> I miss GameSpy, the original application, not the service it morphed into later

You drove me down nostalgia lane, looked in email and have my GameSpy receipt with unlock code. We paid $21.55 after tax in March of 1998 - my memory is really fuzzy but besides CS I think Quake III Arena was also popular at the time.

The readme clearly directs the reader to the F-Droid package, which are built on their buildservers and signed with their APK keys. This does not answer the security question directly, but it's the same model as say Debian repos. There are eyeballs on it by an independent third party packagers who use code scanners and manual review to detect malfeasance, and often have to tweak builds and code to get rid of unwanted things present in some upstreams.

> because you end up doing multiple searches in parallel and merging results

This reminds me of the design model of SearX/SearXNG - instead of a distributed forge index, it would distribute the search endpoints of forge instances to facilitate the next steps you outline. It almost feels like a central coordinator or maybe a CDN-like network set of search proxies would be needed to do the actual combining and filtering of results. Maybe it could fit in the Codeberg operational umbrella in some future plan.

In practice Nostr does this step on the client side - one subscribes to relays, then when querying for new content it asks all relays, gets all the duplicate metadata and filters on the client. Huge network use and battery drain on your handheld device, Nostr bouncers have emerged for this exact same reason, a popular software is "Bostr", easy to find examples run by random volunteers but it requires money (disk/cpu/ram): https://bostr.azzamo.net/

Sadly, as soon as I open the site in a private window with access to Notifications denied, a full page error screen about "Odoo Client Error" appears asking you to report... something.... to someone...? Not a good look at all.

Screenshot: https://postimg.cc/WFDzQndC

A problem I've seen emerge in the Lemmy side of ActivityPub is that it relies on a hub and spoke model. In practice this has failed when the hub goes offline, all the spokes are now left with independent copies of it's last known state and destroys the community progress (have to rebuild elsewhere, lose old content and references, etc.) if even you can regrow the community.

Mastodon has the similar problem but worse with content discovery; a user is not "seen" remotely by anyone until one remote person finds them and subscribes to their content explicitly. On every single remote instance, which of course is undesirable but that's how ActivityPub is designed.

I don't believe in ForgeFed terms this matters as much as being able to search across the federated network for repos, etc. which I think is a key feature. Sure issues and user accounts and whatnot, but an AP-linked FF-wide search would be insane on how useful it could be for users (and how to implement a "distributed search index" seems like a tough nut to crack).

A tough question as everyone's needs are different; I might recommend you create an account on https://codeberg.org as it's the largest, most popular instance of Forgejo running with many FOSS projects hosted there.

Codeberg devs have to disable some features (pull mirrors e.g., only push is allowed to prevent abuse) and they use some custom code (abuse mitigation - spam, etc.) but in general you're getting the latest Foregjo experience "test drive" which only gets better when self hosting when you can use all the features.

The solution works really well though - a reliable, name-brand SSD (sic) in an old $100 Dell Latitude as the workhorse. The Latitudes allow changing the charging profile in BIOS to "always plugged in" amongst the other power friendly things (disable TurboBoost, etc.). Built in UPS, keyboard, monitor, wifi/eth; portable, quiet and with the right tuning (disabling a lot of modules in GRUB or module blacklists) runs most of the time without kicking the fan on. I run 2, one doing all the work and another backing it up. I run with only a partition encrypted (requires manual unlock after boot, my choice) so that I can remote login after boot to mount that, never have to actually open the laptop unless, say, wifi goes south. Laptop dies (they never do), just pull the SSD and slap in another one it's Linux it'll boot.