Add SSL for gulpjs.com

[mraerino]

Right now, a valid ssl cert is not available on your website.

The following steps could be considered to easily get SSL:

• Cloudflare (CDN only)
• Netlify (Static builds, hosting & CDN)
• LetsEncrypt (Cert only)

[phated]

Github pages don't support SSL for custom domains and I don't want to force people to view the page through some other service (like, cloudflare lulz).

[terinjokes]

ahem

[mraerino]

I don't have the impression that I'm taken seriously here.

What is the difference of hosting on Github than on some other service like Netlify or through Cloudflare? Netlify also gives you other improvements like preview builds for pull-requests, so you can inspect them easily. It will also run your custom build command for minification of assets and whatnot.

I don't think you can ignore SSL in 2017.

[phated]

Using external services is not currently desirable. We'll keep it in mind for the future.

[yocontra]

@mraerino Are you submitting any credit card info or passwords or social security numbers on our static site?

We host our site on github because its a seamless process and easy to collaborate. I merge a PR and the changes are up instantly - anyone can do it. I've never used netlify but I would assume the workflow is not nearly as nice.

There's also the question of money - github is free, I don't know what netlify's deal is but they have to make money somehow so while it might be free now I'm sure a year from now they'll try charging us money for something. I'm open to having my mind changed on this - just sharing my thoughts.

[mraerino]

We host our site on github because its a seamless process and easy to collaborate. I merge a PR and the changes are up instantly - anyone can do it. I've never used netlify but I would assume the workflow is not nearly as nice.

I would say it is even nicer. You don't just get builds for a single branch, but their CI will provide you with a preview build for every branch and pull-request of your repo. So you can check out PRs before accepting them. It is really tightly integrated with Github.

There's also the question of money - github is free, I don't know what netlify's deal is

The are basicly doing the same as github - they have a free premium plan for open-source projects. I'm pretty sure they will stay free. Their pricing is here: https://www.netlify.com/pricing/

[yocontra]

Doesn't matter to me - if you send me a PR I'll merge it. I have no objections, and if it doesn't work out it'll take less than a couple minutes to move back.

[mraerino]

I'm only saying that I am using Netlify for most of my static site projects and am really happy with it.

There are many ways to get SSL on the site, Cloudflare would probably be the easiest. (You get IPv6 as well :tada:) I was only really disappointed when I was not able to place a https link to your site today. 🙃

[yocontra]

@mraerino Yeah, it is pretty annoying that github still doesn't support this when basically everything else does.

[phated]

I really disliked netlify when it was used on lodash. I don't think we should do this. I worked with students that were brand new to open source over the weekend and learned that the every reduction in complexity is a win in getting new contributors.

And no to cloudflare after the leak.

[mraerino]

Ok. I see.

The most funny meta thing about this: Netlify enabled me to use gulp on so much more projects because I suddenly had a way to add a cheap & one-click CI process to all my static-site/SPA projects.

[NeoLegends]

@phated Why did you diskike Netlify so much?

@contra What about people using public / unencrypted networks (hotels, etc.)? SSL is the only way their session stays private. It doesn't matter whether you're hosting sensitive information or not - SSL should be the default by now.

[yocontra]

@NeoLegends Should be, but isn't. Maybe in a few more chrome updates it will be mandatory and github will get their shit together.

[coliff]

Cloudflare works great with GitHub pages. There is no cost for the service and adding HTTPS has many benefits. https://doesmysiteneedhttps.com/

[yocontra]

Set it up on cloudflare free tier, SSL should work fine now.

[phated]

A better solution would be to petition github to fix their shit.

[yocontra]

Yeah, also that ^ No reason for github to not offer letsencrypt one click SSL other than their own laziness. If any of you know github people please bug them endlessly.