Can no longer search code without being logged in. #77046
-
Select Topic AreaProduct Feedback BodyThis is revolting and an anathema to the open source movement. A movement, I might add, Microsoft is abusing here. We're told that this is for security... But what possible point is there when I can simply clone the repository and use more dedicated tools for proper searching and analysis? So what possible reason is there?! Do you NOT have enough of our data? Is it not enough to monetize every bowel movement, you now feel the need to track which individual lines of code I'm browsing? I was on an older machine and needed to search for something in OUR OWN REPOSITORY and couldn't. I actually want people to be able to search our codebase. So what did I have to do? I tried logging in. Didn't have my password manager nearby. So I had to grab my phone. Oh! Now I need to 2FA. So back to my office to grab my Yubi key. The old laptop doesn't have USB-C ports? Well now I'm SOL. Not only is this change unncecessary, it's downright hostile towards your own customers. Ambitiously hostile! Obviously we're too far into the Github ecosystem to be able to easily change providers to one that even gives a pretext of user privacy or responsiveness. So kudos for that. But I'm done with the web interface. If you're not going to even bother hiding the fact that you see us as a source of data and a resource to be extracted, I choose to not give you that information. This is the final straw. I will no longer be creating new projects on GitHub. I want them to be useful to the public. Anybody reading this needs to realize something: Every time you create something new here, future audiences will only be able to search your code after bending the knee to Microsoft. Please, GItHub maintainers! Ignore the marketing jackals and the middle managers. Fight back! This is ethically indefensible and needs to be reversed. |
Beta Was this translation helpful? Give feedback.
Replies: 19 comments 55 replies
-
Or find better alternatives that don't do this shady crap. |
Beta Was this translation helpful? Give feedback.
-
This has been happening since before the Microsoft acquisition, as far as I remember. It is certainly not a new limitation either way. |
Beta Was this translation helpful? Give feedback.
-
Sorry for the inconvenience @koepnick - while searching across all repos has required being logged in for a long time, when we enhanced the search capabilities earlier in the 2023 we had to extend this to repos as well (see https://github.blog/changelog/2023-06-07-code-search-now-requires-login/). This is primarily to ensure we can support the load for developers on GitHub and help protect the servers from being overwhelmed by anonymous requests from bots etc. |
Beta Was this translation helpful? Give feedback.
-
Is this technical issue, or political issue ? Rails can scale right ? |
Beta Was this translation helpful? Give feedback.
-
It's naive to think that login requirement will stop any dedicated bot operator. |
Beta Was this translation helpful? Give feedback.
-
Microsoft is closing the door on open source. Who woulda thought that could happen. Oh right. |
Beta Was this translation helpful? Give feedback.
-
It's a constant source of nuisance when browsing in private/incognito mode. Surely there are other ways to limit bots, like adding a rate limit and if that's reached, then requiring CAPTCHA or login? |
Beta Was this translation helpful? Give feedback.
-
You can look at https://grep.app/, which allows you to search for repositories without logging in, but even so, this Github policy is bad and will probably get worse over time |
Beta Was this translation helpful? Give feedback.
-
I doubt this was a move against open-source. As an Enterprise Customer we needed better search which required this level of security. Granted it could have been made optional but given that AI models of our code are being used for major new Co-Pilot features security had to be heavily considered. |
Beta Was this translation helpful? Give feedback.
-
Since this is relevant to the larger topic, I would like to add an anecdote, as a logged in user using search extensively:
I wonder why that is and if there's a way to retrieve more than 5 pages? |
Beta Was this translation helpful? Give feedback.
-
GitHub 的反抓爬理由其实能说得过去,不过这也可能是 GitHub 和微软用来防止某些竞争对手抓取数据来训练 AI 模型,毕竟现在各大公司都在想方设法的限制数据抓取避免数据被人白嫖。 |
Beta Was this translation helpful? Give feedback.
-
The anti crawling reasons of GitHub can actually be justified, but it may also be that GitHub and Microsoft use it to prevent certain competitors from crawling data to train AI models, after all, major companies are now trying to limit data crawling to avoid data being wasted. However, this cannot be a reason for not being open-source, can we use methods that are more user-friendly for real users? |
Beta Was this translation helpful? Give feedback.
-
GitHub, which prides itself on being the world's largest open source community, is owned by Microsoft, a for-profit company. Interestingly, Microsoft's commitment to open source has always been limited, starting with GitHub itself, which is not an open source platform. The situation seems somewhat hypocritical, but given that this is Microsoft, perhaps there's no need to be surprised. |
Beta Was this translation helpful? Give feedback.
-
I find this feature kind of annoying as well. My current solution to find something quickly, if limited to a single repo is:
If you want to search for a pattern all over GitHub you can use a normal search engine, with something like:
This seems a mitigation to me. What about if someone creates n GitHub bot accounts using n different emails and remains well below API limits for each bot? I think the bot manager would win. It would be much simpler to disable code search altogether (!) Problem solved. As mentioned in other comments there are other GIT forges (Gitlab (Framagit), Gitea, Forgejo (Codeberg), Gogs, etc...). I think some of these allow you to enable code search if you self-host. Apparently Codeberg and Framagit don't have code search enabled at this moment. These two Codeberg issues seem also interesting. Personal adviceNot directly related to code search but more broad: my personal advice is to treat GitHub as one of the mirrors of your projects. GIT is by nature decentralized (Distributed Version Control System (DVCS)). If you use GitHub (or any other) as your only code forge you get a single point of failure. You can do something like this: git remote add github https://github.com/user/repo.git
git remote add codeberg https://codeberg.org/user/repo.git
git remote add framagit https://framagit.org/user/repo.git
git remote add private https://example.com/user/repo.git
git add ...
git commit ...
git push github
git push codeberg
git push framagit
git push private |
Beta Was this translation helpful? Give feedback.
-
Enforcing a login for advanced features makes it easier to stop abuse. Unfortunately it does come at some expense of the user convenience. I could imagine another reason for requiring logins is that it makes the audit log more accurate. The op could have cloned the repo and grepped if they really needed to. They could've cloned and committed and pushed later. They could've just made another login. They could've been having a bad day and decided to make the post. I could've not posted on this but here I am lol. If you need search via cli, you can issue an API key for yourself. I dunno, just sounds like it was a bad experience at that moment. Things change, sometimes they're not universally considered "the best". Somehow I doubt this is M$ trying to monitize. More likely they're responding to scaling issues as they stated. Indexing all the code and making that universally accessible eventually is a scaling issue and clobbering the least effort bots with a login need seems to be low effort/high reward. |
Beta Was this translation helpful? Give feedback.
-
add 1s after the github before the .com. Opens the repo in an online vscode, search is better than the github one anyway. |
Beta Was this translation helpful? Give feedback.
Sorry for the inconvenience @koepnick - while searching across all repos has required being logged in for a long time, when we enhanced the search capabilities earlier in the 2023 we had to extend this to repos as well (see https://github.blog/changelog/2023-06-07-code-search-now-requires-login/).
This is primarily to ensure we can support the load for developers on GitHub and help protect the servers from being overwhelmed by anonymous requests from bots etc.