[voxtech]

More importantly, there is no threshold of usefulness where continuing the behavior is justified.

If the behavior is unimportant enough that drew should accept eliminating it, then its value does not justify the load.

If the behavior is important enough to justify the load, then eliminating it is no solution.

[tptacek]

I don't understand how this logic is meant to hold. The behavior can be of enough value to justify it where the cost to source hosts is low, but not of enough value to justify it for all hosts. Which is where we are now.

It feels like some comments here are trying to reconstruct what happened axiomatically purely from comments on the thread, without any empirical input from, like, how the Go module proxy actually works, and ending up in weird places as a result.

[kcartlidge]

Personally I'm trying to keep it tied down to an issue of responsibilities.

The abuser of resources should stop abusing. It isn't the fault of the victims and they shouldn't each individually need to address it. Stop the issue at source for everyone by stopping being anti-social/parasitical on the use of resources through excessive polling. I think that's the extent of my own argument here.

[tptacek]

It's not a great argument? If Github and Gitlab are fine with the polling, and the polling has even marginal benefits for Go users, why should we care how they handle Github and Gitlab? It sure looks like nobody on the Go project knew that sr.ht would care about these module clones, and when they found out, they gave DeVault the option of stopping them. I'm still not clear what the issue is.

If they knew DeVault's host wasn't going to be able to handle repeated module clones, a priori, then doing it anyways would be a problem. It doesn't look like anyone expected this to be a problem. It turned out it was, and there's a fix.