05.05.20

Microsoft GNU-Hub (Part 2)

Posted in GNU/Linux, Microsoft at 12:15 pm by Guest Editorial Team

Guest post by figosdev

GNUHub

Summary: “Does the GNU project have any policy about trusting Microsoft with control of vital free software projects at all?”

In part 1 of this series, various parts of the GNU project were looked at where Microsoft may have too much potential control over important components. To recap:

1. Perl is heavily used by the GNU Project, including by Automake. Several projects that need Perl were mentioned in Part 1, and several more will be mentioned in Part 2.

2. Zlib1g is needed by libpng, so we list projects that have png files (even in the documentation) as this GitHub-based library is needed to save and load png files with free software. If you know of a free alternative that doesn’t need zlib1g — libpng itself is not on GitHub — let us know in the comments.

3. Libffi is needed by glib2, which is needed by Gtk. Gtk1 is also based on GitHub.

4. CPython is developed on and continues to migrate further to GitHub. PyPy is a drop-in replacement for some Python scripts, but not all. For this reason, projects that use Python code are mentioned in this series.

5. C Sharp code is included in WB B-tree Associative Arrays.

6. LibreJS uses the Jasmine library, which is based on GitHub — build.sh even downloads it directly from Microsoft.

7. Gitea is also developed on GitHub, but they have had a goal of migrating since 2017 at the latest. One of the arguments for this is quotable, and is also part of the reason for this series:

“We build Gitea so everyone can use it, even users who are banned from GitHub (after recent ban wave from GitHub a lot of those users started using Gitea).”

“How could the GNU project possibly benefit from letting Microsoft gain control of Bison development?”This isn’t just about where the code is, but where the development takes place and who controls access. Trusting Microsoft with free software development while they continue to fund various manoeuvres against it makes no sense. In that context, Part 2 will include some new items that somebody ought find surprising.

In Part 1, it was mentioned that “Flex, lex, Yacc and Bison are all related — lex is a lexer, flex is an alternative, Bison is an alternative to Yacc and Bison often uses flex to get tokens.”

Flex is GitHub-based, but it’s not a GNU project — though GNU Automake uses it.

But GNU Bison has also moved to GitHub — along with Mac Changer (ages ago) and GNU Radio, Bison is actually using GitHub for development. The GNU git repo is only a mirror. Usually, GitHub mirrors are a mirror of something being developed OFF GitHub. For Bison, it’s the other way around:

https://git.savannah.gnu.org/cgit/bison.git/commit/

“GNU bison (git mirror)”

Most of the projects on git.savannah.gnu.org just have the name of the project, where it says ‘(git mirror)’. This is a mirror of akimd/bison on GitHub, where as of this writing there are 3 issues and 2 pull requests.

“Does the GNU project have any policy about trusting Microsoft with control of vital free software projects at all?”As of this writing, the most recent commit on git.savannah.gnu.org/cgit/bison.git is dated 2020-05-05 08:21:12 +0200 and also from akimd, who the GNU Savannah page says is the project admin.

Why would they do this? How could the GNU project possibly benefit from letting Microsoft gain control of Bison development? Akimd (not his full name, only his user) has 29 repos on GitHub, most of which are forks of other well-known GitHub projects. This is far from a positive move for GNU. It would be nice if this was the only new GNU project that was found on GitHub, though it’s not.

While Compact Disc Input and Control Library (better known as libcdio — as in libcdio-paranoia, not to be confused with cpio which is used to make archives and initrd images) seems to be still be based on Savannah, libcdio-paranoia (which is also available for download from http://ftp.gnu.org/gnu/libcdio/) is being developed on GitHub by the same person who maintains it for the GNU project. And he has 113 repositories there.

Does the GNU project have any policy about trusting Microsoft with control of vital free software projects at all? If they do, it isn’t being enforced in the mailing lists. Without more than a moment’s effort, this GNU mailing list conversation from as recently as last October was found, where potential GNU contributors are being encouraged to use GitHub:

“I recommend keeping your own fork of the repository somewhere, e.g. on Github. That way you have somewhere where you can push your changes for backup, in case you lose your local machine due to whatever reason. You would have to manage two remote git repositories then, your fork and the official upstream repo. But there’s plenty of documentation out there on how to do that.”

This isn’t to admonish the author for not following a rule that doesn’t exist, but to highlight the more-than-hypothetical threat that the GNU project faces from projects moving from GNU’s own hosting to Microsoft’s.

The GNU project may need to create a policy — so it’s a terrible shame that the FSF are presently without legitimate, strong or non-corrupt leadership. What a time for that, eh?

Those are the big stories, here are other findings that while they may have small problems individually, may contribute to a bigger picture issue overall:

Liquid War is a mix of Perl, Python and png files. The latter are for the program, rather than documentation.

LibreDWG seems to need Perl, Python support could be optional.

Kawa and Java Training Wheels have png files in the docs, iGNUit uses png for icons and help. Gxmessage has a png, GWL uses png, gsegraphix uses png, gnats has png in the doc. Gperf uses perl (texi2html) in /doc.

Idutils — Perl is optional?

“The GNU project may need to create a policy — so it’s a terrible shame that the FSF are presently without legitimate, strong or non-corrupt leadership.”Guile-opengl, gnatsweb, gmediaserver use Perl. Gnash uses Python, Perl in tests and png in /doc. Grep uses Perl in tests. Guile uses png in doc, libffi and flex, all of which are based in part on GitHub.

Gforth uses libfii, what’s sacrificed if ffcall or fflib is used instead? Gnowsys uses lots of Python.

GCompris is interesting. Built on Gtk and Python, it’s in the process of moving to Qt, qml and Javascript. Javascript often means GitHub, though so far the new GCompris repo seems to be GitHub-free. It’s unknown at this time if Qt has any GitHub deps like libffi, which glib2 from GNOME needs.

Findutils have Python in tests, freefont has Python in tools, Articulatory Speech Synthesis has Perl and Python, Autoconf has a Perl module, Autogen, cppi and classpath use Perl, Ball and Paddle has png in levels, ACM is Perl, so is the GNU Image Finding Tool.

“…Gitea devs at least seems to understand the importance of migration — hopefully they will be done moving away from GitHub in the near future.”DDD and Denemo have png files in the program, Electric VLSI Design System and BPEL2oWFN have png in the docs, Bayonne and ERC have Perl, C-Graph has png in the docs and cgicc has png in the demos.

Emacs uses Perl in the tests and /doc, Debian compiles it with png support, so even their “nox” version of emacs requires zlib1g from GitHub.

In part 3, we may get to tallying some statistics. Good news is welcome, and it’s nice to be able to say that Gitea devs at least seems to understand the importance of migration — hopefully they will be done moving away from GitHub in the near future. It’s really nice to have options, it’s even nicer to have real options. Sincerest and best luck to Gitea’s migration from GitHub — and where applicable, yours as well!

Long live rms, and happy hacking.

Licence: Creative Commons CC0 1.0 (public domain)

______
* If this article uses a parody of the GitHub logo based on the GNU head, I almost certainly used this one from Wikipedia

Share in other sites/networks: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Reddit
  • email

This post is also available in Gemini over at:

gemini://gemini.techrights.org/2020/05/05/gnuhub-pt-2/

If you liked this post, consider subscribing to the RSS feed or join us now at the IRC channels.

Pages that cross-reference this one

A Single Comment

  1. arm said,

    May 6, 2020 at 9:29 pm

    Gravatar

    Perhaps you should actually research where projects host their code a bit more and you would find that most of them only use github for a mirror.

    As a case in point check this link and you will see that the canonical source for perl is not github.

    https://perldoc.perl.org/perlhack.html#GETTING-THE-PERL-SOURCE

What Else is New


  1. Links 25/2/2021: RHEL for Open-Source Infrastructure, GNOME 40 Beta, LXPanel 0.10.1

    Links for the day



  2. IBM and Qt Don't Understand Free Software and They Now Impose Terms and Conditions on Who Qualifies for Use of Free Software Free of Charge

    IBM and Qt Don't Understand Free Software and They Now Impose Terms and Conditions on Who Qualifies for Use of Free Software Free of Charge



  3. Techrights Gemini Capsule, Now With Over 35,000 Pages and Files

    Blog posts combined with static (plain text) files are now 36,000+ in number, just for Gemini protocol alone; that number keeps growing as our conversion proceeds and evolves (our software will be released under terms of the AGPLv3)



  4. Eventually, or Hopefully, Many People Will Come Back to What the Web Used to Be (Or Web Alternatives More Like the 'Old' Web)

    With RSS feeds making a comeback and a resurgence of personal blogs we can take back the Web from a cabal of tech/Internet giants and social control media, censored, curated and spied on by oligarchy



  5. If Wikipedia is Controlled by Corporations and Mobs, It Needs to Be 'Cancelled'

    Facts have never truly mattered in social control media sites; it certainly seems as though Wikipedia now suffers the very same issue/deficit, allowing oligarchs and their companies to define what goes on in the world and which people Wikipedia should regard as persona non grata



  6. GNU/Linux Reaffirms Its Status as the Universal and Inter-planetary Operating System

    The operating system made for and by scientists (not business sharks and marketing cults) is winning the battle, and not only in this planet



  7. IRC Proceedings: Wednesday, February 24, 2021

    IRC logs for Wednesday, February 24, 2021



  8. Links 25/2/2021: Kali Linux 2021.1, Wine Launcher 1.4.46, and Google's Security Posing

    Links for the day



  9. Links 24/2/2021: MariaDB 10.5.9, Krita 4.4.3 Beta, and Debuginfod Server for Debian

    Links for the day



  10. Self-Host Your Videos, Take Full Advantage of HTML5 and Video Attributes

    For self-hosting of videos over the World Wide Web (Gemini too can handle videos; its clients/browsers can, for example, link video files/URLs to external media players) it's worth reviewing the full set of features made available by the standards because a lot can be accomplished without JavaScript and without unnecessary bloat/complexity



  11. Trying Out NoiseTorch to Reduce Background Sound/Noise in GNU/Linux

    An introduction to noisetorch (or NoiseTorch), an application that helps create virtual microphones/devices with reduced background noise



  12. How the Big Banks and OIN Can Whitewash Software Patents and Do Nothing Concrete About Patent Trolls

    Response to the puff piece entitled "How the Big Banks and OIN Can Lock Out Patent Trolls with Enabled Publications"



  13. IRC Proceedings: Tuesday, February 23, 2021

    IRC logs for Tuesday, February 23, 2021



  14. How to Set Up a Gemini Server of Your Own, Even on a Simple Single-Board Computer

    Using Agate to start one's own Gemini capsule (self-hosted) is a lot simpler than one might be inclined to believe; this is a detailed HOWTO, hoping to encourage more people to join Gemini space, which is fast-growing and free of garbage



  15. Links 23/2/2021: Tails 4.16, Libinput 1.17, Fwupd 1.5.7, Firefox 86, NeoChat 1.1

    Links for the day



  16. The Word Master is Not Problematic in Most Contexts and Its Origin Hasn't a Connection to Slavery

    Slavery is to the word "master" mostly disconnected; it might, however, be closely connected in the minds of racists or the agenda of highly racist corporations (profiting from racism) that look for ways to distract from their racism



  17. On Misapplication, Misuse, Overuse and Abuse of Words (to Suit False Narratives)

    It is looking like the word "abuse" has been extended to basically mean all sorts of things including the act of actually exposing real abuse



  18. The Administrative Council Needs to Fix the EPO While It's Still Possible

    EPO staff and former staff (pensioners) aren't happy and the it's the responsibility of the Administrative Council to do something before it's too late (the reputation of the Office is already severely harmed and it's unable/unwilling to recruit suitable and qualified people, both as examiners and managers, respectively)



  19. 'These Questions Remain Unanswered': Campinos Became Battistelli Just Halfway Through His Term

    The Central Staff Committee of the EPO highlights the grim situation or the deadlock reached after totally dysfunctional Office management somehow managed to kill off channels of communication, in effect going back to where things were back in 2018 under Battistelli



  20. 'The One Percent': Salary Adjustment Procedure (SAP) Supported Only by 1% of EPO Staff

    Out of 2,237 EPO workers who expressed their position on the SAP, which in essence lowers their salary, only 31 expressed support for it (that's 1.385%)



  21. IRC Proceedings: Monday, February 22, 2021

    IRC logs for Monday, February 22, 2021



  22. DDOS Attacks and Decentralisation

    Our server, which is shared among sites, has been under persistent distributed denial of service (DDOS) attacks almost every day in recent weeks, culminating in much worse attacks last night, but we're not too worried anymore



  23. Links 23/2/2021: Gemini (and Gopher) on the Rise Again, Systemd 248 Reaches RC1

    Links for the day



  24. On the Terms Master, Main and Abuse

    Reprinted with permission from Daniel Pocock



  25. Microsoft Inside — Part IV: Microsoft Everywhere, Looking to Poach Developers, Not Disclosing What It Really Wants

    As it turns out, just about everyone looking to recruit for a Microsoft-connected project/company (working on Raspberry Pi, Ubuntu etc.) near Microsoft is 'former' Microsoft, but people who are being approached aren't being told so, at least not upfront; those are very familiar and old tactics, which merit a word of caution to all



  26. Microsoft: We Ain't Done Until Raspberry Pi Won't Run (Anything But Our Proprietary Software With 'Telemetry' Surveillance)

    The ongoing series which we started yesterday and still publish today (about Microsoft recruiters) shows that Microsoft has rather toxic ambitions and the general idea is to infect everything with Microsoft, even the things that compete against Microsoft



  27. Controlling the Conduct of Large Corporations (and Monopolies) Would Help Tackle Disproportionate and Asymmetric Power Structures

    A "CoC" (Code of Conduct) is often crafted or drafted with good intentions; but with enforcement put in the wrong hands it is a tool of corporate oppression instead of protection of people's dignity



  28. Another Reason to Boycott Microsoft/GitHub: The War on Reverse-Engineering

    The high-profile fan-made reverse-engineering efforts are being proactively censored by Microsoft on behalf of another company (without as much as due process), reaffirming the problematic nature of GitHub, a monopoly that represses Free software developers



  29. Links 22/2/2021: Lots More About Linux on Mars, Release of 4MLinux 35.2

    Links for the day



  30. Microsoft Inside — Part III: Microsoft Finds Out That Free Software Developers Don't Want to Work for Microsoft on Microsoft Platforms

    The attempts to poach high-profile Free software and GNU/Linux developers aren't succeeding, especially once it turns out who's really behind those attempts (they don't give it away upfront)


RSS 64x64RSS Feed: subscribe to the RSS feed for regular updates

Home iconSite Wiki: You can improve this site by helping the extension of the site's content

Home iconSite Home: Background about the site and some key features in the front page

Chat iconIRC Channel: Come and chat with us in real time

Recent Posts