[figbert]

I discovered Radicle back in 2020 (when their website looked incredible: https://web.archive.org/web/20201201030505/https://radicle.x...). I bounced off of it, in part due to being unable to effectively delete repositories. They used to have an FAQ about that—looks like it's gone now, though the public-private repository area is much more fleshed out (you can make a repo private, in which case no new updates will be publicized but the history will still exist). In truth, it's just profoundly difficult to effectively "delete" things in a decentralized system (see: Matrix, BitTorrent, et. al.). But definitely something to consider; people accidentally upload secrets, and want to have some recourse when that happens.

Still, time has passed and I have become more interested in GitHub alternatives (https://figbert.com/posts/ideating-tragit/). Will likely end up moving to Tangled. But first I need to add support over there for pushing over HTTPS...

[nine_k]

In general, whatever has been made public, is hard to unmake public. There can always remain a copy.

It is acutely true for peer-to-peer distributed systems like Radicle, but is still true for the more centralized GitHub, and for the Web in general. If you want to be able to walk something back, better don't publush it.

Publishing a token or an ssh key should not be a big deal, such a token or key should be immediately revoked, which is as good as deleted. The problem occurs when the fact is not noticed immediately. A git hook can help avoid such mishaps.

[lukeck]

It’s a fair point about the difficulty in deleting data in a decentralised system but that’s also true in more centralised systems like GitHub or any other website. Once some data is out there, you have no control over whether it can be removed. Other parties could have copied it and may re-share it. “All” removing data from a centralised system does is slow down this spread, sometimes to the point that it is effectively deleted but that can’t be guaranteed.

The best response I’m aware of is to invalidate any secrets that have been accidentally shared. Sometimes that is easier said than done though. And of course there are plenty of other reasons someone might want to delete data.

[figbert]

Well said, in particular the last sentence: IIRC at the time I was seeking to delete a repo that I had made accidentally so as to clean up my profile.

[2color]

What are you missing from Radicle today that would make you chose Tangled over it?

[pksunkara]

I would love to know the need behind pushing over HTTPS. Is the SSH protocol not good?

[figbert]

It's not a technical issue but a UX one. It would be a pain to set up pushing via SSH to a knot container on my server because I am use SSH for the host already. And specifying a port is ugly. Doing this over the internet negates all these.