Gentoo Moves to Codeberg for a Privacy-First Open Source Mirror

Gentoo has opened a presence on Codeberg and is now accepting pull requests there for its primary ebuild mirror — the first concrete step in a planned, gradual migration away from Microsoft-owned GitHub driven largely by objections to GitHub Copilot and related AI-driven workflows.

Overview​

Gentoo’s move is surgical rather than wholesale: the project’s primary Git hosting and infrastructure remain under Gentoo’s control, while Codeberg will act as a community-friendly mirror and an alternative contribution channel to GitHub. The initial cutover covers the ebuild repository, with Gentoo indicating more of its Git infrastructure will follow in the coming months as the migration proceeds.
This is significant for several reasons. Gentoo is a large, mature distribution with a high-volume package tree and a contributor workflow that relies heavily on pull requests, CI, and careful package review. A decision to host contributor-facing mirrors on a Forgejo-based non-profit platform like Codeberg signals a growing trend among open-source projects to prioritize privacy, governance, and resistance to platform-driven AI tooling over the convenience and scale offered by GitHub.

---

Background: why this matters now​

Git hosting is the backbone of modern open-source collaboration​

Git hosting providers are more than storage for code: they are the interface for issue tracking, pull requests (PRs), CI integration, and social discovery. For many projects, GitHub is the de facto public face — but that convenience has trade-offs. Projects must weigh discoverability and integration against control, privacy, and the platform’s feature and policy directions. Gentoo’s decision speaks directly to that trade-off.

The Copilot catalyst​

Gentoo explicitly cited “continuous attempts to force Copilot usage for our repositories” as the principal reason to consider migration of mirrors and PR contributions to Codeberg. The project raised concerns that GitHub’s Copilot and its ecosystem increase spammy, low-quality, or AI-generated contributions and create an environment where maintainers are burdened with filtering machine-produced noise. That frustration is shared by other projects that have recently voiced similar discomforts with AI-assisted contribution flows.

A short history of risk and independence​

Gentoo has historically hosted its canonical repositories on its own infrastructure while maintaining GitHub mirrors for contributor convenience. This separation of canonical source and mirrors matters because it gives Gentoo control over the authoritative codebase, and it protects users from transient incidents on a third-party platform. There is precedent too: Gentoo’s GitHub mirror was compromised in 2018, a reminder that mirrors and third-party hosting can introduce supply-chain risk when not managed carefully. Migrating mirrors and PR channels to a non-profit, privacy-focused forge is consistent with a defensive posture toward supply-chain integrity and community governance.

---

What changed today: the practical details​

• The ebuild repository is now mirrored on Codeberg and can receive contributions through Codeberg pull requests. Gentoo says this mirror is live and that contributors can submit PRs there as an alternative to GitHub.
• Gentoo is using the AGit workflow (the Forgejo/Gitea “agit” support) to accept PRs from contributors without requiring personal forks, streamlining the push-to-PR path for those who prefer not to use GitHub’s web UI. The AGit pattern lets contributors push to a refs/for/* namespace with git options that set title, topic, and description, producing a PR on the Forgejo instance.
• The migration is explicitly gradual: Gentoo will maintain a presence on both GitHub and Codeberg during the transition so that contributors can choose whichever workflow suits them while the project and its tooling adapt.

Example: AGit push for a PR (illustrative)​

Gentoo documentation and reporting on the switch show the AGit push pattern in use. A typical commandline push to create a PR on Forgejo/Codeberg looks like this:
git push origin HEAD:refs/for/master -o topic="short-title" -o title="Short title" -o description="Longer description of the change."
This bypasses the fork-and-PR web workflow, but requires an account on the hosting instance (Codeberg) and the ability to push to that remote.

---

Why Codeberg? What it offers Gentoo​

• Non-profit governance: Codeberg is run by Codeberg e.V., a registered non-profit association based in Berlin, Germany. Its governance model and non-commercial mandate are attractive to projects that want community control rather than corporate ownership.
• Privacy-first approach: Codeberg advertises a privacy-friendly alternative to commercial forges, and it avoids the data harvesting/tracking policies associated with many big cloud providers. For projects concerned about training data and telemetry, that is an important distinction.
• Forgejo feature set: Codeberg runs Forgejo (a Gitea fork) and supports similar collaboration primitives (issues, PRs, web UI, API, CI integrations). Notably, Forgejo supports the AGit workflow that Gentoo wants to leverage for PR submissions without forks.

These three attributes together create an environment where Gentoo can accept contributions without the tension around AI-driven tooling and platform incentives that motivated the initial decision.

---

The migration mechanics: what maintainers and contributors need to know​

Gentoo’s migration is a mirror-and-alternative approach rather than a hard cutover. Practical implications for contributors:

• Contribution choice: For the near term, you can submit PRs either on GitHub or on Codeberg — both will be mirrored back to Gentoo’s canonical repositories. This preserves continuity while giving contributors an opt-out from GitHub-specific tooling.
• AGit workflow: If you prefer a non-fork workflow and command-line PR creation, Codeberg’s AGit support enables pushing to refs/for/* with metadata options to create and update PRs from the terminal. This is attractive to contributors who avoid browser-based forking or wish to keep their own GitHub presence separate.
• Account requirement: AGit and Forgejo PRs require an account on that particular Forgejo instance (Codeberg), which means you will need to register on Codeberg to push PRs there. This contrasts with the fork model on GitHub where you can contribute via a forked repo under your own account without needing direct write access to the upstream.
• CI and checks: Gentoo’s CI policies and pkgcheck jobs still run against the canonical repository logic; a PR mirror will still be vetted by Gentoo’s CI if configured. Maintain awareness that CI behavior may differ slightly between GitHub Actions and whatever integration Codeberg/Forgejo uses. Gentoo’s team has said CI remains an internal concern and will continue to be enforced regardless of mirror.

---

Benefits: what Gentoo gains​

• Policy alignment and autonomy: By mirroring contributions on Codeberg, Gentoo reduces dependency on a single corporation’s product and policy choices. That autonomy matters when platform features (such as Copilot’s training and UI) conflict with maintainers’ expectations.
• Reduced AI-driven noise: Codeberg does not operate an AI copilot in the same way GitHub/ Microsoft does, and Gentoo hopes this will reduce low-value, AI-generated PRs that cost maintainers time to triage. This is one of the migration’s core motivations.
• Community governance: Codeberg’s non-profit structure invites community participation in governance and a stronger alignment between platform and project values for privacy and long-term availability.

---

Risks, trade-offs, and operational challenges​

No migration is without cost. Gentoo’s path introduces several technical and community risks that must be managed.

1) Fragmentation and discoverability​

Maintaining mirrors on multiple forges can fragment contributor traffic, confuse newcomers, and increase the chance of duplicate PRs or stale branches. Gentoo will need clear, updated documentation and redirects so contributors know which mirror to use for specific workflows.

2) Tooling parity and CI integrations​

GitHub offers a mature ecosystem of integrations (Actions, code scanning, apps). Forgejo/Codeberg has many features, but parity is not 100%. Some workflows — organization-wide Actions, marketplace apps, or GitHub-specific bots — will not work on Codeberg without adaptation. Gentoo will need to bridge gaps for automated testing, security scanning, and merge workflows.

3) Account proliferation and contributor friction​

AGit’s convenience removes the need for forks but requires accounts on Codeberg. Contributors who do not want to create multiple accounts across forges may face friction, and some automated tools or scripts will need updates. The community must weigh the friction of extra accounts against the benefits of the non-fork workflow.

4) Mirror integrity and sync complexity​

Mirrors introduce complexity around synchronization, history rewrite handling, and CI triggering. Gentoo’s canonical repo remains the single source of truth, but ensuring mirrors are faithful and timely requires reliable sync tooling and operational monitoring. Mistakes or delays in sync could create confusion for package maintainers and downstream users.

5) Capacity and cost​

While Codeberg is a non-profit, popular projects can stress shared resources (storage, CI runners). There have been community discussions about per-user quotas and storage usage for large trees. If Gentoo’s move substantially increases usage, Codeberg and Gentoo will need to coordinate on capacity planning and donation/support models.

---

Broader implications: what this says about open-source hosting today​

Gentoo is not alone. In recent months, other high-profile projects have publicly expressed reservations about GitHub’s direction and some have migrated to alternatives or run dual presences. The reasons vary — from governance and censorship concerns to explicit objections to AI training and the flood of machine-generated contributions. Gentoo’s migration is another data point in a larger story: many open-source communities are re-evaluating platform dependence and actively seeking alternatives that align with community values.
This trend has cascading effects:

• It reduces the network-effect advantage of a single dominant provider when projects with high visibility and large communities decide to decouple.
• It raises the profile of alternative forges (Codeberg, Forgejo, GitLab, self-hosted instances) and increases demand for cross-forge tooling and standards.
• It pressures large providers to rethink how their AI products are introduced to open-source communities, including opt-in/opt-out choices and clearer data-use terms.

---

A contributor’s quick reference: how to submit to Gentoo on Codeberg (practical steps)​

• Create a Codeberg account if you don’t already have one. AGit-based push PRs require an account on the target forge.
• Clone Gentoo’s canonical repo or the Codeberg mirror and create a feature branch. Example flow:
• git clone git@gentoo.org:repo/gentoo.git
• cd gentoo
• git checkout -b my-feature
• make commits locally.
• Add the Codeberg remote (if you cloned the canonical repo):
• git remote add codeberg ssh://git@codeberg.org/gentoo/gentoo
• Push using AGit to open a PR without a fork:
• git push codeberg HEAD:refs/for/master -o topic="my-topic" -o title="Brief title" -o description="Long description of the change."
• Subsequent pushes to the branch with the same topic will update the same PR.
• Monitor CI and review comments: The PR will be available in Codeberg’s web UI for review. Gentoo’s CI and maintainers will apply the project’s standard review process and merging rules.

If you prefer not to use AGit, you may still use the fork-and-PR web workflow on Codeberg or continue to submit via GitHub while the migration is ongoing. Gentoo has published contributor guidance for the switch and will continue documenting edge cases as migration progresses.

---

Security and supply-chain view: cautious optimism​

Gentoo’s approach is pragmatic: keep the canonical infrastructure under the project’s control while adding a contributor-facing, privacy-oriented mirror. This reduces the attack surface associated with third-party control of authoritative code, while still offering a modern contribution UX.
Key security takeaways:

• Canonical-first: Continue to treat Gentoo’s own git.gentoo.org as the authoritative source and ensure that mirror syncs are auditable and monitored.
• Supply chain hygiene: Maintain CI gatekeeping, commit signing where appropriate, and verification of mirror integrity. Mirroring does not substitute for supply-chain controls; it complements them.
• Threat modeling: Be mindful of new attack vectors (e.g., spoofed mirror content, impersonation on multiple forges) and design detection and rollback strategies for mirror divergence.

---

Conclusion — what to watch next​

Gentoo’s Codeberg onboarding is an important but incremental move: it gives contributors an escape hatch from GitHub-centric workflows while preserving the project’s control over its canonical repositories. The story to watch now is how Gentoo manages the operational burden of dual forges, how Codeberg handles increased traffic and storage demand, and whether other large projects accelerate similar migrations in response to AI tooling and governance concerns.
For contributors, the message is clear: you have options. If you object to GitHub’s Copilot-driven ecosystem, you can now contribute to Gentoo via Codeberg using Forgejo’s AGit workflow. If you prefer GitHub’s integrations or already have established workflows there, the project will accommodate you during the transition — but the long-term trajectory is toward reducing reliance on a single corporate-controlled platform.
Gentoo’s move is both a technical migration and a community statement: in an era where large platforms are introducing AI-driven features that change contributor behavior, some projects will prioritize autonomy, consent, and privacy over centralized convenience — and they are beginning to show how that choice can be implemented in practice.

---

Source: It's FOSS Gentoo Takes the First Step to Ditch Microsoft Copilot-Infested GitHub