SAML was just an example - I didn't see the PR before I made that post. That said, it feels fundamentally incompatible to a business strategy where your community edition is able to offer all of the features of the premium offering. I just can't see how that business would be able to survive if they allow that to happen.
I'm always dubious of freemium software, because the free version is always gimped in some way, be it SSO compatibility (OK, yours supports OIDC it seems so that's not _terrible_), role-based access controls, high availability, etc.
I will concede that businesses probably _should_ be paying for good software that is critical to their business to help support the vendors, but given how important cost savings are to companies these days, one can hardly blame engineers looking for cheaper offerings.
The difference between the Gitea project and the Gitea Enterprise software offering is with Gitea Enterprise we are able to include code written that was rejected by maintainers (eg. mandatory 2FA as an example) as there was still a desire for it. Luckily it was since rewritten in a way that was acceptable for the project and now it's been accepted/merged. The company has also written code that was under contract from other companies, and so they own the IP and thus cannot be accepted by the project due to not being able to be DCO compliant. Those companies are receptive to open-source, and we are working with their legal teams to be able to have them release their claim to the code so we can submit it to the project (large corpos are not known for their speed and understandably want to do their due diligence to ensure that all i's are dotted and t's crossed). There are around ~50 community maintainers that have exactly equal say over PR reviews, etc.., and that process has always been strictly adhered to.
Edit: Gitea has LDAP, OAuth2/OIDC, OpenID, SMTP, reverse proxy, and others as SSO options.
I agree with your last point, but as someone who co-owns a technology business that doesn’t have an “Enterprise” sized bank account, I still have all of those needs.
The SSO tax in particular is ridiculous.
Functionality like HA or SSO being gated behind enterprise licenses only makes it harder for smaller businesses to “get there”. My business is comprised exclusively of technology professionals. We tend to be really cheap customers to have because we typically only raise a ticket when something beyond our responsibility breaks.
And from the community side — I already have enough credentials to maintain in my personal life. It’s annoying when you can’t use SSO with a community edition product. I like having SSO at home. It makes life so much better, and it also makes me more likely to use a product in my business, which makes it more likely I’ll buy a license to backstop support.
Gitea has SSO using many different ways, such as LDAP, OAuth2/OIDC, OpenID, SMTP, etc.., and it would have SAML too (I'm the main author on the SAML PR to the Gitea project), but it's been held up by community reviews requiring esentially an entire re-write with another library. We'd love some help to get it across the finish line :) In open-source, money isn't the only thing that can be spent; we can also use our time.
I'm always dubious of freemium software, because the free version is always gimped in some way, be it SSO compatibility (OK, yours supports OIDC it seems so that's not _terrible_), role-based access controls, high availability, etc.
I will concede that businesses probably _should_ be paying for good software that is critical to their business to help support the vendors, but given how important cost savings are to companies these days, one can hardly blame engineers looking for cheaper offerings.