Radicle: Open-Source, Peer-to-Peer, GitHub Alternative

Hi HN. I am the co-founder of the project. If you are interested in how the protocol works under the hood, start here: <a href="https:&#x2F;&#x2F;docs.radicle.xyz&#x2F;" rel="nofollow">https:&#x2F;&#x2F;docs.radicle.xyz&#x2F;</a> Docs are still WIP though.

It&#x27;s been fascinating watching Radicle evolve over the –what seems to be– last 5 years.<p>I attended the workshop at Protocol Berg 2023 and think they built something really powerful and novel.<p>Perhaps the most exciting aspect is that even the collaborative aspect of the protocol is local-first which means you can submit patches and issues without internet and that your team isn&#x27;t on HN every time GitHub is having problems.

This looks like a fine project for its purpose, but I think git is already open-source and p2p. You don&#x27;t need sh&lt;(curl) a bunch of binaries, instead simply connect to another git server, use git commadns to directly pull or merge code.<p>What&#x27;s missing in git is code issues, wikis, discussions, github pages and most importantly, a developer profile network.<p>We need a way to embed project metadata into .git itself, so source code commits don&#x27;t mess up with wikis and issues. Perhaps some independent refs like git notes?<p><a href="https:&#x2F;&#x2F;git-scm.com&#x2F;docs&#x2F;git-notes" rel="nofollow">https:&#x2F;&#x2F;git-scm.com&#x2F;docs&#x2F;git-notes</a>

From their documentation:<p>&gt; It’s important to only publish repositories you own or are a maintainer of, and to communicate with the other maintainers so that they don’t initialize redundant repository identities.<p>Based on my experience with people taking my code and shoving it onto GitHub--as well as separately in my demoralizing general experience of putting random little &quot;please for the love of all that is holy don&#x27;t do X as it will cause problems for other users&quot; notices in the documentation or even as interstitial UI (!!) of my products and watching everyone immediately do exactly that thing as no one reads or thinks (or even cares)--a large number of people aren&#x27;t going to honor this request in the documentation... and, frankly a large number of people aren&#x27;t even going to see this in the first place as the home page tells you how to push code but you only find this &quot;important&quot; request in the &quot;user guide&quot; that people definitely do not bother to read.<p>It thereby seems quite concerning that, apparently?!, this system is designed in a way where doing what feels like a very reasonable thing to do--just pushing whatever open source code you are working on, based on the instructions on the home page--is going to interact with something about this protocol and how things are stored that something important enough to have this separated boxed &quot;important&quot; statement in the documentation is going to get cluttered and maybe even confusing over time :(.

Congrats on the launch! I’ve been following this project and I’m really excited to see how much it has matured. For projects currently on GitHub, what’s the best way to migrate? Is there a mirror mode as we test it out?

I wonder how discoverable (for normal people) these repositories are. It looks like <a href="https:&#x2F;&#x2F;app.radicle.xyz&#x2F;robots.txt" rel="nofollow">https:&#x2F;&#x2F;app.radicle.xyz&#x2F;robots.txt</a> doesn&#x27;t exist, so it seems like fair game for search engines, and indeed a search on Google and DDG for<p><pre><code> site:app.radicle.xyz </code></pre> does give some results. Maybe not that high up yet if not using that site filter, perhaps the ranking will improve?<p>Tools for integrating CI support with this would also be nice to see. Ultimately a loop with<p><pre><code> while true; do wait_repo_update; git pull &amp;&amp; .&#x2F;run_ci.sh; done </code></pre> but something nicer that you could only limit to pushes by trusted identities.<p>And then finally artifact storage. But maybe Radicle doesn&#x27;t need to solve <i>everything</i>, in particular as a distributed network for sharing large binaries is going to get some undesirable uses pretty fast..

I wish people would define precisely what they mean by &quot;peer to peer&quot; (or more commonly, &quot;distributed&quot;). Its such an ambigious term now it can mean anything when used as a buzzword.

&gt;Installation<p>&gt;<p>&gt;The easiest way to install Radicle is by firing up your terminal and running the following command:<p>&gt;<p>&gt;$ curl -sSf <a href="https:&#x2F;&#x2F;radicle.xyz&#x2F;install" rel="nofollow">https:&#x2F;&#x2F;radicle.xyz&#x2F;install</a> | sh<p>Ah.. my high hopes were immediately dashed by the trash that is curl-bash. What a great signal for thoughtless development, if this project catches on I can&#x27;t wait to watch the security train wreck unfold. Maybe someday we&#x27;ll get an &quot;Open-Source, Peer-to-Peer, GitHub Alternative&quot; that doesn&#x27;t start with the worst possible way to install something.

I hear about Radicle every time crypto market goes up. Is anybody seriously using it ?<p>This got down-voted so fast! :)<p>Serious question though: how much budget was spent on Radicle, how many people did work on it, and who is using it ?

is there any plans to support this use case: offering repositories only to a set of nodes? I can imagine people wanting to collaborate in private but not wanting to be on Github.

Off-topic: This reminded me of NESticle.<p><a href="https:&#x2F;&#x2F;en.wikipedia.org&#x2F;wiki&#x2F;NESticle" rel="nofollow">https:&#x2F;&#x2F;en.wikipedia.org&#x2F;wiki&#x2F;NESticle</a>

Congrats on launching ! Reminds me of another similar project, nest.pijul.com but using pijul instead of git

This could enable development of projects like forks of Yuzu, with reduced risk of DMCA interference.

So it uses git, right? The readme should make that clear.

I&#x27;m curious why dual license with both the MIT and Apache licenses.<p>This is not a criticism, and I could be wrong about this, but doesn&#x27;t the mit license allow anyone to essentially bypass any extra responsibilities provided for in the Apache license? Specifically I&#x27;m thinking of the patent license grant provisions. I don&#x27;t think the MIT license has anything to say about patents.<p>And if that is the case then why not just license it MIT?

A bit of a naiive general question, but why are these things not layered on top of existing technology?<p>You already have Bittorrent for distributing files P2P. We &quot;just&quot; need an extra layer for discovering new updates&#x2F;patches so that files can dynamically update&#x2F;grow. These two problems seem fundamentally decoupled. The &quot;git forge&quot; aspect seems to be another fundamentally separate layer on top of that

How is this related to the $RAD coin?

Why does this website try to connect to localhost on <a href="http:&#x2F;&#x2F;127.0.0.1:8080&#x2F;api&#x2F;v1&#x2F;node" rel="nofollow">http:&#x2F;&#x2F;127.0.0.1:8080&#x2F;api&#x2F;v1&#x2F;node</a> ?

My question isnt related to radical but P2P in these sense in general, Why should I store someone else&#x27;s data and why should someone else store my data? doesnt it make it easy to access?

I see no information about properties in README.md, and ARCHITECTURE.md is empty.<p>What are the capabilities?<p>If a node is down, would other nodes step in? Where&#x27;s stuff stored? How is it replicated?

Genuine question ... isn&#x27;t there an inherent latency issue with Peer-to-Peer?<p>and as such, it makes for a poor user experience on the web.<p>(when you&#x27;re just downloading files over P2P, this isn&#x27;t an issue or noticeable - but when you&#x27;re interacting with a web site, it is)<p>EDIT: why the downvotes? I&#x27;m just asking a question.

I really want to have the problems this solves.

Can this handle patch stacks or is this just another pull&#x2F;merge request model with all the flaws that entails?

Is this the <i>same</i> Radicle that issued a crypto token ($RAD)?<p>If so, I&#x27;m glad that it completely failed and they decided to focus on the actual product of a &#x27;P2P GitHub&#x27;.<p>Although stay away from their &#x27;drips&#x27; crypto thing, looks like a tax and accounting nightmare for individuals and businesses.

isn&#x27;t git already the open source, p2p Github alternative? coders will do practically anything to avoid learning `git rebase` . ( don&#x27;t read too deeply on this chaps)

There should be a way to run git over i2p.<p>Also, git over yggdrasil should be easy because there are just ipv6 addresses. And, in the worst case, I think 6to4 tunnels would work.

Support peering over the Tor network like what briar does. That way, all peers can fall back to tor when they&#x27;re behind restrictive firewalls.

and I thought I was cool for knowing about <a href="https:&#x2F;&#x2F;codeberg.org&#x2F;" rel="nofollow">https:&#x2F;&#x2F;codeberg.org&#x2F;</a>

This looks wonderful, I&#x27;ll read more on details and follow the project!<p>Does this suffer from the code search problem, or are there plans to somehow introduce that?<p>The main problem of decentralized and federated code management projects is that I still go to github (not even gitlab) when I want to see what other people do, how they use a lib or something, and I can search issues, too.<p>So we obviously can&#x27;t have each of our small servers serve code search requests from all the world&#x27;s developers.<p>...a sync-and-search-only project is probably a job for someone like the EFF, or non-profit orgs that already have sufficient funding... has anyone heard any talks in that regard?

&gt; p2p, signing, local first, yadda yadda<p>curl | bash is the recommended way to install.

What are the most common use cases this provides a solution for?

any plans for adding localization to the UI?

Their monetization strategy is pretty critical for people who’d sink their time into the service and entrust it with the code for long-running projects. So… how do they plan on making money off of this? If they can’t or won’t say, what sort of projects do they imagine they’d attract in spite of that? (e.g. ephemeral ones? Data sets about current events?)<p><i>Downvoters: do you not think their monetization strategy is important to potential users? Surely their investors didn’t throw that money at them out of the goodness of their hearts, and surely it’s apparent how that could affect their users in the long run.</i>

What about codeberg.org?

Isn’t git already open source and peer to peer?<p>So this is just a web interface to git? Like gitlab?

Pedantic, but this seems like a git alternative, not simply a GitHub alternative.

That&#x27;s a neat name! If &quot;seeding&quot; is the word for distribution in a peer-to-peer network, then a &quot;radicle&quot; (not a &quot;radical&quot;!) must be named after:<p>- <i>&quot;In botany, the radicle is the first part of a seedling (a growing plant embryo) to emerge from the seed during the process of germination.[1]&quot;</i><p><a href="https:&#x2F;&#x2F;en.wikipedia.org&#x2F;wiki&#x2F;Radicle" rel="nofollow">https:&#x2F;&#x2F;en.wikipedia.org&#x2F;wiki&#x2F;Radicle</a>

Unfortunately, it&#x27;s developed by crypto-brained guys.

The best approach to building a GitHub Alternative would be to build a GitHub for Data (merge SQL changes etc) and then extend that to GitHub for Code and later to GitHub Alternative for anything.

1. Lower left, device isn&#x27;t connected? What device?<p>2. Domain ends with the nonsensical .xyz, my email server would block all email traffic from them.<p>3. The default dark theme isn&#x27;t readable by about 40% of the human population. It can be changed to a light theme, that&#x27;s nice, but the light theme is some sort of puke light purple.<p>4. &quot;Run the following command and follow the instructions to install Radicle and get started.&quot; I have to use your custom tool called &quot;rad&quot;?<p>No thanks. Even though GitHub is owned by Microsoft, I&#x27;d rather use it.