'I accidentally lost 54,000 stars collected by the GitHub repository over 10 years by mistake.'
GitHub , a software development platform, has a function to send a 'Star' to a public repository, and you can send a star if you like the repository or want to be notified of updates. The creator of such a popular GitHub repository reports that 'a repository that has been published on GitHub for 10 years and has earned 54,000 stars has lost all the stars with just one accidental mistake.' The blog that I did has become a hot topic.
How we lost 54k GitHub stars – HTTPie blog
This blog was written by Jakub Roztocil , the creator of the open source tool HTTPie , which sends HTTP requests from the command line intuitively. Since its launch in February 2012, HTTPie has become one of the most popular API tools on GitHub, collecting 54,000 stars and following the repository in the 10 years to 2022. ) ”Has exceeded 1000 users. Roztocil explains that HTTPie was one of the most popular public repositories in the top 80, even on GitHub, which has about 289 million public repositories.
Roztocil has been a fan of GitHub for a long time, and while HTTPie benefited from GitHub's 'social coding' feature, it attracted millions of developers by hosting popular repositories, and HTTPie It claims to have benefited GitHub. “This helped GitHub strengthen itself as an open source and community-friendly company. It was a symbiotic relationship,” Roztocil said.
However, in 2022, Roztocil reported that an inadvertent mistake removed all the stars and watches that HTTPie had earned. Not only does this mean that the 10-year rating has disappeared, but users who have been checking HTTPie updates on their stars or watches will have to reconfigure them to get HTTPie update notifications again. Means.
The HTTPie stars and watches disappeared because Roztocil set HTTPie as a 'private repository'. In GitHub, if the public repository is made private, the specifications that the stars and watches up to that point will disappear, and Mr. Roztocil also understood the specifications. However, Roztocil inadvertently made HTTPie private by mistake.
'The most important cause is that I thought I was in another repository,' Roztocil said of the inadvertent mistake he made. According to Roztocil, he accidentally unpublished the 'HTTPie repository' with the intention of unpublishing the 'profile of the'HTTPie organization'' that he did not have the opportunity to enter the contents of what he created at that time. It is said that it has been done. Since GitHub treated users and organizations as similar entities, Roztocil, who was operating as an assembly line, did not notice that he was trying to keep the HTTPie repository private.
Of course, a warning dialog will be displayed before making the repository private, but Roztocil said, 'In a repository with few commits and stars, and a repository with 10 years of history and 55,000 stars and watches, The problem is that the warning dialog on GitHub looks exactly the same. ' In the image below, the left is the dialog when trying to make the 'HTTPie organization profile' private, and the right is the dialog when trying to make the 'HTTPie repository' private. Both have sentences such as 'Warning: This is a potentially destructive behavior' and 'You will lose the stars and watchers of this repository forever', but the one you are trying to keep private is ' It is not possible to distinguish between 'things that have almost no effect even if they are kept private' or 'things that lose their 10-year accumulation if they are kept private'.
If you look closely, the command to enter to make it private is 'httpie / .github' in the dialog on the left, and 'httpie / httpie' in the dialog on the right. The user's repository is named 'name / name' and the organization's repository is named 'name / .github', so if you want to keep the 'HTTPie organization profile' private, the dialog on the right is correct. However, Mr. Roztocil at that time was not aware of this naming convention.
Roztocil wrote about the dialog that GitHub displays when unpublishing the repository: 'You're trying to demolish your house. If anyone is inside, everyone will die.' In other words, if you have the wrong address and think that you're trying to demolish a vacant house, there's no specific text that can get you out of autopilot mode. ' He argued that more interactive text was needed rather than template text to stop the user making the mistake. 'In other words, you should say,'You're about to kill 55,000 people.' That would certainly have paused me,' he said.
Unfortunately, Roztocil, who couldn't pause, just kept the HTTPie repository private. Immediately after that, Roztocil noticed that he made an operation mistake, but he tried to rewind the operation in a hurry, but GitHub said that he deleted the stars and watchers that he had accumulated over 10 years over 30 minutes.
At the time of writing the article, the HTTPie repository is open again, but it has about 4000 stars and 16 watchers.
Roztocil mentioned in the past that the GitHub team itself accidentally unpublished a GitHub desktop repository and recovered the star, saying that GitHub has a backup function to recover the star of the unpublished repository. I'm pointing out. However, when Roztocil asked GitHub to restore the HTTPie star, GitHub refused to do so.
A developer mistakenly made the GitHub Desktop repo private this morning. Flipping it back doesn't restore stars (and a few other things), so we are restoring from DB backup. That's all.— Nat Friedman (@natfriedman) November 16, 2020
'GitHub restores repositories that are corrupted by making them private, but only if it's your own project, not a community project,' Roztocil said. For Roztocil, who thought he had contributed to GitHub for many years, GitHub's response was a bit shocking.
As a lesson learned from this case, Roztocil cites the following:
1: Design of the dialog displayed during private operation
One of the reasons Roztocil kept the HTTPie repository private is that he didn't notice his mistake in the text of the warning dialog. From this point, Roztocil said, 'When the user is trying to destroy something, do not describe the potential scenario in abstract words', and include clear numerical values etc. in the dialog according to the user's operation. It is recommended. For example, in the desktop version of HTTPie, the dialog displayed when deleting a space has a mechanism to specify the type and number of contents to be deleted as follows.
soft delete (physical deletion) that logically erases data while the data itself remains. Roztocil argues that the mechanism of logical deletion) should be adopted. Also, even if you adopt hard delete, it is better to delay the process execution so that you can rewind immediately.
2: Database design
To enable inadvertently mistaken restoration, soft delete (physical deletion) that completely erases data from the database, but
3: Relationship with GitHub
In addition, although the star of HTTPie has been lost, 'HTTPie is doing better than ever', and it is still growing. Roztocil said he looks forward to releasing a new product, HTTPie for Web & Desktop , in the coming weeks.
This blog has also been featured on the social news site Hacker News and has many comments. Some say , 'I'm not mentioning the simplest'get rid of careless'solution by imposing responsibility on GitHub,' but this is 'humans cause human error, and it's not.' The counterargument that it's better to improve the system than to expect improved attention, and 'The GitHub team is making the same mistake in the first place, and at the scale of GitHub, similar things happen every few weeks. It's no wonder , 'he said ,' I don't have complete control over user behavior, but adding information to the alert UI at least helps users make the right decisions. ' rice field.
We lost 54k GitHub stars | Hacker News