- See github-pages for how to setup a static Github pages site!
- 1 Features
- 2 POSSE to GitHub
- 2.1 POSSE note to GitHub
- 2.2 POSSE an issue
- 2.3 POSSE reply to repo
- 2.4 POSSE reply to issue
- 2.5 POSSE reply to comment
- 2.6 POSSE star of repo
- 2.7 POSSE reacji to issue or comment
- 2.8 Backfeed
- 2.9 IndieWeb Examples
- 2.10 Bridgy
- 2.11 Known
- 2.12 Silopub
- 3 Porting to the IndieWeb
- 4 Using Github for comments
- 5 OAuth UI
- 6 Feature Details
- 7 Self-hosted alternatives
- 8 Issues
- 9 Criticism
- 10 Downtime
- 11 See Also
- create new, create from existing (AKA fork) repo, delete
- unlimited public and private repositories
- has collection of code and related files with versioning
- can create pull requests in response to a repo:
- stars and the ability to star/unstar a repo: serves as a personal bookmark and ranking the popularity of the repo
- follow(called "watch" in GH)/unfollow a repo: receive notifications of updates to the repo
- issues collection of issue posts
- create / edit / delete issues on (reply-to) a particular repo
- reply to (comment on) an issue
- and optionally at the same time ( Close issue ) for open issues, or ( Re-open issue ) for closed issues, if you have appropriate permissions to do so
- reacji/reaction to an issue or reply, limited to a curated set of 6, with hover text equivalents in parens:
- 👍(+1), 👎(-1), 😆(Laugh), 🎉(Hooray), 😕(Confused), ❤️(Heart)
- tag-of (add a label to) an issue
- untag-of (remove a label from ) an issue
- follow/unfollow an issue
- lock/unlock an issue if you have appropriate permissions to do so
- create, edit, delete
- . . .
POSSE to GitHub
While git is inherently distributed, all the extra functionality (issues, pull requests, etc.) that GitHub adds on top is not. GitHub has a nice API for interacting with repositories, which makes it pretty easy to POSSE issues, comments on issues, stars, and maybe more.
POSSE note to GitHub
Plain text notes can be POSSEd to GitHub as a gist.
No known examples of anyone doing this yet.
Be the first and add your permalinks here!
POSSE an issue
An issue post that is in reply to a particular GitHub repo can (and should) be POSSEd to GitHub as a new issue on that GitHub repo.
See examples of POSSEing issues to GitHub:
POSSE reply to repo
POSSE reply to issue
A reply to a specific GitHub issue can (and should) be POSSEd as a new comment on that issue.
POSSE reply to comment
A reply to a comment on a specific GitHub issue can (and should) be POSSEd as a comment in reply to that previous comment.
If that previous comment was itself originally posted as an indie reply, then be sure to post your reply as a multi-reply in-reply-to both that previous indie reply permalink, and its GitHub copy. E.g.:
- indie multi-reply to a comment: http://tantek.com/2018/155/t1/
POSSE star of repo
POSSE reacji to issue or comment
A reacji to a GitHub issue or comment can (and should) be POSSEd as a reaction to that issue/comment on GitHub respectively.
If that GitHub issue or comment was itself originally posted on the indieweb, the be sure to post your reacji as a multi-reply in-reply-to both to the indie issue/reply post permalink and their GitHub copy.
If you POSSE to GitHub in any of the above ways, you should backfeed any replies on your post's GitHub POSSE copy back to your own post so that you can:
- keep a copy of people's comments on your post
- view follow-ups to your post on your post, instead of having to visit GitHub's site
- reply to follow-ups to your post, from your site, instead of using GitHub's UI
- comments on issues and PRs
- emoji reactions to issues and PRs
Additional backfeed to consider implementing
- tag-of: username1 added the abc label n hours[or days] ago
- untag-of: username1 removed the abc label n hours[or days] ago
- ????: closed this in linkedPullRequest n hours[or days] ago
- http://aaronparecki.com/replies/2013/08/14/6/mailpile (original)
- https://github.com/pagekite/Mailpile/issues/48#issuecomment-22682787 (manual POSSE copy on GitHub)
At some point Aaron switched to using silo.pub to POSSE to GitHub
- ... need aaronparecki.com permalink of an issue/comment post in reply to github (preferably first such link after implementing silo.pub auto-POSSE to GitHub)
- ... need POSSE copy github.com permalink (that was published with silo.pub)
Colin Tedford manually POSSEs Github issues, and manually POSSEs and backfeeds comments on GitHub issues (it's just occasional bug reports, so not as onerous as it might be if he were a developer).
- http://colintedford.com/2015/02/02.0338-easy-syntax-not-working/ (original, w/ comments)
- https://github.com/glensc/dokuwiki-plugin-pageredirect/issues/18 (POSSE copy on Github)
Chris Aldrich is occasionally automatically POSSEing comments on GitHub issues from his Known site to GitHub. E.g.:
- original: http://stream.boffosocko.com/2017/miklb-i-would-generally-agree-with-you-but-im-thinking
He does this with the Known plugin to POSSE to GitHub.
- comments on GitHub issues (since 2018-02-19, post about)
- new GitHub issues (since 2018-02-21, post about) Main article: issue#Tantek
- replies to comments on GitHub issues (since 2018-02-21)
- multi-reply to an indie reply to a GitHub issue and its POSSE copy:
- reactions to GitHub comments (since 2018-02-24)
- reactions to GitHub issues (since 2018-02-26)
- reactions to GitHub pull requests (since 2018-07-09, same code as reactions to comments & issues)
If you get an error POSSEing to a particular GitHub repo using Bridgy, you may need to ask the repo's organization's owner(s) to approve Bridgy as an OAuth app for that repo.
See and refer them to: https://help.github.com/articles/approving-oauth-apps-for-your-organization/
Known has a plugin for automatic POSSEing to GitHub:
- silo.pub supports creating issues, commenting on issues and pull requests, and starring repositories since 2016-04-22
Porting to the IndieWeb
- https://github.com/tantek.atom (for account name "tantek")
If you want a feed of activity by others on your repositories, it looks like you can get it through your "Personal News Feed". "Your personal News Feed shows activity—other than your own!—on repositories you watch. […] To subscribe to your personal News Feed in your favorite RSS reader, click Subscribe to News Feed under your list of repositories." https://help.github.com/articles/news-feed/
Using Github for comments
Some people use Github to gather comments for their blog posts. For each post, an issue is opened. Comments are fetched via the Github API and displayed below the blog post
- jordaneldredge.com blog post and comment-tracking issue jordaneldredge.com#9
If you deploy an application that uses GitHub's API and needs to request the user's permission, it will display an OAuth permissions page that looks like *you* (the author of the application) are asking permission.
(Old example from 2018-02-09.)
The solution is to deploy the application from a GitHub organization account for your application, either with the same name as your application, or whatever organization your application is a part of, that you're asking your users to "trust".
Bridgy for GitHub now does this ("Authorize bridgy" green button), using the https://github.org/bridgy organization. Example prompt below with updated green button. The real prompt has the real logo and omits "local" / "localhost:8080":
As part of GitHub's Account Recovery feature, starting ~ 2018-07-18, GitHub started putting in a forced interstitial to confirm you account recovery settings, e.g. a page with something like this as its entire content:
Any attempt to load a GitHub URL (assuming you were previously logged in) would result in a temporary redirect to that interstitial. You could still view public GitHub URLs in a browser's "Private Mode" without seeing the interstitial (because you were not logged in).
Note: DO NOT only use "Fallback SMS number" as an account recovery mechanism, for all the reasons documented on the SMS page (tl;dr, SMS is horribly insecure, and fairly trivial for a professional to attack - has already happened to numerous people.)
There are some self-hosted alternatives to GitHub. Gitlab and Gogs support issue tracking and project management as well.
- GitLab: full-featured GitHub replacement
- Gogs: full-featured GitHub replacement
- Gitolite: web interface for managing repositories, with fine-grained access controls
- Gitweb: simple web interface for browsing git repositories
- Formerly Gitorious (acquired by GitLab in March 2015)
- Formerly Gitosis (deprecated long ago in favor of gitolite)
- Gitea: Golang, lightweight alternative with many common features
Account reuse is potential security issue
2018-02-07 GitHub allows account deletion, recreation by another party, with library dependency:
- Thread: https://twitter.com/francesc/status/961249107020001280
- More discussion: https://www.reddit.com/r/golang/comments/7vv9zz/popular_lib_gobindata_removed_from_github_or_why/
You can lose your data due to unjustified DMCA takedowns:
- Takedown and Apology
- Github has since improved this process by defining how they are handled better, specifically allowing for the owner to make needed corrections or to move hosts. https://github.com/blog/1908-a-better-dmca-process
DDoS collateral damage
Github is sometimes the target of DDoS attacks, apparently targeted at specific projects. While GitHub seems to be handling the attacks in such a way as to keep access working, this is a vulnerability of any centralized service, that it attracts attacks unrelated to your use of it, that jeopardize your use of it (collateral damage). Most recent first
- 2016-10-21 DDos attack on DYN affects Twitter, Spotify, Reddit, GitHub, effectively taking them all offline.
- 2015-03-26 DDoS attack  via unsuspecting browsers executing scripts from (MitM) faked Baidu requests.
March 2017 Terms of Service Update
In March 2017, GitHub updated their terms of service. Several people are upset about the change, which may affect GPL and similarly licensed software.
- Discussion thread: https://news.ycombinator.com/item?id=13766933
Contract with US Immigration and Customs Enforcement (ICE)
Renewed a $200,000 USD contract with ICE in 2019
- The CEO defended the decision, despite the amount not being “financially material for the company.”
“While ICE does manage immigration law enforcement, including the policies that both GitHub and Microsoft are on record strongly opposing, they are also on the front lines of fighting human trafficking, child exploitation, terrorism and transnational crime,” he wrote, adding that the company would donate $500,000 to non-profits working to combat the effects of Trump’s immigration policies. As of now, the money has not yet been donated.
Friedman’s response has outraged many employees. Nearly 25 percent of the company has signed onto an open letter demanding Friedman cancel the contract, including half of the engineering department.
2019-11-13 : GitHub faces more resignations in light of ICE contract (archived)
“We are not satisfied with GitHub’s now-public stance on this issue,” GitHub employees wrote in an open letter. “GitHub has held a ‘seat at the table’ for over 2 years, as these illegal and dehumanizing policies have escalated, with little to show for it. Continuing to hold this contract does not improve our bargaining power with ICE. All it does is make us complicit in their widespread human rights abuses.”
Occassionally GitHub fails to handle requests:
No server is currently available to service your request.
Sorry about that. Please try refreshing and contact us if the problem persists.
2018-10-21 Degraded Service
2018-10-21 GitHub experienced over 24 hours of what they called "Degraded Service".
- Details: 2018-10-30: GitHub Blog October 21 post-incident analysis
During that time GitHub was effectively "down" for many users and use-cases.
- Pages (issues/pull requests) not loading
- Pages (issues/pull requests) out of date
- Editing issues not working
- issue tracker
- Getting Started
- Introducing GitHub Actions
- 2019-01-07 GitHub blog: New year, new GitHub: Announcing unlimited free private repos and unified Enterprise offering
GitHub Free now includes unlimited private repositories … with up to three collaborators per repository …. Many developers want to use private repos to apply for a job, work on a side project, or try something out in private before releasing it p