The GitHubification of Free Software

Guest Editorial Team

2020-05-09 07:10:28 UTC
Modified: 2020-05-09 07:10:28 UTC

Article by Thomas Grzybowski

3 rabbits caged

Summary: "The optimal solution to the ongoing GitHubification of Free Software would be the creation of a successfully competitive software development repository specialized to the Free Software community."

GitHub is proprietary software and a manifestation of surveillance capitalism right smack-dab on the face of it. But that is the very least of the problem here. GitHub is an existential problem for Free Software - a crisis that is almost completely obscured from our notice.

GitHub is a major part of Microsoft’s future, and it is not speculation to note that GitHub undermines Free Software. Microsoft is a company which has dedicated itself to ending the Free Software movement – a company which has formally banned the use of the GPL from any of its internal software. If anyone dismisses that GitHub can be an existential problem, see this example pointing to our future: https://www.gnu.org/software/fribidi/ . Here one thinks one is going to a GNU site, but is in fact being directed to Microsoft.

This observation is far from an isolated fact. Free Software advocate figosdev has painstakingly analyzed a vast array of GNU/Linux software packages and compiled volumes of information showing that GNU is becoming dependent upon GitHub in its development processes.

http://techrights.org/2020/05/0 3 /gnuhub-pt-1/

http://techrights.org/2020/05/05/gnuhub-pt-2/

http://techrights.org/2020/05/08/gnuhub-pt-3/

There is a long list of concerning facts documented in the above references, but in essence they add-up to show a strong and growing dependence of GNU “Free” software development upon GitHub: Perhaps most notably (being a basic GNU software development tool), GNU Bison has moved to GitHub, with Bison using GitHub for its development platform. The GNU repository is only a mirror. This is extremely problematic, and again not an isolated fact.

How did this situation come about? A major part of this "trap" is what is called the “Network Effect”. As each additional project-piece of software becomes embedded in GitHub, the "benefit" for each and all such projects increases - and the social cost of avoiding the site also increases. Already a GitHub presence is "expected". And Microsoft has greased the slide by actually paying some project-leads to host their projects there.

In regards to the actual migrations onto GitHub, it can be a four-step process, each step seemingly trivial relative to the previous:

Use of GitHub’s social interfaces for bug tracking.

Use of GitHub as a mirror as a backup site, and “presence” for people’s convenience.

Use of GitHub for development (seeing as most of the bug tracking and pulls happen there).

GitHub becomes the canonical source site.

This is all pretty straightforward, above-board, and not a mystery. But, as we have seen documented above, the migration process is extensive and yet there has been little notice paid to the intrusion of this conduct into Free Software development. Let us be clear: Free Software and GNU are becoming dependent upon Microsoft.

Microsoft dependency is an existential crisis for Free Software. First of all, the source code and other content itself physically resides on Microsoft’s servers. These materials are then fully under their control and open to easy and extensive analysis for technical and strategic information. Surveillance activities involve the real names, locations and associations of people working with GitHub. And there are yet other real and potential benefits to Microsoft emerging from having the source code under their control:

Censorship, and the implicit threat thereof.
Blackmail - the implicit or explicit threat of loss of service or censorship.
Manipulatively granting some projects preferential treatment, payment, or services.
Behavior manipulation and opinion modification – through GitHub payments, site messaging, and marketing.
Outright (direct) monetization of use.

What can be done about this situation? Here things become even more problematic. Earlier in the history of GNU, Free Software was widely perceived to be incommensurate with the activities of companies such as Microsoft. (Microsoft’s aggressively monopolistic and proprietary practices at the time being exceedingly well documented.) In fact, Free Software can be seen largely as a reaction to these behaviors. Psychologically there was a good degree of oppositional motivation: programmers could see matters as being one of “Us vs Them” when thinking about Microsoft, and the Free Software movement was able to progress. But now that Microsoft “Loves Linux”, etc., this motivation becomes weak, diluted, undirected. When “Them” (the non-Free Software forces) are a large part of “Us”, the situation changes markedly, and what needs to be done to advance our freedoms becomes extremely difficult.

So, What To Do? One, I think, would be for any Free Software organization worth the name to require appropriately licensed software to be hosted on the home server or other vetted open-source, Free Software server for development. Proprietary services would be out of the question, as they are non-Free with users having no knowledge of what is going on behind the scenes.

An immediate step is for any important project which is being developed on GitHub to be encouraged to move off of that platform. If the project in question does not have a mirror, it should be mirrored elsewhere, ideally with the permission of the project manager, but not necessarily. This is indeed what Free Software is all about. In this way, if GitHub censors any project it will still remain immediately accessible to users. This mirroring also bleeds-off just a little of Microsoft’s implicit denial-of-service threat they hold over their client projects. Each of us should pick a project we wish to mirror and maintain that mirror!

The optimal solution to the ongoing GitHubification of Free Software would be the creation of a successfully competitive software development repository specialized to the Free Software community. Such a site (or set of distributed sites) could well be a successful replacement to GitHub because it would not be subject to the limitations, compromises, and contradictions inherent to a private proprietary entity run for profit. The effort needed to achieve such a success may be seen as prohibitive – but, as we have seen above, it is necessary. ⬆

Comments

dan2

2020-05-12 03:28:40

Seems to me this project could be a solution. It’s licensed with MIT, so the FSF may not like it, but it’s basically self-hosted GitHub. I’ve been hosting my code on it for awhile and it works well.

https://gitea.io/en-us/

It is, ironically, itself, hosted on GitHub, but they do mention they plan to be self hosting.
Babby Mann

2020-05-09 21:59:30

I'm flabbergasted by this piece. It's riddled with unsubstantiated claims and runs down rabbit holes without clear direction. I'm not going to defend Microsoft, principle member of the Oligarchy, but I'm not even sure how you think they'll achieve some of the oppressive things you claim they will perpetrate on FOSS through GitHub?

It even sounds like the unhinged ravings of a lunatic.

PS: I'm posting as Babby Mann because I don't need the inevitable stream of unreasoning rage I'm going to get over the mere suggestion of collusion with "the enemy."

PPS: You people seriously need to get your SSL shit together. They cost nothing but a little time with configuration and you put all of your readers at risk by leaving your WordPress configuration wide open.

PPPS: If you can't secure an installation of WP, how can you comment on software freedom?

Dr. Roy Schestowitz

2020-05-10 03:31:39

figosdev has asked me to relay the following reply for him:

I’m flabbergasted by this piece. It’s riddled with unsubstantiated claims and runs down rabbit holes

really? weve literally been talking about this subject all week here. it would be redundant for tom to rehash everything so far. i mean it literally links to part 1, 2 and 3-- you didnt notice? where even a critic of part 2 said that part 3 had more substance.

i guess you werent paying attention. just wanted to vent?

I’m not even sure how you think they’ll achieve some of the oppressive things you claim they will perpetrate on FOSS through GitHub?

was that a question? its worded like a statement, but you stuck a question mark at the end. were you unsure of your statement?

It even sounds like the unhinged ravings of a lunatic.

i suppose it would, if you were completely unaware of everything weve talked about this week. there are really no giant leaps in toms commentary-- maybe go attack the articles i wrote instead, theyre what prompted tom in the first place.

PS: I’m posting as Babby Mann because I don’t need the inevitable stream of unreasoning rage I’m going to get over the mere suggestion of collusion with “the enemy.” well its a stupid name, as far as "unreasoning rage" i think theres some projecting going on-- not unlike the trolling going on in irc this week.

its funny that you just assume that we will accuse you of being "with the enemy" and that you make note of the fact that youre posting with an alias, because that lines up with the behaviour of the irc troll. when youre so quick to deny things we havent accused you of, you might be overcompensating to hide that youre actully what you claim not to be. that makes everything else you said even funnier.

you could just be a guys whos bored and needs to do this for a laugh, its only the timing (on the heels of the quite rare irc troll) that makes it suspect and priceless.

PPS: You people seriously need to get your SSL shit together.

its a work in progress, well commented on in articles already. is this the first time your boss sent you here? welcome to techrights.

if youre looking for stuff to troll, i wrote part 1, 2 and 3. part 4 is coming up, if youd like to grace it with your presence and keen wit. if youre not afraid to use an "insecure" website, that is. cheers.

Babby Mann

2020-05-10 19:08:10

So, on your suggestion, I "read" through the other parts of this epic (?) condemnation of Microsoft's grand, decades-long effort to take over open source.

Aside from the fact that everything presented is a rehash of the same tired idea over and over again, ad nauseum, there is nothing more than a single point being made throughout; Microsoft is evil.

Your evidence is that project X requires dependencies Y and Z and Q and those are all hosted or mirrored on GitHub, which is now owned by Microsoft and, since Microsoft is evil incarnate, then these projects are subject to Microsoft's evil intentions.

I tracked back a bit further to the Abbot Labs piece. That is truly horrible and I'd like to see many, many corporate executives and their lawyers burn in hell (or, at least have a channel I can tune into to have a laugh now and then as they flail about infernally), but this only serves to illustrate that our legal system hasn't been up to the task of adjudicating technical law, like, forever...

Let's examine that a bit by looking at Google. Google offers their own code repo system. They also "started" the Android project. Hell, Google was built on FOSS, but they've managed to build an empire on ad revenues and walled gardens, a sort of low rent Apple. Chromium is yet another open source project, which Google turned into Chrome, the world's most used web browser, and is yet another part of their ecosystem.

Google, it seems, has had the chance to "take over" open source for some time now. While I'm sure there have been instances where people have made bad choices and courts have flubbed decisions, I don't see where Google has actually managed to control anything FOSS they initially created to the point where it prevents anyone from forking them, and their source control service clearly can't blackmail or censor anyone, at least not that I've seen or heard of.

Transpose Microsoft with Google, and you get the same problems with your cries of the sky falling. Again, the Abbot Labs thing is atrocious and will hopefully be corrected by another court, but it doesn't correlate to the idea that because M$ owns GitHub it can freely take over FOSS projects and make them closed source, or is just stealing the time and talent of millions of coders.

There are a number of problems with the systems we all use and rely on, whether we are directly aware of it or not. The courts don't know how to deal with technology. There are too many forms of FOSS license. The general public doesn't know anything about FOSS and there's a hard line between not being technical and being an open source advocate that most people can't cross, much less find due to all of the fragmentation and abstraction.

To that end, who can really explain what the difference between free beer and free speech actually is, an abstract concept that most people just don't understand in the context of software, its development, and its usage. Can you, in a way that makes sense?

So, I'm not going to defend Microsoft, or any corporate pigdog entities out there, but the thousands upon thousands of words written on this blog about this subject isn't going to convince anyone with a basic sense of pragmatism and critical thinking skills that the sky is falling.

Not to be too crass, but if the argument for open source was so compelling, why isn't the world using it by default? The answer to that is simple in that the open source community at large hasn't come up with a compelling enough argument that open source is better than what they have now.

Back to the principle point, though, you and the other person aren't making any case as to HOW Microsoft will subvert the existing FOSS ecosystem to make it all their own and censor it aside from citing their ownership of GitHub. And somebody else owned GitHub before Microsoft and they charged more for less and had the same legal restrictions, but it wasn't as bad before M$ bought it, so I guess I'm confused as to what you think is happening here.

I'd certainly be interested in hearing any theories on the mechanics of how M$ would take over FOSS or how the censorship part might work, or how they might close open sources or force open sources to restrict access.

There's a few projects from a guy somewhere. One of them is WebCatalog which runs on Electron. Dude charges money to unlock unlimited apps. His projects are hosted on GitHub, too. It appears he built everything on FOSS. What should happen to him?

This is my first time trolling. How'm I doing?

PS: Let's Encrypt was started by the EFF so everyone, EVERYONE, could have free SSL certs for their web sites, even this site!
Canta

2020-05-10 19:15:27

@figosdev:

No. Just don't.

Do not answert to that. There may or may not be legit statements there, but this is Internet, and you're tracking attention. That is: you may or may not be feeding a troll. Under the doubt, you don't answer. And that is not about being right, but about hygiene.

If you still want to answer some of the points, please take your time and write another article. Don't answer this stuff quickly and with "winning a debate" in mind. It just don't work.
Dr. Roy Schestowitz

2020-05-12 05:45:48

Gitea was mentioned in http://techrights.org/2020/05/08/gnuhub-pt-3/

Yes, we still wait to see if they make the migration happen.

The GitHubification of Free Software

Comments

Recent Techrights' Posts