- 2 Posts
- 5 Comments
One of the main problems is that this is targeted at forks to limit their possibility (Since you can’t really technically call it something else following the license, and they may come after you via trademarks if you retain it).
OnlyOffice also do this, they prevent changing specific logo use (via sketch interpretation of the AGPLv3) then also prohibit you from using their logo.
I generally look over the project repo and site to see if there’s any flags raised like those I talk about here.
Upon that, I glance over the codebase, check it’s maintained and will look for certain signs like tests and (for apps with a web UI) the main template files used for things like if care has been taken not to include random analytics or external files by default. I’ll get a feel for the quality of the code and maintenance during this. I generally wouldn’t do a full audit or anything though. With modern software it’s hard to fully track and understand a project, especially when it’ll rely on many other dependencies. There’s always an element of trust, and that’s the case regardless of being FOSS or not. It’s just that FOSS provides more opportunities for folks to see the code when needed/desired.
Just to contrast with some of the other comments regarding this, i’ve have a pretty good experience with this. Was fairly simple to setup up some docker-based runnings following their admin guidance. Have set up a couple (One for Codeberg, one for my own Forgejo instance) each via a seperate LXC container on my home lab. Has been relatively simple to administer so far.
The actions format may take some getting used to if not familiar with GitHub’s own actions CI, which if closely emulates, but most of my projects were coming from GitHub anyway.
Just be aware that, while it’s marketed as open source, from my last look into the project the open part relied on non-open licensing/code. More details in my blogpost here. Might not matter to some, but might matter if being open source is an important factor.
Just might want to be aware they have tens of millions in VC funding, and I’ve also seen them manipulate self-promotion on Reddit like here.