Is Duplicati kind of abandoned?

I’ve been using Duplicati for years and recommended it to more people than I can actually remember. However, lately I get increasingly worried about the current state of development and support. The Mac version has been broken for more than a year and never been fixed. The lastest canary release dates back to June 2022, which is near to nine months of no visible development or bug fixing.

So the question is: will Duplicati be maintained any further? Don’t get me wrong: there is nobody to blame. It’s a non profit project, and as such, priorities can change and nobody is entitled to expect anything as being granted. Anyway, to be able to plan ahead (also on behalf of numerous people asking me about the potential future of Duplicati) a short statement on this topic would be very much appreciated. Thank you so much.

Two short statements from Feb 22 from original developer whose contributions have been essential:

Is duplicati alive or stable? #4889

Hi, thanks for the concern and raising the issue. As it stands now, I have very limited time and I am not able to fix issues and review PRs. I maintain the servers and other background stuff that needs to be running.

I can commit to doing the releases (building, signing, etc) if someone wants to take on the other roles.

Post above that gives my longer view on the process, the roles, and the need for some volunteers.

Forum comment below continues on the need for people (or groups) to help fill in the current gaps:

My short statement, said a lot here, is that Duplicati exists entirely on what its community volunteers.
Right now, one key volunteer is absent, has clarified situation a bit, so now we know what is needed.

So those are some short personal but not predictive statements. Beyond that, it gets long. Read on?

Longer older statements are present in the Releases category that this is in. For May 2022 one, see

Was worried due to the lack of releases

You’re apparently not looking in the pull requests where there is a trickle of fixes, even one yesterday.
Since the project owner apparently can still do releases (maybe barely), one bottleneck is in commits, however in front of that is volunteers to create pull requests, and in front is people to isolate bugs, etc.

You can see lots of activity in the forum on at least trying to narrow down bugs, if user will open issue, however if user doesn’t care to do so, then perhaps issue is not worth fixing. There are plenty around.

You can also look at the latest Canary release page. For example, see 2.0.6.104_canary_2022-06-15:

and the actual link (not the image) shows the commits that are in and ready to release. Are 4 enough?
Typically a Canary gets more, but typically the pace of commits is higher. Anyone want to do commits?

What’s more apparent for typical users is the aged Beta. See Canary releases for what Beta’s missing.

My above-mentioned GitHub opinion piece is my take on the relationship between parts of the process needing volunteers in order to get back to something resembling normal, though maybe still less quick.
Releases come at the end of a series of work items, and that pipeline runs poorly due to lack of people.

There are some people (e.g. Jottacloud users) who would be happy if their ready-to-go fix got released.
There are others (such as you and a post on the GitHub topic) who want more things (e.g. mac) as well.
This is traditionally a judgment call. “One more fix” needs more test time. Current Canary is long-tested.

I’m tempted to see if we can push out an Experimental and Beta based on what’s ready, but that leaves other pull requests behind. You might be interested in this one, which sounds like it might help TrayIcon:

Make Xamarin-based CocoaRunner the default on Mac #4802 (seems like it had build+test challenges)

It would be best not to get deep in specific issues here. There are lots of topics, including this yesterday:

Nothing Happens on a MAC (linking to one of several workarounds where specifics might be discussed)

Hi, I’m the creator of the PR to make Xamarin-based CocoaRunner the default on Mac. As best I can tell the build+test challenges it’s having are common to other recent PRs. I suspect (but can’t be certain) that merging PR #4844 would fix the build issues in many of the other PRs, including mine. Do you know someone with merge rights who could look into merging PR #4844? It’s very small and its build passed.

In any case I appreciate your summary of the current situation!

You’re looking for the same commit volunteer I’m looking for, although I don’t know all the inactive ones. Another known active one went inactive – was lacking time for awhile – maybe I can twist an arm a little.
Maybe you could post an unofficial build for willing takers to try before asking someone to commit code?
There’s quite a number of Mac users in GitHub who’ve poked at this. Maybe volunteers would be there?

@dgileadi
Oh. I’m surprised to see people were already messing with that.

That pull request is interesting. From what I know depending and at least with Visual Studio 2017+ that the bindingRedirect’s are done automatically so the ones listed could be removed and that indeed solved it. The info is something I came across while solving the issue.

However, the System.Net.Http issue didn’t result in build failures. It only resulted in errors during running Duplicati and failed functionality. Perhaps differences exist in the tools or maybe you missed something.

Removing several bindingRedirect’s has resulted in a good running build of Duplicati. Not seeing any issues at all.

But, there could indeed be other ways and that could simply be subjective.

Don’t know if that will help you. But, its all I got lol.

Actually: Enable or disable autogenerated binding redirects - .NET Framework | Microsoft Learn

Looks like its possible for newer IDE’s, etc to have other possibilities “Visual Studio 2022 and later versions can’t build apps that target .NET Framework 4.0 through .NET Framework 4.5.1.” and " If you haven’t explicitly enabled or disabled autogenerated binding redirection and you upgrade an existing project, the feature is automatically enabled." So that’s fun lol Enable or disable autogenerated binding redirects - .NET Framework | Microsoft Learn

So having the bindingRedirect’s for eg 4.2.0.0 might not even work. I have it built and working in VS 2022 with 4.7. Maybe that was the real cause there. Its possible others could see that on other IDE’s etc without knowing it.

Of course, I didn’t look into it further than that (and from your post I only looked into it a little further so far). But, the pull there doesn’t seem like anything better to me. It just points to 4.7 in the MSBUILD dir.

Its definitely something that has created a lot of varied things on stack overflow.

@abacus
A different short answer is that its open source so anyone can fork it (which means make a copy) and start working on it however they want. Installers can be released and anyone could simply install away with any version they wanted. The sky is the limit.

There’s no real need to get stuck waiting for one project to start moving unless that’s just what they subjectively want to do.

Some people want to do things that aren’t software development.
For those who enjoy learning new things, lots of opportunity here.
Working on small specific things is a good way to get familiarized.

I think you said something not of what I meant? That can be done with forked projects so I’m confused by what you said.

Let me quote a complete paragraph. I’m disagreeing that anyone can do what you suggest that easily, however if anyone is really good, it may be possible. For others, forks can be done to do pull requests.

Creating a pull request from a fork

People aren’t bound by the license, but they might be bound by other things – time, interest, ability, etc.

EDIT:

I would gratefully note that some volunteers are doing development forks and offering unofficial pieces, however to complete the process better, volunteers are needed to officially pick up what people offer…
Yes, someone could do everything themselves if they wanted to (profit?), but that would be more effort.

I’m not talking about pull requests. It doesn’t actually need to be a fork either.

Duplicati can be built by anyone with programming experience and it only needs an installer. As long as it maintains all the same stuff then anything can be added on top and in a way that allows one to travel between. Programmatically speaking, its entirely possible. Eg change the UI would not affect it. Adding fixes would not affect it as long as its done in a way that the other can deal with. etc. etc.

Its not hard at all. Its just programming in general.

The thing is that an installer makes it easy.

Also, projects from git can be updated and merged, etc. So they can work on their own and when Duplicati receives and update it can be merged in. Its not a big deal. Its the whole point of github.

The problem is the ‘commit volunteer’ is really a maintainer (you don’t want a clown that commit anything that come in and walk away when problems happen I guess ?).
As I understand it, you are searching for this for quite some time and so far no one has stepped up, worse, other experienced developers are missing too.
The only conclusion is that @kenkendk is unreplaceable.
It’s all right really, there are only 2 ways : first, drop Duplicati. Second, find a way to make the project go forward without an unreplaceable manager. In my opinion, the only realist way is to do the opposite of what has been done up to now. Currently (until he half retired), the project was the epitome of the bus factor = 1. One person was managing most of the project, doing and supervising everything. The problem is that as soon as this person has some stress to manage outside of the project, the burnout is threatening.
The solution is to replace a single person by a team where stressing problems are divided and shared.
The difficulty is to manage the transition.
Here is how I’m suggesting to do that.
It’s necessary to establish priorities.

1. the project must not die by abandon. So it’s necessary to get a canary (because the old canary is outdated), then a beta.
2. the project must start a process of un-kenkendkisation.
3. when the step 2) is well advanced, and only then, it will be possible to advance again.

So the canary to come must be a minimal refreshment of the current one, without any unnecessary risk, because it would be a distraction of the task 2), the next priority.
My suggestion is to commit the library updates (Newtonsoft, MegaNZ, Storj), and the zero risk changes. Afaik, there are 3 PR with 0 risk in the pipeline, one change in the file filters (a no code change), and my 2 experimental PR (they are conditioned by a environment variable, if people want to take the risk to try them, they will be aware of the risks)

Now it’s not very inspiring, how to be able to advance ? More slowly that has been the case, but some advance could be possible even while lacking a full blown experienced Duplicati developer. First I could do a quick pass to rule out obviously bad stuff. I don’t remember having seen any in the existing PR, but it could have been because of my poor understanding of course. Second and more importantly, tests by volunteers could be decisive. If say, 3 persons outside of the PR submitter have tested the change and reported that it don’t eat the cat and that even if make Duplicati work better, the PR could be adjudicated in.

Now, to do the testing, one needs a binary unless one is a developer. Obviously doing binaries on demand does not scale. It would go straight to a bus factor of one.
That’s what I have tried to remedy these past days.

Here is the project (that’s a proof of concept):

https://github.com/gpatel-fr/testdupl/actions/runs/4305844249

You’ll notice the presence of a ‘artifact’ link (it’s clickable). It allows to download a zip with Windows installers.

The ‘testdup’ is a copy of the current Duplicati trunk, where I have replaced the automated tests by a test+build process. For any PR entered in the system, binaries are generated (in this test repo, they are configured to last 5 days).

At the moment, only Windows binaries are built, I have not yet gone further.
It should be relatively easy to build Linux (at least Debian) binaries. I just had not yet the time to do it. About Macs, there is the theoretical possibility. First problem for me is that I’m have no clue about Macs and that even if I manage to output Mac binaries, I could not even test them. It’s not in my project to buy a Mac and learn this stuff. Second problem is that AFAIK running untrusted binaries in Apple OS is difficult - and the necessary secrets will not be in Github repo. Not an impossibility, but difficulties for me. I will do what I can in the following days, but no warranty of quick success either.

Ultimately I don’t know if the misery that is Github actions will ever be able to manage every build for Duplicati, but in the short term it don’t matter, only the big three are really useful for enabling volunteers to help in evaluating the PRs. If volunteers don’t help in PR testing even having binaries freely available, it would unfortunately spell the end of Duplicati, unless some genius is stepping up to do the impossible.

Going back to the second priority, the way I have done the Github action to build the Windows binaries matters a lot to me. It’s a script called by the Github action, and crucially it can be run locally. It’s the opposite of the current system, where the build script is published but can’t really be run by anyone but the project author (it’s linked to the computer configuration, and can’t be run on a computer that is not a Mac). Every person wanting to build and test Duplicati should be able to do that on the local computer (Windows, Mac, Linux) exactly like it’s generated on the host server (Github). I’ll pass on Docker since it’s not a dev environment by definition. This should be a major goal to maximize the chances of getting more help. That’s what would be most of my effort if I take the committing task, much more than reviewing PR. Also, the Experimental PR that I have done are part of that: it’s necessary to rid the code of some very difficult to read parts if new help is to be found.

Finally about the PR advocated by @dgileadi : I agree that tests are very important. However, they are less important than the priority two: turning the project into a team effort. And the failing tests are the Appveyor ones, that are AFAIK only used for code coverage. The Github tests are used for the same unit testing. IMO a greater priority would be to make the Github tests work reliably (sometimes the Mac tests fails, sometime the UI tests are failing).
The change by tz-il is very interesting, I have even spent 2 hours in a Appveyor VM to try to make sense of it, but ultimately I would not take any risk in committing a change that has no clear rationale and don’t fix a pressing breakage.
If enough volunteers test it, or if some clear explanation is found, that would be another story then.

It was a bit looong winded, but that’s it. This is my proposal. If you agree, you ask @kenkendk to grant me commit rights. Once it’s done, I’ll commit the necessary PR to refresh the current canary without taking risks.
Basically you are the release manager - since it’s not possible yet to release without him, you ask him to generate the canary when you think it’s time, and then the next beta. But I’m not going to commit all PR that you want, because I think that’s not a priority to enhance the product now, it’s already very good as it is. Only breakages are more important than going forward with a new approach.

I’ve gone ahead and done this: Release Test build for native macOS menu bar icon · dgileadi/duplicati · GitHub

Thanks everybody, I never expected seeing this extensive discussion and loads of information in response to my fairly simple question. Nobody seems to dare to give a straightforward answer though, so I try to sum up for myself:

Yes. Duplicati is in more or less abandoned, because the main contributor @kenkendk has retired from working on the project and due to the fact that some major tasks necessary to create new builds have been tailored to be done only by him, it seems rather unlikely that somebody else, may it be a single person or a team, will be able to step in on short term. This is especially sad because there are in fact some dedicated volunteers having PRs and fixes ready, only right now there is nobody able to glue the pieces together.

Sad, but true. It’s a backup software, and it’s being used (not only, but also) by people without any IT background who just need to protect their data. So, reliability is crucial - which will suffer from aging and not being maintained any more (and already does).

This is not the answer I was hoping to get, but this is what, as far as I understand, the discussion boils down to.

He said he has no time at the moment, but hopes to return (date unknown).
If you read that as “retired”, feel free, but even “away now” will delay things.

He said he’s keeping the release making. Commits were not solely his area.
Someone else (now inactive) was helping on some (maybe not the trickiest).

Above is picking on summary tone, but we’re obviously in a slow period now.
How long will it take to regroup a bit? Probably we’ll have to see how it goes.

I’m pretty sure that limited volunteers in limited areas can help, so volunteer.
Nice would be a larger set of people to call on for specific talents they bring.

In the short term, we have who we have, and they do what they can for now.
@gpatel-fr has reported some marvelous work. I’ve long wanted test builds.

Supportability of Newer MacOS might be worth a look, both for macOS work
and for some sort of scheme of having people run artifacts. Compare notes?

@dgleadi might want to take a look at the above, and maybe search issues.
IIRC there was at least one person with some Macs that they could test with.

In terms of next releases, that might need a little more thought. Often there’s
a discussion among the staff (look for prior ones), but I like the general ideas.

Lower risk PRs and PRs fixing things that have broken over time are primary.
I’d also like reliability fixes, but sometimes PRs aren’t there yet. Anyone else?

2023 release planning topic in Developer category is now open to hopefully gather some followups.
Releases don’t just happen. It should be clear now that it takes many people. Help out somewhere.
Even non-developer users can help others (freeing up developers) or help on test, docs, and so on.

Note that I have now generated my own build,

https://github.com/gpatel-fr/testdupl/actions/runs/4332749394#artifacts

but I don’t know if it works
Maybe you or someone having a mac could test the dmg ?

Hello,

Sort of stumbled in here because of the same thing when I found out my servers haven’t been backed up for a month due to VSS Service hanging, and duplicati hasn’t emailed me about that error (But does with other errors).

Don’t need to convince me that free time is limited but has duplicati developer(s?) ever thought about taking the software commercialy?

My business uses it because it’s a perfect middleground between an enterprise solution like VEAAM and, well, nothing.

We’d be happy to pay a subscription for it.

feel free to add an issue to the Github project:

as interim maintainer, I don’t feel that it should be addressed in next update as a priority, but if it can be confirmed with enough details to pinpoint the cause, it would be interesting to address it.

I will add to my list to try to reproduce it and make an issue when I have a 100% way of reproducing.

I’m a garbage coder, but even I know the pain of hunting down intermittent bugs.

hmm…I’ll go to set a VM with the same OS, then install Duplicati with a test backup, then try to make VSS to fail. Usually it is failing by itself, but in this case it would be needed to make it fail on purpose. Maybe find a library involved in a VSS provider and delete it

Welcome to the forum @guemi

In addition to an issue (or at least a forum topic), workaround might be in third-party monitor such as
Duplicati Monitoring that knows expected backup schedule and independently sees that it’s followed.

Discussed by original developer recently here, basically talking about the risks of starting a business. Thanks though for being another voice that speaks to the idea of the missing middleground problem, which would be another good discussion topic. As you may note, I’m trying to keep this a bit on-topic.

I’d love to talk more about both ideas, if you’d care to move them. If you do, we can edit here to point.