Discussion
Loading...
Post
@thibaultamartin @Codeberg @forgejo Some government agencies may have legitimate reasons for wanting to keep source code private -- for example, law enforcement agencies developing bespoke tools for particular, non-public investigations. Codeberg doesn't seem like the place for that.
@thibaultamartin @Codeberg @forgejo Technical and non-technical reasons. Codeberg itself is unsuited because they don't offer SLAs etc. Also too much downtime (which is expected by a project that's working with such a constrained budget, they're doing amazing work given all those restrictions!)
From a technical PoV: AFAIK Forgejo's Orgs are "good enough" for cloud SaaS offerings. On GitHub, e.g., you can enforce certain security restrictions and logins for everyone interacting within their org etc.
So the only way would be to actually host an instance for every govt client so you can put the whole instance behind your orgs SSO etc.
@thibaultamartin @Codeberg @forgejo There are people interested in using @forgejo in the French public sector: see this workshop recently held (as in "March 2025") on this topic: https://code.gouv.fr/fr/bluehats/forgeons-2025/
@thibaultamartin @Codeberg @forgejo "CI access is provided as-is and might break at any time and for an undefined period of time, due to server issues, for testing and maintenance purpose or human error." I think this is a big problem for mainstream use. https://docs.codeberg.org/ci/#using-codeberg's-instance-of-woodpecker-ci
@thibaultamartin @Codeberg @forgejo
I would also love to see governmental and public service organisations use and contribute to @forgejo . But @Codeberg is an organisation by and for individual enthusiasts and I don't think they would be interested in setting up the kind of service agreements that would be required (I'm a member, but I don't speak for Codeberg, not on the board or anything).
When forge federation gets better, I think most orgs should have their own vcs forge.
@thibaultamartin @Codeberg @forgejo it's not only GitHub. Why is Slack used, or Discord. There are even big open source communities on Reddit. All proprietary shit
@thibaultamartin @Codeberg @forgejo @stereo for the German public sector there is Opencode: https://opencode.de/de
I assume there are similar projects in each state and probably one hosted by the EU that I‘m not aware of.
@daftwullie @thibaultamartin @Codeberg @forgejo @stereo FWIW there is https://code.europa.eu which hosts code from the EU Open Source Program Office.
Thanks! I know about https://code.gouv.fr for France too (and off the top of my head @bzg also had repos on SourceHut)
But I think the European public sector could get the most of open source by getting behind a common project and hosting organization, and fund its maintenance :)
@thibaultamartin @Codeberg I think one of the biggest issue is that funding nonprofits as public sector is hard.
1. Because its hard to get budget to donate, usually you offer grants or have contract law that requires you to do calls for bids
2. Once you manage to give some money to anyone you are not legally needed to, it's the first on the chopping block.
@thibaultamartin @Codeberg @forgejo I think the main issues are around federation, i.e. how can individuals and organizations retain an efficient login and commenting mechanism across many instances.
Another example is GitHub's centralized notification system and project management: How can federated instances provide the same experience across many individual instances w/ Forgejo?
Thanks! I appreciate this might be an issue in a fragmented ecosystem, but would it be a problem if the public sector agreed on using a specific instance?
Be it @Codeberg, if they agreed to, or an instance specifically set up by and for the public sector.
@thibaultamartin @Codeberg @forgejo
I think that the public sector should run its own federated infrastructures. For instance:
I think that the public sector should run its own federated infrastructures. For instance:
* Email
* Git hosting
* Social media
The public sector can be enormous, just look at "alphagov" on GitHub... 1700 repos and counting. I think on a governmental level, a country should run its own Git platform, not use Codeberg.
Other opinions welcome!!
@thibaultamartin For public releases it should be fine, but compliance/certification may be an issue depending on policies/decisions. There's the issue of developer privacy, but that applies to both.
For actual development: imo, codeberg is not "solid" enough *yet*.
Aha I’m not sure I see what compliance issue come with it? Would love to hear more about it.
What do you think is missing to make Forgejo or Codeberg solid enough to host development of public sector projects?
@thibaultamartin If there are private projects and other projects that run with "full policy", that may require compliance that Codeberg doesn't have, and would have a hard time achieving and maintaining. One of the "bigger" examples would be "BSI IT-Grundschutz".
Those policies should be questioned, but they're a thing...
Oooh I see! Thanks @promovicz :)
What do you think would be the happiest path for the European public sector to soften its dependency to GitHub?
@thibaultamartin I think that those policies need to be reconsidered and adapted from both sides. Politics tends against it right now, so it may be a time where the "open-source" side has to take initiative. Someone needs to propose new ideas to the administration in the right places - and there's a social component to it, because this asks questions about "functioning of state". The Chaos/CCC crowd has a surprising reach among state admins, and never used it very well imo (i was involved).
bonfire.cafe
A space for Bonfire maintainers and contributors to communicate
Automatic federation enabled