Nmap Development mailing list archives
Re: SourceForge nmap project analysis
From: Daniel Miller <bonsaiviking () gmail com>
Date: Fri, 3 Jul 2015 21:25:28 -0500
Max, Nmap is not on SourceForge. The project moved to self-hosted Subversion repositories many years ago, but Sourceforge persisted in keeping a "mirror" up to continue to capitalize on the Nmap name. It's this "mirror" that continually shows misleading ads, and it was a similar "mirror" of the GIMP project that was hijacked to include bundled adware. Nmap is currently on Github in a semi-official capacity. The Nmap Github repository [1] is a read-only mirror of the Subversion repository that is updated once an hour. We are making active use of the Github Issues associated with that repository, which you can reach via http://issues.nmap.org/. We like receiving pull requests because of the ease of review and the integration with Travis CI, though because of the read-only nature of the repository, PRs are converted to patches and applied to SVN instead of being merged directly from the PR. We are continuing to conservatively expand our use of Github, but with caution, since the project obviously has a history of being burned by third-party code hosting services. Dan [1] https://github.com/nmap/nmap On Fri, Jul 3, 2015 at 9:54 AM, Max Schubert <maxs () webwizarddesign com> wrote:
Fyodor, Have you considered a move to Github? I moved away from Source Forge years ago when they started doing all of this .. this may have been discussed before, so my apologies if I missed the discussion. Github is so much more accessible for developers and contributors and easy to do releases from than Source Forge - the issue tracking is straight forward and captures lots of user context with comments and responses - and the pull request process is awesome for swarm code reviews. Are there philosophical reasons that cause you to want to keep nmap on Source Forge? - Max On Fri, Jul 3, 2015 at 10:39 AM Fabio Pietrosanti (naif) - lists < lists () infosecurity ch> wrote:On 7/2/15 10:41 AM, Fyodor wrote:On Sun, Jun 28, 2015 at 1:35 AM, Fabio Pietrosanti (naif) - lists <lists () infosecurity ch <mailto:lists () infosecurity ch>> wrote: Given that SF is for the opensource community, and it's notsoftpedia ordownload.com <http://download.com> or other pseudo-malware-oriented commercial sites, Sadly, Sourceforge has gone that same route :(. We need to judge them on their actions, and those don't speak well of the current management. You'd think that, after all this negative attention, they'd be on their best behavior, right? And that they'd be following their promise[1] to eliminate fake download buttons?I don't like non-constructive criticism, especially when we need to judge on "actions" like you suggest. Have you reported what do you describe by sending them an email to blockthis () sourceforge net as indicated in the link you referred at [1] ? It's easy to say "streets are plenty of holes" but then don't report "that hole" to the municipality trough their reporting procedure to get it fixed. You may have a bias that SF is bad-behaving and i may have a bias that SF is good-behaving. But the facts are that for each single of the claims/issues being reported there's a pragmatic reaction considering community needs.-Fyodor [1] https://sourceforge.net/blog/?s=blockthisFabio _______________________________________________ Sent through the dev mailing list https://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/_______________________________________________ Sent through the dev mailing list https://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
_______________________________________________ Sent through the dev mailing list https://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Re: SourceForge nmap project analysis Fyodor (Jul 02)
- Re: SourceForge nmap project analysis Fabio Pietrosanti (naif) - lists (Jul 03)
- Re: SourceForge nmap project analysis Max Schubert (Jul 03)
- Re: SourceForge nmap project analysis Daniel Miller (Jul 03)
- Re: SourceForge nmap project analysis Max Schubert (Jul 03)
- Re: SourceForge nmap project analysis Fabio Pietrosanti (naif) - lists (Jul 03)