Does anyone know why syncthing-fork is no longer available on Github?

Take it easy, people; we are just mobs. imsodin promised them a less noisy environment, which I supposed is applicable to Catfriend1 too.

If I’m reading this correctly, those would probably be the first few things to happen.

THANK YOU for all the effort you’ve put into the project, one that was only intended to be for the use of you and some friends. What a monster it turned into! I’m glad that you’ve chosen someone you trust to take on the responsibility and the hostile maelstrom that swirls around. I only hope that the new maintainers weather this storm and are still able to keep going tomorrow, next week and next year. May we all be a bit more friendly from today onwards.

Thank you so much for your reliable and trustworthy work on this indispensable app. Unfortunately the communication and changes made (removing SU permission without an alternative) of the person you chose for following up does not contribute to keep the trust in this work. @researchxxl is still not a member of this forum.

I always believe that you should decide for yourself which forum you want to be in.

I have high hopes that at some point @nel0x’s repo can become the official replacement for @imsodin’s archived repo, under the official Github org.

Yeah, but the repository links to our forum for “support requests or asking a question”, so one would expect the maintainer to be active here as well. Of course, if they don’t want to interact with users on the forum and keep everything on GitHub only, that’s fine too, but then they shouldn’t link to the forum as the place for support.

In addition, if you truly care about the community, you hang out where the community is active.

Even after @Catfriend1‘s message here stating that the handover was planned and is intentional and normal I find it incredibly suspicious… This is simply not how you do a handover. Unfortunately I completely lost my trust in this project (as in the Android app) and I’m not going to upgrade until a decent amount of time has passed and this “fork” gained enough trust from the community.

We have seen how determined bad actors can be (see the aforementioned XZ utils backdoor drama), and even though the Syncthing Android app is not that big of a “prey” I still won’t risk installing malicious software on my devices.

Yeah… I guess there’s something to be said for adopting well-known/used community additions into the syncthing github org, for the purpose of safekeeping a repo and making orderly transitions between maintainers, if nothing else.

@nel0x has builds available and has stated they will continue their work. They’ve been responsible for the GPlay forms for a very long time and, thanks to this mess, have published builds on GitHub for those of us not using the Play Store. This doesn’t help F-Droid users but it’s pretty clear nel0x intends to continue to work on the project and keep it going despite the current mess with Catfriend1 and researchxxl.

As others (and myself) have mentioned here and elsewhere: it’s probably ‘best’ to setup a GitHub org sooner than later to avoid this kind of mess in the future. I have a feeling nel0x is wise enough to avoid creating this kind of mess but it can’t hurt to make things more robust. Especially now that we do have a mess.

Additionally: someone alerted F-Droid to the situation and they have decided to ‘wait and see’ for the current app in their repo and nel0x has stated they’ve looked at possible F-Droid releases.

Hopefully the dust will settle sooner than later. Many thanks to nel0x and syncthing devs for ensuring we all have good options, even if the current situation is a **** mess.

Hi, I’m new, I created an account because of the confusion.

@nel0x Can you make an official post somewhere about your plans for whether/when you’ll start publishing your app to F-Droid?

A lot of people are understandably confused right now about the best course of action.

Personally, even with the post from @Catfriend1’s account above, I no longer trust the Syncthing-Fork app in F-Droid (at least for now) and won’t install updates from it. But it’s very hard to tell from the very long forum thread and several Github issues what is the best thing to do.

I think people are wondering:

• Which is the best app to install now?
• Whether you (@nel0x) will release your app on F-Droid in the future?
• If we remove the Syncthing-Fork app from F-Droid and install your (@nel0x) app from Google Play, is there likely to be any problem because your Google Play version (2.0.10.1) was a little behind Syncthing-Fork on F-Droid (2.0.11.x, 2.0.12.x)?

Questions which I think have been answered:

• Which is the last known good version of Syncthing-Fork on F-Droid?
  • Answer: 2.0.11.2
  • Answer: Nothing malicious was found when people looked thru the source of 2.0.11.3 or 2.0.12.1, but these were released after the transition.

Thanks @nel0x and @Catfriend1 and all the Syncthing maintainers for all your time and effort on these projects.

The release in the repo of nel0x is 2.0.11.1. I installed this as the starting point for updates to come. Other releases will be not compatible for these updates.

IMO adding syncthing-android to the official Syncthing GitHub org is the single most useful thing you all could do. There’s some amount of administrative maintenance, but I imagine that’s preferable to dealing with… all this.

But then Syncthing core devs needed to help maintaining that repository again. Considering syncthing-android was previously archived I would suspect none of them has much interest in doing that.

(Of course @nel0x or @researchxxl could be given full access to the repo under the Syncthing orga but I don’t see how that would be better. The admins of the Syncthing orga probably won’t be comfortable granting this access and users would still have to be very careful.)

EDIT: I’ve just seen another thread about this topic (but it has limited visibility). After having a brief look I can just say there’s actually something going on. My concern was maybe not right. Adding @nel0x’s fork in particular would probably be a good idea. Of course it is up to them to decide.

Hello, I’ve been following this development since this mess started.

I plan on switching to @nel0x ‘s fork from @Catfriend1 ‘s last version, v2.0.11.2. However, I checked nel0x’s repo, and it’s on v2.0.11.1.

If I export my database from the current install, will I be able to import it into nel0x’s version despite it being an older version?

Cheers.

For me it worked.

(Export does not work if root access is permitted. I first had to remove the permission in Syncthing settings, export, uninstall, install, import and restore root access in Syncthing settings.)

Just wait for nel0x new version, hes a lone maintainer now instead of catfriend1 contributor, or move to martchus’ syncthingtray’s syncthing app. statement from other issue:

Hi [@Adhjie]( Adhjie (Adi) · GitHub ), thanks for reporting. Yes, releases here will be continued. I’ve just promoted v2.0.11.1 as a production release, which should do the trick. Hope it get’s rolled out until end of the next week.

I think the way to handle that all is overblown. I think it should be respected that Catfriend1 handed it over to a friend and even explained why not to someone else. There are also some stupid people who say they’ll only take action if something else happens – what nonsense, what utter drivel! I wonder how often those writing so negatively here and maybe have actually downloaded and tested software from GitHub, or are still using it today, and downloaded it because it seemed nice and convenient, but it wasn’t exactly maintainers closest friend or neighbor. All that’s missing is someone suggesting that Catfriend1’s post could have been manipulated and faked, just to benefit the new owner – it’s surely possible. And why isn’t anyone criticizing Catfriend1 for his actions? Why wasn’t there the same shitstorm when the app was released some time ago? I didn’t know Catfriend1 before either, but I was an enthusiastic user until now. He made his decision, and the new owner is known. All I can say is, respect Catfriend1’s decision - wait and see.

Because there are steps between “everything is bad” and “everything is good.” They were a good steward for a long time, so a lot of trust and respect was gained. But the removal of the repo and subsequent handoff was strange to say the least. Ultimately they don’t owe us anything, but at the same time it’s not unreasonable to proceed very cautiously, especially given all the recent news with software and packages being compromised.

We don’t know what happened.

We don’t know if he’s suffered from catastrophic account compromise, health problems, violence, mental health issues, or something else.

When someone who has contributed that much to this community decides — for whatever reason — that he has to step away, I’m ready to give that person a great deal of benefit of the doubt.

I used to volunteer with an emergency services organization. I stepped away, and caught some (gentle) flak from my now-former teammates. My answer to them was simple: I had other pressures on my life, and after 10+ years of volunteering, now I need to focus elsewhere.