HardenedBSD Is Now Officially on Radicle
Comments
jgtrosh
dmos62
Radicle is pretty cool.
> Radicle’s Collaborative Objects (COBs) provide Radicle’s social primitive. This enables features such as issues, discussions and code review to be implemented as Git objects. Developers can extend Radicle’s capabilities to build any kind of collaboration flow they see fit.
donatj
I know I'm not supposed to make jokes, this is not reddit, but you might even say it's pretty radical.
dmos62
I think apologetic jokes are very on point for HN, so no worries!
bombcar
I was just wondering in another thread how much you could do storing things in git itself.
heresie-dabord
If it helps:
There is no an explanation of what Radicle is/does in the announcement.
lorenzleutgeb
For the reason of hbsd moving, see https://bsd.network/@HardenedBSD/116437657126172879
hobofan
So instead of their self-hosted Gitlab instance being hammered, now their self-hosted Radicle instance will be hammered (and if they are lucky some of the other seeders will tank some of the load)?
I'm not sure that this will actually solve the problem. This seems more like a facade for a move they wanted to do anyways.
QuantumNomad_
> This seems more like a facade for a move they wanted to do anyways.
Not even a facade really. They say this further down in the thread:
> Given our previously communicated desire to migrate to #Radicle, this is a good motivating factor for moving in that direction.
Skinney
The load will be spread across the network, but I guess the main benefit is that everything continues working even though HardenedBSDs official seed is down.
Every user has their own node, and everyone's node talks to several seed nodes. Even if the official HardenedBSD seed is down, there's still going to be another node to sync with.
hobofan
Does that actually work out in practice? Do you/someone here have experience with that in Radicle?
IPFS in theory has a similar model, but in practice I've mostly found that if the original seeder goes away, at least part of a dataset becomes inaccessible.
pessimizer
I think the difference between source repos and arbitrary data objects (which are as often as not images or videos) is that people tend to mirror repos locally indefinitely, especially if it's a local cache of something that they're repeatedly using as a dependency for other software that they develop.
If anything is good for the bittorrent model, it's git/source control. Movies and images get moved to different drives or deleted, movies become far less worthy of keeping after being watched, and images may have never been useful to the person mirroring them anyway; just a favor they were doing for a site they like. Source code sits, and source code continues to be used. If I understand correctly, Radicle works as your local git server, too.
The question is whether people will dedicate a little bit of bandwidth to seeding, but I don't think it's a serious question. It's a cheap and easy thing to do if you want to help FOSS, and it's obviously a good and a nice thing to do. It's not like you're seeding stuff that you don't know what it is, or why it is useful.
And, again, they can keep a seed up indefinitely. But they don't need to have either great uptime or great bandwidth.
Skinney
I'm not doing anything huge, but my local radicle node is connected to ten other nodes at present, one of which is my own hetzner-hosted seed. Even if half of these go down, I still have full access to all the repos I follow.
sunshine-o
Yes they have been looking into decentralized technologies like mesh networking, reticulum, etc. for a while now.
My guess is the model is let the Github mirror repo be hit by bots and just do the dev work on the Radicle node.
- [0] https://hardenedbsd.org/article/shawn-webb/2024-09-23/harden...
sunshine-o
Radicle is a legit project that has been around for at least 5 years trying to solve a pretty hard problem.
With the awareness of the dangers of Github growing they could really start gaining traction but from what I understand they still have a big problem: you can host a node, the web UI and create repos, link it to your website but it will be hard for people to find your project and code. You are on the internet, but not on the visible one.
Radicle do have a search engine [0] but it won't return anything if you look for HardenedBSD. And maybe it is not Radicle role to provide the front door and code search infrastructure (I am pretty sure they to not have the money to support it).
So my guess is key to decentralized code forges, whether it is Radicle, Gitea or Forgego instances, really miss the search infrastructure today.
I am pretty sure HardenedBSD will keep mirrors on Github and Gitlab to stay "visible" to the broader Internet but what happen the day they have to leave because of some incompatibility with those corporations user agreement?
iamnothere
Seems like a good opportunity for someone to build a project gateway for discovering projects on Radicle, cross-project code and issue search, etc.
This could also be an indexer that runs locally, although I don’t know how you would find unreplicated peers for indexing. I wonder if they have considered DHT or similar for announcement.
Edit: looks like they ruled out DHT in the context of advertising repositories because they want replication to be opt-in, likely to avoid replicating objectionable material, but I still think it’s a good idea for advertising nodes more generally. The curious could then use the list of nodes for indexing.
Skinney
Wouldn't people discover HardenedBSD via google and then find the link to the code via the website?
I've personally never discovered projects through Github.
0x6c6f6c
Many people do use GitHub for this. There are even Android app stores hinged around searching and installing release APKs.
The social connectivity and discoverability in github is a big reason many people use it. Can't say how many, but it is.
SoftTalker
I don't think I've ever searched for anything on github. I always follow a link.
fhn
that's something you tell your interviewer
esseph
Seems silly. I sure wouldn't not hire someone because of that. Might as well be concerned they have a green toothbrush instead of a blue.
kombine
I recently had to onboard multiple computer vision datasets each with their own conventions to store camera parameters, depth maps etc. Searching for open source repositories on GitHub that implement data loading for these datasets was extremely helpful. In fact, these days I use code search on GitHub more often than Google search.
Even though I moved some of my personal repos to Codeberg I believe there needs to be a centralised way of searching in open source code.
DANmode
> maybe it is not Radicle role to provide the front door and code search infrastructure
Why would it be? =]
mkl
> Radicle is an open source, peer-to-peer code collaboration stack built on Git. Unlike centralized code hosting platforms, there is no single entity controlling the network. Repositories are replicated across peers in a decentralized manner, and users are in full control of their data and workflow. - https://radicle.dev/
There seems to be no way to get this kind of information from the radicle.network link in this article. Clicking the logo in the top left takes you to a page that just says "A public node run by the Radicle team", which is totally uninformative.
csomar
This is what I am getting
> Could not connect to rad.hardenedbsd.org The node may be offline or the address may be incorrect. Select a different node to continue.
h4kunamata
That is a bad architecture then, it should be able to identify the node is offline on its own, and connect to the next node available, either by region or speed.
kernalix7
Codeberg / Forgejo are also out there as less radical alternatives, so the choice space isn't binary. But the discoverability gap is real, and so is the loss of all the surrounding infrastructure people don't always think about. CI runners, release hosting, container registry, security advisories. You can replace each of those individually, but doing it all at once is a significant maintenance burden for projects with limited maintainer time.
ramon156
In this scenario, how does p2p compare to ATProto? The downside of both is that you still need high available servers
Skinney
Radicle is local-first, so you can create issues and patches (pull requests) even when offline. It will sync when you're back online.
Also, my understanding is that ATProto is relatively centralized in practice, wheras in radicle every node is sort of equal.
fc417fc802
I don't think so? In the case of p2p (including radicle) you can run multiple not-so-reliable nodes. Of course that won't work for serving up a web frontend but that's distinct from the git repo itself.
chungy
Is Radicle an alternative to Fossil?
balou23
It seems to have similar ideas, but two big differences seem to be that 1. it's based on git 2. more focus on a truly decentralized p2p architecture
h4kunamata
Why hate yourself when you have Codeberg or its self hosted Forgejo??
In today's society, there is no much if anything trully peer-to-peer.
They are either trying to make AI PRs harder to happen or idk
LuckyBuddy
[dead]
I was not aware of Radicle; it's a truly peer-to-peer Git forge which aims to guarantee commits are signed by current maintainers (among, I suppose, other goals).
The article mentions an us and a you, but I feel like it would have been an useful occasion to explain why move (from where?) and why Radicle. Maybe this was already discussed elsewhere?
I suppose similar discussions regarding GitHub are happening today and could explain why this was posted to HN.