Why aren’t you using github?

Is a question we, Krita developers, get asked a lot. As in, many times a week. Some people are confused enough that they think that github is somehow the “official” place to put git repositories — more official than  projects.kde.org, phabricator.kde.org, git.gnome.org or wherever else. Github, after all, is so much more convenient: you only need a github account or login with your social media account. It’s so much more social, it’s so cosy, and no worries about licensing either! So refreshing and modern.

So much better than, say, SourceForge ever was! Evil SourceForge, having failed to make a business out of hosting commercial software development projects is now descending to wrapping existing free software Windows         installers in malware-distributing, ad-laden installer wrappers.

The thing is, though, Github might be the cool place to hack on code these days, the favourite place to host your projects: that is exactly what SourceForge was, too, back in the days. And Github’s business model is exactly what SourceForge’s was. And if that isn’t a warning against giving your first-born children in the hands of a big, faceless, profit-oriented, venture-capital-backed company, then I don’t know what is!

And yes, I have heard the arguments. Github is so familiar, so convenient, you can always remove your project (until Github decides to resurrect it, of course), it’s git, so you’re not losing your code revision history! But what about other artefacts: wiki, documents, bugs, tasks? Maybe you can export them now, I haven’t checked, but what will you import it into?

I’ve spent over ten years of my life on Krita. I care about Krita. I don’t want to run that sort of risk. One thing I’ve learned in the course of a mis-spent professional life is that you always should keep the core of your business in your own hands. You shouldn’t outsource that!

So, one big reason for not moving Krita’s development to github is that I simply do not trust them.

That’s a negative reason, but there are also positive reasons. And they all have to do with KDE.

I know that a lot of people like to bitch about KDE — they like to bitch about the layout of the forum, the performance of the repo browser, the size of the libraries, the releases of new versions of the Plasma Desktop, about fifteen year old conflicts with the FSF (which somehow proves to them that KDE isn’t trustworthy…) The fact is that especially in the Linux world, a bunch of people decided ages ago they didn’t like KDE, it wasn’t their tribe and they apparently find it enjoyable to kick like a mule everytime we do something.

Well, shucks to them.

Then there are people for whom the free software world is a strange place. You don’t see something like Corel Painter being hosted together with a bunch of other software on a bigger entity’s website. It’s confusing! But it’s still strange, to many people, to see that Krita shares a bug tracker, a forum, a mailing list platform, a git repository platform with a bunch of other projects that they aren’t interested in.

Well, I see that as a learning moment. And not as a hint that we should separate out and… Start using using github? Which would also mean sharing infra with a bunch of other projects, but without any sense of community?

Because that is what make KDE valuable for Krita: the community. KDE is a  big community of people who are making free software for end users. All kinds of free software, a wild variety. But KDE as a community is extremely open. Anyone can get a KDE identity, and it doesn’t take a lot of effort to actually get commit access to all the source code, to all projects. Once in,
you can work on everything. All the pieces needed to develop software are here: websites, forums, wikis, bug trackers, repo hosting, mailing lists, continuous-integration, file hosting, todo management, calendaring, collaborative editing, file hosting. The system admin team does an incredible job keeping it all up and running, and the best thing is: we own it. We, the community, own our platforms and our data. We cannot be forced by a venture capitalist to monetize our projects by adding malware installers. We own our stuff, which means we can trust our stuff.

And we can improve our platform: try to improve a closed-source, company-owned platform like github! So suggestions for improvement are welcome: we’re now looking into phabricator, which is a very nice platform giving a lot of the advantages of github (but with some weird limitations: it very clearly wasn’t made for hosting hundreds of git repos and hundreds of projects!), we’re looking into question-and-answers websites. Recently, the continuous integration system got improved a whole bunch. All awesome developments!

But moving development to github? Bad idea.