Bonum Certa Men Certa

Microsoft GNU-Hub (Part 2)

Guest post by figosdev

GNUHub

Summary: "Does the GNU project have any policy about trusting Microsoft with control of vital free software projects at all?"

In part 1 of this series, various parts of the GNU project were looked at where Microsoft may have too much potential control over important components. To recap:



1. Perl is heavily used by the GNU Project, including by Automake. Several projects that need Perl were mentioned in Part 1, and several more will be mentioned in Part 2.

2. Zlib1g is needed by libpng, so we list projects that have png files (even in the documentation) as this GitHub-based library is needed to save and load png files with free software. If you know of a free alternative that doesn't need zlib1g -- libpng itself is not on GitHub -- let us know in the comments.

3. Libffi is needed by glib2, which is needed by Gtk. Gtk1 is also based on GitHub.

4. CPython is developed on and continues to migrate further to GitHub. PyPy is a drop-in replacement for some Python scripts, but not all. For this reason, projects that use Python code are mentioned in this series.

5. C Sharp code is included in WB B-tree Associative Arrays.

6. LibreJS uses the Jasmine library, which is based on GitHub -- build.sh even downloads it directly from Microsoft.

7. Gitea is also developed on GitHub, but they have had a goal of migrating since 2017 at the latest. One of the arguments for this is quotable, and is also part of the reason for this series:

"We build Gitea so everyone can use it, even users who are banned from GitHub (after recent ban wave from GitHub a lot of those users started using Gitea)."

"How could the GNU project possibly benefit from letting Microsoft gain control of Bison development?"This isn't just about where the code is, but where the development takes place and who controls access. Trusting Microsoft with free software development while they continue to fund various manoeuvres against it makes no sense. In that context, Part 2 will include some new items that somebody ought find surprising.

In Part 1, it was mentioned that "Flex, lex, Yacc and Bison are all related -- lex is a lexer, flex is an alternative, Bison is an alternative to Yacc and Bison often uses flex to get tokens."

Flex is GitHub-based, but it's not a GNU project -- though GNU Automake uses it.

But GNU Bison has also moved to GitHub -- along with Mac Changer (ages ago) and GNU Radio, Bison is actually using GitHub for development. The GNU git repo is only a mirror. Usually, GitHub mirrors are a mirror of something being developed OFF GitHub. For Bison, it's the other way around:

https://git.savannah.gnu.org/cgit/bison.git/commit/ "GNU bison (git mirror)"

Most of the projects on git.savannah.gnu.org just have the name of the project, where it says '(git mirror)'. This is a mirror of akimd/bison on GitHub, where as of this writing there are 3 issues and 2 pull requests.

"Does the GNU project have any policy about trusting Microsoft with control of vital free software projects at all?"As of this writing, the most recent commit on git.savannah.gnu.org/cgit/bison.git is dated 2020-05-05 08:21:12 +0200 and also from akimd, who the GNU Savannah page says is the project admin.

Why would they do this? How could the GNU project possibly benefit from letting Microsoft gain control of Bison development? Akimd (not his full name, only his user) has 29 repos on GitHub, most of which are forks of other well-known GitHub projects. This is far from a positive move for GNU. It would be nice if this was the only new GNU project that was found on GitHub, though it's not.

While Compact Disc Input and Control Library (better known as libcdio -- as in libcdio-paranoia, not to be confused with cpio which is used to make archives and initrd images) seems to be still be based on Savannah, libcdio-paranoia (which is also available for download from http://ftp.gnu.org/gnu/libcdio/) is being developed on GitHub by the same person who maintains it for the GNU project. And he has 113 repositories there.

Does the GNU project have any policy about trusting Microsoft with control of vital free software projects at all? If they do, it isn't being enforced in the mailing lists. Without more than a moment's effort, this GNU mailing list conversation from as recently as last October was found, where potential GNU contributors are being encouraged to use GitHub:

"I recommend keeping your own fork of the repository somewhere, e.g. on Github. That way you have somewhere where you can push your changes for backup, in case you lose your local machine due to whatever reason. You would have to manage two remote git repositories then, your fork and the official upstream repo. But there’s plenty of documentation out there on how to do that."

This isn't to admonish the author for not following a rule that doesn't exist, but to highlight the more-than-hypothetical threat that the GNU project faces from projects moving from GNU's own hosting to Microsoft's.

The GNU project may need to create a policy -- so it's a terrible shame that the FSF are presently without legitimate, strong or non-corrupt leadership. What a time for that, eh?

Those are the big stories, here are other findings that while they may have small problems individually, may contribute to a bigger picture issue overall:

Liquid War is a mix of Perl, Python and png files. The latter are for the program, rather than documentation.

LibreDWG seems to need Perl, Python support could be optional.

Kawa and Java Training Wheels have png files in the docs, iGNUit uses png for icons and help. Gxmessage has a png, GWL uses png, gsegraphix uses png, gnats has png in the doc. Gperf uses perl (texi2html) in /doc.

Idutils -- Perl is optional?

"The GNU project may need to create a policy -- so it's a terrible shame that the FSF are presently without legitimate, strong or non-corrupt leadership."Guile-opengl, gnatsweb, gmediaserver use Perl. Gnash uses Python, Perl in tests and png in /doc. Grep uses Perl in tests. Guile uses png in doc, libffi and flex, all of which are based in part on GitHub.

Gforth uses libfii, what's sacrificed if ffcall or fflib is used instead? Gnowsys uses lots of Python.

GCompris is interesting. Built on Gtk and Python, it's in the process of moving to Qt, qml and Javascript. Javascript often means GitHub, though so far the new GCompris repo seems to be GitHub-free. It's unknown at this time if Qt has any GitHub deps like libffi, which glib2 from GNOME needs.

Findutils have Python in tests, freefont has Python in tools, Articulatory Speech Synthesis has Perl and Python, Autoconf has a Perl module, Autogen, cppi and classpath use Perl, Ball and Paddle has png in levels, ACM is Perl, so is the GNU Image Finding Tool.

"...Gitea devs at least seems to understand the importance of migration -- hopefully they will be done moving away from GitHub in the near future."DDD and Denemo have png files in the program, Electric VLSI Design System and BPEL2oWFN have png in the docs, Bayonne and ERC have Perl, C-Graph has png in the docs and cgicc has png in the demos.

Emacs uses Perl in the tests and /doc, Debian compiles it with png support, so even their "nox" version of emacs requires zlib1g from GitHub.

In part 3, we may get to tallying some statistics. Good news is welcome, and it's nice to be able to say that Gitea devs at least seems to understand the importance of migration -- hopefully they will be done moving away from GitHub in the near future. It's really nice to have options, it's even nicer to have real options. Sincerest and best luck to Gitea's migration from GitHub -- and where applicable, yours as well!

Long live rms, and happy hacking.

Licence: Creative Commons CC0 1.0 (public domain)

______ * If this article uses a parody of the GitHub logo based on the GNU head, I almost certainly used this one from Wikipedia

Comments

Recent Techrights' Posts

Using SLAPPs to Cover Up Sexual Abuse and Strangulation
The exact same legal team of the Serial Strangler from Microsoft and Garrett already has a history fighting against "metoo"
Adding the Voice of Writers to UK SLAPP Reform
The journey to repair antiquated (monarchy era) laws will likely be long
Slopwatch: A Cause for Hope, the Hype is Dying
For about a month we showed that becoming a slopfarm - for several weeks - resulted in utter failure and ruin for BetaNews
 
Links 12/07/2025: Jail in China for Homoerotica, South Korea Discriminates Against Old Workers
Links for the day
If Only Everything Was Rewritten in Rust, We'd Have No More Security Issues?
Nope.
Links 12/07/2025: Birdwatching and Fake/Misleading Wall Street 'Valuation' Figures
Links for the day
Gemini Links 12/07/2025: How to Avoid Writing, Apps for Android
Links for the day
EPO Staff Committee on Harassment in the Workplace
slides
EPO Takes More Money From Staff for Speculation (Pensions), Actuarial Study Explains the Impact
"The key change in this year’s Actuarial Study, due to cascading the new “risk appetite” from the financial study, is a significant increase of the total pension contribution rate of 5.7 percentage points, up to a total of 37.8%. This is driven by an unprecedented decrease in the discount rate of 105 bps down to 2.2%."
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Friday, July 11, 2025
IRC logs for Friday, July 11, 2025
Microsoft - Like IBM - Does the "Relocation" Tricks (Start Over Elsewhere, Then Get Sacked by Microsoft)
It is a "low blow" or a "dick move"
After the Free Software Foundation's Campaign to Raise Money Let's See Campaigns to Finish Off Microsoft (Vista 11, GitHub etc.)
Microsoft is in effect collapsing
Your Publications Have No Major Impact Unless or Until You "Get Some Heat"
we're on the right track
Links 11/07/2025: Censorship Worsening, 3D Printing Success Stories, UK and France Unite Around Nukes
Links for the day
Gemini Links 11/07/2025: Zorin OS and Scriptonite Updates
Links for the day
Links 11/07/2025: Hardware, Russia, and China
Links for the day
Links 11/07/2025: Intel Collapsing and Microsoft Resorts to Bribery to Push Slop Via Obligatory Education
Links for the day
The EFF Sided With the Team That Strangles Women and Tells Women to Kill Themselves
They say that apathy and inaction are a form of a "stance"
"Nat [Friedman] and [the Serial Strangler From Microsoft] Were Always Exceptionally Close," Says Former Housemate and Colleague
Now Alex (hiding behind another name when that suits him) not only attacks women but also people who merely report what he did to women
Exemplary List of Things That Are Not Artificial Intelligence or Even Intelligence
The "age of AI" or "era of AI" or "AI revolution" mostly boils down to rebranding, just like "the cloud"
New Letter From the European Patent Office Explains How the Office Plots to Grant Many Illegal Patents, a Self-Fulfilling Prophecy of 'Growth'
Open letter to Mr Rowan (VP1) and Mr Aledo Lopez (COO)
Abuse of Process
5RB is employing people who help violent men
What Microsoft's Nat Friedman and Microsoft Lunduke Have in Common
"Get in da car; No time to explain, loser"
Microsoft and IBM Don't Have Much of a Future (They Mostly Pretend at This Point)
IBM and Microsoft are in some ways alike but in many ways different
It's Not Just Twitter (or X.com) That's Dying, Microsoft's Equivalent is Dying Also
Unable to find a business model
GitHub Copilot Can Cause the Bankruptcy of GitHub to Come Sooner and GitHub to be Shut Down Just Like Skype
Some publicly available information suggests that even for each paid subscriber for plagiarism (LLM 'coding') GitHub Copilot still loses more money than it makes
Wayland is Bad for the Planet
If you use Wayland, it'll take you longer to accomplish tasks and you will consume more energy (or battery life)
Legitimising Those Who Sabotage You
Microsoft is a very malicious company
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Thursday, July 10, 2025
IRC logs for Thursday, July 10, 2025
On Microsoft Layoffs
we might be looking at about 60,000 Microsoft layoffs since 2023
EPO Management Already Breaks Its Own Promise (Lie) on "Bringing Teams Together"
This gut-punching move happened just 2 days ago
Gemini Links 11/07/2025: Occupation of 2025 and "Old Man Yells At Soundcloud"
Links for the day
Our Lawsuits Against the 'Cancel Mob' (Ringleaders) Helped Reduce Anti-Free Software Online Abuse
That's not to say that lawsuits are the best way to handle terrible people. But that can help.
Tomorrow is the Last Day of the Fund-Raising Campaign of the Free Software Foundation (FSF)
They will probably extend the date, as usual
Fixing Patents in Europe, Little by Little (by Transparency and Reporting of Suppressed Facts)
Tomorrow and throughout the weekend we shall focus some more on the EPO
The Two Lies Microsoft is Telling in "the News" This Week (to Distract From Layoffs and Decreased Interest in Slop/Chaff)
Microsoft is run by liars and frauds who SLAPP critics
Tux Machines Already Destroyed SLAPPs
Attacks on the mere publication of GNU/Linux news won't be tolerated
PCLinuxOS is Available for Download Again
PCLinuxOS is important to us also because its founder, back then the partner of Susan, helped create Tux Machines more than 21 years ago
Links 10/07/2025: Microsoft E-mail 'Services' Collapse Again, "Yet Another Strava Privacy Leak"
Links for the day
Gemini Links 10/07/2025: Automating Git Repo Updates and Small Web 'Zine'
Links for the day
GNU/Linux Leftovers
mostly Linux stuff
Audiocasts/Shows: Going Linux, FLOSS Weekly, and RHEL Clones
3 new picks
We Are Already Fighting - With Considerable Success - SLAPPs in the UK
we intend to tell the full story
Bullies With Pens and Papers (or Apple Macs With Templates)
Not all barristers are evil, but there are perhaps "rotten apples"
Slopwatch: webpronews.com, linuxsecurity.com, linuxjournal.com
a pile of trash disguised as 'articles'
Links 10/07/2025: Linda Yaccarino Divorces MElonazi Site, Wildfires Hit Syria
Links for the day
The History and the Policy of the EPO's Stance on Breastfeeding (Corporate Monopolies Versus Babies' Health)
"The Case for Introducing a Breastfeeding Policy at the EPO"
Gemini Links 10/07/2025: Inventing Chords and "Nightmare Boss"
Links for the day
Igor Ljubuncic Once Again Shows That for Technical Reasons Wayland Still Sucks, Performs Considerably Worse Than What Existed for Decades
That is aside from compatibility factors and other crucial factors
Links 10/07/2025: "Apple Vs The Law" and Twitter Became Full Nazi Bar
Links for the day
Unable to Find Anyone to Work as Their Media Lawyer, Brett Wilson LLP Will Continue Losing Female Staff
What sort of sick person would wish to join Brett Wilson LLP to carry this baton?
Microsoft-Sponsored Propaganda Site Has Removed False 'Hit Piece' About Dr. Stallman (With Fake and Misrepresented Imagery) But Only After 4 Years
So they only removed that page some time around 2025, i.e. about 4 years after it had been published
Always Check Your Inputs
Garbage in, garbage out. Or wrong assumptions, wrong corollary.
Dan Neidle Said That Tax Evasion Facilitator Mr Zahawi (Working to Silence Bloggers Through Brett Wilson LLP) Targeted Not Only Him (But The Others Kept Quiet)
"Mr Neidle said after repelling Mr Zahawi he was contacted by bloggers and tweeters who had received similar threats. They deleted their work “and in most cases never commented publicly on anything again”."
SLAPP Funding Transparency Urgently Needed in the UK and Elsewhere (in Practice, Not Just in Theory)
Writing about crime - including Microsoft crime - is not a crime
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Wednesday, July 09, 2025
IRC logs for Wednesday, July 09, 2025
Elodie Bergot Still Doing Illegal Things at the EPO, Based on the Local Staff Committee Munich
They keep taking away from the staff while compelling the staff to do illegal things