There is absolutely no denying that GitHub has done a lot of good for the world, but at the same time I feel that because of their true open source foundation GitLab really listens to their community much better. On a related note, many devs are just now discovering that with GitLab you can have unlimited private or public repos hosted at GitLab.com for free. Already a number of prominent projects have made the jump for this reason alone. You can find the nascent but growing list of publicly listed projects here: https://gitlab.com/explore
In the end, strong competition is good for users and projects and the Git ecosystem will only continue to grow and benefit from it; may the friendly rivalry continue.
> You can find the nascent but growing list of publicly listed projects here: https://gitlab.com/explore
Gitlab often comes up in these discussions. Ok, it comes up every time. Several times in the past I've went and checked it out and it seems interesting except...I couldn't find any actual projects from the main gitlab.com page, aside from the gitlab CE repo itself. So thanks for posting that link!
I have to wonder why it's not more prominent. And where's the search to find repos? I regularly find useful repos on github by searching for them. Discoverability is important to me.
Quite a good point. I think, as techies, many of us focus more on the work itself, and not so much on explaining it or making it more discoverable, understood, and on showing its benefits (at least from the point of view of end-users). (As they say about product marketing - explain the benefits, not the features - though I guess that is not to be taken literally, of course the features should be explained too.). I know I need to do more work in this area myself, and am working on it.
I've been comparing Github and Gitlab over the last few weeks. Gitlab had a few more features in the web interface, which is why we chose it for a current project. Github has added these features last week, mostly thanks to pressure, which is good. Here's where Gitlab is lacking though: It's quite buggy, its API is nowhere near as good as Github's and there is no way to secure webhooks, which IMO is quite a big deal. If I'd decide today for another project I'd just pay Github 7$ a month and be done with it. In fact if we keep having issues that's exactly what we'll do - migrating in a git world is quite easy for the points mentioned in the article.
I've been quite impressed how Github has acted over the last weeks - when there's actually an outcry they're quite nimble and can react quickly. They've noticed the competition catching up and shot themselves ahead of the curve again.
We used Github enterprise at my previous job, GitLab at my current one. The only driver - GitLab is free. GitLab is painful if you have a lot of experience with Github. Feature comparison is pretty similar, but then again a feature comparison with any SVN web interface is pretty similar too.
I can't pinpoint it, but I'm much more likely to browse, review, and offer pull requests in a github instance. It's intuitive and I'm used to it.
I can't say that I'm bothered with Gitlab's interface, even though I've had much more experience with Github. It uses more colors which sometimes has the effect of making actionable clicks stand out better. Commenting on committed code is one such example, for some reason that UI feels more clear to me. Also, on github I sometimes find myself looking for the commit list, which I always find immediately on Gitlab. IMO if you're used to both UIs it's either a wash or slightly in favour of Gitlab - my issues are purely in the backend.
How trivial it is to send/accept pull-requests with Gitlab? This is one Github feature which I'm highly dependent on. Unlike Mr. Torvalds, we all aren't experts in sending and managing signed pull-requests by emails. Maybe, I'll learn that one day, but Github's features have made me quite lethargic!
If GitLab is painful to use and that causes you or your employees to spend extra time dealing with that pain, then GitLab may be free as in speech, but it is not free as in beer.
I'm sorry to hear GitLab has not been solid for you. What bugs have you been affected by? What can we improve in our API? Regarding securing webhooks do you mean https://developer.github.com/webhooks/securing/ ?
I've already opened up some issues[1]. What you point to is what I mean, in addition a reverse IP lookup is also useful to tighten security a bit [2], but it's not mandatory. Specifying a secret is IMO the easiest way to have some peace of mind when it comes to accepting hooks. Regarding the API, I mainly found the documentation more difficult to navigate. There doesn't seem a section specifically for gitlab.com, so I just have to assume that 'community edition' applies there. I haven't found a place where the API endpoint for a gitlab.com profile is described, just took a bit of trial and error - and whatever isn't documented for an API I don't like to rely on.
You're welcome, and I appreciate the response. I forgot something btw., which is actually the biggest issue I had so far: We were affected by some variant of [1].
Regarding documentation, how about referencing 'gitlab.com' on the following top level selection? [2] You could add a new box linking to the EE documentation. That was the first place where I was looking and made me stumble.
You've always been able to add collaborators to private projects. What you miss out on is the team features, which isn't very much if you have a small team.
There was a conversation about got lab last week, which prompted me to go check out Gitlab. After a good five minutes looking around their site I could not discern that it was possible to host repositories on their servers. Their entire sales pitch is about hosting your own. They need to fix that if they want any attention.
If they made their pages community oriented, and allowed for people to link their github accounts to their Gitlab accounts, then they would have a shot at stealing the hearts and minds.
If they could support forking from github that would be even better, but I bet GitHub would try to block them.
On our website we try to cater to both on-premises and SaaS users. Our homepage https://about.gitlab.com/ has 4 offerings of which one is GitLab.com, we plan to reduce this to 3 to make .com more prominent. We also have GitLab.com in the top navigation as well as a Sign In button.
Where did you look on our website and expected to find information about hosting repositories on our servers? Maybe we can add a notice there.
Self hosted gitlab is also slow unfortunately. I introduced gitlab to my company as a replacement for gitosis. It's been ok but we're looking to move to gogs.io which is a lot less clunky and slow. If gitlab really want traction, they need to fix their software to be on par with the quality of other open source offerings.
Gogs is super quick, well designed and powerful. If it has all the features you require, I highly recommend it. Rolling updates were quite simple, swap nginx from one Docker container to another and you're good to go.
That's good to hear. I've been meaning to look at Gogs again, after having first played with it in it's early days (before pull requests were available). Sounds like it's usable now. :)
On what system (resources) are you running gitlab? In my experience it is not slow. I also run a gogs instance; great for the modest resource requirements but by far no match in features and look. Both make sense imho and do not overlap much.
Projects can also be mirrored on Github[1], so even if the main repo is somewhere else (e.g. GitLab or Bitbucket) contributors can still be credited via Github[2] and the project can still get the publicity on Github.
But you can't disable pull requests and other features (at least when I last checked) which means you still have to actively manage those. This probably means handing access to the GitHub repo to your collaborators so they can click "close" if hey don't want to merge. Next to "close" there's this shiny green "merge" button. Clicking that not only merges the untested change but also adds a change to the copy which isn't in the master ... really bad.
In the PHP community we "fixed" that by being very restrictive with access to the GitHub repo and provide an extra tool (https://qa.php.net/pulls/#repo=php-src) where any contributor can comment/close PRs via a special GitHub account and GitHub API
Gitlab is a me too product whose main selling point is "not github". Github was a trailblazer that deserves its position as market leader, gitlab can make no such claim. Gitlab is a slow and clunky github clone at best.
Give me a strong reason to switch by doing something cool gitlab. Please have at-least one killer original feature that shows that you are capable of original thinking . Merely existing and throwing some free stuff at me is not a good reason for me to switch.
Do you want to live in a centralized world or one with competition? How do you support that?
I personally want to live in competition. I support that through allowing my appetites to lead me when making arbitrary choices rather than ceremonious dedication.
as a consumer, I want to feel important. I havent switched but gitlab is making me feel that way. Github makes me feel like I have no choice and Im stupid not to. What seems like the better relationship?
I wholeheartedly agree with you. A world of centralized monopolies is quite a scary prospect. Less so when they are not enforced by government, but concerning nonetheless.
Thiel's monopoly idea might encourage someone building a new repository hosting thing to focus on a particular underserved segment and get everyone in that market.
"The thing that’s always a big mistake is going after a giant market on day one because that’s typically evidence that you somehow haven’t defined the categories correctly. It normally means that there is going to be too much competition in one way or another."
You define nature? I believe nature is defined by action which is intepreted after the fact or predicted before. Naturally we can also see a community such as hacker news has an effect on the wider population but likely not as strong of one that it, as a group, wants. But hacker news isnt one group but rather many voices that may or may not have similar objectives
That is nature
Edit: you do because you are apart of it. But your beliefs can influence but do not define nature
Surely you're arguing for there to be a monopoly at any given time there - if company X does Y first, you'll always use company X's stuff (even after other companies implement Y) until another company does Z first, in which case you'll always use their stuff.
Or, more specifically - there should only be one company in the world manufacturing nuts and bolts, because you can't really create a superior nut. The first company to invent them should've won out.
Thinking that others jobs are simple is a mistake that I'm waning myself off: thinking that what others do is easy, - that they should just do this and that.
"Github was a trailblazer that deserves its position as market leader, gitlab can make no such claim."
The idea of first mover advantage is not that we all get together to recognize the first mover and give it our business because we are so impressed by it's first moving ;)
I don't like that a company like GitHub has access to all my code and things which may include personal information (I sometimes type things in LaTeX and put it under version control). Running GitLab on my server brings my code under my control. Sounds fair? It's the same reason why some people refuse to use Google services like calendar or photos even though they offer convenience.
Agreed. I think github enterprise is worth it for companies, just like I think a Jira instance is a no-brainer.
For personal/private, I'm perfectly OK with whatever open source solutions are available.
I think it would be a good thing if GitLab or another project could compete with GitHub, but I think we're another year/product from really getting there.
> Github was a trailblazer that deserves its position as market leader
... GitHub was "SourceForge, but with git".
I mean, I love the product too but let's not oversell things. Free source code hosting and development tools with an enterprise upsell were an established market for a decade before GitHub showed up. They did it better, but I think "trailblazing" is a bit much.
And social networking features, which have proven to be its gold egg imho. Like the article mentions, Github has for many become a defacto showcase for your body of work.
The killer feature is open source which allows an excellent channel for the community to get what they want one way or another. Gitlab CI is pretty awesome too, we'll see what other surprises come out in the next release.
Everybody will have different reasons. Free private repositories is a damn pretty compelling reason for me and I suspect many others.
It isn't even the free part that matters, it is that you can create a new project or add a friend without having to mentally think about how many projects/collaborators you have left.
From the article: "I wrote "your data is accessible", but actually I should rather write "your data is currently accessible". Theoretically, nothing prevents GitHub from removing programmatic access to parts of the data they host."
Do their terms of service permit them to do that? Unfortunately, yes: "GitHub reserves the right at any time to modify or discontinue, temporarily or permanently, your access to the API (or any part thereof) with or without notice. ... GitHub, in its sole discretion, has the right to suspend or terminate your account and refuse any and all current or future use of the Service, or any other GitHub service, for any reason at any time. Such termination of the Service will result in the deactivation or deletion of your Account or your access to your Account, and the forfeiture and relinquishment of all Content in your Account. GitHub reserves the right to refuse service to anyone for any reason at any time. In the event that GitHub takes action to suspend or terminate an account, we will make a reasonable effort to provide the affected account owner with a copy of their account contents upon request, unless the account was suspended or terminated due to unlawful conduct."
That's a problem. A management change at Github could have a big effect on open source software. This isn't a theoretical issue; Google Code was shut down, and Sourceforge turned to the dark side and started bundling adware with downloads.
It would be useful if a nonprofit such as the Internet Archive or the Wikimedia Foundation mirrored Github periodically. Just in case Github management got uppity.
"github-backup [...] backs up everything GitHub publishes about the repository, including branches, tags, other forks, issues, comments, wikis, milestones, pull requests, watchers, and stars."
Can you put the data back again, though? Last I saw it wasn't possible to use the API to, e.g., add issues owned by someone else. (I was wanting to migrate mailing list archives off SourceForge.)
"A competitor willing to make it easy for GitHub project maintainers to migrate to their services could actually make use of GitHub APIs and provide an automated migration system."
This is what we did at GitLab, you can import multiple projects with repos, wikis, issues and pull requests in one go.
I like Github, but I've had Gitlab repos for a few years because they allow me to keep some projects "off the books" without having to pay. So, thank you again for this.
I've also used your CI, which is great. I've recommended it to a few clients, so thank you again!
You guys have done a great job for the community and I wish you all the best!
Most articles bashing/unbashing github always forget what to me is the real point. The problem is not in the git part of GitHub.
GitHub is a social network: star, fork, comment, popularity. The fact that some devs would see github as the only place to be to get to make their contributions "public" it is acting more as a social network and less about a git hosting tool. That's the real lock-in.
That's also GitHub's value. It is the largest social network of developers.
One thing I'm missing in the whole gitlab/github hosted discussion is how big is the chance that gitlab will fail where github will succeed because github actually has a lot more income because they charge for the private repos?
In the longer term this may be a deciding factor, but if enough people that right now pay for github move to gitlab the balance will shift to the point where gitlab won't be able to deal with the amount of free users and gitlab will fail because they no longer have enough paying users...
It's hard to compete with free, but it is also hard to sustain free.
As many open source projects have demonstrated, even if the company backing the project fails, if the community is strong, the project will continue to evolve. Same can not be said for Github. Gitlab while does provide free sass services, their servers are notorious in terms of reliability. Many Gitlab users like it because we want to host the application ourselves. There was always bitbucket for free private repos. People are not moving because it is free, they move because they have great control over their code base.
"Vendor Lock-in" is a meaningless phrase if you start applying it to GitHub. You're talking about competition. GitHub competes and people like it a lot. That's not a lock-in.
Your business won't end if you switch to bitbucket. A developer might grump at you for a day. Big deal.
Microsoft, IBM, Oracle, etc. They're the ones with a lock-in. They could go into a corporate coma and money would still print itself and climb into their pockets for the next 20-years.
Work's blessed me with an MSDN Enterprise subscription, so I get some extra bells and whistles. Discounting the extras, it's a hosted version of TFS for free (for five developers + unlimited "stakeholders"). Which is great if you have bug bears about GitHub's issue tracking.
It's not going to replace GitHub for me, yet. I think Microsoft said it themselves when they started hosting projects on GitHub instead of Codeplex: "GitHub is where the community is."
EDIT: I should say, VSO/VSTS is really focused towards .NET development. It has some special Java support, too, and beyond that it's general purpose enough to work with other languages.
This is do awesome. 3$ per developer per month and the Ui looks great!
One place where people screw up in git hosting is the issues or navigation. I can't wait to try this out. The community features of github are unimportant for a private repo.
Hard to say since every tool out there moves very fast and we're just building what we think our users want. Overall my personal opinion is the "pull request" model is flawed for businesses but great for open source. Phabricator doesn't serve two masters in that regard. This means we focus more on developer efficiency and code quality. Tools like arcanist are harder to convince people to adopt, but save me personally a few hours each week. (Arcanist does pre-commit lint, unit, and patch emitting). Other tools like Herald (business actions!) and Owners (claim you own code!) are also highly useful at scale.
I don't know. The homepage of Phabricator doesn't give me the impression the developers take the task of building a corporate collaboration tool very seriously.
Sounds like you might prefer the Serious Business Edition(TM) [1] of Phabricator. I don't fault them for having a little fun/being irreverent (or as they call it:'flavor'), but it's a config setting you can toggle on your deployment, seriously [1]
Not sure what you mean, I've always billed it as an internal tools platform since it's our intent to have it do everything you need. (bugs, repo, review, kanban, wiki, chat, etc)
> GitHub is, in my opinion, an "ethical" proprietary software company, if such thing can exist
If that were true, they would not have embarked upon a Thought Police crusade like this one:
https://news.ycombinator.com/item?id=9966118
"Github threatens to shut down a repository for using the word 'retard'"
The fact that they bother to go on crusades like that affirms to me that GitHub is indeed operating according to an "ethical" framework—just not one I share.
You're not doing anyone any favors by assuming 'toxicity' is a measurable quantity or that you've sufficiently developed a Theory of Toxicity such that you can ascribe relative values to specific words.
Lock-in or not, it's hard to see what is compelling about GitHub in the first place. I agree with Torvalds that pull request are a horrible and bureaucratic way of submitting patches.
Possibly that is what people like about GitHub: Leave an audit trail of your activities, do a lot of doc fixes to have better statistics...
Perhaps the following quote of pg also applies to GitHub:
"Object-oriented programming generates a lot of what looks like work. Back in the days of fanfold, there was a type of programmer who would only put five or ten lines of code on a page, preceded by twenty lines of elaborately formatted comments. Object-oriented programming is like crack for these people: it lets you incorporate all this scaffolding right into your source code. Something that a Lisp hacker might handle by pushing a symbol onto a list becomes a whole file of classes and methods. So it is a good tool if you want to convince yourself, or someone else, that you are doing a lot of work."
I'm really surprised that Github hasn't done what Stackoverflow does, and advertise jobs. They have an awesome knowledge of the skills of their users up front.
Happy to be locked in to github. There is a tipping point where value gained exceeds the risk of vendor lockin, and in my case there is no question the benefits outweight the risk.
With the risk of sounding overly critical, I really can't understand why people get so emotional about software. Github isn't a public utility company and so isn't obliged to provide free services to anyone or cater specifically to the needs of one group of users, if they do so it is by their own choice and because it helps them to fulfill their monetary goals (making money is the main purpose of a for-profit company). Also, I can't see any significant lock-in effects at work here.
Personally, I have several dozens software projects: Some of them are on Github, some on Bitbucket, some run on a custom Gitlab instance and some are plain git repositories on some Linux server. I think we have more choices for hosting code projects today than we had ever before, it's just that like in many other markets there is a power law at work which makes that one player has 90 % market share, this doesn't automatically mean that the largest player has a monopoly on source code hosting though.
As the author says, the fact that the software Github provides is affordable, convenient and works very well is probably the only lock-in there is, and this kind of quality-based lock-in is actually desirable in my opinion. What would not be acceptable to me is a lock-in based on the fact that your data is stored somewhere from where it's very hard/impossible to get out (SAP comes to mind), this isn't the case for Github though.
In the end, strong competition is good for users and projects and the Git ecosystem will only continue to grow and benefit from it; may the friendly rivalry continue.