github
Signal-Server
github | Signal-Server | |
---|---|---|
30 | 200 | |
2,146 | 8,821 | |
- | 0.2% | |
3.0 | 9.8 | |
almost 3 years ago | 7 days ago | |
Java | ||
- | GNU Affero General Public License v3.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
github
-
How I Fixed GitHub's Repo Traffic Insights š ļø š
While looking for solutions, I realized that many developers face similar challenges. This issue is widely discussed, particularly in a GitHub thread: Track traffic to GitHub repo longer than 14 days #399.
-
Organizing Multiple Git Identities
Probably the older email address is still the primary one for the GitHub account.
GitHub took it upon themselves to change email addresses and author names when merging via the UI buttons like "Squash and Merge" in 2018 and then again in 2019. See <https://github.com/isaacs/github/issues/1368> for the tedious details.
Essentially the post-2019 behaviour seems to be that where possible with "Squash and Merge" they will set noreply@github as the committer so that they can sign the merged commit themselves, and set author name & email to what they have recorded for the GH account involved (and the signature is then a record that GH have verified that account's involvement).
Personally I think it is shocking that they ignore the name and email address that the actual author of the commit has selected. This is both a violation of the author's intentions -- for example, you may set work and personal email addresses in different repositories as discussed here, but GitHub will rewrite them all to the same thing when other people press "Squash and Merge" on your pull requests -- and potentially a doxxing security risk.
I have considered re-reporting this to GitHub via the newer community discussions or via support again, but given the extent to which they've ignored all such reports over the last five years it is hard to find the motivation to do so.
- GitHub prevents crawling of repository's Wiki pages ā no Google search
-
How do Commercial Open Source Startups manage GitHub insights > 14 days? Is everyone using a workaround? How are "unique" cloners and viewers kept track off?
However, there is a massive issue. Github by default truncates insights to t-14 days (where t = today). This is super annoying as there is a discontinuity in data. There is also an archived issue on Github regarding this. The issue has a whopping 119 comments and has been around for over 8 years now. Basically, from the discussions there - Data you don't persist today will be gone 14 days from now. And looks like Github hasn't done anything about it.
-
Reimplementing the Coreutils in a modern language (Rust)
> Hi, people have made money using my code and I also donāt care
looks like everyone's missing the point.
> I understand this is upsetting to you
Again, maybe I am on another level of comprehension, so I don't understanda why it is so hard for someone to get it, but I am not upset by that, at all.
I simply know that those who think "it will be fine" are delusional and don't know what they are talking about!
So I just will paste some link to relevant news here, maybe it will make things clearer.
It includes the opinion of Antirez, father of one of the most successful OSS ever: Redis. Maybe his words will open your eyes and tear the veil of Maya.
(spoiler ahead alert!)
Basically you work for free and people don't even thank you and the maintainer ends up being doxed or blamed or pushed aside and in the long term the only solution to keep sanity is to resign
https://www.jeffgeerling.com/blog/2022/burden-open-source-ma...
https://www.theregister.com/2022/01/13/opensource_apacheplc4...
https://nolanlawson.com/2017/03/05/what-it-feels-like-to-be-...
https://old.reddit.com/r/linux/comments/z14tt2/reason_why_op...
https://github.com/isaacs/github/issues/167
http://web.archive.org/web/20221217180915/http://antirez.com...
-
Git archive checksums may change
I don't know what the fuss is all about. It was publicly known that Github was breaking automatic git archives consistency for many years. Here is a bug on a project to stop relying on fake github archives (as opposed to stable git-archive(1)):
https://bugzilla.tianocore.org/show_bug.cgi?id=3099
At some point it was impossible to go a few weeks (or even days) without a github archive change (depending on which part of the "CDN" you hit), I guess they must have stabilized it at some point. Here is an old issue before GitHub had a community issue tracker:
https://github.com/isaacs/github/issues/1483
-
Keeping a Project Bisectable
Hello, I see you stepped on my favourite personal soapbox! :)
https://github.com/isaacs/github/issues/1017
I really, really like semi-linear branching/merging. I.e. always rebase-merging, but with a merge commit.
Reasons, in comparison to Github's "rebase merge" which doesn't produce a merge commit:
1. It makes it clear which commits were part of one PR
2. It makes it clear who did the merge
3. It's okay to not have every commit build. but the one being merged will.
4. Still pretty bisectable. You'll narrow things down at least to the PR that caused an issue, and from there it's usually quite simple.
5. Looks very tidy in gitk & Co
-
Documenting My Work Again: hypothes.is
Not to say that the feature isn't coming to FOSS git services.. Just that even proprietary organizations have had issues with taking a while to implement them.
-
Keyless Git signing with Sigstore!
Oh this is cool actually! Nice! One of the grievances I have with github commit signing is this issue https://github.com/isaacs/github/issues/1099
-
Attempting to transfer a repository upon resigning from a company (warning I'm a noob)
In addition, you probably want to read this discussion. https://github.com/isaacs/github/issues/1138
Signal-Server
-
Signal: Keep your phone number private with Signal usernames
> They could at least BSL the server code and allow others to verify the server code and host but not compete.
This is exactly what they do (except they use AGPL): https://github.com/signalapp/Signal-Server
-
Are Signal Notifications Encrypted ?
https://github.com/signalapp/Signal-Server/blob/main/service/src/main/java/org/whispersystems/textsecuregcm/push/APNSender.java for APNs push notification payloads
- Signal Username Commit
-
How to Selfhost Signal Server?
git clone https://github.com/signalapp/Signal-Server.git
- Childrenās data is probably being collected by messengers
- Belgorod People's Republic: "We need any fresh information on the enemy (equipment, manpower and the movement of motorized rifle companies that were sent to put out the fire) in this sector. Please only submit when YOU ARE SURE IT IS SAFE TO DO IT. Otherwise, don't post information."
-
Can't link main class in dropwizard project
yes it is available here https://github.com/signalapp/Signal-Server/blob/main/service/pom.xml
-
Signal would 'walk' from UK if Online Safety Bill undermined encryption
You could also start your own signal server, but with blackjack, and hookers
-
āI will show you how safe Telegram isā
The fact that it locks you into using their servers, does not distribute on F-Droid (only Google Play OR an APK with an insecure update mechanism), and has a completely closed-source "abusive message filter" module server side, that could functionally be used for censorship, storing messages for future decryption, or any other number of nefarious purposes - we have no idea since it's not open source (https://github.com/signalapp/Signal-Server/blob/main/.gitmod...).
Additionally, you cannot distribute branded forks or Signal, and if you do fork it, your fork is not allowed to connect to Signal's "official" OWS (open whisper systems) servers - hostility to federation should be viewed with prejudice and suspicion at the very least, it suggests a vested interest in a single point of failure (or control), which goes against user interests.
Further reading: https://drewdevault.com/2018/08/08/Signal.html
-
"The Signal client is built non-reproducibly, so you actually don't know whether it's running the source code available on Github."
Itās actually the signal server that isnāt reproducible because of the abusive message filter thatās in a private repository. Itās clear as day here: https://github.com/signalapp/Signal-Server
What are some alternatives?
Custom-Scenes - Please go to https://github.com/Notexe/h3-custom-scenes instead. Hitman 3 custom scene experimentation using ResourceTool + QuickEntity + simple-mod-framework + RPKG Tool
matrix-docker-ansible-deploy - š³ Matrix (An open network for secure, decentralized communication) server setup using Ansible and Docker
git2html - github clone of http://hssl.cs.jhu.edu/~neal/git2html/
mollyim-android - Enhanced and security-focused fork of Signal.
Monocypher - An easy to use, easy to deploy crypto library
libsignal-protocol-javascript - This library is no longer maintained. libsignal-protocol-javascript was an implementation of the Signal Protocol, written in JavaScript. It has been replaced by libsignal-clientās typesafe TypeScript API.
create-branch-from-issue - Creating branch from issue on Github, tampermonkey script
Signal-TLS-Proxy
simplex-chat - SimpleX - the first messaging network operating without user identifiers of any kind - 100% private by design! iOS, Android and desktop apps š±!
litestream - Streaming replication for SQLite.
ringrtc