Response from Martin Woodward, GitHub’s VP of Developer Relations:
Sorry for the inconvenience @koepnick - while searching across all repos has required being logged in for a long time, when we enhanced the search capabilities earlier in the 2023 we had to extend this to repos as well (see https://github.blog/changelog/2023-06-07-code-search-now-requires-login/).
This is primarily to ensure we can support the load for developers on GitHub and help protect the servers from being overwhelmed by anonymous requests from bots etc.
Sigh, here we go with the shittyness.
It’s okay. We need to move some shit off GH anyway. They’re basically a monopoly on FLOSS code.
They aren’t. C’mon, Jack.
Yeah? When was the last time you clicked on a “Source Code” link and got anything other than a link to GitHub or a direct download of a tarball?
Sure, alternatives exist – I could name half a dozen right now – but no one uses 'em.
I run into the occasional Gitlab-hosted project. Problem is, Gitlab’s equally obnoxious in its own way.
“No one uses them.”
C’mon, Jack.
Lemmy even uses github.
Think about that for a moment.
It’s 10-20x more searched for than Gitlab, and even more compared to smaller alternatives
Ok. But alternatives exist and users have choice. If Github fucks up tomorrow, a user exodus can be triggered just like that. It’s not too hard to migrate from it.
Plus the open source code space is vast. Huge. And the means of distributing it are quite diverse.
It’s been this way since 2016
Microsoft is terrible. Remember they also require you to use a Microsoft account for Minecraft now. Fuck this company so much
And they’re also deleting/deleted all classic Minecraft accounts from before that. They invented an incredibly weird and needlessly obtuse process to extend the migration deadline by 3 months (true final deadline is now mid December 2023), but that’s seemingly it. Everyone not paying too much attention to their email just gets $30 worth of game deleted because of a completely arbitrary decision.
Wait really? I bought it when it entered beta. Do I not own it anymore?
You won’t soon if you don’t migrate your account
Well that’s some bs. I haven’t played in a while but the principle of it still bothers me. Especially since I’d have never known if not for reading this thread.
Anyone without access to their old email also loses their account. I don’t remember which email address I used with my account back in the day (it’s at least ten years old), and since I bought my key from a reseller, I don’t have a receipt. Microsofts response was basically “not our problem, guess you’ll have to pay us again ¯\_(ツ)_/¯”
But this is true for literally anything that requires email verification to login with?
I think msft is scummy here but let’s not pretend it’s unusual that a company isn’t going to help you if you can’t access your email to verify your ownership.
If I lose access to my Gmail account and am unable to login to Amazon bc of that Amazon ain’t going to help me.
In Minecraft’s case, you never needed the email address beyond initial registration. Login was always through username and password, which I still have. Had I actually forgotten my credentials, that would’ve been fair, but I didn’t. They just suddenly decided that that wasn’t enough and they now want some ancient email address that little me had typed in once over ten years ago.
I just let my mincraft license lapse instead of migrating. Fuck em I’ll pirate it from now on.
Have you tried Minetest? It’s pretty good, and not Java based so a lot more lightweight.
Wasn’t this a pre-microsoft change?
Microsoft purchased GitHub in 2018. This change happened this year.
This is primarily to ensure we can support the load for developers on GitHub and help protect the servers from being overwhelmed by anonymous requests from bots etc.
So, Azure’s bot protection is crap. Good to know.
People who haven’t hosted anything bigger than a two digit daily visitors tells Microsoft how bad their bots protection is.
deleted by creator
Google can accommodate billions of searches globally on pages it doesn’t control
Microsoft can’t index a tiny fraction of that number, even for it’s own users.
What a black eye for Microsoft engineering.
TBF going by load times, GitHub search was perpetually on the brink of collapse since well before the Microsoft acquisition. I daren’t imagine what the indexes look like.
Its* own users.
The amount of false positives probably wasn’t worth exposing the feature. Not like they’re going to lose customers over this, people who only access Github without an account are probably a net loss for the company.
Microsoft could build advanced bot detection tools and what have you, but it’s much cheaper to just disable the feature and let people click the login button once every month or so.
I migrated a few code repositories from Github to GitLab literally the same day it was announced that Microsoft was acquiring Github.
The only regret I have is not evaluating a few other options like Codeberg or whatever. But GitLab’s much better than Github.
Gitlab requiring a phone number verified account to report bugs kinda turned me off of that platform. Never used Codeberg but heard good things.
I don’t have a (usable) phone number.
I’ve reported bugs.
I’ve contributed code.
How did I skate?
Codeberg is awesome, it’s just like github but open source and self-hostable (forgejo)
Self hosted gitlab
This has been implemented since like 2016, this is not news lol.
Searching across repos was disabled for anonymous visitors in 2016.
Searching within a repo was disabled for anonymous visitors in 2023.
GitLab, OneDev, Gitea, etc > shithub
Can someone tell me why this is unreasonable?
I think it kind of flies in the face of what Open Source Software should be. They’re walling off code behind accounts in the Microsoft ecosystem.
I think it’s kind of a slippery slope; but I don’t think the search itself being login walled is apocalyptic. As long as anonymous users can clone the repositories and browse the code, I can kind of understand why they don’t want to pay to run an elastic search cluster for bots’ benefit. Presumably in-repo search could be done locally by scrapers’ hardware.
But if it turns into “login to view this repository” then GitHub will have turned evil.
They’re not walling off any code. They’re restricting use of their server-side search resources. Other repository hosting services don’t have code search at all.
It’s more gating off than walling. If it keeps access and usage free I’m ok with it.
Do you really think that’s where they’ll stop, though?
On its own, it’s not. But it’s going to be one step on the path to shit-town.
It is a betrayal to the developers who put our projects up there. We wanted everything to be freely accessible, and of course this is just another step in enshittification of the service. Remember that many of us have small projects with few viewers, and we know that the extra burden on the server side isn’t even measurable. Yet our work is less accessible.
The code is still accessible, you just can’t use the code search function in the web, which normal git doesn’t have anyway.
Yes, precisely. They built a useful feature and are now trying to wall off the garden. Enshittification.
I’m pretty sure this only applies to non-indexed repos right?
indexing is a very expensive process and usually takes 5-10 minutes for repos with 10k+ lines, and letting non-registered users start it is not the best idea in the first placeThis has been around for a while. It may be so they can track and throttle LLMs hovering up public code repos.
Either way, it’s a meh. Not sure why anyone would want to clutch their pearls over this. For those who need it, self-hosted gitlab is available.
I’m not sure LLMs will need to use the search facility when they could clone the repo.
Extinguish
I’m not sure how this impacts 99.99% of all users…
Skewed stats much? Most people in the world dont have a github account. So it impacts 100% of non-user visitors
I like GitHub. Microsoft has been a pretty good steward of it since they bought it. This change isn’t a big deal to me. They are probably doing it to limit AI LLM bots from hoovering up the code theyve already hoovered up.
GitHub pages is really nice too.
They are probably doing it to limit AI LLM bots from hoovering up the code they’ve already hoovered up.
Why is this a bad thing, when M$ is already training on it themselves? If your code is permissively licensed, it seems logical or even desired to be scraped for LLMs
It’s not a bad thing. I was just saying that’s probably why they are doing it.
Everyone is getting super protective about “their” data now.
Oh yea, GitHub copilot is pretty nice too. (trained on all those repos!)
I realize this is a “hate on GitHub” thread so I’m gonna get downvoted for this post too but it does everything I need it to do, the documentation is fantastic, and it’s the “defacto” repo for a lot of stuff.