Replying to Avatar Laeserin

It's actually first-past-the-post because ngit commands sent to any repo event with the same initial commit would show up here.
Avatar
DanConwayDev 1y ago

currently gitworkshop.dev uses the npub:identifer with the most number of events tagging it.

ngit users the most recent event where the 'earliest unique commit' matches the initial commit, filtered by npubs listed in 'maintainers.yaml' if that exists, or falls back to prompting the user for an naddr.

The intention is to improve gitworkshop.dev so it makes less automatic choices and factors in WoT to recommendations.

The intention for ngit is to use 'maintainers.yaml' and fallback to the same approach used by gitworkshop.dev.

Reply to this note

Please Login to reply.

Discussion

Avatar
frphank 1y ago

Both are metrics that can be gamed easily

Avatar
DanConwayDev 1y ago

inclusion in a maintainers.yaml file is hard to game. a would-be maintainer could change the clone url and send users to another git server with a different maintainers.yaml file but they won't be able to get other contributors to sign commits on top of history.

I'm not sure I agree that WoT can be easily gamed but there are certainly some valid critiques. can we really use the contact lists as a sign of trust? Conversations about use of validity of using WoT are happening elsewhere.

Ultimately, the user should be presented with a choice and the choice of npub:identifer should be respected until change their mind. I am currently refactoring gitworkshop.dev to use a specific npub:identifier repository reference rather than a dynamic one based solely on identifier.

Avatar
Laeserin 1y ago

I can read that, but it's like

Avatar
DanConwayDev 1y ago

my description definitely read like that pin-board

Avatar
Laeserin 1y ago

😂

Avatar
Laeserin 1y ago

Maybe this is a dumb question: but why are the relays in the maintainers.yaml file, rather than in a setup.yaml file or something?

Avatar
DanConwayDev 1y ago

Because a list of maintainers is all that needs to br in there. A list of relays is helpful but repo events shpuld be blasted like nip65 events. Maybe git.nostr.yaml would have been better?

Avatar
Laeserin 1y ago

I was just curious. That's okay.