In 2026, hosting your source code is no longer a neutral choice. It is a choice of jurisdiction.
When a Belgian company puts its code on GitHub, it places that code under US law. The CLOUD Act grants US federal authorities a right of access to data held by any company subject to their jurisdiction, wherever that data is physically located. Section 702 of FISA allows mass surveillance of foreign communications passing through US operators. Microsoft, Atlassian, GitLab Inc. and AWS are all concerned.
This is not an opinion. It is positive law. And that law is not ours.
Why now
On 24 April 2026, the Dutch government soft-launched code.overheid.nl (pilot phase), its own sovereign Git forge for its public administrations, on the Forgejo stack. Not a proof of concept, not a white paper: a production service, operated by SSC-ICT/DAWO, to host the code of the Dutch central administrations under Dutch law.
A few weeks earlier, in France, the State confirmed that code.gouv.fr would remain the reference infrastructure for public code. In Germany, openCode continues its rollout for the federal administrations. Luxembourg is moving on the same ground.
Europe is building, country by country, its own forges. Public administrations are moving. Universities are moving. The European private sector, however, remains massively on GitHub.
This asymmetry is dangerous. A Belgian tech SME that puts its product's code on GitHub today accepts, often without knowing it, that this code could be analysed, copied, or made inaccessible by decision of a foreign authority. A non-profit hosting its association website on GitLab.com accepts the same conditions. A school that trains its students on GitHub trains them in the idea that software infrastructure is, by default, American.
What Singulr offers
Singulr is a non-profit-operated infrastructure service. Not a public initiative, not a foundation, not an activist association. A Belgian non-profit association — Singulr ASBL, based on Avenue Louise in Brussels — that operates a managed Git forge on the same technical stack as Europe's sovereign forges: Forgejo, PostgreSQL, Caddy, physical hosting in Belgium at Behostings (InterXion Brussels), encrypted backups in Germany at Hetzner.
The applicable law is Belgian. The competent jurisdiction is Belgian. The service contract is Belgian. If a foreign authority wants to access a Singulr client's data, it must go through a mutual legal assistance procedure with the Belgian authorities, examined under Belgian and European law. That is the difference between a provider subject to the CLOUD Act and one that is not.
Singulr does not offer a revolutionary platform. Forgejo is proven, used by thousands of organisations worldwide, including Codeberg e.V., which hosts more than 300,000 repositories. Singulr does not add proprietary features on top. If tomorrow you want to leave, you export your repositories in two commands to any other Forgejo, Gitea, GitLab or GitHub. No lock-in.
What Singulr is not
Singulr is not a political answer. We are not calling for a boycott of anything. GitHub remains, for many uses, an excellent service. If your company is not affected by jurisdiction issues — public open-source code, projects without sensitive data, teams with no client demanding sovereignty — stay on GitHub. It is rational.
Singulr exists for those for whom this choice is no longer tenable: public administrations that can no longer expose their code to a foreign jurisdiction, tech SMEs that work for sensitive clients, non-profits that host beneficiaries' data, schools that want to train for something other than dependency by default.
What comes next
Singulr opens its private beta on 27 May 2026. Twenty spots, free for six months. The goal is not to "scale" quickly. The goal is to operate correctly, over time, an infrastructure service whose commitments hold.
Digital sovereignty is not declared. It is operated, machine by machine, contract by contract, backup by backup. That is what we do.
Benjamin de Bruijne
Founder, Singulr
Brussels, 27 May 2026