cross-posted from: https://lemmy.zip/post/59925975
Opinion: Careless big-time users are treating FOSS repos like content delivery networks
a single company might download the same code hundreds of thousands of times in a day, and the next day, and the next
Why would anyone ever need to do this?
Laziness? Why designate storage for a downloaded repository when you can just use the blazing fast company network to make someone else’s storage your storage? Systemically it’s fucked up, but individually it kinda makes sense.
Shitty CI system
They don’t design a system that does so intentionally. It’s equal parts ignorance, automation and cluelessness
Maybe they’re building containers every day? Idk. Can’t think of how that’d blow up into thousands without some sort of VM or containerization dependency.
Fox, who also oversees Apache Maven, a popular Java build tool, explained that its repository site is at risk of being overwhelmed by constant Git pulls. The team has dug into this and found that 82 percent of the demand comes from less than 1 percent of IPs. Digging deeper, they discovered that many companies are using open source repositories as if they were content delivery networks (CDNs). So, for example, a single company might download the same code hundreds of thousands of times in a day, and the next day, and the next. This is unsustainable.
GitHub added rate limits for unauthenticated users last year
https://github.blog/changelog/2025-05-08-updated-rate-limits-for-unauthenticated-requests/
Making big companies pony up is always good.
Why does this article repeat itself? It reads super weird.
It’s the register they’ve been writing slop articles (sometimes with interesting news in the middle), since before AI was called ML.
