CIRCLE WITH A DOT

Why I'm leaving GitHub for Forgejo | Jorijn Schrijvershof｢ the carve-out for private repositories is narrower than it sounds. GitHub says it does not use private-repo content "at rest" for training, but it does collect "code snippets and interaction context" generated while Copilot is being used inside a private repo. The line between the code at rest and the snippets generated while editing it is, charitably, blurry ｣https://jorijn.com/en/blog/leaving-github-for-forgejo/#github #forgejo #digitalsovereignty #opensource

RE: https://infosec.exchange/@cidu/116563888871363394Again, with #github #githubactions at the center of another PR driven compromise? You would think their wonderful #AI would catch these by now if they're not going to fix the underlying problem. Is it called #copilot too??

@michael I figured you would like it. I love it, too. The community surrounding @forgejo and the release notifications are fantastic, too

If you are looking for a self-hosted alternative to GitHub, check out Gitea or Forgejo. https://about.gitea.com/https://forgejo.org/#gitHub #gitea #forgejo #selfHost

@poes gak di-funding zionist

@michael I like @forgejo

For the Open Source community, Microsoft’s GitHub changes are more than a business move. They affect trust, convenience, control, and sovereignty.https://www.korte.co/2026/05/07/in-open-source-trust-is-a-real-asset/#OpenSource #GitHub #Microsoft #DeveloperCommunity

With #GitHub slowly falling apart, I couldn't be more excited to be working on a better way to host the world's #OpenSourceSoftware: @radicle - the peer-to-peer GitHub alternative. I took a minute to write down what I feel is especially exciting about it: https://yorgos.net.gr/posts/working-on-a-better-home-for-open-source.html

@itsfoss that’s @forgejo

@JdeBP @ska It was my impression that the project that was backdoored was the Windows package Daemon Tools, which is unrelated to djb's daemontools. It's a CD/DVD/maybe floppy imaging program that can emulate having those virtual disks in a drive.

Android-Dunkelmodus: Open-Source-App passt Systemdesign an Umgebungslicht anDie Open-Source-App „Adaptive Theme: Auto Dark Mode“ erweitert Android um einen automatischen Dark-Mode-Wechsel per Lichtsensor.https://www.heise.de/news/Android-Dunkelmodus-Open-Source-App-passt-Systemdesign-an-Umgebungslicht-an-11282658.html?wt_mc=sm.red.ho.mastodon.mastodon.md_beitraege.md_beitraege&utm_source=mastodon#Android #Apps #Automatisierung #GitHub #Mobiles #OpenSource #news

@tisba Claude willing. /s

WTF: Microsoft forces "Co-Authored-by Copilot" in commitsAnyone who wrote their code with the help of Copilot now has to share the commit message with the AI assistant, but this can be deactivated.https://www.heise.de/en/news/WTF-Microsoft-forces-Co-Authored-by-Copilot-in-commits-11279554.html?wt_mc=sm.red.ho.mastodon.mastodon.md_beitraege.md_beitraege&utm_source=mastodon#MicrosoftCopilot #GitHub #IT #KünstlicheIntelligenz #Microsoft #OpenSource #Softwareentwicklung #news

@omar @bt

@bazzargh https://bots.robots.rodeo/@scream/116494496241619808

today I moved over my #debian live-build configuration to #codeberg at https://codeberg.org/lgrn/live-build from #github -- it's now based on trixie, and I've also added some forgejo CI. live-build is really cool and I recommend it to anyone who wants to try putting together a custom live debian USB, with or without encrypted persistence.

Microsoft veröffentlicht frühesten bekannten DOS-QuellcodeZum 45. Geburtstag von 86-DOS veröffentlicht Microsoft die frühesten bekannten Quellcode-Listings – transkribiert von vergilbten Endlospapierausdrucken.https://www.heise.de/news/Microsoft-veroeffentlicht-fruehesten-bekannten-DOS-Quellcode-11277117.html?wt_mc=sm.red.ho.mastodon.mastodon.md_beitraege.md_beitraege&utm_source=mastodon#BillGates #GitHub #IT #Microsoft #OCR #OpenSource #Versionskontrolle #news

@heisec Ich habe den Post erst einmal gar nicht verstanden (bzw. auch Titel und Untertitel des Artikels), da es doch der ureigenste Zweck von Push ist, Code in ein Respository zu laden. Der Artikel gab dann Aufschluss:"Durch das Ausnutzen eines Injection-Fehlers in den internen GitHub-Protokollen konnte jeder authentifizierte Nutzer beliebige Befehle auf den Backend-Servern von GitHub ausführen, mit einem einzigen „git push“-Befehl.", d.h. es geht um das Einschleusen in den Server selbst.

@schlagfell In short, yes.

️ CRITICAL: CVE-2026-3854 lets users with push access run arbitrary code on GitHub backend servers. Impacts GitHub.com & Enterprise Server. GitHub.com patched 2026-03-04; ES patch 2026-03-10. Patch ASAP! No wild exploits found. https://radar.offseq.com/threat/critical-github-vulnerability-exposed-millions-of--29b3abff #OffSeq #GitHub #Infosec