SourceForge: Let's hold hands in a post-CodePlex world
Disappearing platforms problem
SourceForge wants tighter ties with other code repositories following Microsoft’s decision to shutter CodePlex.
President Logan Abbott has said he’ll seek tighter integration between SourceForge’s tools and those of others – including giant rival GitHub.
Abbot was speaking after Microsoft announced the closure of its open-source-repo CodePlex on December 15 after 11 years trying to tempt Penguins. CodePlex dates from 2006, the start of Microsoft’s long-term attempt to woo open-sourcers, having just fought outright war against them.
Since 2015, though, Microsoft’s been posting its projects to rival GitHub. Microsoft reckoned on a substantial drop in legitimate use of CodePlex accompanied by a growing epidemic of spam.
In 2015, ads flinger Google closed its own Code Project Hosting site, also created in 2006, citing the existence of other, better services.
Despite the benefits of orphaned projects migrating to SourceForge, Abbott sounds concerned that these closures mean reduced choice for developers. Fewer choices poses a risk should any of the remainder go dark.
Those still standing include GitHub, Bitbucket, Codeplane and Beanstalk.
“We think it’s better when people have options,” Abbott told The Reg. “SourceForge is not going to turn into an integration hub, we want people to have more options. We will be upgrading the [SourceForge] back end and developer tools and we will be looking at integration with these other code repositories so people aren’t so dependent on one platform.
“GitHub is the 500-pound gorilla in the room for sure, but it’s not healthy when everybody is considering the same one, two or three repos. I’d have liked to see Google and CodePlex stick around but there are others – I’d like to see more of a parity between these platforms. It’s not good when everyone’s eggs are in the same basket.”
Attention on integration will come following an overhaul of the SourceForge interface that Abbot promised would haul the service’s look into the modern age. Changes will emphasize updates to SourceForge intended to make hosting code on the site safer and more secure. This includes embrace of HTTPS and up to three levels of scans conducted on projects, to look for malware and viruses.
Abbott promised the difference in SourceForge would be “night and day.” “We will be using the browser more effectively,” he said. Work has been underway since January.
The changes are designed to re-establish devs’ trust in SourceForge.
SourceForge took flack and saw projects depart in protest over DevShare, a scheme that let developers bundle other applications with their code, leading to allegations of bloatware and the potential insertion of malware.
DevShare was killed in early 2016 under then-new owner BizX. SourceForge also put in place steps to monitor and block ads and for devs to report ads.
“The past is in the past, trust is there, downloads are secure. We’ve done the work to make sure it [SourceForge] is viable – it’s just getting the word out,” Abbott said. ®
Sponsored: Becoming a Pragmatic Security Leader