Hacker News new | comments | show | ask | jobs | submit login
Gopass – 1k stars later (justwatch.com)
70 points by tex0 on Dec 6, 2017 | hide | past | web | favorite | 19 comments

Github stars are a strikingly fickle metric. There doesn't really seem to be any correlation between # of stars and quality of project or how novel the idea is or similar. It's just a number, basically

It's basically a measure for people interested in your project.

If people are interested in your project then that's a good indication that you're doing something right or at least solving a problem people care about.

I personally like the metric and do use it on my judgment if I should use a project or not. It's like a first filter.

A lot of people use them as a sort of bookmark. I know people who unstar once they've used the project to do what they wanted with it. By that measure, more stars might just mean a project that's interesting sounding but impractical or difficult to actually make something with.

(Disclaimer: This post is about GH stars as a metric. Disputing this metric is not denigrating the project, and I actually think the project is pretty neat.)

However, it doesn't tell you how interested someone is in your project--only that they're interested enough to click a button on their mouse. Moreover, it doesn't even tell you much about how interesting your project is; it doesn't tell you what portion of your GH page's visitors thought it was sufficiently interesting to click the button. They might well get another 1K from this HN article; does that mean their project became twice as interesting today?

From my perspective and how I judge it, yes.

If I was investigating some password solution in Go and gloss over a gopass project with 1k stars I would certainly investigate it.

If another project only has two stars it would get investigated later in case gopass doesn't meet my requirements.

That is not the only metric I use but it is a first pass. I don't think anyone has time to analyze every project out there to see if they're good or not.

It's a little like how people filter out some CVs based on X attribute.

Which is unfair and it isn't the perfect metric but when the volume is too big you gotta have a first filter.

Obviously if someone in my network highly recommend a CV, or, in this case, a Golang pass tool, I would investigate it first

> We could count the number of downloads from the gopass website but that wouldn’t too tell much either.

I mean, I think that'd tell you more than GitHub stars, no? Or at least complement the GitHub stars metric? The downloads would be more useful than stars in the way that it's more likely to be used once someone has downloaded. But so many people use stars as a way to bookmark something they find interesting.

That might be true, but once people start downloading the binaries automatically, e.g. in their CI/CD, that doesn't say anything anymore...

I've been planning a switch to gopass but haven't made the jump yet. I'd love to hear some feedback from people who have been using it, especially any downsides or caveats.

No downsides I've experienced. I switched over 6 months ago, didn't change my .password-store directory at all really, and everything has been smooth. There was even a bug a little while back I reported that was fixed pretty quick.

I had to switch over to support a team who were using gopass too for secret sharing, otherwise I'd probably just be on pass still.

In general I've been pretty happy with gopass. However as there is very sensitive data stored in the stores, some problems I've already run into: * A situation with gopass where it ignored a sub folder's .gpg-id, and as a result it rekeyed all passwords with incorrect recipients. Combined with "autosync", this was a big "oops" moment. * The `recipient` command doesn't work with sub-folders, but doesn't throw an error when a sub-folder is used and will update the root folder. Again, a big "oops" moment.

I found your issue about this: https://github.com/justwatchcom/gopass/issues/462

It sounds serious, for sure, and this software deals with sensitive data, so that is important to keep in mind (though, it versions with Git, so that's a nice safety). I just want to point out how responsive they were in your issue: it appears there was a fix merged in less than a day later!

I've had zero issues and found the team to be very responsive on Github. I worked with the team to help spec. out the XKCD password generating feature and it was done literally a week later. I've become a bit of an evangelist for the tool!


Doesn't seem like a brag as much as a milestone. That being said, as mentioned in the article, only 12k projects on GitHub have hit the 1k mark. I've hit the 100 mark before myself, but not 1k.

Yes, I agree. We just wanted to take the opportunity to reflect on what we did so far. It is supposed to be kind of a status update and thank you to some of the people involved so far.

It's not about the quantity, it's the quality.

It's the little things that make life worth living

We can debate the worth of stars all we want, but these kinds of curves generally aren't linear; there's a big difference between "hundreds" and "a thousand". From TFA:

> Only 12k have more than 1k stars, that is gopass is now within the 0.6% most popular GitHub projects!

I imagine you're a blast at birthday parties.

> That's an odd age to celebrate. I (and many others) have had plenty of birthdays over several decades.

Look what you made me do. Now I had to up vote the story.

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact