- cross-posted to:
- technology@beehaw.org
- cross-posted to:
- technology@beehaw.org
GitCode, a git-hosting website operated Chongqing Open-Source Co-Creation Technology Co Ltd and with technical support from CSDN and Huawei Cloud.
It is being reported that many users’ repository are being cloned and re-hosted on GitCode without explicit authorization.
There is also a thread on Ycombinator (archived link)
When they mirror it, does they uses a different username? If so I’m totally fine as that’s just a fork, otherwise it should count as stolen. Not the project but the name and reputation of the owner.
They can use the same name but if the owner signs their commits we can at least spot the fake commits.
And even if they clone all repos they don’t clone the build systems, so their builds of apps and windows installers will be signed with different keys.
For people who follow guides to clone something from a repo, compile it and install it, they need to be on their guard if the repo URL is not the official one.
How many know what even signed commit and build is? For people following a guide they don’t even know what Github is for but a nice place to have free programs.