Response from Martin Woodward, GitHub’s VP of Developer Relations:

Sorry for the inconvenience @koepnick - while searching across all repos has required being logged in for a long time, when we enhanced the search capabilities earlier in the 2023 we had to extend this to repos as well (see https://github.blog/changelog/2023-06-07-code-search-now-requires-login/).

This is primarily to ensure we can support the load for developers on GitHub and help protect the servers from being overwhelmed by anonymous requests from bots etc.

    • treadful@lemmy.zip
      link
      fedilink
      English
      arrow-up
      24
      arrow-down
      1
      ·
      11 months ago

      It’s okay. We need to move some shit off GH anyway. They’re basically a monopoly on FLOSS code.

        • AVincentInSpace
          link
          fedilink
          English
          arrow-up
          12
          arrow-down
          3
          ·
          edit-2
          11 months ago

          Yeah? When was the last time you clicked on a “Source Code” link and got anything other than a link to GitHub or a direct download of a tarball?

          Sure, alternatives exist – I could name half a dozen right now – but no one uses 'em.

        • OsrsNeedsF2P@lemmy.ml
          link
          fedilink
          arrow-up
          10
          arrow-down
          1
          ·
          11 months ago

          It’s 10-20x more searched for than Gitlab, and even more compared to smaller alternatives

          • El Barto@lemmy.world
            link
            fedilink
            arrow-up
            6
            arrow-down
            2
            ·
            edit-2
            11 months ago

            Ok. But alternatives exist and users have choice. If Github fucks up tomorrow, a user exodus can be triggered just like that. It’s not too hard to migrate from it.

            Plus the open source code space is vast. Huge. And the means of distributing it are quite diverse.

  • sexy_peach@feddit.de
    link
    fedilink
    arrow-up
    59
    arrow-down
    5
    ·
    11 months ago

    Microsoft is terrible. Remember they also require you to use a Microsoft account for Minecraft now. Fuck this company so much

    • chameleon@kbin.social
      link
      fedilink
      arrow-up
      28
      ·
      11 months ago

      And they’re also deleting/deleted all classic Minecraft accounts from before that. They invented an incredibly weird and needlessly obtuse process to extend the migration deadline by 3 months (true final deadline is now mid December 2023), but that’s seemingly it. Everyone not paying too much attention to their email just gets $30 worth of game deleted because of a completely arbitrary decision.

          • can@sh.itjust.works
            link
            fedilink
            arrow-up
            2
            ·
            11 months ago

            Well that’s some bs. I haven’t played in a while but the principle of it still bothers me. Especially since I’d have never known if not for reading this thread.

      • BlueBockser@programming.dev
        link
        fedilink
        arrow-up
        2
        arrow-down
        1
        ·
        11 months ago

        Anyone without access to their old email also loses their account. I don’t remember which email address I used with my account back in the day (it’s at least ten years old), and since I bought my key from a reseller, I don’t have a receipt. Microsofts response was basically “not our problem, guess you’ll have to pay us again ¯\_(ツ)_/¯”

        • beetus@lemmy.world
          link
          fedilink
          arrow-up
          2
          ·
          edit-2
          11 months ago

          But this is true for literally anything that requires email verification to login with?

          I think msft is scummy here but let’s not pretend it’s unusual that a company isn’t going to help you if you can’t access your email to verify your ownership.

          If I lose access to my Gmail account and am unable to login to Amazon bc of that Amazon ain’t going to help me.

          • BlueBockser@programming.dev
            link
            fedilink
            arrow-up
            4
            arrow-down
            1
            ·
            11 months ago

            In Minecraft’s case, you never needed the email address beyond initial registration. Login was always through username and password, which I still have. Had I actually forgotten my credentials, that would’ve been fair, but I didn’t. They just suddenly decided that that wasn’t enough and they now want some ancient email address that little me had typed in once over ten years ago.

    • THCDenton@lemmy.world
      link
      fedilink
      arrow-up
      8
      ·
      11 months ago

      I just let my mincraft license lapse instead of migrating. Fuck em I’ll pirate it from now on.

  • jmcs@discuss.tchncs.de
    link
    fedilink
    English
    arrow-up
    49
    arrow-down
    8
    ·
    11 months ago

    This is primarily to ensure we can support the load for developers on GitHub and help protect the servers from being overwhelmed by anonymous requests from bots etc.

    So, Azure’s bot protection is crap. Good to know.

    • satan@r.nf
      link
      fedilink
      English
      arrow-up
      30
      arrow-down
      4
      ·
      11 months ago

      People who haven’t hosted anything bigger than a two digit daily visitors tells Microsoft how bad their bots protection is.

    • detalferous@lemm.ee
      link
      fedilink
      arrow-up
      10
      arrow-down
      4
      ·
      11 months ago

      Google can accommodate billions of searches globally on pages it doesn’t control

      Microsoft can’t index a tiny fraction of that number, even for it’s own users.

      What a black eye for Microsoft engineering.

  • TootSweet@lemmy.world
    link
    fedilink
    English
    arrow-up
    32
    arrow-down
    1
    ·
    11 months ago

    I migrated a few code repositories from Github to GitLab literally the same day it was announced that Microsoft was acquiring Github.

    The only regret I have is not evaluating a few other options like Codeberg or whatever. But GitLab’s much better than Github.

    • ISOmorph@feddit.de
      link
      fedilink
      arrow-up
      18
      ·
      11 months ago

      Gitlab requiring a phone number verified account to report bugs kinda turned me off of that platform. Never used Codeberg but heard good things.

      • corsicanguppy@lemmy.ca
        link
        fedilink
        arrow-up
        7
        ·
        11 months ago

        I don’t have a (usable) phone number.

        I’ve reported bugs.

        I’ve contributed code.

        How did I skate?

      • twei@feddit.de
        link
        fedilink
        arrow-up
        2
        ·
        11 months ago

        Codeberg is awesome, it’s just like github but open source and self-hostable (forgejo)

    • cbarrick@lemmy.world
      link
      fedilink
      English
      arrow-up
      13
      ·
      11 months ago

      Searching across repos was disabled for anonymous visitors in 2016.

      Searching within a repo was disabled for anonymous visitors in 2023.

    • btp@kbin.socialOP
      link
      fedilink
      arrow-up
      30
      arrow-down
      5
      ·
      11 months ago

      I think it kind of flies in the face of what Open Source Software should be. They’re walling off code behind accounts in the Microsoft ecosystem.

      • sparky@lemmy.federate.cc@lemmy.federate.cc
        link
        fedilink
        arrow-up
        13
        arrow-down
        1
        ·
        11 months ago

        I think it’s kind of a slippery slope; but I don’t think the search itself being login walled is apocalyptic. As long as anonymous users can clone the repositories and browse the code, I can kind of understand why they don’t want to pay to run an elastic search cluster for bots’ benefit. Presumably in-repo search could be done locally by scrapers’ hardware.

        But if it turns into “login to view this repository” then GitHub will have turned evil.

      • i_am_not_a_robot@discuss.tchncs.de
        link
        fedilink
        English
        arrow-up
        8
        ·
        11 months ago

        They’re not walling off any code. They’re restricting use of their server-side search resources. Other repository hosting services don’t have code search at all.

      • phillaholic@lemm.ee
        link
        fedilink
        arrow-up
        4
        arrow-down
        8
        ·
        11 months ago

        It’s more gating off than walling. If it keeps access and usage free I’m ok with it.

    • orcrist@lemm.ee
      link
      fedilink
      arrow-up
      9
      arrow-down
      2
      ·
      11 months ago

      It is a betrayal to the developers who put our projects up there. We wanted everything to be freely accessible, and of course this is just another step in enshittification of the service. Remember that many of us have small projects with few viewers, and we know that the extra burden on the server side isn’t even measurable. Yet our work is less accessible.

      • andreluis034@lm.put.tf
        link
        fedilink
        arrow-up
        4
        arrow-down
        1
        ·
        11 months ago

        The code is still accessible, you just can’t use the code search function in the web, which normal git doesn’t have anyway.

        • orcrist@lemm.ee
          link
          fedilink
          arrow-up
          1
          ·
          11 months ago

          Yes, precisely. They built a useful feature and are now trying to wall off the garden. Enshittification.

    • SheeEttin@lemmy.world
      link
      fedilink
      English
      arrow-up
      8
      arrow-down
      1
      ·
      11 months ago

      On its own, it’s not. But it’s going to be one step on the path to shit-town.

  • voxel@sopuli.xyz
    link
    fedilink
    arrow-up
    5
    ·
    11 months ago

    I’m pretty sure this only applies to non-indexed repos right?
    indexing is a very expensive process and usually takes 5-10 minutes for repos with 10k+ lines, and letting non-registered users start it is not the best idea in the first place

  • fubarx@lemmy.ml
    link
    fedilink
    arrow-up
    11
    arrow-down
    8
    ·
    11 months ago

    This has been around for a while. It may be so they can track and throttle LLMs hovering up public code repos.

    Either way, it’s a meh. Not sure why anyone would want to clutch their pearls over this. For those who need it, self-hosted gitlab is available.

    • library_napper@monyet.cc
      link
      fedilink
      arrow-up
      2
      arrow-down
      1
      ·
      edit-2
      11 months ago

      Skewed stats much? Most people in the world dont have a github account. So it impacts 100% of non-user visitors

  • cybersandwich@lemmy.world
    link
    fedilink
    arrow-up
    5
    arrow-down
    12
    ·
    11 months ago

    I like GitHub. Microsoft has been a pretty good steward of it since they bought it. This change isn’t a big deal to me. They are probably doing it to limit AI LLM bots from hoovering up the code theyve already hoovered up.

    GitHub pages is really nice too.

    • OsrsNeedsF2P@lemmy.ml
      link
      fedilink
      arrow-up
      4
      ·
      11 months ago

      They are probably doing it to limit AI LLM bots from hoovering up the code they’ve already hoovered up.

      Why is this a bad thing, when M$ is already training on it themselves? If your code is permissively licensed, it seems logical or even desired to be scraped for LLMs

      • cybersandwich@lemmy.world
        link
        fedilink
        arrow-up
        2
        ·
        11 months ago

        It’s not a bad thing. I was just saying that’s probably why they are doing it.

        Everyone is getting super protective about “their” data now.

        Oh yea, GitHub copilot is pretty nice too. (trained on all those repos!)

        I realize this is a “hate on GitHub” thread so I’m gonna get downvoted for this post too but it does everything I need it to do, the documentation is fantastic, and it’s the “defacto” repo for a lot of stuff.