GrapheneOS
Proposal: Migrate project code from GitHub to self‑hosted git platforms for infrastructure sovereignty
GitHub was acquired by Microsoft in 2018. Recent moves to fold GitHub into Microsoft’s CoreAI organization [1] raise concerns about GitHub’s continued independence and operational neutrality. As a security‑focused project, relying solely on a platform operated by a large tech company increases risk to our codebase, contributor access, and long‑term availability. Projects such as TorProject/Tails[2], and the Linux kernel[3] maintain self-hosting code infrastructure to preserve control and resilience, we should consider the same. GrapheneOS already hosts multiple infrastructure/proxy services — we should consider doing the same for git hosting.
The solution you'd like
Migrate or mirror our repositories from GitHub to a self‑hosted git platform (examples: GitLab, Gitea).
The value to a user and who that user might be
increased project code infrastructure sovereignty, reduced dependence on a single vendor, improved resilience against unilateral policy or access changes. lower risk of repository takedown or restricted access, improved trust in project independence.
References:
[1] The Verge: GitHub just got less independent at Microsoft after CEO resignation (https://www.theverge.com/news/757461/microsoft-github-thomas-dohmke-resignation-coreai-team-transition) [2] TorProject Gitlab: https://gitlab.torproject.org/tpo/team [3] kernel.org git repository: https://git.kernel.org/
I've opened a near-duplicated issue on QubesOS/qubes-issues#10172, feel free to check it out what's their thoughts on this.
We would greatly prefer to do self-hosting. However, we don't like any of the available software much and don't want to lose the accessibility of GitHub for new contributors. If we start self-hosting something then we're quite locked into it without another major migration. It's a huge time investment.
We definitely can't do it soon because we're very understaffed and behind on many high importance things including getting pull requests merged and shipping app updates with improvements we've made. Migrating to a new platform from GitHub would be a huge time investment not only for setting up the infrastructure and moving it but also everyone moving over their stuff and learning to deal with it. It's a request for an immense amount of work to be done that's very disruptive and we cannot afford that any time soon.
What we can much more realistically do is provide a canonical source of the code via Git repositories hosted at git.grapheneos.org or something similar where people can do repo init/sync or git clones from there instead of GitHub. That is something we could potentially do in a few months when things are quieter. It will require money for setting up a new server for the long term with a massive amount of storage. We currently can't afford to burn money on extra servers and especially sysadmin time. Hosting something like GitLab is not doable right now but hosting Git repositories with web access is doable in the near future.
[3] kernel.org git repository: https://git.kernel.org/
We can do something like this soon.
[2] TorProject Gitlab: https://gitlab.torproject.org/tpo/team
Not this, we don't want to run an immense, problematic Ruby application. We already have to deal with self-hosting Matrix and Mastodon. We don't want an even bigger mess combined with everyone needing to move their stuff over there and deal with it, where issues with it then hinder development as a whole.
The requested feature of moving away from GitHub is rejected for the foreseeable future but we already did want to make a GrapheneOS hosted instance of the Git repositories for repo init/sync and git clone so that people can still do that if GitHub is down, etc. and can also obtain it from our server instead of GitHub. We can make the one on our server into the canonical one used for repo init/sync including for our own usage.
The requested feature of moving away from GitHub is rejected for the foreseeable future but we already did want to make a GrapheneOS hosted instance of the Git repositories for repo init/sync and git clone so that people can still do that if GitHub is down, etc. and can also obtain it from our server instead of GitHub. We can make the one on our server into the canonical one used for repo init/sync including for our own usage.
Sounds like a great idea! The solution will preserve infrastructure sovereignty while not causing the mess we saw in the TorProject's moves from GitHub.
Also, I want to mention that QubesOS's idea of distrusting infrastructure is also important, even for project-owned servers. Maybe mirroring by simultaneously pushing to both remotes is a better solution for adding robustness to our infrastructure than just moving everything from GitHub.
Codeberg would be an easy and viable alternative because you can use their infrastructure, but also selfhost if needed.
Not this, we don't want to run an immense, problematic Ruby application.
Nobody likes Gitlab... slow and painful to manage. Forgejo/Gitea is a golang project.
Another interesting option would be Radicle which is built on the torrenting idea so any user can be a seed of the files.
Not the most thorough research, just what i could think of on the top of my head.
Radicle is strongest for security. It is fully peer-to-peer, has no central server, and verifies all contributions cryptographically. However, it has limited discoverability, slower synchronization across peers, and weaker integration with existing development tools. Small user base, and project visibility depends on node availability.(very good when operating within adversatial networks, and countries blocking github)
Codeberg/Forgejo is best for discoverability/pupular It provides a clear web interface, an active community, compatibility with standard Git workflows, and Agit workflows. Federation via ActivityPub is currently being worked on. (Currently one of the most popular forge).
Gitlab is an open-core, bloated mess, so i would recomend agaisnt that.
