05.09.20

The GitHubification of Free Software

Posted in Free/Libre Software, GNU/Linux, Microsoft at 2:10 am by Guest Editorial Team

Article by Thomas Grzybowski

3 rabbits caged

Summary: “The optimal solution to the ongoing GitHubification of Free Software would be the creation of a successfully competitive software development repository specialized to the Free Software community.”

GitHub is proprietary software and a manifestation of surveillance capitalism right smack-dab on the face of it. But that is the very least of the problem here. GitHub is an existential problem for Free Software – a crisis that is almost completely obscured from our notice.

GitHub is a major part of Microsoft’s future, and it is not speculation to note that GitHub undermines Free Software. Microsoft is a company which has dedicated itself to ending the Free Software movement – a company which has formally banned the use of the GPL from any of its internal software. If anyone dismisses that GitHub can be an existential problem, see this example pointing to our future: https://www.gnu.org/software/fribidi/ . Here one thinks one is going to a GNU site, but is in fact being directed to Microsoft.

This observation is far from an isolated fact. Free Software advocate figosdev has painstakingly analyzed a vast array of GNU/Linux software packages and compiled volumes of information showing that GNU is becoming dependent upon GitHub in its development processes.

http://techrights.org/2020/05/03/gnuhub-pt-1/

http://techrights.org/2020/05/05/gnuhub-pt-2/

http://techrights.org/2020/05/08/gnuhub-pt-3/

There is a long list of concerning facts documented in the above references, but in essence they add-up to show a strong and growing dependence of GNU “Free” software development upon GitHub: Perhaps most notably (being a basic GNU software development tool), GNU Bison has moved to GitHub, with Bison using GitHub for its development platform. The GNU repository is only a mirror. This is extremely problematic, and again not an isolated fact.

How did this situation come about? A major part of this “trap” is what is called the “Network Effect”. As each additional project-piece of software becomes embedded in GitHub, the “benefit” for each and all such projects increases – and the social cost of avoiding the site also increases. Already a GitHub presence is “expected”. And Microsoft has greased the slide by actually paying some project-leads to host their projects there.

In regards to the actual migrations onto GitHub, it can be a four-step process, each step seemingly trivial relative to the previous:

  1. Use of GitHub’s social interfaces for bug tracking.
  2. Use of GitHub as a mirror as a backup site, and “presence” for people’s convenience.
  3. Use of GitHub for development (seeing as most of the bug tracking and pulls happen there).
  4. GitHub becomes the canonical source site.

This is all pretty straightforward, above-board, and not a mystery. But, as we have seen documented above, the migration process is extensive and yet there has been little notice paid to the intrusion of this conduct into Free Software development. Let us be clear: Free Software and GNU are becoming dependent upon Microsoft.

Microsoft dependency is an existential crisis for Free Software. First of all, the source code and other content itself physically resides on Microsoft’s servers. These materials are then fully under their control and open to easy and extensive analysis for technical and strategic information. Surveillance activities involve the real names, locations and associations of people working with GitHub. And there are yet other real and potential benefits to Microsoft emerging from having the source code under their control:

  1. Censorship, and the implicit threat thereof.

  2. Blackmail – the implicit or explicit threat of loss of service or censorship.

  3. Manipulatively granting some projects preferential treatment, payment, or services.

  4. Behavior manipulation and opinion modification – through GitHub payments, site messaging, and marketing.

  5. Outright (direct) monetization of use.

What can be done about this situation? Here things become even more problematic. Earlier in the history of GNU, Free Software was widely perceived to be incommensurate with the activities of companies such as Microsoft. (Microsoft’s aggressively monopolistic and proprietary practices at the time being exceedingly well documented.) In fact, Free Software can be seen largely as a reaction to these behaviors. Psychologically there was a good degree of oppositional motivation: programmers could see matters as being one of “Us vs Them” when thinking about Microsoft, and the Free Software movement was able to progress. But now that Microsoft “Loves Linux”, etc., this motivation becomes weak, diluted, undirected. When “Them” (the non-Free Software forces) are a large part of “Us”, the situation changes markedly, and what needs to be done to advance our freedoms becomes extremely difficult.

So, What To Do? One, I think, would be for any Free Software organization worth the name to require appropriately licensed software to be hosted on the home server or other vetted open-source, Free Software server for development. Proprietary services would be out of the question, as they are non-Free with users having no knowledge of what is going on behind the scenes.

An immediate step is for any important project which is being developed on GitHub to be encouraged to move off of that platform. If the project in question does not have a mirror, it should be mirrored elsewhere, ideally with the permission of the project manager, but not necessarily. This is indeed what Free Software is all about. In this way, if GitHub censors any project it will still remain immediately accessible to users. This mirroring also bleeds-off just a little of Microsoft’s implicit denial-of-service threat they hold over their client projects. Each of us should pick a project we wish to mirror and maintain that mirror!

The optimal solution to the ongoing GitHubification of Free Software would be the creation of a successfully competitive software development repository specialized to the Free Software community. Such a site (or set of distributed sites) could well be a successful replacement to GitHub because it would not be subject to the limitations, compromises, and contradictions inherent to a private proprietary entity run for profit. The effort needed to achieve such a success may be seen as prohibitive – but, as we have seen above, it is necessary.

Share in other sites/networks: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Reddit
  • email
  • Slashdot

If you liked this post, consider subscribing to the RSS feed or join us now at the IRC channels.

Pages that cross-reference this one

6 Comments

  1. Babby Mann said,

    May 9, 2020 at 4:59 pm

    Gravatar

    I’m flabbergasted by this piece. It’s riddled with unsubstantiated claims and runs down rabbit holes without clear direction. I’m not going to defend Microsoft, principle member of the Oligarchy, but I’m not even sure how you think they’ll achieve some of the oppressive things you claim they will perpetrate on FOSS through GitHub?

    It even sounds like the unhinged ravings of a lunatic.

    PS: I’m posting as Babby Mann because I don’t need the inevitable stream of unreasoning rage I’m going to get over the mere suggestion of collusion with “the enemy.”

    PPS: You people seriously need to get your SSL shit together. They cost nothing but a little time with configuration and you put all of your readers at risk by leaving your WordPress configuration wide open.

    PPPS: If you can’t secure an installation of WP, how can you comment on software freedom?

    Dr. Roy Schestowitz Reply:

    figosdev has asked me to relay the following reply for him:

    I’m flabbergasted by this piece. It’s riddled with unsubstantiated claims and runs down rabbit holes

    really? weve literally been talking about this subject all week here. it would be redundant for tom to rehash everything so far. i mean it literally links to part 1, 2 and 3– you didnt notice? where even a critic of part 2 said that part 3 had more substance.

    i guess you werent paying attention. just wanted to vent?

    I’m not even sure how you think they’ll achieve some of the oppressive things you claim they will perpetrate on FOSS through GitHub?

    was that a question? its worded like a statement, but you stuck a question mark at the end. were you unsure of your statement?

    It even sounds like the unhinged ravings of a lunatic.

    i suppose it would, if you were completely unaware of everything weve talked about this week. there are really no giant leaps in toms commentary– maybe go attack the articles i wrote instead, theyre what prompted tom in the first place.

    PS: I’m posting as Babby Mann because I don’t need the inevitable stream of unreasoning rage I’m going to get over the mere suggestion of collusion with “the enemy.”
    well its a stupid name, as far as “unreasoning rage” i think theres some projecting going on– not unlike the trolling going on in irc this week.

    its funny that you just assume that we will accuse you of being “with the enemy” and that you make note of the fact that youre posting with an alias, because that lines up with the behaviour of the irc troll. when youre so quick to deny things we havent accused you of, you might be overcompensating to hide that youre actully what you claim not to be. that makes everything else you said even funnier.

    you could just be a guys whos bored and needs to do this for a laugh, its only the timing (on the heels of the quite rare irc troll) that makes it suspect and priceless.

    PPS: You people seriously need to get your SSL shit together.

    its a work in progress, well commented on in articles already. is this the first time your boss sent you here? welcome to techrights.

    if youre looking for stuff to troll, i wrote part 1, 2 and 3. part 4 is coming up, if youd like to grace it with your presence and keen wit. if youre not afraid to use an “insecure” website, that is. cheers.

  2. Babby Mann said,

    May 10, 2020 at 2:08 pm

    Gravatar

    So, on your suggestion, I “read” through the other parts of this epic (?) condemnation of Microsoft’s grand, decades-long effort to take over open source.

    Aside from the fact that everything presented is a rehash of the same tired idea over and over again, ad nauseum, there is nothing more than a single point being made throughout; Microsoft is evil.

    Your evidence is that project X requires dependencies Y and Z and Q and those are all hosted or mirrored on GitHub, which is now owned by Microsoft and, since Microsoft is evil incarnate, then these projects are subject to Microsoft’s evil intentions.

    I tracked back a bit further to the Abbot Labs piece. That is truly horrible and I’d like to see many, many corporate executives and their lawyers burn in hell (or, at least have a channel I can tune into to have a laugh now and then as they flail about infernally), but this only serves to illustrate that our legal system hasn’t been up to the task of adjudicating technical law, like, forever…

    Let’s examine that a bit by looking at Google. Google offers their own code repo system. They also “started” the Android project. Hell, Google was built on FOSS, but they’ve managed to build an empire on ad revenues and walled gardens, a sort of low rent Apple. Chromium is yet another open source project, which Google turned into Chrome, the world’s most used web browser, and is yet another part of their ecosystem.

    Google, it seems, has had the chance to “take over” open source for some time now. While I’m sure there have been instances where people have made bad choices and courts have flubbed decisions, I don’t see where Google has actually managed to control anything FOSS they initially created to the point where it prevents anyone from forking them, and their source control service clearly can’t blackmail or censor anyone, at least not that I’ve seen or heard of.

    Transpose Microsoft with Google, and you get the same problems with your cries of the sky falling. Again, the Abbot Labs thing is atrocious and will hopefully be corrected by another court, but it doesn’t correlate to the idea that because M$ owns GitHub it can freely take over FOSS projects and make them closed source, or is just stealing the time and talent of millions of coders.

    There are a number of problems with the systems we all use and rely on, whether we are directly aware of it or not. The courts don’t know how to deal with technology. There are too many forms of FOSS license. The general public doesn’t know anything about FOSS and there’s a hard line between not being technical and being an open source advocate that most people can’t cross, much less find due to all of the fragmentation and abstraction.

    To that end, who can really explain what the difference between free beer and free speech actually is, an abstract concept that most people just don’t understand in the context of software, its development, and its usage. Can you, in a way that makes sense?

    So, I’m not going to defend Microsoft, or any corporate pigdog entities out there, but the thousands upon thousands of words written on this blog about this subject isn’t going to convince anyone with a basic sense of pragmatism and critical thinking skills that the sky is falling.

    Not to be too crass, but if the argument for open source was so compelling, why isn’t the world using it by default? The answer to that is simple in that the open source community at large hasn’t come up with a compelling enough argument that open source is better than what they have now.

    Back to the principle point, though, you and the other person aren’t making any case as to HOW Microsoft will subvert the existing FOSS ecosystem to make it all their own and censor it aside from citing their ownership of GitHub. And somebody else owned GitHub before Microsoft and they charged more for less and had the same legal restrictions, but it wasn’t as bad before M$ bought it, so I guess I’m confused as to what you think is happening here.

    I’d certainly be interested in hearing any theories on the mechanics of how M$ would take over FOSS or how the censorship part might work, or how they might close open sources or force open sources to restrict access.

    There’s a few projects from a guy somewhere. One of them is WebCatalog which runs on Electron. Dude charges money to unlock unlimited apps. His projects are hosted on GitHub, too. It appears he built everything on FOSS. What should happen to him?

    This is my first time trolling. How’m I doing?

    PS: Let’s Encrypt was started by the EFF so everyone, EVERYONE, could have free SSL certs for their web sites, even this site!

  3. Canta said,

    May 10, 2020 at 2:15 pm

    Gravatar

    @figosdev:

    No.
    Just don’t.

    Do not answert to that. There may or may not be legit statements there, but this is Internet, and you’re tracking attention. That is: you may or may not be feeding a troll. Under the doubt, you don’t answer. And that is not about being right, but about hygiene.

    If you still want to answer some of the points, please take your time and write another article. Don’t answer this stuff quickly and with “winning a debate” in mind. It just don’t work.

  4. dan2 said,

    May 11, 2020 at 10:28 pm

    Gravatar

    Seems to me this project could be a solution. It’s licensed with MIT, so the FSF may not like it, but it’s basically self-hosted GitHub. I’ve been hosting my code on it for awhile and it works well.

    https://gitea.io/en-us/

    It is, ironically, itself, hosted on GitHub, but they do mention they plan to be self hosting.

  5. Dr. Roy Schestowitz said,

    May 12, 2020 at 12:45 am

    Gravatar

    Gitea was mentioned in http://techrights.org/2020/05/08/gnuhub-pt-3/

    Yes, we still wait to see if they make the migration happen.

What Else is New


  1. [Meme] Two Dictators: How the EPO Shuffled the Dictatorship's Cards

    EPO President António Campinos turns out to be no better and even less popular than Benoît Battistelli



  2. 2020: The Year the Patent System Converged With Naked Fascism

    The worldwide system of patents, administered in part by WIPO (fronting for the super-rich), is losing the argument and instead — nowadays more than ever before — it is resorting to authoritarianism (the kids’ gloves are off)



  3. Links 31/10/2020: KDE on Hugo, NetBSD Moves From TWM to CTWM

    Links for the day



  4. Links 30/10/2020: WordPress 5.5.2 and NSA Mum on Its Back Doors Policy

    Links for the day



  5. Free Software is Still Under Attack From Software Patents (GNOME Getting Patent Trolls to Settle Isn't the Real Solution)

    We're asked to believe that a sort of "patch" (suggested by companies or monopolies with endless patent portfolios) means that Free software and software patents can co-exist; behind the scenes, however, "community distros" (not developed and controlled by monopolies) are coming under patent attacks which they cannot publicly speak about



  6. Microsoft is Already Bribing the Likely Next US President (Having Also Paid the Trump Campaign) to Ensure Microsoft Can Get Away With Crimes and Receive Bailouts from Taxpayers

    Microsoft is still controlling "both sides" to ensure that it remains in control of the administration; it's already looting the taxpayers while still lying to shareholders ('legalised' embezzlement)



  7. With Microsoft in Charge, OpenSSF Seems More Like It's About Back Doors -- Not Real Security -- Inside the Linux Foundation

    Another Linux Foundation (LF) group seems to have been taken over by the company that’s attacking Linux and attacking real security (as opposed to fake security or back doors in the name of “national security” — the Trojan horse for imperialistic coercion, worldwide)



  8. IRC Proceedings: Thursday, October 29, 2020

    IRC logs for Thursday, October 29, 2020



  9. Living in a State of Constant and Never-Ending Fear Will Harm Software Freedom

    "Freedom" or "liberty" may seem to have been co-opted by extreme right-wing and COVID-denying (or COVID-minimising) elements, but at the moment we do stand to lose many "tech rights" (in the name of "protecting" us)



  10. [Meme] Mozilla's 2020 Vision

    Mozilla does not seem to understand that proprietary Azure and proprietary GitHub won't offer Mozilla a way/path out of the mess it's in



  11. Techrights Done With Maintenance For Now, Will Resume Posting at a Higher Publication Pace

    With a few new features added to the site we can finally resume normal operations (more articles per day)



  12. Moving to Phones Won't Liberate Users

    A so-called 'phone' (or 'smart' phone) with Linux under the bonnet isn't freedom; it's a branding war being won, but principles are being abandoned



  13. Links 29/10/2020: LibreOffice 7.0.3, Linux 5.9.2, NVIDIA 455.38 Linux Driver

    Links for the day



  14. Links 29/10/2020: Istio 1.6.13, Krita 4.4.1 and PyPI Key-Signing Ceremony

    Links for the day



  15. IRC Proceedings: Wednesday, October 28, 2020

    IRC logs for Wednesday, October 28, 2020



  16. Links 28/10/2020: Linux Dropping WiMAX Support, Istio 1.7.4, Ubuntu is “Hirsute Hippo”

    Links for the day



  17. Linux Foundation (Men for Monopolies) Once Again Hijacking Women's (and Minorities') Voices for Public Relations

    Diversity and tolerance are absolutely essential, but those who preach or lecture us about it most loudly (their financial means or privilege enable media reach) set a bad example and are mostly opportunistic hypocrites who perpetuate the status quo



  18. In a State of Flux Due to Maintenance and Improvements

    For the first time since summer of 2019 we're investing time and effort improving the site in a number of ways



  19. Links 28/10/2020: Torvalds on Succession, PyTorch 1.7.0

    Links for the day



  20. [Meme] Stealing the Competition

    After the fall (and fail) of CodePlex Microsoft decided to grab the Linux Foundation and most Git-based projects (through GitHub) — a strategy even Microsoft can learn to love



  21. IRC Proceedings: Tuesday, October 27, 2020

    IRC logs for Tuesday, October 27, 2020



  22. Links 28/10/2020: FreeBSD 12.2, NixOS 20.09 and WordPress 5.6 Beta 2

    Links for the day



  23. Taking Our Efforts to the Next Level in an Increasingly Proprietary and Hostile Web

    Web users are being repressed by mechanisms of mass manipulation, control and restrictions; the Web may not be going away any time soon, but architectural and topological issues need to be overcome (the sooner, the better)



  24. Read Techrights Without a Web Browser

    Any text editor can now be used to read Techrights, owing to a daily bulletin we've set up and will maintain every day



  25. [Meme] Torvalds Assimilated

    People belatedly realise that Microsoft’s plan for Git (and for Linux) isn't for the betterment of those projects but for Microsoft monopoly



  26. Links 27/10/2020: FuguIta 6.8, Fedora 33, Red Hat Satellite 6.8, KDE Plasma 5.20.2 and GStreamer 1.18.1

    Links for the day



  27. Site Changes Ahead of Anniversary

    We’re making some changes to the presentation and function of the site — changes that will become more prominent over the coming days



  28. IRC Proceedings: Monday, October 26, 2020

    IRC logs for Monday, October 26, 2020



  29. Links 26/10/2020: rpminspect 1.2, Open Source Hardware Certification and LibreOffice Conference

    Links for the day



  30. Links 26/10/2020: Debian "Bullseye" Artwork, Fwupd 1.5 Released

    Links for the day


RSS 64x64RSS Feed: subscribe to the RSS feed for regular updates

Home iconSite Wiki: You can improve this site by helping the extension of the site's content

Home iconSite Home: Background about the site and some key features in the front page

Chat iconIRC Channel: Come and chat with us in real time

Recent Posts