaller user base, in that that they work for companies where they are trained in specific policies to submit issues and work with the repos. With public repos you're at the mercy of widely differing levels of user experience.

I think you should chill down with all the speculations. I only use it for private repos.

Go look at a project like Rails where you can tell they need it.

> If they're using it, they're doing so in completely different fashion than everyone else. That is, it's not public for viewing, submitting, commenting, etc

Huh? Github isn't opened sourced so how is a different fashion from anyone else using private repos?

Plenty of private projects use a separate, public Github repository for community reporting of issues, and public tracking of those issues.

But then they'd be spammed with useless +1 comments


If one implemented issue voting then a +1 comment could automatically be converted into a vote.

Which is almost exactly what happens on GitLab: https://twitter.com/gitlab/status/687930087057027073

Users can use those buttons to +1 or -1, and any comments that contain nothing but an emoji (like `:+1:`) are automatically converted to emoji awards, as we call them.

> My personal pet peeve is not being able to mark a public repo as 'deprecated'.

What I came up to work around this is:

- Create an org named <YOUR-USERNAME>-deprecated - Move the projects to the organization - Set the avatar of the organization to your avatar, with desaturated colors (purely cosmetic, optional)


I normally put a big "[DEPRECATED]" notice at the beginning of the README. This normally doesn't go unnoticed.

Another good example is harthur's "[UNMAINTAINED]" [1]

[1] https://github.com/harthur/brain

I watch the project and did not see "UNMAINTAINED", cause i scroll automatically on github projects down to the readme.

I search and then i see it in the title.

Better would be an Option in Github to set a project to unmaintained or deprecated, with an optional link to the new project (if some exist).

Github could then change the background color from white to an other color or add a border around the page, so that it is really obvious that this project es EOL.

Have a look at the trending erlang repositories[0]. You will always find, near the top, basho/rebar. However, the subject on this reads:

    ATTENTION: Please find the canonical repository here: 
The same advice is in the README.

What this tells you is that enough people are not only using this repository, which was last updated in August 2014 with a change to the README directing people at the new source, but people are giving it stars this week such that it shows up as "trending" higher than the correct repository.

There has to be something wrong with the deprecation process if this happens. [0]https://github.com/trending?l=erlang

> I normally put a big "[DEPRECATED]" notice at the beginning of the README.

Aye. Some folks in the discussion linked to by krschultz complain that "People sometimes don't read the README and -thus- don't notice deprecation warnings.". To them I ask: "What makes you think that those sorts of people will notice anything less than an overlay that prevents them from interacting with the Github UI for that particular repo?".

One concern would be around tools that fetch from github automatically. go get for example would need some sort of structured metadata if it wanted to surface an error to a user that a library is deprecated.

> One concern would be around tools that fetch from github automatically.

Sure. But... like... git doesn't know anything about deprecated repos. AFAIK, that's not a feature of git's repo fetch machinery. Anything Github would do to address this would have to modify the contents of the repo, right?

> ...go get for example would need some sort of structured metadata [to do reasonable repo deprecation warnings]

I mean, the JavaScript development community has -collectively- decided on a huge bundle of ad-hoc standards. I bet that it would be trivial for the signatories of the open letter to decide on a tagging mechanism to use in their README files to indicate repo deprecation. Do you disagree?

Go get does not start with a git clone. If you go get example.org/pkg/foo go fetches https://example.org/pkg/foo?go-get=1. So coordination between go and github could implement something for deprecated repositories without changing anything in git.

More details here: https://golang.org/cmd/go/#hdr-Remote_import_paths

> Go get does not start with a git clone.

Fair enough. (I don't use go, so I'm unaware of pretty much all of its internals.) [0]

> ...coordination between go and github could implement something for deprecated repositories without changing anything in git.

A couple of things:

* This only fixes things for Golang. It doesn't fix it for the couple-thousand other tools that pull things from Github.

* I never suggested changing things in git. That would be freaking nuts. :) EDIT: Or did you mean "without changing anything in the git repo"? If you meant that, then I strike this bullet point and apologise for the noise. :)

* Frankly, having a well-known file in your Git repo that contains meaningful tags seems far more compatible than changing git, or altering the $BUILD_TOOL<->GitHub integration... for one thing, the convention could be trivially adopted by non-git users. :)

[0] Thanks for the documentation link, BTW! :D

I am not your grand parent poster but I fully agree with you and I'd go further than that.

The people who ask for more proprietary features (or should I say anti-features) in Github are encouraging lock-in inside of Github. Github ought to be a hub. I'd like to emphasize on the hub part as it should be one hub out of many. It should not be the center of the software universe any more than AT&T/IBM/Microsoft/Google/Facebook/Uber.

> Github ought to be a hub.

So, I heartily agree that vendor lock-in is bad. [0] However, git doesn't handle mailing lists, or issue trackers, or hands-off repo push access control, or.... So, if you're going to do more than just serving git repos, you're almost certainly going to have to do these things yourself, and you very well might end up doing them in a way that differs from how everyone else is doing them.

I mean, as long as you can get complete exports of the data in the important non-git bits, who cares, right?

[0] I'm STILL mad about how Hangouts turned out.

At the very least, we could try to create standard conventions for vendors like github to adopt

Agree. I've had literary thousands of libs/tools/apps dependencies in one of my projects that was built using automatic tools (Bitbake + Yocto). It's simply impractical to go through all these README's manually, so a tool to detect depreciated projects is a must in such situations. Of course, one could implement some tool to scan all README files for keywords ('DEPRECIATED', 'UNMAINTAINABLE' etc.), but that's just a workaround and I'd like a proper, reliable way to do that.

What if the maintainer never marks the library as deprecated? What if they're just hit by a bus?

I feel like if you have so many direct dependencies that you can't keep tabs on them, you simply have too many. Whoever decided it was OK to depend on that library should be able to follow it closely enough to say when it cannot be depended on.

"What if the maintainer never marks the library as deprecated? What if they're just hit by a bus?"

There are a lot of "if's" and many things might go wrong -- there's almost never 100% guarantee, but every mean that makes end product more reliable is a good idea.

"I feel like if you have so many direct dependencies that you can't keep tabs on them, you simply have too many."

Such number of dependencies is common when building custom Kernel/OS + application. Also, I've never mentioned direct dependencies, some are just tools to build tools. It wasn't event that big of a project -- a relatively small (~150 Mb) custom OS with Qt application for an embedded device.

My primary use case would be searching projects and filtering out deprecated ones.

Someone came up with http://unmaintained.tech/ for exactly this reason. You can add a badge to your README.

I've had pretty good success with feature requests in Github – but I agree that it at least _feels_ like it depends on who is replying to you (or even what state of mind they're in; copy paste responses has been had).

Anyway, a good example of a successful feature request – shared since it might help others in their quest for success – included me attempting to reduce the problem, scoping it and suggesting a solution. If you can find examples of this problem over multiple open source repositories (in my case nodejs) it seems to contribute to it getting fixed.

As a software engineer, I am reminded of when I go to Home Depot and ask someone for help and they say, "Oh, I do not know. I am new here...". I think it is best to come prepared with the right answers. As you can see from the doc, there are a lot of maintainers who have signed this. Perhaps:

- Note the feedback.

- Bring in the right folks to consult with on your end.

- Write a public response with concrete information (should be first interaction).

- Finally, reach out to the authors of this post. Perhaps, getting them more clarity on your roadmap and your thought process will go a long way in resolving matters like this with high profile maintainers.

My main goal in responding was to acknowledge the issues. This is just the start of the process, and by no means the end.

The next step, as you mention, is to bring the right people in. This is why I want to ensure this is raised with our teams inside GitHub to explore ways to rectify some of these concerns.

I'm glad to see someone from github is actually replying on HN and not ignoring this. Thumbs up

Not just anyone - Jono literally wrote the book on building developer communities: http://www.artofcommunityonline.org/

He also founded and hosted a fantastic Linux podcast a long time ago: http://www.lugradio.org/

You are far too kind. Thanks!

You did the right thing, fast feedback of "We are looking at it" is often better than later feedback of we did "X".

Linode could take a leaf out your book in terms of dealing with people not entirely happy (if I'm been kind) with the way they deal with stuff.

It's much better for Jono to quickly reply and ack the issue, rather than radio silence while we want for them to completly solve the issue.

I personally prefer someone to at least acknowledge someone now owns the issues than to wait in silence while they gather the right people and formulate a concrete response. That doesn't happen quickly in some cases and the silence can exacerbate the issue, which ironically is why this hit HN in the first place.

I appreciate the prompt response. Face-to-face at Home Depot you know the message was received. Online it's nice to get an immediate read receipt with the real reply coming later.

Promises about the future about Github’s roadmap is understandably difficult to make, besides by a very small number of people at the top. I don’t think this is the expectation. But visibility into past failure to address these concerns and the current status is long overdue. I assume when these maintainers reached out in private channels, they were equally detailed, and have waited years.

At present, I’m not sure how this response is different from the "empty response" that motivated the publication of this document in the first place, except that this response is also public. Comments like "happy to take a look into these issues", "considered in how future work is planned" and "ensure the right eyeballs are on this" uses a lot of words to say nothing. If the community department is not the right place, maybe it’s time to walk over to where the the product group sits and ask. They probably read Hacker New too.

I’ll also highlight a possible theory: the right people at Github have already looked at these requests and decided that is not what Github Issues is for. Perhaps Issues is prioritized for the masses, not the small minority of very popular projects (but not resourceful enough that they have staff). Each of these feature requests do add friction (if only in complexity) and the majority of projects that do not need and should not utilize them. Hopefully someone at Github will quash this theory but it is consistent with events so far.

GitHub has settings for individual repos. People can opt to turn the issue tracker off completely.

Why not have the option to enable issue voting? It could be as easy as stars for issues.

Custom issue instructions would be trivial to tuck away in the settings page or associate with a specially named markdown file. They turn a wiki on by default, but you can't instruct users about the info you expect in their issue on the page where they create the issue. Documentation is very effective when it is inline with the system it is describing.

Custom issue fields with validation is a little more complex. Punt.

You can't fully disable the issue tracker: Pull requests can't be disabled and each PR becomes an issue.

One thing I would love to see for my own projects is a way to temporarily completely block off contributions on threads by people who only watched/starred the repository for less than 48 hours or something like this.

When people submit your issue tracker to hackernews/reddit/twitter all hell breaks lose and time gets wasted for nothing.

Interesting idea, but I wonder what the right metric is to determine legacy vs. new users. I certainly haven't starred/watched every package I've ever `npm install`ed.

Respectfully Jono, I think your reply is symptomatic of the issues at the heart of the matter. GitHub is, whether it expected to be or not, whether it wants to be or not, now at the heart of the OSS community. For the "Director of Community" at a company which plays such an important role in the OSS community, which itself plays an enormously important role in the broader software and civic communities and is populated by abnormally high numbers of passionate and talented contributors, to respond to a HN story with such a high profile by:

1) apologizing for being new

2) extending borderline patronizing praise (the OP likely wanted a response to the issues put forth, not your approval)

& 3) a promise, which you can't necessarily keep, to put eyes on the issue instead of speaking to the issues raised directly.

It's not what I would expect from someone in that role at that sort of company. It's, unfortunately, what I would expect from a company that had the sort of issues raised by the OP.

Your response, specifically #3, makes me wonder if you have ever worked in a medium to large business. Forgive me if I read it wrong. I think his response is solid and the best that one could expect from his role. I could not imagine some director from a different department by passing the product team and coming to my development team and saying, "stop what you are doing, and handle my request! I read something on HN! I need a plan of action that directly addresses issues that were raised!". I would, however, expect him to say that he knows or can find out (he is new still) who needs to see this and make sure the discussions happen to ensure that product team has the information required to make an informed discission allowing for a roadmap to be formed that could be shared with the community. He can totally guarantee the right people see it. He can't ensure they do anything about it, but he can champion the issue. I would hope/expect to hear back after all this has happened. What's wrong with saying he is still getting an understanding of how things work at github? And what approval are you dismayed with? His acknowledgment that feedback is important? That was just civility.

I have indeed worked at a very large (both capitalization and payroll wise) company. I've also worked at small and medium sized companies. But, as relates to my experience at the very large one, this guy would have been eaten alive for putting out that response. Perhaps your definition of large is different from mine. However, my point had nothing to do with the size of the company and everything to do with the role the company plays within the OSS movement.

At least he responded, and promptly. Let's not jump to conclusions just yet.

One suggestion is to improve the permissions system. For example, third-party github plugins that interact with the github system (e.g., setting labels, responding to comments) require "write permissions" which gives those systems "push" access to the underlying repo. Simply separating the git repository access control from the github UI / issues / pull requests access control system would be very helpful. I'm sure there are many other examples of where the permissions system needs some finer-grained access.

Edit: Essentially the same as reported here: https://github.com/isaacs/github/issues/268

Perhaps Github Issues itself should be available as a mechanism for people to provide feedback about Github itself.

Hypothetical link: github.com/github/github/issues

I've been personally paying for a couple of years, and the SAAS company I work for (~50 engineers) has committed to moving away from Github for some of these (and other) reasons.

Here are some of my fave :+1:-a-thons that help demonstrate when the issue system starts to be less useful, and the Github acknowledgement seems sparse:

* https://github.com/isaacs/github/issues/18

* https://github.com/isaacs/github/issues/215

Also, you might consider empowering your social media team. I see Github as a pretty cool company. And when I sent this tweet, I was expecting to have a bit of a shared chortle with this tweet as I know I would of had with @SlackHq:


But instead I got nothing, except a vague sense of having offended someone (sorry BTW, it was only a joke! :'()

I've witnessed Jono's outstanding work at Canonical/Ubuntu, and as you can see from his comment above he's a great guy. No matter what you think of Github, I think you should appreciate this.

There appears to be a need for some a different class of repository for larger open source software.

Similar to the way twitter provides verified accounts maybe GitHub should consider a tagging these popular repositories to allow for more advanced control over the collaboration project.

When I first read the letter I was a little bit disappointed, one thing I've enjoyed (to an limited extent) is the low barrier of entry to pull requests. The spring boot team especially are extremely patient and understanding when it comes to pull requests.

Hopefully there's enough community will in this to encourage GitHub to make the change, if it does really come down it not being worth the money it would be a disappointing sign.

Are you THE Jono Bacon of Ubuntu fame? If so, I have the best of hopes for Github. Best of luck in your new position and I hope we'll get to see many great new features on the platform.

There are more authors on the second page.

That's why you shouldn't use Google Docs for such an article (even if it comes in the form of a letter). Nobody expects the concept of pages on the web (as in books, not as in web page).

Comments like these baffle me and I have to wonder

* Are "we" in such a huge hurry that we don't look at our scrollbar to see if there's more to the document that we're viewing?

* How did "we" get so incurious that we don't even attempt to scroll down to see if there's more information to read?

I mean -seriously- the intended audience for this particular open letter is technical people.

Did you....not read the open letter? Or not realize that the scrollbar for this one goes all the way to the end of the page, and then there's an inline link saying 'see more signatures'?

When I read the letter, I saw that it extended across two printed pages. Were these printed pages not the pages to which pvorb was referring to?

After re-checking the link:

Ah! See, the document that you are looking at is hosted on Github. At the time of my comment (~six hours ago), it was a two-printed-page document hosted on Google Docs. dang comments here: https://news.ycombinator.com/item?id=10907271 (four hours ago) that he changed the link from the Google Docs document to the Github document.

(And now that I know that, the wave of downvoting makes a lot of sense. (even though pvorb explicitly says that he's looking at a document hosted on Google Docs))

Yep, I've been looking at the Google doc. Basically I think it's just a bad way of publishing things online.

Often browsers don't show a scroll bar at all like on my phone, if you're not actively scrolling.

And yes, most of the time "we" are in such a hurry. At least I am most of the time. Time is limited.

Oops: I posted too quickly. Updated.

Not sure you'll read this but I'd love a tagging feature for starring. Sorting on code isn't good enough.


Nice to meet you Jono. I maintain a similar list, albeit a bit more focused on GHE. https://github.com/kevinSuttle/github/issues

@jono Will you be able to answer, if github has any plans in the roadmap to open source the code in 1-2 years and develop in open instead of closed rooms.

Given many open source project adopting it for their code repository its important question to be answered.

Otherwise sourceforge.net story will repeat again, this time with github. Many projects adapted it when it was closed source and then when they open source it slowly and later due to falling revenues just started crumbling.

Problem with them open sourcing their platform is that the platform base is used in enterprise and how the bulk of their revenue is made... Who wants to buy milk when the cow is being given away?

They are getting hosting deals for many of these companies themselves. Why spin up your own github clone when you can just use github?

And gitlab is now 99% feature-compatible with github. If you aren't using the developer ecosystem of github.com, you are not missing much using the free software option already.

This, I feel, is the most important bug, even though it precedes the list:

> We’ve gone through the only support channel that you have given us either to receive an empty response or even no response at all. We have no visibility into what has happened with our requests, or whether GitHub is working on them.

I'd like to call out that the GitHub user @isaacs maintains an unofficial repository[1] where the issues are "Issues for GitHub". It's not much more than a token of goodwill from a user to open a place like that to organize bugs (GitHub: you are lucky you have such a userbase!), but it's the best thing I know of for "has someone else thought of this?"[2]. Many of the issues that have been filed there are excellent ideas.

[1]: https://github.com/isaacs/github

[2]: though I'd say if you also think about it, you should also go through the official channel, even if just to spam them so they know people want that feature.

The author mentions that if GitHub was open source, they would implement these features themselves.

Gitlab[1] is an open source repository manager that supports local installs as well as public hosting at gitlab.com. If author appreciates open source, perhaps they should put their efforts into improving an existing open source option rather than relying on a proprietary solution.

[1] https://gitlab.com/gitlab-org/gitlab-ce/tree/master

This. When you are tired of github, start using gitlab, and realize your mistake going forward and stop making it, over[1], and over[2], and over[3].

[1] http://sourceforge.net/

[2] https://code.google.com/

[3] https://bitbucket.org/

Sourceforge runs Apache Allura, which is open source.

What's realistic timing for getting a feature you contribute (and receive approval) deployed and available for use?

The length of the merge request cycle depends on the complexity of the feature. Simple fixes get merged in days, average features take weeks and sometimes the review suggestions take multiple months to implement. After merge it will release in weeks so since we're on a monthly rel cycle.

At GitLab we would welcome contributions. More than 1000 people already contributed and everyone is welcome. Also see my other answer in this thread https://news.ycombinator.com/item?id=10905756

Absolutely agree!

I cannot fathom why people are still actively supporting GitHub.

Even if you ignore the ethical reasons, which if you are an open source developer really should suffice, GitLab is better and more customizable in every way.

Supporting it benefits yourself and all of the FOSS community.

gitlab.com is dog slow and my code is too important to risk self hosting.

GitLab.com indeed is dog slow, we're sorry and we're working on improving that Q1 2016 https://gitlab.com/gitlab-com/operations/issues

So happy to see you acknowledge the performance issues. You'd do everyone a great favor when you make it happen!

Wait, are you telling me that every git repository isn't a full copy of the codebase that you could recover from?

Really? I find that hard to believe, but it makes me glad I use Mercurial if that's the case.

Git repositories do have a full copy of the codebase (unless using some large-file management, same issue with largefiles extension for hg).

But gitlab/github are more than just git repositories -- issue tracking, discussions, wiki, etc. One version control which includes most of this as part of the repository is fossil, http://fossil-scm.org

So host on multiple sites?

Deploy on Heroku

Installing it on Heroku is not an option because their containers do not allow the disk access GitLab needs to store and manage the git repo's. source: https://www.quora.com/How-much-of-a-threat-is-GitLab-to-GitH...

Alrigh, sorry. I didn't know.

This was my first thought after reading it. I've used gitlab.com, also locally, and it is ok. Presumably people will want to stick with github due to popularity though.

It's 2016, and GitHub is stagnant.

GitHub used to bill itself as "Social Coding", but the "Network" graph has not seen ANY updates since its original introduction in April of 2008. Issues has seen very few updates. Even the OSS projects that GitHub uses internally have grown stagnant as GitHub runs on private, internal forks and maintainership passes to non-GitHub-employed individuals (e.g. https://github.com/resque/resque/issues/1372).

The word "Social" no longer appears on GitHub's landing page. They're chasing some other goal...whatever it is.

> They're chasing some other goal...whatever it is.

I've been puzzled for a while with what github is doing hiring so many social impact employees.








Maybe something more noble than a social coding site?

  Maybe something more noble than a social coding site?
I doubt it. Github has a reputation problem. I wouldn't put anything sensitive on there, given the attitude github leadership showed about privacy ethics in the Julie Horvath incident.

Even if you don't have anything against Github relating to the Horvath incident, there are other things like Github shutting down people's projects because they wrote a doc containing the word "retard." In other words, now they are in the business of regulating the content of open source projects (beyond obvious precautions like not hosting stolen credit card databases, child porn, etc.)

They seem to think they're too big to fail.

What was the story behind this anyway? I am having a hard time determining whether this was actually serious or were trying to parody feminist activism.

It was a joke by 4chan's technology board, made to see if people would take it seriously (some did and even agreed with it!).

And what if it really was a parody? Just censor it?


> now they are in the business of regulating the content of open source projects

That is a very good thing. At this point in time we're beyond speculation. We have some good evidence about the direction online communities take with and without content moderation, and the serious players (most recently Reddit) have come to realize that top-down moderation is absolutely necessary. Fringe, unmoderated activity has a place, but it is outside mainstream platforms.

And who exactly gets to decide what is "fringe"?

I guess that the majority gets to decide. It doesn't really matter what is mainstream and what isn't, as long as there's a place for both. Broadway and off-Broadway are both fine, but mixing them can cause confusion and for both audiences to be disappointed.

Ah, majority rules. Which is an excellent system, as long as you are in the majority. Hopefully the majority doesn't decide to remove what is not their agreeable mainstream.

I didn't say that the majority rules, just that the majority defines what is mainstream. If you want to run an open-source project that promotes misogynistic values, be our guest -- just don't do it on GitHub.

I don't understand what the problem is. In anything -- from TV to theater, music, architecture and social clubs -- there is the mainstream and the fringe. Maybe one day, fringe ideas will become mainstream and maybe not, but as long as the fringe is fringe, it is usually not part of the mainstream. It's pretty much a tautology. The Wire was a superb TV show -- possibly the best -- but it just didn't belong on the broadcast channels. It wasn't censorship (not that I'm suggesting that sophomoric misogynistic jokes are anything like The Wire, but they have no place on GitHub).

>> I didn't say that the majority rules, just that the majority defines what is mainstream.

Sorry my friend, that is majority rules.

The problem is we already know what this form of thinking eventually leads to. It's happened several times throughout human history. The problem is one group feeling they have the power to dictate to the "other". Especially when the group dynamic and what is considered other changes frequently, leading to more and more problems.

You don't even need to read history. Just take an objective look in various areas of the world, and culture, today and you will see it.

What you consider your mainstream ideals today may be somebody else's fringe tomorrow. Such as some of these supposed "misogynistic" projects that were using age-old terms that someone recently decided was wrong because they want to somehow change the context of the usage of words. When this happens to you, and it eventually will if the pattern continues, hopefully the group in power will be nice to you.

> The problem is one group feeling they have the power to dictate to the "other".

Nobody is dictating. Do whatever the hell you want. Just don't put on an off-Broadway shown on Broadway. That's it.

> What you consider your mainstream ideals today may be somebody else's fringe tomorrow.

Sure, but that doesn't mean you NBC should broadcast Oz. That's what HBO is for (again, I'm not comparing HBO with misogynistic communities or that I think misogyny would become order of the day; but even vile ideas have their place). People know that broadcast TV has certain rules and certain audiences, and if you don't want to follow the rules or address that mainstream audience, your show will not be aired on broadcast TV. You want to call that censorship? Fine, but as long as those "censored" opinions have 100 other cable channels that will air them, that's perfectly fine by me.

> that someone recently decided was wrong because they want to somehow change the context of the usage of words.

BTW, as a former student of history I can tell you that people always decide to change the context of the use of words in order to make society better (of course, what they think is better). And this pattern is never restricted to just one political group. It is just that political groups always find the others' new contexts annoying.

I'm sorry, but I still see examples that only explain what majority rules is. I'm not seeing where you are suggesting one thing or another different than what I've said. Again, it's an excellent system as long as you agree with the majority.

I'm assuming you're not suggesting that since people "always" change the context on the usage of somebody else's words that it's an acceptable thing to do.

> I'm sorry, but I still see examples that only explain what majority rules is.

No. What I'm explaining is not how the majority opinion is treated, but how the minority opinion is, namely, it is not blocked. Majority rule could also mean that the minority is barred from voicing their opinions, but that is not the system I'm describing.

> Again, it's an excellent system as long as you agree with the majority.

I don't know about excellent, but it works well well even if you're not. I can't see how society can operate if every opinion -- no matter how fringe -- is given the same prominence.

Unfortunately, we've seen a lot of situations where the "majority," at least of those who speak up, are (for example) opposed to heavily restrictive codes of conduct proposed by outside groups, yet the code is forced through anyway by project leaders. Majority rule seems to be valid only when the majority votes the "right" way.

OK, but do you have a better system? The large, mainstream platforms need to be managed somehow, and their content has to be not too far from the consensus. You don't have to like it, but that's how the mainstream operates. As long as you have other venues where you can do stuff that's outside the consensus, I don't see the problem. I think that the way GitHub is managed now in terms of content (including code of conduct enforced by project leads) is very reasonable for a mainstream platform.

Personally, I don't know if research shows open-source code-of-conduct helps curtail the very real, very serious problem of online-community marginalization (I have seen research on that) or not, but I'd rather defer to the experts, and in any case, it's worth a try. Just as code should be written by expert programmers, community management should be directed by the advice of social experts. Again, I don't know if this is backed by research or an experiment in itself to see if the approach is effective, but I'd rather trust people who devote their lives to studying the issue than to programmers who just "feel" this is wrong. If programmers want to run their own communities and not rely on the advice of experts, they're welcome to do it outside the mainstream platforms. If their approach works better to decrease marginalization, I'm sure the experts will take it to heart.

Oh, I agree with you as far as majority rules. It's not great, but you need something and that's less unjust than most other options. What I'm complaining (pointlessly) about is that in these cases majority does not rule: some administrator or corporate functionary has already decided, and that's that.

With regards to who should be trusted to manage communities, I'm afraid I can't convince myself to believe in the experts. In most cases, these "experts" are not people who have successfully managed communities or are even particularly well educated on how they work; they are self-appointed thought leaders with, often, fringe agendas and little concern for who gets trampled in the process of enacting them. They are generally the last possible people you would want to put in charge of anything.

>. If programmers want to run their own communities and not rely on the advice of experts, they're welcome to do it outside the mainstream platforms.

Not if the "experts" do everything in their power to marginalize and poison the public image of those non-mainstream platforms, unfortunately. I think it was either Scott Alexander or one of his commenters who pointed out that, if you take over a community and impose anti-witchcraft policies, you can then easily dismiss any alternate communities -- with a certain amount of accuracy, even -- as being full of witches.

> Not if the "experts" do everything in their power to marginalize and poison the public image of those non-mainstream platforms, unfortunately.

Why not? I mean I can see how the "victims" wouldn't like it, but a society without any such form of influence is a society without interaction. For example, one person living in an empty world can be completely free (within their abilities), but two (or more) who may interact cannot. Either you allow one the freedom to restrict the other's freedom, or you limit both persons' freedom to exclude mutual freedom-limiting actions (by whatever means, be they forceful enforcement, internalized ethics or any other). The best you can do is manage freedom to some mutually acceptable level.

As the accusation directed towards those "free" programmers is precisely that they marginalize others (and contrary to the insistence of some of those programmers, that accusation is backed by actual data), this "persecution" is the best means we have curtail their behavior (unfortunately they are not persuaded by other means), and since the framework of our society allows this form of persecution but not actual punitive legal actions, it seems quite fair to me. Further restrictions against such persecution would naturally cut both ways.

So, given the current legal framework where marginalization is legal but may of course have social consequences, those developers would just need to be tough and bear them, which is pretty much what they say their own victims should do. Then why do experts prefer the well beings of some marginalized groups over that of exclusive programmers? Well, as any form of full or partial freedom-restriction works both ways, the thinking is that social groups with less power deserve more protection. Obviously, no one like to be marginalized in any way -- even the more powerful members of society -- but if someone must be hurt, we prefer it to be a group that will suffer less real damage.

In any case, if you prefer that such persecution would be prohibited with more forceful enforcement (say, legal), I'm sure that could be arranged, but I'm not sure those programmers would like the result any better.

I think you're missing the distinction between what is legal and what is right. I will cheerfully agree that the "expert" attempt to marginalize those who disagree with them politically is legal, and any attempt to legally prohibit it would have worse consequences (not least of which, the experts would use new laws as a weapon against their enemies rather than the other way around.) I will not, however, grant that it is right.

> Well, as any form of full or partial freedom-restriction works both ways, the thinking is that social groups with less power deserve more protection. Obviously, no one like to be marginalized in any way -- even the more powerful members of society -- but if someone must be hurt, we prefer it to be a group that will suffer less real damage.

Bit of a tangent, but if you deliberately wanted to create furious opposition to your policies there's no better way than to put unequal protection front and center. "Everybody should be protected from X" is a winning policy. "These strangers over here should be protected from X, but not you" is, to put it charitably, not.

> I will not, however, grant that it is right.

What proper mechanisms, then, does society grant the victims of weak-group-marginalization to fight their own marginalization? You're suggesting that even drawing people's attention to it is wrong.

> Bit of a tangent, but if you deliberately wanted to create furious opposition to your policies there's no better way than to put unequal protection front and center. "Everybody should be protected from X" is a winning policy. "These strangers over here should be protected from X, but not you" is, to put it charitably, not.

Unequal protection is already present everywhere. It is not binary (neither is it in this case), but it is very much at the core of modern democracy. The idea is that different people benefit from society to different extents or are harmed by society to a different extent, and therefore the taxes they need to pay or the investment they get from society should reflect that. Victims of a crime -- say theft -- are eligible for restitution, while people who are not victims, aren't. The idea of unequal protection in this case is that some groups are victims to unfair exclusion, and correcting that exclusion is fair.

> Victims of a crime -- say theft -- are eligible for restitution, while people who are not victims, aren't.

But I'm pretty sure you wouldn't endorse a policy where, say, white victims of theft are entitled to restitution, whereas black victims are not. That's what is all too frequently proposed by the "experts."

I think that the experts say that blacks are victims of theft by whites. A quick read of the economic history of the US would show that they are clearly right. You don't need to be an expert to see that this is the case. Those opposed to restitution are not opposed because it's wrong, unfair or unjust (as it is clearly right, fair and just), but because at this point it may cause more trouble than good.

I'm sorry, at this point I don't even understand what you're saying or how it relates to the topic. I meant "theft" as in, you know, somebody breaks into your house and steals your TV set, not some weird fringe theory about reparations.

so what do you think of saudi prince becoming second twitter biggest stakeholder. He is free to censor anti saudi govt speech on twitter?

I don't know what you mean by "free". Of course, a business owner is free to direct their business as they wish within law. Would I like it? No. But businesses are rarely ideologically neutral, and they often reflect the ideals and world views of the societies that created them. As Twitter is a Western company, it reflects Western notions, so I wouldn't be happy when it starts reflecting Saudi world views, but if it does, I guess someone will start another Western Twitter. If you want Twitter to be a public infrastructure rather than a private business, make it a government-owned company.

It's the "etc" that allows you to remove "retard".

"Regulating content" just meaning having some standards for what is hosted on their sites.

GitHub is (or should be) just another Git hosting site/Web frontend/misc. integration with other software project's concern. It should be relatively simple to just choose another website. If we've gotten to the point of saying that they are 'regulating the content of open source projects', we've already failed by making GitHub too important.

I happen to be an acquaintance of Rachel Myers, and while she does do not-for-profit stuff outside of work, do you have some evidence that she's a "social impact employee" there? It's not obvious on her Twitter/Github profiles.

I don't want to assume any motive to your comment, but I think it would be a cause for concern if the world at large assumes that women/minorities are hired strictly for their "social impact".

I assumed it had to do something with community involvement from here


Github is a trailblazer here for tech companies taking social impact seriously. There is nothing derogatory about it. They do amazing projects in this area




I was merely curious about how this fits into their grander strategy.

Yeah, I'd honestly like for a website that actually focused on "Social Coding" rather than the Enterprise Money that GitHub is focusing on. Tbh, that is what GitLab, Bitbucket does also which is why they really are only effective as replacements rather than improvements upon.

I wonder if threads like this keep popping up if people will say "Fuck it" and build an OSS Github clone that focus on being the Reddit of Code/Git rather than another Version Control Enterprise product.

I'd do it but I'm an asshole, not a community builder.


Since I'm in the edit window and its complaining I submit too fast:

Tbh, the problem with Kallithea SCM and Trac is they aren't really built to generate network effects. They both suffer from the same problem as literally every other unsuccessful Github competitor has:

1) You need something built to generate a network effect first, other considerations second, to successfully compete.

2) You need to then leverage that network to chase Corporate money.

GitHub seems to be neglecting #1 in favor of #2 and that imbalance is an opportunity if someone can exploit it. However, that requires someone who is good at being a community builder rather than a software dev.

Recently even Python language planned to move its repositories to github.com for network effect, instead of helping projects like kallithea SCM and trac by partnering with software conservancy or gnu. Python should learn a lesson when they decided to move their repository to closed source system like github. But obviously as people use Facebook, developers use github for the same reason, network effect.

I hope they change the decision to support one of the project like Kallithea or trac by migrating their system and build network effects.

> instead of helping projects

This isn't how it works. You don't help projects by pretending the football-stadium-sized issues with them don't exist and using them despite their flaws.

Trac is an awful, awful piece of software. It's awful to set up, to use, to maintain, to gather feedback from, it's awful for just about everything. If in some very weird parallel universe it gathered even 1% of the following that Github has today, you'd find a 20 page google document at the top of HN about its issues.

This is me being nice. Kallithea is a lot better, but it's just a far poorer Github-like clone. You might as well use Gitlab.

The other advantage of Github is the network effect. You don't have to create yet-another account, which removes a barrier to contributions.

When you're an open source project, you can think of the "Submit issue" button as your payment form. Same UX rules apply: The user must be able to file the issue as easily as possible. You should not throw obstacles in their way. You should not ask 50 questions when they can't answer half of them, especially if they just want to tell you "You have a typo in decode.c" or even just say hi.

Time to enrollment. How easy is it to become a contributor? When I file an issue on your project, I am doing you a favour - you should help me help you. I have myself given up on several large scale projects because they use shit software for bug tracking. It's not fun.

A lot of people don't understand this today. Github has fixed these issues and this is a huge reason why they are popular. And before you say anything, this document here is about is not time to enrollment, but quality of life when you are already a developer (especially on large projects). I'd certainly love for GH to fix those.

Ubuntu has actively moved away from directing users to Launchpad to report a bug from a crash, and instead moved towards reporting to a crash database where they're triaged by actual developers.

Debian, in a similar vein, doesn't even have a web form to report bugs. As a result, almost every bug I've gotten on a Debian package has been clueful. At the very least, I know what version of the software they're running.

I've managed repositories that have gotten hundreds of low-quality issues. The poor filtering and curation functionality of GitHub ensures that a good deal of my spare time I have to work on those projects is spent managing the inbound issue flow, which is at least 90% noise.

Thank you for your time spent on Debian!

Gitlab is FOSS and does everything Github does (arguably) better.

The only reason one would use Github is for network effect.

Personaly i believe the ethical trade off to be too great, and I believe FOSS supporters should agree with me.

Look at diagoproject.com's ticket triage. They moved repository to github.com but cannot move issues there. It's built on trac and works. I am sure github.com will take ages to do such thing. Indeed even Python needs to rely on roundup for issues tracking. Now the developers will be more miserable since issues won't directly link to commits or changes which is loss of integrity.

Also from a ethical point of view it's wrong to trust for profit commercial closed source for community driven open source work. I am sure history will repeat and github.com will become future sourceforge.net.

The django project is one of the last big trac users. That doesn't mean it's a good idea to use trac. They should definitely move issues to github, or at least to a better issue tracking platform.

"I am sure github.com will take ages to do such thing" I have no idea what you're on about. I handled the migration of a massive bugzilla database to Github. Wrote this[1] in the process. The github team was super friendly and helpful in assisting me in the process with zero delays (shout out to Ivan!).

[1] https://github.com/jleclanche/bugzilla-to-github/

> and trac

Because, honestly, trac just sucks. It ain't as bad as the stuff Atlassian sells but still... it tries to be a fusion of MediaWiki and Bugzilla, and eh nope.

I still get a few emails a year from Trac instances where there is no support for unsubscribing emails

OMG can we get a moratorium on "tbh"? Just say "Indeed" or some other filler. "To be honest" is bad writing even when it's spelled out.

How reasonable is it to make issue tracking and social interaction part of the SCM itself [with optional web interface] ?

git issues "This needs attention"

>> Issue #1 created

git issues

>> List of issues

git issues -u #11

>> Issue #11 up voted

>> #11 Important stuff, needs attention

git issues -d #6

>> Issue #6 down voted

git issues -f #4

>> Issue #4 flagged

Your `.git` directory would become huge pretty quickly and you would have plenty of problems with people commenting on issues without having a repo up-to-date. How would you handle conflicts in that case?

How is that a different problem than people editing code in a repo that's out of date?

You have to be a coder to participate~

> They're chasing some other goal...whatever it is.

Maybe putting most of their efforts into Atom and Electron?

Mayhap it is related to their abandonment of being a meritocracy as doing such was being divisive? Success can be very devise as well so perhaps they are making a noble sacrifice to avoid dividing people.

We need world class, modern, distributed bug tracking now. If you google around for this technology, a lot of nice ideas, many using git itself as transport, were poking around, and around 2009 they started falling silent. Why? Because GitHub started up and everyone just buzzed over to it like so many moths to a flame, having learned nothing from places like Sourceforge about what happens when 90% of the open source world trusts their issue trackers, which is really a huge part of a project's documentation, to a for-profit, closed source platform that does not provide very good interoperability.

If GitHub is kicking back and sitting on their huge valuations, then it's time to pick up this work again. If issue tracking and code reviews were based on a common, distributed system like git itself, then all these companies could compete evenly for features and UX on top of such a system, without ever having the advantage of "locking in" its users with extremely high migration costs.

> If GitHub is kicking back and sitting on their huge valuations,

There is no longer an "if". It's absolutely true that GitHub is cruising at this time. For example: They are more interested in hiring community managers / community "heroes" instead of actual engineers in SF.

Seems like this open letter is exactly the kind of thing a community manager should have gotten on tho.

This. I'm a big fan of Github, but it bothers me that this single service is the centerpiece of most OSS projects. We see it every time Github goes down and virtually nobody can be productive anymore. I hope to see a version control system on top of IPFS some day.

Ironically, git itself is decentralized. More effort should go into decentralized software architectures, especially in the current security climate where having a central point of failure is like having a virtual bull's eye for bad guys. There's no reason you couldn't have a decentralized issue tracker for example.

> If issue tracking and code reviews were based on a common, distributed system like git itself

There you go: https://github.com/google/git-appraise

Suckless have discussed this several times and have fallen back to an email mailing list.


Last one proposed by someone: http://lists.suckless.org/dev/1504/26210.html

The problem with mailing lists is that patches and bug reports get forgotten.

Well that's a problem with the developers.

Amount of times I've posted a bug on a mailing list and a core developer doesn't care to respond is unbelievable. Here is a recent one: http://lists.alpinelinux.org/alpine-user/0042.html

>We need world class, modern, distributed bug tracking now

Distributed is the key word. Blockchain/Bitcoin (not withstanding the hurtful politics ongoing at present) has shown the way, and ideally most shared/social things should work in a distributed, trust-less environment in future. Including Social networks and Search Engines.

So it is quite natural, that OSS developers can pave the way for shared/distributed source control (a protocol on top of GIT. Just like HTTP is over TCP).

Just to clarify, I don't hate github. But it sort of obscures the beauty/advancement that is GIT, over previous version control softwares. Wonder what does the creator Linus think of this?

Well, for one he doesn't like GitHub pull requests. ;)


> We need world class, modern, distributed bug tracking now.

Why distributed? You need a central place to report bugs and track them to ensure they’re not duplicated everywhere.

I am not Michael Bayer (but I hope to be more like him someday)... that said, what I think he means or could mean is that issues would be distributed along with the repo. Maybe something like a git log for issues that are attached to and/or part of the repo itself.

Thinking about it, something like this would be sweet. I would immediately have a snap shot of things that might go boom when I run said software. eta: Instead, I have to go dig through github itself, which is slow compared to greping through a git log.

yes, fossil, you need to get me past this:


I'm talking about a portable issue tracker format that ideally uses something like git as its transport (but note: this does not mean that the issue database would travel along with the application's source code! That might be nice as an option but not by design). command-line and web-based front ends can then refer to it. Fossil, OTOH, looks like a huge monolithic web application / version control system / issue tracker / kitchen sink written in very hard-coded C.

Looking through some docs, Fossil is anti-git and it claims its own DVCS is a great improvement over git: http://fossil-scm.org/index.html/doc/trunk/www/quotes.wiki. Because Fossil has every possible feature packed all into one monolithic executable, rather than relying upon existing systems like diff, patch, etc. this means Fossil is "the opposite of bloat": http://fossil-scm.org/index.html/doc/trunk/www/qandc.wiki (in fact that is the opposite of the opposite of bloat....)

Problem is for that system you need per-user authentication mechanisms to verify the interacting party in a bug report. If you can't do that, people can impersonate project members and you're going to have a bad time. Centralized issue tracking is not winning because of implementation details, its winning because you need some central authority to verify people are real and who they say they are.

You would have to sign off every message in a git log tree with a personally authenticated gpg key that can be found in a public keyserver everyone trusts.

All of those issues would apply to DVCS as well, I can clone any project and commit whatever crap I want to it, I just can't push to the main repo of the project.

Distributed issue tracking would use a similar pull model, but in reality wouldn't normally need people to be "cloning" it or anything like that; more realistically, a project would have just one place that is the "official" bug tracker just like they do a git repo now. But with "distributed", you can now have read-only mirrors of it elsewhere, you can have alternative GUIs that can push to the "official" repo as long as you have an account on that "official" host (which may as well be github), etc. It's not as important that it's truly "distributed", more that this is a set of issues that as a body of information about a project can and does live in many places, just like the version control does, just like the mailing list does, just like the IRC logs do. Right now issue tracking is like none of these other things.

Bugs Everywhere was one of the leading distributed bug trackers. They don't seem to be gaining any traction unfortunately.


Also, no GUI emerged. This is what github gives you on top of git.

Why distributed version control? You need a central place to pull from and push to, to ensure that forks and patches are not duplicated everywhere... ;)

I wrote a little bit about this two years ago: https://sny.no/2014/04/dbts

There’s not necessarily an antagonism between distributed and centralised in this case. You can still have a centralised frontend such as Github Issues, backed by a versioned and distributed backend using i.e. git.

You mean like GitLab?

GitLab is still centralised (whomever is hosting…), not distributed.

Maybe you're interested in this feature request https://gitlab.com/gitlab-org/gitlab-ce/issues/4013 to implement cross-server (federated) merge requests.


How about improving Gittorrent?

I do not operate a popular OSS project, but I have experienced the +1 spam and it sucks. The suggestions, in my opinion seem rational.

Interesting side note: With the exception of Selenium, most of signees are maintainers of JS/HTML OSS projects. I wonder if we could objectively compare JS to <lang> projects in terms of the problems mentioned in the document. For example, there is a strong correlation between +1'ers and JS repos vs. Python or vice versa. Perhaps, we could walk away with JS devs are more chatty than CPP developers when discussing issues... I don't know, just a thought.

I think it's just monkey see->monkey do. As soon as one person said +1, everyone that saw it thought that that's just how you voted for stuff. It's the same reason you see comments on HN or reddit that just say "This." or that if you leave your shoes by the door, everyone else will do the same. I doubt these people keep doing it if you ask them not to.

There's an old story about this man who stood quietly next to a closed door in Moscow, said nothing to no one, and did nothing else of interest. Eventually others joined him, and before long a queue has formed. No one knew what they were standing in line for.

Monkey see - monkey do.

I remember one day I was walking through london with multiple hours to kill; and there was a massive line. Without anything else to do, I just stood in it. Approx 45 minutes later, I got to the front: turns out it was a sale for a clothing store. I didn't really need any clothing, but the discounts were good; so I purchased a jacket. This was 6 years ago and it's still my favourite jacket....

One of Milgram's experiments (not the infamous one) tested this, using people standing on the sidewalk looking up.


He might think he's testing conformance, but he actually just tested curiosity.

Wouldn't they at least ask after a while if that was the case?

What makes you think they didn't? I saw lots of people look up, check the people around them and keep going.

I really want to try this out myself now.

Is it really possible that people just continue standing there while not getting why they are doing it? Don't they even care to ask?

Feels like it would take just a single guy to ask: "What are we looking at?" For everyone to realize that they are acting like fools.

So try it! Elevators are wonderful places for things like this :)

Try the classic: enter an elevator and turn around to face the back - see how many copy you.

I agree that that's probably how it started, but it seems that once the cultural expectation has been set, it's hard for a single project maintainer to set a different custom just for their own project. People are going to use the conventions and communication methods that they learn elsewhere, even if you say not to in the contributing guidelines document. You might be able to get individuals to stop doing it in your project by asking them directly, but then each person has done it at least once, and you've had to ask each person to change their normal habits. Besides, as they note in the letter, there is a valid and valuable purpose to these communications, it would just be better if they were in a different place than clogging up the comment thread.

StackOverflow tackled this by intercepting plus one posts and telling people to just vote. GitHub should do the same (with starring or following).

Yeah, and now look at SO, it's got so many "rules" that you can't look cross eyed at it without breaking one of them. "You don't have enough rep!" "A minimum of 15 characters per comment." "At least 5 characters per edit." "That's been asked before." Eventually, everyone just stands in line with blinders on, forced to stare straight ahead, mouth shut, one step at a time. There's never an end once you start "tackling" these so called problems.

"This." or "+1" is a more expressive way of showing support beyond anonymous voting mechanisms.

I maintain a C repo[1] and user idiocy is much lower than what I've seen in JS projects of similar popularity. Still, I agree with these criticisms of GitHub. I hate +1 spam enough to delete such comments. Sometimes I even ban those who do it. I'm frustrated by people who open idiotic issues[2][3][4][5]. I procrastinate on bad pull requests because my options are:

1. Close the PR with little or no comment. People then think I'm an asshole.

2. Spend hours explaining why the code is terrible and why it can't be improved. In addition to being a big time sink, PR submitters often don't understand the criticisms. Half the time, they still think I'm wrong.

People even defend stuff as obviously wrong as adding a thousand lines of GPL'd code to an Apache-licensed project.[6] Then they say I should remove .gitignore support from ag because it doesn't implement 100% of .gitignore syntax. As if users would be happier with tons of extraneous results instead of some extraneous results.

A lot of this is cultural, but GitHub could help steer things in a better direction with the features proposed in this letter. I hope they take this letter seriously.

1. https://github.com/ggreer/the_silver_searcher

2. User accuses ag of hard-locking his computer: https://github.com/ggreer/the_silver_searcher/issues/791

3. User wants ag to always print filenames, unlike every other tool out there: https://github.com/ggreer/the_silver_searcher/issues/749

4. User wants ag to replace PCRE with a totally different, incompatible regex library: https://github.com/ggreer/the_silver_searcher/issues/698

5. User aliases 'ag' to 'grep', then complains ag doesn't work: https://github.com/ggreer/the_silver_searcher/issues/578

6. https://github.com/ggreer/the_silver_searcher/pull/614

I actually hesitate to really "watch" repos because the sheer volume of email generated is staggering. I take my hat off to those who run successful OSS projects. Thank you!

About number 5. I don't see anyone complaining about anything.

Maybe "complain" is too strong, but he created a GitHub issue –notifying several hundred people– without running ag --version. Heck, he didn't even look at the output of his command. It was immediately obvious to me, from the limited information he provided, that it was a bash alias.

Looks like a genuine mistake. He apologised. You've never done something dumb and didn't realise it?

I think this gets to the root of the GH problem

To the person raising the issue it's a simple mistake, sorry.

To the person that has to deal with it, it's yet another issue being raised where the reporter didn't follow the necessary steps to diagnose the problem themselves and (implicitly) expected a bunch of other people to apply their own time to solving it.

If the "New Issue" form had a place where the reporter was asked to paste the output from ag --version then it might have caught the accident before it wasted the developers' time.

I think it's an over reaction to describe the issue as a complaint, but it is an example of how the GitHub UI forces project admins to deal with incomplete and poorly investigated issues from users.

All successful products will have stupid users. If you don't want to have stupid users, don't write successful software.

A mistake, I can understand. But each issue I linked to was not a mistake. Each one was the end result of a series of mistakes stemming from a combination of ignorance, negligence, and (occasionally) incompetence.

Have I done dumb things without realizing? Of course.[1] But in almost 20 years of software development, I have never created issues resembling the ones I linked to. Bug reports are seen by hundreds of people and take up valuable developer time, so I make sure mine are useful.

To use an analogy: Say I'm giving a talk to an audience of a hundred people. I wouldn't do it extemporaneously, without slides, then walk away in the middle of Q&A. And if I did, I wouldn't call it a mistake. I'd call it being a terrible presenter. Yet that's what bad bug reports are like:

User (notifying hundreds of people): "It doesn't work."

Dev: "What version are you using? What error messages do you see? How are you running it?"

User: * crickets *

It's gotten bad enough that I wrote a short post on how to report bugs.[2]

1. https://news.ycombinator.com/item?id=7145451

2. http://geoff.greer.fm/2015/08/15/how-to-write-good-bug-repor...

Why would you even respond to a bug report that was "it doesn't work."

Such a vague report tells you all you need to know about whether it's going to be worth your time trying to work with the person who submitted it. Close it immediately as non-actionable.

As much as I respect you for The Silver Surfer, that 5th issue was a very silly mistake.

Do you really want people to be afraid to report an issue in case it's something silly/not an actual problem? Would that be better?

I guess it depends on the project and its contribution guidelines.

> Do you really want people to be afraid to report an issue in case it's something silly/not an actual problem? Would that be better?

I seriously doubt the pendulum will swing too far in the opposite direction. Right now, the majority of created issues are close to useless. If those people took five minutes of their own time to troubleshoot, it would save others hours.

True, but it's still user problems that aren't problems with the software itself. Far too often you get people who want help with _everything_ on a project, from installing the right language, their editor and so on when it's not something that really concerns you.

SourceForge fixed the +1 issue recently.

The same question about JS repos struck me. I suspect that if you write a shared letter then you just ask your network to sign it instead of <random other person from different ecosystem>, but I would be curious to know if these grievances are disproportionate in different communities.

I'd like to think that someone who writes this kind of letter would take such a thing into account. It's really possible that there is a strong correlation between a language and people being more involved with Github. I wouldn't be surprised that many developers from other language ecosystems just don't care.

Stack Overflow tried preventing +1/-1 comments[1], and the community came to the consensus[2][3] that those comments can be useful.




From skimming, they found "+/-1, because REASON" to be valuable, not "+/-1". Indeed, in the open letter, they mention these are valuable, but the current implementation is a pain.

Google Code has primarily been used for Chromium's issue tracker, but they have a star system for exactly this reason.

You can sort something by stars, but it's bad etiquette there for a user to comment +1 rather than just star.

Yep. The problem is that some users are not aware of the conventions, and often you see on the Android Google Code repo "+1" or something along the lines of "Google plz fix this".

This becomes heavily apparent when someone posts an Android issue directly onto the Android subreddit. I suspect the same could happen with GitHub issues. When you see others posting "+1", then others follow the same practice.

It seems to me that it would be a good idea to have a special-case that turns a comment where the only content is "+1" into a star request instead.

I believe GitHub translates :+1: into a thumbs-up icon, so you'd probably want to limit your filter so it only applies to non-contributors.

But still, yeah, it would be fairly trivial to require posts to be more than +1, or to display a warning when anyone starts a post with :+1:

I agree that the suggestions are great; I'm also generally happy to see a letter like this take a clear tone without being aggressive or overtly confrontational. Re: the prevalence JS/HTML projects, I think that may just be a matter of simple base popularity; the web is the most popular development platform, and JS is the most used language on github (githut.info has great stats on this). If the letter gains steam, I'm sure we could expect project maintainers from other ecosystems to get on board.

I noticed that most of the signers are maintaning JS/HTML projects too.

I wonder if those types of projects are more likely to have these problems (larger userbase? Less experienced userbase? just different userbase?)? It could also just be a coincidence that they knew each other because they work on similar things, and a group of people who knew each other are the ones who wrote the letter.

+1 isn't spam. It's valuable. However the implementation of how people can +1 an issue that's very important to them is the point. There should be a voting system.

Spam would indicate that +1 adds no value.. But it does! If I have an issue with no comments, no indication of its importance to the users, then I would deprioritize that issue over another one that has lots of activity.

+1 is valuable, it's just the form that Github forces it into (comments) winds up looking spammy. Make it a counter - simple enough.

This first request is the anti-thesis of GitHub's simple approach:

>Issues are often filed missing crucial information like reproduction steps or version tested. We’d like issues to gain custom fields, along with a mechanism (such as a mandatory issue template, perhaps powered by a newissue.md in root as a likely-simple solution) for ensuring they are filled out in every issue.

Every checkbox, text-field and dropdown you add to a page adds cognitive overhead to the process and GitHub has historically taken a pretty solid stance against this.

From "How GitHub uses GitHub to Build GitHub"[1]: http://i.imgur.com/1yJx8CG.png

There are tools like Jira and Bugzilla for people who prefer this style of issue management. I hope GitHub resists the temptation to add whatever people ask of them.

[1] http://zachholman.com/talk/how-github-uses-github-to-build-g...

> adds cognitive overhead to the process

Yes! The maintainers deliberately want to add cognitive overhead so the quality bar for creating issues is higher.

By having simple zero-friction forms, you haven't removed cognitive overhead. You've simply shifted the cognitive load into the followup messages asking for clarification of "reproduction steps", "version tested". The issues' threads therefore begin with "meta" type questions which duplicate the checkboxes and dropdowns you were trying to avoid.

The default can remain zero-friction but it seems very reasonable to offer options for maintainers to gain some control over their inbox.

So use a real issue tracker. Most of the big ones integrate with github. Why should they reinvent this wheel?

>So use a real issue tracker.

That's a reasonable answer -- but it's an answer to question I wasn't addressing. Whether github reinvents the wheel is not relevant to my point.

I was specifically debunking the illusion that "simplicity of the issues submission form == no cognitive overhead".

If the "issues creation" web form is lightweight, the submitters will eventually expend "cognitive overhead" by clogging up the threads with clarification messages.

If the project maintainer uses your solution of an external tracker, that means the submitter still expends cognitive overhead by noticing that the project's "issue tracking" has been disabled, and then reading front page README.TXT or CONTRIBUTIONS.TXT to figure out what external website he's supposed to use to submit issues. No doubt the web forms[1] on those external trackers will have the checkboxes and dropdowns that some people are suggesting people avoid.

The "cognitive overhead" required to clarify and provide meta-descriptions for bug reports is inescapable. You're only deciding whether it is structured or unstructured and where it is shifted.

Your reply is going in different direction from cognitive overhead and on that perspective, I don't know what makes the most sense. My guess is that many open source maintainers don't need a heavyweight tracker that can do things like assign tasks to multiple programmers, burn down dashboards, correlate activity hours to billing, etc. They don't need all that. They just want a template to improve how users file issues. Maybe a survey would provide insight as to whether your answer is the most sensible.


If not to be a hosted software lifecycle tool, what the hell is Github even for?

"Software lifecycle tool" is too vague for a product to have focus and open to too many interpretations as to what it should include. Even limiting scope to issue tracking, there are different points of view on how that should work and several widely-used but rather different software alternatives to choose from.

And how many teams spend the first three months of a project building a custom issue tracker because they don't like any of the off-the-shelf options? Trying to get issue-tracking "right" is a black hole for a company like github. Which is probably why they provide the bare minimum free-form issue and that's it.

Zero structure just leads to lots of shitty issues that have no information on what version of the software it was against, no reproduction steps, and no stacktrace or debug output. I'm tired of closing issues with "I cant reproduce at all, maybe you're on an old version? Anyway feel free to open a new bug if you ever come up with a reproduction step..."

A simple optional field to include the version number that the issue was being reported against would do wonders for my interaction with users.

And you don't need to include that on your software project, but really if our users can't be bothered to tell us what version they're running, I have many, many other issues to fix which I know are broken in master.

Which I guess is the difference. If you're a small project with few users, then the handful of bug reports you get are useful and you want a zero barrier.

I have literally thousands of bug reports, hundreds of those will be left without ever being fixed (even though they may be perfectly legitimate). I have to triage. If a user is blocked by not being able to tell me what version they are running then that pre-triage of making them not even bother to cut a ticket with bad information is useful because then they don't waste any of my time...

This is very true. While clunky to use most support sites for enterprise software includes these types of fields as mandatory to complete a support ticket.

As someone who has opened issues myself on projects in gitHub its easy to be unaware or even forget all the information a maintainer would need to reproduce the issue. As someone who uses an open source stack every day anything to make the whole issue flow better for maintainers and users I'm for 110%

But the big thing that GitHub doesn't use GitHub for is interacting with the masses.

- GitHub doesn't use GitHub issues to take feature requests or bug reports.

- GitHub doesn't use Pull Requests to allow users to submit bug fixes

When all your issues and pull-request are being raised by a defined set of people who are (or ought to be) committed to the same collective goal (because they're employees of the same company) you can develop a culture and norms around how those things work.

If "Some Guy" at GitHub raises issues where the only description is "This feature doesn't work on Mac" or raises PRs where the only description is "this fixes a bug I found" the cultural pressure would teach him/her that's not how things are done, and if the lesson wasn't learned, then they wouldn't last at GitHub.

When the people you're interacting with are infrequent contributors, it's a different scenario. They need guidance. They need to be pushed to go down the helpful path on their first attempt, because there are too many new contributors and they often don't stick around for long enough to change behaviours by osmosis and cultural pressure.

> Every checkbox, text-field and dropdown you add to a page adds cognitive overhead to the process

I do concur, but there should be at least some of them. One shouldn't have to hope that people will be kind enough to submit proper issues, the platform should force them somehow to do so. I think, if a study of github issues was made, we'd see that about first five messages on a given issue would be those of maintainers craving for more input. What is the output of dmesg, how is your configuration, what is the output of the process, can you run it with the verbose flag on... A bit of cognitive overload is good, so that who submit bugs are those who take the burden of doing so.

If I read it right, they're not asking for a more complicated default for all projects, just that they can customize it for their projects.

And I agree, simple is good... but simple is also bad for large projects, as while it makes it easier to create a ticket, it makes it harder to track for the maintainers. They are (rightfully) looking to ease their work, and I do believe it is a net win for both sides if filing a bug is made a little harder, but it becomes a lot easier to manage.

It can be as simple as a text file that is dropped into the content-free TEXTAREA that currently greets new issue reporters. Try running a big project like jQuery, Angular, or Babel and you'll understand how important a feature like this would be.

Disagreed. In a free-for-all environment like FOSS, collective lack of details means more time wasted to gather/request for relevant information. Maintainers have the rights to request for such things before sifting through a potential mess of mostly incomplete issues/PRs. Their time is better spent anywhere but gathering correct versions to chase down a bug. People should have the common sense to provide those beforehand but alas, many do not.

It may take cognitive overhead away from the submitter but it shoves it onto the maintainet at the same time. Instead of 100 people having to deal with 1u of cognitive overhead each, you have 1 person having to deal with 100u or more to extract information from the submitters.

This is why your application should always have a "dump version string"-button, conveniently embedded together with your "report bug" button which doesn't have to be more advanced than simply opening your email-client or forward you to a webpage. This form should be free text but pre-filled with the version string pasted at the top and contain headers that invite the user to fill in the rest, such as Reproducing: <write what you did to cause the bug>. 100 different drop-downs makes nobody happy.

The bullet points of complaints feel like a continuation of Linus Torvald's refusal of github pull requests in May 2012.[1]

Taken all together, it seems like github is on a path of alienating their most valuable members. Github was unresponsive to Linus' feature requests and it turns out that theme continues almost 3 years later.

If github plans to evolve into a full-featured ALM[2] like MS Team Foundation or JIRA instead of being relegated to being just a "dumb" disk backup node for repositories, they have to get these UI workflow issues fixed.



I don't see anything wrong with going after the massive amount of smaller project with simple needs, instead of the few large projects & popular projects with very specific needs.

If github evolves to the projects you're mentioning, you'll surely alienate the many more casual users. I personally hate working with the bloated applications you mention.

Distributed revision control users whining about centralized repository lacking features.

Ummm ... anybody getting the irony here?

And, from a GitHub business perspective, why do I hear Lily Tomlin: "We don't care. We don't have to."

Everybody anointed GitHub as "the chosen one" over strenuous objections from some of us that creating another monopoly for open source projects is a bad idea.

Pardon me for enjoying some Schadenfreude now that GitHub leveraged the open-source adoption into corporate contracts and now doesn't have to give two shits about open source folks.

Lily Tomlin's Phone Company Sketch: https://www.youtube.com/watch?v=CHgUN_95UAw

I'm an open source project maintainer and share many of the pain points outlined in the document, but I also totally agree with you. Giving control of your project to a company means losing control and having to resort to desperate pleas like this. This is simply what happens when you can't fork it yourself like you could with an open source project.

It's likely that GitHub will alleviate these pain points in time, but the lesson is the same: let a company control your destiny and you can no longer have what you want or need when their interests diverge from yours, even if their system is the best there is and was radically better than everything else at the time you switched to it.

There's been no mention of phabricator yet so I thought I'd give it a shout out. It's used by LLVM, FreeBSD, Blender, Wikimedia and others and I love it. It's under very active development and even if it doesn't solve every issue in this letter, by using an open source tool for development you of course have the option to customize it to the needs of your community.

I'm looking very closely at Phabricator, it looks quite nice.

Phabricator is pretty great overall, love that it's under such active development.

Only gripe is that some parts of it are still highly coupled, so doing something like adding a custom button to the text editor view or writing your own internal application very quickly becomes a huge mess, an effect that is multiplied by the active development and no promise of stable public APIs.

Your experience will be great as long as you don't try and do anything custom, at least for the next year or two.

Phabricator is great! I host it for a couple of my projects. I love it, and it was easy to setup.

Seriously: if you have a web server (or php hosting) anywhere, try out phabricator; it's easy to setup, and you can even point it at a github (or any public git/svn/hg) repository to fiddle around with its features, as hosting the repository inside phabricator is not mandatory.

Another shoutout here to phabricator. I started hosting it internally at the company a year ago and have near 100% adoption from developers for code reviews, additionally using the task/issue tracking for some projects.

Thanks for the suggestion, I didn't knew about it. After a quick read, it seems to be a very interesting alternative.

Is this a case of the squeakiest wheels getting the grease? What if these problems aren't representative of the overall user base? What if far more people prefer a more simple, minimalistic interface than an ultra-customizeable interface with myriad custom actions and events. I've always appreciated software that deliberately keeps things simple (Basecamp and Workflowly come to mind). It sounds like these people want a full blown Jira/Stash installation.

I don't like the general feel of these suggestions. It sounds like more bureaucratic features, the lack of which is a big part of why GitHub is so pleasant.

Making an issue or a pull request feels like having a casual chat with the project maintainers. Adding fields and other hoops to jump through puts distance between people.

I guess for maintainers of popular projects, everybody's "casual chat" (by people who did not read CONTRIBUTING.txt, do not supply the version of relevant software they are using etc.) is not as fun as it is for you.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact