cross-posted from: https://lemmy.ml/post/45529149
Here is the message where he found out what happened:
I didn’t receive any information about it but when creating a support ticket I was told my account has been flagged and I had to do some extra verification. I’ve created a support ticket now and will keep you posted. I’ll believe it’s nothing major though, I use 2FA everywhere, the last commit on all repos is what I expect, and all sessions and usages look fine
Absolutely fuck Github and Microslop, they can just vanish your projects without notice whenever they want with barely any justification for it, and then take their sweet time to fix it too.
Self host your own code repo. Forgejo is adding activitypub and federation features, not sure how far long they are, but someday if enough people start self-hosting we might have a viable decentralized way to collaborate on and contribute to each others’ projects.
The scraping/bandwidth abuse problem can easily be worked around.
But there still are actual good reasons to not host a public forge.
For example, as long as pull requests are allowed (which is required for actual contributors), anyone can abuse the PR feature to fork your repository, then start pushing random shit into their fork (since the fork is an actual separate git repository).
Bad actors can do it on github all they want, it’s not my storage, not my server used to host potentially illegal content.
Self-hosting public services where you are the only authenticated user and sole publisher of content is easy (using your public forge as a mirror with account creation disabled is fine), hosting other’s people content is another can of worms. Think twice before you do that.
how?
anubis does not protect the APIs, and it cannot protect against bot traffic coming from many different residential proxies
With AI search engines hosting public repo is very expensive.
Because of the AI-induced scraping traffic? While not perfect, Anubis and similar are coarse-but-effective solutions for self-hosting repos.
And if it it were acceptable to outsource such protection to a CDN (eg Cloudflare) in order to retain firm control over the repo, then that’s a choice that’s also available. Not everyone agrees that CDNs have a role in self-hosting – fair enough – but when a project’s very repo and existence can be wiped off the internet, owning a domain name and the affirmative upstream repository is a tractable and intermediate goal, even if it doesn’t achieve full independence.
Self hosting is an exercise in harm reduction.