I would submit that this change is entirely business-related: it's a power-play to make people create accounts and stay logged in so they can track you better. It is not that they cannot afford it, it is that they are enshittifying the service to further their interests.
If they were really worried about money, they could lock it down completely so only paying customers could use the service at all... and then they'd lose a huge chunk of customers and lose all the prestige they build in convincing a huge pile of the world's free/open source software to use them as their hosting. So they don't do that - they keep all the prestige and the network effects by seeming _quite_ open, but they'll lock down _parts_ of the experience to try and force specific behaviour.
> you should probably at least accept that service providers can and do change things like this.
Indeed, you should. It should serve as a wake-up call that other people's services/platforms aren't under your control, and you can't rely on them to meet your needs.
My personal opinion is that most enshittifying changes on GitHub are due to the proliferation of middle managers who are evaluated almost exclusively on speed-shipping net-new features at the expense of maintenance and incremental improvement of existing features.
Developers working on it have said it's due to performance reasons. I don't have a link handy, but it's in some HN thread.
You're just reasoning from negativity and cynicism. No evidence for anything. Other than "zomg they're bad".
Github doesn't even serve ads. What exactly are you worried about? Your throwaway email being primary key #78,000,000 and having your visited repositories stored in another table?
There's no good to come of requiring people to log in for the consumer. Online Tracking is never good for the consumer.
Most people have their real name and e-mail there because they use it to sign code in trusted repositories, so it's easy to combine these data with other sources.
> Affiliates: Personal Data may be shared with GitHub affiliates, including Microsoft, to facilitate customer service, marketing and advertising, order fulfillment, billing, technical support, and legal and compliance obligations. Our affiliates may only use the Personal Data in a manner consistent with this Privacy Statement.
The last time I tried, I'm pretty sure the email address was rejected right away, and the account couldn't be created.
Not being able to reasonably create an account there is certainly annoying when it comes to performing simple searches.
It has also prevented me from submitting new bug reports and adding information to existing bug reports for a number of open source projects over the years.
I'm always disappointed when I see an open source project using GitHub, because it makes contributing to that project more or less impossible.
A free feature that stays free but requires you to make a free account (no credit card needed), I can see at least one very valid reason: if the feature heavier than a simple page (which is the case here), then it's an open door for DDOS attacks. Being able to track and ban/block the users that appear to participate in such an attack is totally valid.
The alternative is having to do captchas and the like to use those features anonymously, which is a pain both for user and for the devs/UI, and does feel more like the overall enshittification you are mentionning (even if it's a valid reason)
This is not the case. You may have noticed that Google Search, Bing, etc. don't require login or captcha to do a search. Billions of people use this search daily. And yet, they will throw a captcha at you, or even just say "you're a bot, stop bothering us" whether you're logged in or not, if their signals have detected what they consider abuse.
Clearly, their signals are not as naive as "anonymous user, require captcha / logged-in user, no checks required". Preventing DDOS != requiring login.
They like you logged in because they can add more data to their verified user identity and activity datasets and sell them for more money. They already make enough money to run the service despite all the anonymous usage, but they'd like more money, you see.
Github managed to offer anonymous search for 16 years before one day Microsoft took it away. Do you think it was due to DDOS attacks, or do you think it was a power-play to attract more sign-ups and logins?
How mighty of you, a freeloading user in this specific situation, to assert Github has made "enough" money and therefore should offer you services at their own expense... you know, because you want it and therefore are entitled to it.
> Github managed to offer anonymous search for 16 years before one day Microsoft took it away. Do you think it was due to DDOS attacks, or do you think it was a power-play to attract more sign-ups and logins?
So what's the issue here, really? Make a free account and move on with life. Or clone the repo and search it locally if you need to. Or decide to take some principled stance and refuse to work with projects hosted on Github. It's your choice.
I don't know why. Google won't tell me. They just started doing the same for YouTube: "Please login because we have detected malicious behavior from your network".
I know I'm not DDOSing them; I can see all our network traffic. They're just encouraging me to avoid using them.
GitHub code search is still doing real searches and so is much more expensive to run.
Are you saying you want adds in GitHub search's results? Google, Bing, etc. make money showing you adds. Adding barriers of entry is much less in their interest. Their budget to optimize the search engine is likely much bigger than GitHub's one.
GitHub doesn't really care all that much if random anonymous users can use their search. Anon users can view source trees, wikis, etc. and check out code, which is more than enough for most people.
> Do you think it was due to DDOS attacks, or do you think it was a power-play to attract more sign-ups and logins?
I think you and I don't know anything about what's going on there internally. I'm usually quick enough to assume the worst about actions Microsoft (of all companies!) takes, but even former GitHub employees have commented here that the new search system is much more resource-intensive than the old, and bots and scrapers were causing real problems. I choose to believe people who seem credible instead of playing the cynic and assuming everything is done with evil intentions and that everyone is lying to me.
Sure, they could build a big sophisticated system to figure out who to serve CAPTCHAs to, or who to outright ban, but why spend the time and money on that when they can just require a login, and the people they care about won't really care.
And sure, this move very well might drive some new signups. Maybe that's a net win for them. So what?
Of course, they could have kept the old search (without advanced filters) open, but there is at least a sensible explanation why the new search requires being signed in.
