Hacker News new | past | comments | ask | show | jobs | submit | xeraa's comments login

It's a configuration error (sorry!). Also with thousands of forks this would be a pretty pointless operation. Once something is out (and that includes a license), you cannot just take it back — it will be there forever.

[I work for Elastic]


Yeah. This was a configuration error. Keys you just rotate. Making repos private accidentally creates a whole new mess with forks, stars,... Not recommended

[I work for Elastic]


No need to spread rumours: It was a configuration error. GitHub support is helping with restoring everything, since the fork network, stars,... are otherwise all off.

And if you leak credentials, you'd just have to rotate them. Taking the repo offline would probably be too late anyway and causes a major mess, so not something I could recommend for popular repos

[I work for Elastic]


It would be a "rumour" if I had stated that it was the truth. If it's not the right explanation then fine, but I see no need for defensiveness. I mentioned that possibility not to criticise elastic, but because it's a security property of GitHub that very much violates the principle of least surprise and that I suspect of causing a security problem for at least one of my previous employers. Well worth spreading awareness IMO.

Permissions aren't the problem. But the upstream source of all the forks is wrong if you take a repo private, all stars from folks outside your organization are gone,... So you need GitHub support to restore everything.

And the details how it happened are a bit different but it was a configuration error (making things too secure )

[I work for Elastic]


This bears out the idea that the fastest way to get the truth on the Internet is to say something wrong first.

Well, it was a bad change. But we wouldn't want the wrong story make it worse. It was "just" an error in our configuration.

Fair enough, and what I said was wrong too, so it's turtles all the way down! I butchered Cunningham’s Law, thank you for correcting me, though the name of the law is confusing since it was McGeady who pointed out: "The best way to get the right answer on the Internet is not to ask a question, it’s to post the wrong answer.", which is what I did, and what the parent comment did, it is attributed to the great Ward Cunningham, creator of the first Wiki, who is a rightful dude. I have nerd-sniped myself on this. At least I'm less wrong now, thank you.

GitHub support can (and currently is) restore all of that. The fork network should already be fixed for Elasticsearch again

[I work for Elastic]


Good to know. There was a similarly popular project that didn't get this benefit (https://news.ycombinator.com/item?id=31033758).

8 years ago someone accidentally deleted the elasticsearch repository (thinking it was their private fork ). Back then everything was restored, so I hope we get there again this time too

I hope so too.

I'm the maintainer of a reasonably popular project (~9K stars) and it's certainly a nightmare scenario given that I consider the stars to give it credibility in a crowded space.


Yes, we don't have that competitive clause — it's Hashicorp [I work for Elastic]


We did: https://www.elastic.co/blog/elastic-and-amazon-reach-agreeme...

But it takes a long time. And it's very costly (especially against a much larger entity like Amazon). Legal battles alone will rarely save you (in time).

[I work for Elastic]


Thanks, I'd missed that. Anyway, congrats on doing open source again


> You can now execute Elasticsearch-compatible insert and replace JSON queries, which enables the use of Manticore with tools such as Logstash and Filebeat

Looking at the docs I could only see _create and _doc but not _bulk endpoint support. How will that work with Logstash and Filebeat?


Please take a look at the 'Elasticsearch' tab on this page https://manual.manticoresearch.com/Data_creation_and_modific...


Elasticsearch in later versions has done quite a lot in terms of memory reduction. Last section of https://www.elastic.co/blog/three-ways-improved-elasticsearc... but it has been an ongoing effort in multiple of the later 7.x and and 8.x releases.


In Elasticsearch, the default has changed more than 3 years ago (since we always ship the current JDK by default): https://github.com/elastic/elasticsearch/pull/49123


Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: