05.05.20

Microsoft GNU-Hub (Part 2)

Posted in GNU/Linux, Microsoft at 12:15 pm by Guest Editorial Team

Guest post by figosdev

GNUHub

Summary: “Does the GNU project have any policy about trusting Microsoft with control of vital free software projects at all?”

In part 1 of this series, various parts of the GNU project were looked at where Microsoft may have too much potential control over important components. To recap:

1. Perl is heavily used by the GNU Project, including by Automake. Several projects that need Perl were mentioned in Part 1, and several more will be mentioned in Part 2.

2. Zlib1g is needed by libpng, so we list projects that have png files (even in the documentation) as this GitHub-based library is needed to save and load png files with free software. If you know of a free alternative that doesn’t need zlib1g — libpng itself is not on GitHub — let us know in the comments.

3. Libffi is needed by glib2, which is needed by Gtk. Gtk1 is also based on GitHub.

4. CPython is developed on and continues to migrate further to GitHub. PyPy is a drop-in replacement for some Python scripts, but not all. For this reason, projects that use Python code are mentioned in this series.

5. C Sharp code is included in WB B-tree Associative Arrays.

6. LibreJS uses the Jasmine library, which is based on GitHub — build.sh even downloads it directly from Microsoft.

7. Gitea is also developed on GitHub, but they have had a goal of migrating since 2017 at the latest. One of the arguments for this is quotable, and is also part of the reason for this series:

“We build Gitea so everyone can use it, even users who are banned from GitHub (after recent ban wave from GitHub a lot of those users started using Gitea).”

“How could the GNU project possibly benefit from letting Microsoft gain control of Bison development?”This isn’t just about where the code is, but where the development takes place and who controls access. Trusting Microsoft with free software development while they continue to fund various manoeuvres against it makes no sense. In that context, Part 2 will include some new items that somebody ought find surprising.

In Part 1, it was mentioned that “Flex, lex, Yacc and Bison are all related — lex is a lexer, flex is an alternative, Bison is an alternative to Yacc and Bison often uses flex to get tokens.”

Flex is GitHub-based, but it’s not a GNU project — though GNU Automake uses it.

But GNU Bison has also moved to GitHub — along with Mac Changer (ages ago) and GNU Radio, Bison is actually using GitHub for development. The GNU git repo is only a mirror. Usually, GitHub mirrors are a mirror of something being developed OFF GitHub. For Bison, it’s the other way around:

https://git.savannah.gnu.org/cgit/bison.git/commit/

“GNU bison (git mirror)”

Most of the projects on git.savannah.gnu.org just have the name of the project, where it says ‘(git mirror)’. This is a mirror of akimd/bison on GitHub, where as of this writing there are 3 issues and 2 pull requests.

“Does the GNU project have any policy about trusting Microsoft with control of vital free software projects at all?”As of this writing, the most recent commit on git.savannah.gnu.org/cgit/bison.git is dated 2020-05-05 08:21:12 +0200 and also from akimd, who the GNU Savannah page says is the project admin.

Why would they do this? How could the GNU project possibly benefit from letting Microsoft gain control of Bison development? Akimd (not his full name, only his user) has 29 repos on GitHub, most of which are forks of other well-known GitHub projects. This is far from a positive move for GNU. It would be nice if this was the only new GNU project that was found on GitHub, though it’s not.

While Compact Disc Input and Control Library (better known as libcdio — as in libcdio-paranoia, not to be confused with cpio which is used to make archives and initrd images) seems to be still be based on Savannah, libcdio-paranoia (which is also available for download from http://ftp.gnu.org/gnu/libcdio/) is being developed on GitHub by the same person who maintains it for the GNU project. And he has 113 repositories there.

Does the GNU project have any policy about trusting Microsoft with control of vital free software projects at all? If they do, it isn’t being enforced in the mailing lists. Without more than a moment’s effort, this GNU mailing list conversation from as recently as last October was found, where potential GNU contributors are being encouraged to use GitHub:

“I recommend keeping your own fork of the repository somewhere, e.g. on Github. That way you have somewhere where you can push your changes for backup, in case you lose your local machine due to whatever reason. You would have to manage two remote git repositories then, your fork and the official upstream repo. But there’s plenty of documentation out there on how to do that.”

This isn’t to admonish the author for not following a rule that doesn’t exist, but to highlight the more-than-hypothetical threat that the GNU project faces from projects moving from GNU’s own hosting to Microsoft’s.

The GNU project may need to create a policy — so it’s a terrible shame that the FSF are presently without legitimate, strong or non-corrupt leadership. What a time for that, eh?

Those are the big stories, here are other findings that while they may have small problems individually, may contribute to a bigger picture issue overall:

Liquid War is a mix of Perl, Python and png files. The latter are for the program, rather than documentation.

LibreDWG seems to need Perl, Python support could be optional.

Kawa and Java Training Wheels have png files in the docs, iGNUit uses png for icons and help. Gxmessage has a png, GWL uses png, gsegraphix uses png, gnats has png in the doc. Gperf uses perl (texi2html) in /doc.

Idutils — Perl is optional?

“The GNU project may need to create a policy — so it’s a terrible shame that the FSF are presently without legitimate, strong or non-corrupt leadership.”Guile-opengl, gnatsweb, gmediaserver use Perl. Gnash uses Python, Perl in tests and png in /doc. Grep uses Perl in tests. Guile uses png in doc, libffi and flex, all of which are based in part on GitHub.

Gforth uses libfii, what’s sacrificed if ffcall or fflib is used instead? Gnowsys uses lots of Python.

GCompris is interesting. Built on Gtk and Python, it’s in the process of moving to Qt, qml and Javascript. Javascript often means GitHub, though so far the new GCompris repo seems to be GitHub-free. It’s unknown at this time if Qt has any GitHub deps like libffi, which glib2 from GNOME needs.

Findutils have Python in tests, freefont has Python in tools, Articulatory Speech Synthesis has Perl and Python, Autoconf has a Perl module, Autogen, cppi and classpath use Perl, Ball and Paddle has png in levels, ACM is Perl, so is the GNU Image Finding Tool.

“…Gitea devs at least seems to understand the importance of migration — hopefully they will be done moving away from GitHub in the near future.”DDD and Denemo have png files in the program, Electric VLSI Design System and BPEL2oWFN have png in the docs, Bayonne and ERC have Perl, C-Graph has png in the docs and cgicc has png in the demos.

Emacs uses Perl in the tests and /doc, Debian compiles it with png support, so even their “nox” version of emacs requires zlib1g from GitHub.

In part 3, we may get to tallying some statistics. Good news is welcome, and it’s nice to be able to say that Gitea devs at least seems to understand the importance of migration — hopefully they will be done moving away from GitHub in the near future. It’s really nice to have options, it’s even nicer to have real options. Sincerest and best luck to Gitea’s migration from GitHub — and where applicable, yours as well!

Long live rms, and happy hacking.

Licence: Creative Commons CC0 1.0 (public domain)

______
* If this article uses a parody of the GitHub logo based on the GNU head, I almost certainly used this one from Wikipedia

Share in other sites/networks: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Reddit
  • email
  • Slashdot

If you liked this post, consider subscribing to the RSS feed or join us now at the IRC channels.

Pages that cross-reference this one

A Single Comment

  1. arm said,

    May 6, 2020 at 9:29 pm

    Gravatar

    Perhaps you should actually research where projects host their code a bit more and you would find that most of them only use github for a mirror.

    As a case in point check this link and you will see that the canonical source for perl is not github.

    https://perldoc.perl.org/perlhack.html#GETTING-THE-PERL-SOURCE

What Else is New


  1. Links 30/10/2020: WordPress 5.5.2 and NSA Mum on Its Back Doors Policy

    Links for the day



  2. Free Software is Still Under Attack From Software Patents (GNOME Getting Patent Trolls to Settle Isn't the Real Solution)

    We're asked to believe that a sort of "patch" (suggested by companies or monopolies with endless patent portfolios) means that Free software and software patents can co-exist; behind the scenes, however, "community distros" (not developed and controlled by monopolies) are coming under patent attacks which they cannot publicly speak about



  3. Microsoft is Already Bribing the Likely Next US President (Having Also Paid the Trump Campaign) to Ensure Microsoft Can Get Away With Crimes and Receive Bailouts from Taxpayers

    Microsoft is still controlling "both sides" to ensure that it remains in control of the administration; it's already looting the taxpayers while still lying to shareholders ('legalised' embezzlement)



  4. With Microsoft in Charge, OpenSSF Seems More Like It's About Back Doors -- Not Real Security -- Inside the Linux Foundation

    Another Linux Foundation (LF) group seems to have been taken over by the company that’s attacking Linux and attacking real security (as opposed to fake security or back doors in the name of “national security” — the Trojan horse for imperialistic coercion, worldwide)



  5. IRC Proceedings: Thursday, October 29, 2020

    IRC logs for Thursday, October 29, 2020



  6. Living in a State of Constant and Never-Ending Fear Will Harm Software Freedom

    "Freedom" or "liberty" may seem to have been co-opted by extreme right-wing and COVID-denying (or COVID-minimising) elements, but at the moment we do stand to lose many "tech rights" (in the name of "protecting" us)



  7. [Meme] Mozilla's 2020 Vision

    Mozilla does not seem to understand that proprietary Azure and proprietary GitHub won't offer Mozilla a way/path out of the mess it's in



  8. Techrights Done With Maintenance For Now, Will Resume Posting at a Higher Publication Pace

    With a few new features added to the site we can finally resume normal operations (more articles per day)



  9. Moving to Phones Won't Liberate Users

    A so-called 'phone' (or 'smart' phone) with Linux under the bonnet isn't freedom; it's a branding war being won, but principles are being abandoned



  10. Links 29/10/2020: LibreOffice 7.0.3, Linux 5.9.2, NVIDIA 455.38 Linux Driver

    Links for the day



  11. Links 29/10/2020: Istio 1.6.13, Krita 4.4.1 and PyPI Key-Signing Ceremony

    Links for the day



  12. IRC Proceedings: Wednesday, October 28, 2020

    IRC logs for Wednesday, October 28, 2020



  13. Links 28/10/2020: Linux Dropping WiMAX Support, Istio 1.7.4, Ubuntu is “Hirsute Hippo”

    Links for the day



  14. Linux Foundation (Men for Monopolies) Once Again Hijacking Women's (and Minorities') Voices for Public Relations

    Diversity and tolerance are absolutely essential, but those who preach or lecture us about it most loudly (their financial means or privilege enable media reach) set a bad example and are mostly opportunistic hypocrites who perpetuate the status quo



  15. In a State of Flux Due to Maintenance and Improvements

    For the first time since summer of 2019 we're investing time and effort improving the site in a number of ways



  16. Links 28/10/2020: Torvalds on Succession, PyTorch 1.7.0

    Links for the day



  17. [Meme] Stealing the Competition

    After the fall (and fail) of CodePlex Microsoft decided to grab the Linux Foundation and most Git-based projects (through GitHub) — a strategy even Microsoft can learn to love



  18. IRC Proceedings: Tuesday, October 27, 2020

    IRC logs for Tuesday, October 27, 2020



  19. Links 28/10/2020: FreeBSD 12.2, NixOS 20.09 and WordPress 5.6 Beta 2

    Links for the day



  20. Taking Our Efforts to the Next Level in an Increasingly Proprietary and Hostile Web

    Web users are being repressed by mechanisms of mass manipulation, control and restrictions; the Web may not be going away any time soon, but architectural and topological issues need to be overcome (the sooner, the better)



  21. Read Techrights Without a Web Browser

    Any text editor can now be used to read Techrights, owing to a daily bulletin we've set up and will maintain every day



  22. [Meme] Torvalds Assimilated

    People belatedly realise that Microsoft’s plan for Git (and for Linux) isn't for the betterment of those projects but for Microsoft monopoly



  23. Links 27/10/2020: FuguIta 6.8, Fedora 33, Red Hat Satellite 6.8, KDE Plasma 5.20.2 and GStreamer 1.18.1

    Links for the day



  24. Site Changes Ahead of Anniversary

    We’re making some changes to the presentation and function of the site — changes that will become more prominent over the coming days



  25. IRC Proceedings: Monday, October 26, 2020

    IRC logs for Monday, October 26, 2020



  26. Links 26/10/2020: rpminspect 1.2, Open Source Hardware Certification and LibreOffice Conference

    Links for the day



  27. Links 26/10/2020: Debian "Bullseye" Artwork, Fwupd 1.5 Released

    Links for the day



  28. [Meme] Satya Na-DL

    Microsoft has shown its real priorities (just before the weekend when many people might not notice)



  29. Jonathan Wiltshire and Debian, Falsified Harassment Claims, Tiger Computing and GCHQ

    Reprinted with permission from Debian Community News



  30. Links 26/10/2020: Linux 5.10 RC1 and Loongsoon Laptops

    Links for the day


RSS 64x64RSS Feed: subscribe to the RSS feed for regular updates

Home iconSite Wiki: You can improve this site by helping the extension of the site's content

Home iconSite Home: Background about the site and some key features in the front page

Chat iconIRC Channel: Come and chat with us in real time

Recent Posts