EditorsAbout the SiteComes vs. MicrosoftUsing This Web SiteSite ArchivesCredibility IndexOOXMLOpenDocumentPatentsNovellNews DigestSite NewsRSS


Microsoft GNU-Hub (Part 1)

Posted in Free/Libre Software, GNU/Linux, Microsoft at 3:05 pm by Dr. Roy Schestowitz

Guest post by figosdev


Summary: Any project of GNU going into GitHub is making it seem or feel acceptable for GNU projects to be ‘outsourced’ to Microsoft; so what does it mean to have some of GNU inside the proprietary software jail of Microsoft? The first part deals with GNU projects that have GitHub dependencies.

Microsoft’s takeover of free software is fascinating, but where can the line be drawn? I treat this as both a hypothetical question and a practical one, because I’ve spent years boycotting Microsoft and ever since they purchased GitHub, I’ve noticed that’s become next to impossible. “A source repo on every desk…”

Originally I thought perhaps we could boycott projects that are based on GitHub, since hey — there’s some cool stuff there but it’s just some applications, right? Then I noticed full programming languages and libraries. Oh… Node.js, that sucks. CPython, oh well, there are other implementations. Perl, hmm…

Then I noticed several GNU/Linux distros volunteer to be captured by Microsoft. I mean I’m not going to be using those — oh, it’s a lot. I’ve already gone to the trouble of figuring out that out of 275 active distros on DistroWatch, if you really want to boycott GitHub you’re down to at most, 33. No, not 33 percent — 33 distros, including Tiny Core! Not including Trisquel. Trisquel is captive to an anti-GPL monopoly via its stupid, stupid “init” system. (Cuckoo OS, more like).

But we can always build our own distro, Eh? So let’s take apart Tiny Core, I figured — It’s incredibly modular, it should be a piece of cake to remove the parts controlled by Microsoft, right?

“Microsoft has Gtk yoked by something glib2 needs.”The kernel isn’t libre, I know. I’ve wanted a linux-libre kernel (or at least a Debian blob-free kernel) for TC for ages. Maybe the blobs are in tcz packages. But I think if TC had a blob-free kernel it would be advertised as such.

I once hoped Alex Oliva would consider making a libre kernel for TC, but that’s getting ahead of ourselves a bit. I’ve never been interested in maintaining a kernel, I only got into remixing distros because I wasn’t paying attention.

I created scripts a year or two ago to remix Tiny Core and create tcz packages. They’re basically squashfs files, which TC “installs” by mounting them. Ok, that’s no big deal. Oh, development of squashfs-tools has moved to GitHub. Lovely. But the kernel portion is still developed where it should be. I take this as meaning that the Linux kernel can mount tcz, it just can’t produce them. Ok, I guess we can use files that are mkfs’d to ext3 instead. That’s a GitHub-free solution, we can worry about compressing them later.

What we really need to do is figure out what to remove, and that’s going to take some research. I’ve already started figuring out which TC packages can be dropped.

Those red boxes are packages for things based on GitHub, but the gold boxes are packages that need things like libffi which is based on GitHub. Just so you know, libffi is pulled in by glib2. The GUI apps (Gtk at least) need libffi, so that’s at least one serious “Gotcha” already. Microsoft has Gtk yoked by something glib2 needs.

I don’t always trust Debian dependencies, but they’re certainly illustrative — here’s the page for glib2: https://packages.debian.org/buster/libglib2.0-0 it needs libffi6. Oh, fun — it also needs zlib1g. This is needed for loading png graphics, so anywhere you find a png, you need GitHub. No, this isn’t because of glib2. Zlib1g is also developed on GitHub, and is needed along with libpng for loading or saving png graphics.

In the past, Microsoft has killed off lots of its acquisitions to hurt competitors, so the scenario I’m assuming is one where it decides to start killing (or taking over) free software projects it doesn’t care about.

“There ought to be an exodus.”When Oracle tried this with OpenOffice, the developers simply left and forked it. That’s exactly what they should do, but in this instance, developers have loads of warning. And they’re just sitting on Microsoft’s repos like it’s no big deal, letting their projects become further and further entrenched. I’m well aware of the fact that not everybody who develops on GitHub actually cares about software freedom. That’s another reason not to develop there.

So imagine Microsoft forcing several such forks at the same time. Build systems for distros everywhere would be thrown into disarray. It’s not that the scenario will necessarily be worst-case, but I expect Microsoft intends to get their money’s worth. There ought to be an exodus.

If we are trying to escape, at least we can figure out where free software has its foot caught in a proverbial bear trap.

Libffi? Not good. Zlib1g and png graphics? Whoa, someone fix that. Lately I’m saving screencaps with JPEG in protest, which is certainly not ideal. The GIF patent has expired, but it only does 8-bit colour. I guess there’s still X PixMap, right? We can do 24-bit graphics with xpm.xz (XZ-utils are not GitHub-based. I think they originated with a couple of Slackware developers.)

I’ve made my way from Tiny Core to Trisquel looking for GitHub vulnerable projects, and finally from Trisquel directly to the GNU project itself. It isn’t good, folks.

This is Part 1, implying that there will be a Part 2 if not a Part 3, but I’ve only looked through a fraction of the GNU projects and here’s what I’ve already found:

The GNU project uses Perl — a lot!

“The GNU project uses Perl — a lot!”I don’t compile a lot of programs, personally. I’ve spent hours editing and recompiling one C++ program, I’ve edited and compiled one minor C program, mostly I work with scripting languages (though I do use source-to-source compilers a lot).

If there are obvious mistakes or less obvious misconceptions I’m presenting when I talk about some of the details, I hope you’ll mention it in the comments. I’m sure there will be a few differences of opinion as well.

But let’s start with Automake. Automake is used for a large number of GNU packages — it depends on Perl. Perl is on GitHub. That’s not good, hackers — that’s not good.

Many GNU sources have a file called “missing” which I believe is Automake-related. This file often informs the user that they will need Perl (and links to perl.org so they can get it) and it links to flex on GitHub. There’s another one. Of course some of the GNU sources are so old they still link to the flex on SourceForge. Here’s a fun fact: GNU Savannah is a fork of SourceForge from when it was still free software.

Flex, lex, Yacc and Bison are all related — lex is a lexer, flex is an alternative, Bison is an alternative to Yacc and Bison often uses flex to get tokens. The problem is that flex is GitHub-based. This is not good. Plus, Automake also wants flex. So whatever sort of creek we are in, our paddle is slowly transforming into a tiny little stick.

A lot of GNU sources include texinfo files. Texinfo seems to need Perl as well.

VERA includes a Perl script, vc-dwim is a Perl script (missing wants flex anyway) WB B-tree Associative Arrays seems to include C Sharp code (so you’ll need Mono, which the FSF warned against and which is based on GitHub) XBoard uses png files, Xnee includes pnee which uses Gtk and png.

As mentioned, Gtk brings in glib2 which brings in libffi, which is based on GitHub — while Gtk2 and Gtk3 are not based on GitHub, if you’re looking for Gtk1, GitHub is where it appears to be.

Some of these old GNU programs appear to use Gtk1, so whether each one is GitHub-based because of libffi or GitHub-based because of Gtk1, is a detail I’ve mostly ignored.

Units includes units_cur which is a Python script and texi2man which is a Perl script.

“Texinfo seems to need Perl as well.”The thing about Python is that CPython is the most often-used implementation, including in the GNU project, and CPython is based on Microsoft GitHub. PyPy is a great drop-in replacement, though it doesn’t work on everything.

You can’t always tell when you find yourself in front of a Python script, whether it needs CPython (thus GitHub) or not. So Python is worth watching for, but only proves to be a GitHub hostage sometimes.

Taylor UUCP uses Perl, Tex for the impatient uses png files in docs, Texinfo uses Perl, Hurd includes gitlog-to-changelog which calls Perl, GNU Readline includes texi2html and texti2dvi, which use Perl.

GNU Shepherd has png files in /doc and perl and flex in missing. Gnu Telecom has a png file. Sather has a Perl script called ps2gif. Spread Sheet Widget uses Gtk, SQLtutor has pngs in the docs. Swbis appears to need Python and python-devel.

Queue is dumped in favour of GNU Parallel, which uses Perl. Ring redirects to GNU Jami, which uses Python.

PythonWebkit obviously needs Python; pyconfigure may get away with PyPy as a replacement. PSPP uses Perl and png files with a GUI in Gtk. Proxyknife has Perl code in the docs and in configure.

Doxyfile is one to watch for in the sources. I believe this is created by Doxygen, which is used to created documentation from source code. Doxygen is based on GitHub.

PowerGuru has a png and lots of Python code, oleo has png in docs and uses plotutils, which support png. Ocrad has a png in /archive. Occhiolino uses Python. MetaHTML uses perl.h.

Mac Changer hasn’t updated in years, but like GNU Radio is a GNU project that’s based on GitHub — really not good. I can’t figure out why GNU Radio hasn’t tried to move though. That still gets worked on, unlike Mac Changer.

GNU LibreJS, a tool I cheered on for ages waiting for it to be created, uses Jasmine, a Javascript library which is based on GitHub: http://git.savannah.gnu.org/cgit/librejs.git/tree/build.sh

In fact build.sh downloads it directly from Microsoft, which I think shows a bit too much trust given that this plugin goes directly into GNU IceCat:

curl -L -o “$JASMINE_LIB.zip” “$JASMINE_URL” && unzip -d test/ $JASMINE_LIB.zip lib/**

We’ve all done something like this, but this is exactly where it shouldn’t be done.

Make also seems to need Perl, it may or may not need Python.

“The FSF already warns people against non-free repos such as GitHub. While self-hosting is certainly better, many people won’t and my advice to them is at least choose a non-profit organisation for hosting their code.”This only covers a portion of the GNU project, but let’s tally up what needs to happen for the GNU Project to not rely so heavily on the good will of its most dedicated foe:

1. Fork or make an official GNU mirror of Perl. If Perl goes, GNU is just about done.

2. The same applies for zlib1g as well. This library was invented and/or promoted specifically to avoid GIF-related patent traps! Now it’s controlled by the world’s second-biggest patent troll (the other sponsors the FSF. Great.)

3. Figure out libffi. I can’t tell you more, I only know it helps things like Python use things like ctypes (“foreign functions”).

4. Start using PyPy more, when possible. CPython is a trap. Note that PyPy has some major limitations. I’m very fond of it, any limitation it has I’m hoping for the best.

5. Write something justifying support of Mono in WB B-tree Associative Arrays. I would suggest removing that part of the code, but that seems unlikely.

6. That LibreJS code could be fixed today. At least mirror Jasmine in the LibreJS tree.

7. The FSF already warns people against non-free repos such as GitHub. While self-hosting is certainly better, many people won’t and my advice to them is at least choose a non-profit organisation for hosting their code.

Gitea is also developed on GitHub, so it’s a bit odd that they’re touting it as an alternative. If it’s an alternative, why not move Gitea off GitHub then? (at least move it to GitLab).

I never did trust Google Code, of course. For-Profit code repos technically have the same problem that GitHub has: they can be bought just like GitHub. Non-profits have to be infiltrated like the FSF or FSFE instead, which is harder.

“What’s lacking now is leadership, and though I think it would take more than putting Stallman in charge again (which is the right thing to do as the efforts to remove him were dishonest and corrupt, plus it would probably help) there doesn’t seem to be anybody who is doing a better job.”A decentralised, peer-to-peer means of hosting would be ideal, though currently the main project I know of related to hosting code that way is through feneas.org, which I already associate with the typical trend of Codes-of-Censorship (along with a “FOSS” manifesto which combined with their Code of Conduct is ultimately going to lead to a hardline, de facto “be nice to the Open Shills” policy. It’s not like there aren’t precedents.

Don’t get me wrong, so far the software looks good. But you can say the same for the GNU Project.

The importance of leaving GitHub is really not stressed enough by what’s left of the Free Software Foundation.

What’s lacking now is leadership, and though I think it would take more than putting Stallman in charge again (which is the right thing to do as the efforts to remove him were dishonest and corrupt, plus it would probably help) there doesn’t seem to be anybody who is doing a better job.

Unless “better” means “bigger events funded by Microsoft and Google”. No thanks, the Linux Foundation was doing that already, and it didn’t help at all.

Long live rms, and happy hacking.

Licence: Creative Commons CC0 1.0 (public domain)

Not including the code snippet, which is from http://git.savannah.gnu.org/cgit/librejs.git/tree/build.sh

And if this article uses a parody of the GitHub logo based on the GNU head, I almost certainly used this one from Wikipedia.

Share in other sites/networks: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Reddit
  • email
  • Slashdot

If you liked this post, consider subscribing to the RSS feed or join us now at the IRC channels.

Pages that cross-reference this one


  1. Silvino said,

    May 3, 2020 at 6:00 pm


    Very nice article as usual. I’m a Crux user and from start I freaked that contains non-libre ports. I start cloning official git repositories and added linux libre port. I noticed dependency in github because I blocked amazon on ip level and noticed I could not download majority of sources. I mirror source tar’s and my idea for somein the future are as follows;

    A) Start moving non-free software to a collection called non-free.
    B) Create a simple script that each time a port is updated sources are downloaded and committed to a local repository.

    I’m not sure if I will be able to accomplish this, I’m not even sure how much space wold be required. My server is a laptop sitting in my room and upload don’t pass 1Mbps. I’m thinking to rent a VPS to host website and git, but not sure if I will be able to mirror everything.

    I noticed that articles from here are shared on various social networks, I’m at VK (I know…), not sure if this is being shared there already but wold be awesome.

    Thank you,

  2. Canta said,

    May 4, 2020 at 2:23 pm


    > Originally I thought perhaps we could boycott projects that are based on GitHub (…) I mean I’m not going to be using those — oh, it’s a lot. (…) But we can always build our own distro, Eh? (…)

    What you say is happening to Free Software seems no different from what happens with many other cultural determinisms out there.

    I hate monetary systems, yet I have to deal with them, and also I’m being called a lunatic for questioning them; the point being that there’s barely any choice at all. Try to live controlling your food, living without using bank accounts, living without having to deal with what corporate press installs as public interest issues, etcetera. You can fight that kind of stuff, but just up to a certain point, and it would likely take a lot of unfair added effort to do it. As long as you live in a society, you have culture, and that means that your peers have power over you. That’s the tricky part about the evils of our time: they don’t have just overwhelming power, but are also expert culture crackers.

    I believe what lies ahead of us can be also seen in analogies to what happened to other political movements of the XX century. For example, feminism had several momentums before taking the centrality it has now. Or take a look a my quote of your article: you describe a tendency to purism, which easily contrasts with heterodoxy (“just use mixed stuff”); leftists movements know this problem very well, and there was forged the term “progresism” as some way to deal with our political reality and our lack of power. Or even take a look at statism: after WW2, the keynesian way was the obvious and common sense response for inequality and market deregulation, up to the seventies, where that was sistematically turned down for the worst; and yet, here we are, dealing again with marshal plans and state interventions all around the world, even when weeks ago that was painted as obsolete economics and their global implementation a lunatic fantasy.

    Free Software will have its tendencies and momentums too, and its times of loss. But let me tell you, with this whole quarantine thing, in every sphere of human praxis people is starting to ask the right questions about computing: “why are we using this software”, “why do I have to buy another computer/phone”, “why do I have to pay for this”, “isn’t any state regulated way for doing this”. As happened with keynesianism against neoliberalism, Free Software is already there prepared to face all those problems, both technical and political, despite the corporate agenda.

What Else is New

  1. The National Center for Missing and Exploited Children (NCMEC) Identified Some of the Children in the Pornographic 'Stash' of Bill Gates' Engineer

    Today we carefully and responsibly disclose just 9 pages (out of about 2700 pages) with slightly redacted samples and a handful of exemptions to show what Bill Gates' engineer was amassing, including identified kids (known to NCMEC)

  2. A Red Hat Response to Factual Information About Red Hat

    So far we've seen only Red Hat employees blasting our articles about Red Hat/IBM and the responses lack any substance, just name-calling (so we must be on the right track; there's no refutation so far)

  3. Always Look for Stories the Media is Suppressing and Hiding

    Based upon closer scrutiny of the Jones case (engineer of Bill Gates arrested for pedophilia at the Gates mansion), the sentence he received is incredibly negligible or close to nothing (for possession and sharing/dissemination of massive troves of child pornography, typically leading to many years in prison), so we’re closely examining if he’s still working and whether he still works for Bill and Melinda (more FOIA requests may be necessary)

  4. On Web Servers, Microsoft's Collapse Continues More Rapidly Under COVID (a Million Domains Lost in the Past Month)

    Even though the Microsoft-sponsored media repeatedly refuses (or strangely enough just 'fails') to report on it, the days of Microsoft's IIS are likely numbered; it won't be long before less than a million computers run it

  5. Canonical is Boosting Microsoft's Proprietary Software With Extensive Surveillance

    Canonical’s commitment to Free software barely exists; with so-called “Apps” and “Snaps” and “Stores” we’re seeing a gradual transition to — and acceptance of — blobs and DRM, including Microsoft lock-in inside Ubuntu

  6. IRC Proceedings: Wednesday, August 12, 2020

    IRC logs for Wednesday, August 12, 2020

  7. Harfbuzz Joins LibFFI, Zlib1g in Dragging GNOME, All Free Software Towards Microsoft

    "...I don’t want to help them help Microsoft control my computing by proxy — by controlling the development platform itself"

  8. Links 12/8/2020: Go 1.15, LibreOffice 7.0 Downloaded About Half a Million Times, LibreELEC (Leia) 9.2.4

    Links for the day

  9. Mega Setup, Mini Budget

    For a sum total of under £800 (eight hundred British pounds are about USD/$1043) one can piece together a versatile working environment (my latest additions, as of 5 days ago, are the 4 plastic plants)

  10. Twitter Appears to Have Taken Vendor/Platform Lock-in up Another Notch, Having Become Almost as Malicious as Facebook

    Twitter jumped the shark

  11. IRC Proceedings: Tuesday, August 11, 2020

    IRC logs for Tuesday, August 11, 2020

  12. Infographic by Marcia Wilbur: Where's My Refund?!

    Tweet by Marcia Wilbur:

  13. Links 12/8/2020: New GNU Emacs, GXml-0.20, WordPress 5.5, and Mozilla is Laying off 250 Staff

    Links for the day

  14. You Just Know Somebody is in a State of Retreat When the Strategy Becomes to Discredit One's Critics (or Collectively Paint Them All as Wrong/Crazy)

    A goulash of bullcrap from Bill Gates doesn't add up; it seems like his media strategy has warped (or fallen back) onto discrediting his critics as though they don't exist, don't know anything, or are simply jealous

  15. United States v IBM Archives/Resources

    As the massive case against IBM monopoly (United States v IBM; 104,400 pages of trial transcripts and 17,000 exhibits) predates the World Wide Web it's difficult to find comprehensive literature about it any longer (Wikipedia and more modern sites are instruments of revisionism and reputation laundering)

  16. History Goes in Cycles

    Just like antiwar activism was 'quelled' or 'pacified' half a century ago nowadays we're led to think that software freedom is just fine and there's nothing left to argue about (except words and other petty nonsense)

  17. Looking Back at the Real Story of Microsoft

    Let's take a moment to examine what Microsoft was all along (since its formation in 1975)

  18. Europe Deserves Better Than Today's EPO

    Overly restrictive society with countless monopolies (even on seeds!) will neither serve people nor will it breed general acceptance

  19. European Patent Office Management Swims With Sharks and Liars

    It has become increasingly if not abundantly evident that European Patent Office President Campinos is no better than Battistelli as he’s still a ‘darling’ of patent litigation trolls and their front groups/lawyers

  20. Linked In to Pedophilia

    As the above articles show (one published a couple of days ago), the 'Web of Lies' and the incredible deceit/cover-up run deep and we still lack answers from those who enabled what Salon has just said involved "trafficking five or six girls a day."

  21. Whistleblower Aid Already Showed Cover-up of Bill Gates 'Contributions' to MIT

    The Goodwin Procter report which failed to actually investigate whether Gates and Epstein jointly directed payments to MIT (the latter was already dead) can be understood differently in light of the above leak, which was published earlier this year

  22. IRC Proceedings: Monday, August 10, 2020

    IRC logs for Monday, August 10, 2020

  23. Proof (Archived Original Letter): Bill Gates Lied to the New Yorker, BBC and Others About Connection of MIT Money to Mr. Jeffrey Epstein and Their Close Relationship

    As the article (“The anatomy of Bill Gates’ Jeffrey Epstein-facilitated MIT donations”) put it at the time (just 2 days before Dr. Stallman received all the heat at MIT), “Secrecy in the funding of academic programs is highly problematic, as University of Virginia professor Siva Vaidhyanathan explains in a long Twitter thread. “Companies and the billionaires who run them are always bending research agendas (and sometimes even results) to their interests,” he writes. “Anonymity would prevent any examination or accountability.”” But there are more high-level Microsoft links to Mr. Epstein; “Hoffman invited both former MIT Media Lab director Joi Ito and Epstein to an August 2015 dinner in Palo Alto with Elon Musk, Mark Zuckerberg and Peter Thiel. He tells Axios that he invited Epstein at Ito’s behest, and only because Ito vouched for the convicted criminal, saying that he had successfully cleared MIT’s vetting process.” In 2016 the article “Bill Gates talked to Reid Hoffman about being on Microsoft’s board of directors” was published. “Furthermore,” it notes, “Gates and Hoffman have a lot in common: They both hold board seats and advisory roles, and no other formal status or day-to-day obligations, at the tech companies they founded.”

  24. All This Happened While Bill Gates' Engineer Was on Trial for Amassing Child Pornography

    While MIT relies on the word of someone who repeatedly lied about his relationship with Mr. Epstein (refuted even by MIT itself), the record shows what happened just when Bill Gates’ own engineer faced conviction for pedophilia (the media diverted attention to Dr. Stallman just days after the above E-mails came to light)

  25. Links 10/8/2020: Popcorn Computers Pocket PC, Finnix 121, GhostBSD 20.08.04, EasyOS 2.3.8

    Links for the day

  26. IRC Proceedings: Sunday, August 09, 2020

    IRC logs for Sunday, August 09, 2020

  27. Release: Bill Gates' Engineer Busted for More Child Pornography Than Reported in the Media

    Based on our analysis, which was repeated carefully twice, the sum of recognised hashes turns out to be about 7,500 (7,430 objects), which is more than was reported in the media after the arrest of Rick Allen Jones at Bill Gates' mansion

  28. Links 10/8/2020: KPhotoAlbum 5.7.0 and MX Linux RC

    Links for the day

  29. UserLibre: What I Want You to Get From This Book

    "Corporate-backed lies run the world, and the FSF used to get in the way."

  30. Even the Mainstream/Corporate Media is Trying to Study Why (or If) Bill Gates and Epstein's Sex Abuse Ring Were Closely Connected

    People in the media are eager to understand why Mr. Gates was so close to Mr. Epstein and even flew his plane (despite having several of his own)

RSS 64x64RSS Feed: subscribe to the RSS feed for regular updates

Home iconSite Wiki: You can improve this site by helping the extension of the site's content

Home iconSite Home: Background about the site and some key features in the front page

Chat iconIRC Channel: Come and chat with us in real time

Recent Posts