Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Much Ado about Hamnet's Ghost

It's hilarious that some highly responsible folks thought I was stealing from the free tier to enrich myself when in reality I built those people a command line app to make their own free tier more useful for them. Almost as if their minds, unable to conceive of my generosity, went to the first thing they would do, which, at least for now - cost them the utility of the actual thing I built.

So quick to judge, but incorrectly, aye. And at a cost to themselves, so karmic.

People dressed their panic in low-effort misreading and misleading about GH's terms. The useful frame here is what GH itself states Actions is for:

GH's own quickstart describes Actions as CI/CD plat for automating "build, test and deployment" pipes, not just one thing.[0]

[0]: https://docs.github.com/en/actions/get-started/quickstart

Their product terms describe it more broadly as enabling "custom SDLC workflows" in a repo, usage billed.[1]

[1]: https://docs.github.com/en/site-policy/github-terms/github-t...

The same restrict GH-runners from activity unrelated to "production, testing, deployment or publication" of the associated software project, and separately say Actions may be used to "develop and test" apps.[1]

People cited acceptable use when in reality ghost doesn't "reproduce, duplicate, copy, sell, resell or exploit any portion of the Service, use of the Service, or access to the Service" - it wraps the official gh (https://cli.github.com/) CLI to drive runner creation on your own account on your own Actions minutes, for your own workflows. It's pure devX. In other words, what ghost does in seconds you could do in an hour typing into your CLI with gh, and vim. Or minutes by asking an agent to do it. ghost just makes this reproducible, stable, safe and wraps it in a beautiful CLI, with cute branding and a useful config file.

People also cited "any activity that places a burden on our servers, where that burden is disproportionate to the benefits provided to users (for example, don't use Actions as a content delivery network or as part of a serverless application, but a low benefit Action could be ok if it’s also low burden)" - when it's laughable/ludicrous to suggest that the miniscule amount of interactive runners people would create with ghost would be any fraction of a fraction of a % of GitHub's global Action fleet, even if used widely. And even if it were, it's bounded by the person's own GitHub Actions minutes. Actions is running 24/7 pumping out heavy build workflows, thrashing network/disk and CPU to install deps and crunch tests. An interactive runner that you SSH into, and even run agent on for test/debug/dev/build actually a very light-weight use of the same infra - well below the average automated baseload.

Some may fear that this would enable people to mine cryptocurrency on Actions runners. Lol - if folks desperately wanted to break the GH terms by doing that, what's to stop them doing that already with a workflow? If they do it using the gh CLI does that make it okay? Or does that make gh CLI responsible? If they use vim to edit the workflow file, is vim responsible? If they do it on Acer, is Acer responsible? Is NVIDIA responsible if they use a GPU? ghost doesn't magically make that easier - it's still just workflows. This fear is not a risk ghost introduces.

Some mentioned "using free-tier Actions compute via Tor tunnels and SSH" - you mean, exactly what tmate (https://github.com/marketplace/actions/debugging-with-tmate) enables? Are these people really claiming that one can't interact (using a human or an agent) with a runner? That's precisely what GH Actions already permits and promotes, and is what ghost enables - ghost just makes it more reliable, secure and useful.

Some probably imagine something nefarious misunderstanding the technical decisions. So let's discuss technicals: Why not just use tmate? Tmate flakes out, is not real SSH, uses its own tunnel (trust). I don't dislike tmate, and it's good for easy setup, but if you can abstract away setup (precisely what ghost does) behind a config that the CLI applies, you don't have to worry about outsourcing making setup easy. ghost figured out the hard parts of using real SSH.

What is "real SSH"? Here that means "agent forwarding" works. What is "agent forwarding"? Agent forwarding is SSH acting on the remote machine with the identity you have locally without moving keys there. This is both more secure, and more useful than what tmate does because you can clone to that remote whatever you can clone locally. That's why ghost uses real OpenSSH so you can agent forward your local identities and clone as if you're on your own machine.

This agent forwarding is also great for additional safety when running agents - run them on the remote, in a stable environment, with only what you want, without accessing your device. It's pure win.

Why tor tho? Well, you can't just SSH into a runner as there's no public IP, so you need a tunnel. ghost uses CloudFlare as the primary tunnel. Tmate uses its own servers. ghost answers the question with a focus on security and reliability: how to remove the dependency on a tunnel that one may not trust or doesn't control, or may flake? While CloudFlare is used to tunnel the SSH connection in ghost, in practice CloudFlare free tier sometimes may be unavailable or flake out, so tor is there as a backup. You can tunnel SSH over tor, and tor is slow but very reliable and resilient acorss all kind of CGNAT and other difficult networking setups. CloudFlare provides the first pass, tor provides the reliable backup. ghost falls over to using tor to tunnel SSH access when CloudFlare free tunnels are not working.

People may think I'm a genius who somehow figured out how to do something "Actions doesn't allow" - but while the genius is probably true, there's no need to flatter ghost or me so much - it enables nothing beyond what Actions already does - it just makes it easier to use. 1000% simple sentence: ghost just provides a better interface to Actions. That is it. Are people mad they didn't think of doing that?

yet, people went mad with righteous abuse-laden ranting. Almost as if the protective instincts one should direct towards protecting children or a family were somehow unexpressed - and looking for an outlet - leapt at the first chance to grab a pitchfork and the safety of the crowd's cover to legitimise the will to lash out - albeit with keyboards and reporting of repos. Ah, modern life so satisfying to the innate desires...lol

It's worth noting that in response to the crowd panic "stampede" of "reporting" the repo, GH disabled access within 90 minutes of the HN post.

I trust that if GitHub/Microsoft does review the actual project they'll see the crowd's panic was wrong, that ghost is good and useful and the repos shall be re-enabled.



Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: