GitHub, a company used and trusted by the thousands of open-source projects whose reach and impact serves as the framework for modern technological...
For further actions, you may consider blocking this person and/or reporting abuse
GitHub was not and is not "a friend" that you've lost. It has been, for a long time now, a corporation, in Silicon Valley, backed by people who like to make a lot of money (VCs). The one good take away from your piece is that people have indeed forgotten about the basic tenet of decentralised source code systems, namely the decentralised part.
Would you have been happier if GitHub had gone public? Being at the whim of a small group of people who truly only care about profit? GH is a for-profit business and so are GitLab and Bitbucket. You may like them now, but sooner or later things will change for them too and they will be bought, go public or go bankrupt.
My main objection to your reasoning is that Microsoft is somehow so much worse than GitHub. I have no love lost for MS but they are simply bigger than GitHub. When you feel yourself weeping over your lost friend, remember it's just another corporation that took $350M in funding over time and is now worth $7.5B; i.e. big business, not a rag-tag group of ideological friends. And (some of) the people running GH may be good people, but MS also employs a lot of people, a good number of which with values similar to yours.
I personally feel that Satya Nadella has put the non-Windows parts of MS on a smart course, smart business these days being a lot of open source and cloud. Who knows, maybe in 5 years everything will be different again, but for now I'm fine with them, and you're not which is cool, but in the end this is just business in the valley. Try the competition, because GH is already getting a bit complacent, but keep in mind that they too will sooner or later do the things that corporations do.
Totally agree. It's really about the slap in the face realization of, why did I not see that GitHub was just like the rest before? And judging by open-source's dependence on GH, this looks like it might have been a collective delusion.
It will be good for GH to get some more competition, acquired or not, but I've tried some stuff on Bitbucket and it's… not great. Atlassian in general is not renowned for their great UX, cough*JIRA*cough and Bitbucket has some very odd design elements.
GitLab is quickly getting better, but if they grow, it will be a duopoly which is only slightly better, and in the end, GitLab is also a VC backed venture, currently at $45M total so it's a virtual guarantee they will go public or be acquired at some point, because that is the way of the VC-backed company.
Like I said though, I am at peace with this state of affairs. Once you consider everything most people on the planet use is basically running on Amazon servers it puts things into perspective a bit. Infrastructure costs a ton of money and effort and I'm lazy and don't want to set up my own git servers. Git or Mercurial or such are theoretically good candidates for a Mastodon like setup, except that I would be a bit nervous about my origin suddenly disappearing because someone needed to cut back costs. Could be an interesting project though.
I think the main difference with gitlab is that it is partially open source. If they get acquired and things go south the project could get forked (which would be likely with a large user base). This has happened with Owncloud, MySQL, etc. I see this as really just being another reason to favour open source.
What's stopping Microsoft from spying on emails of millions of private organizations and governments that already use and trust hosted Office 365 Exchange or other SaaS services?
How is this different than trusting Amazon to host your data or code in the AWS Cloud?
Simply put, it would be devastating to their business if there was even a whiff of a breach of privacy - all you have to do is look at Facebook right now.
Even companies like Apple and Facebook, which would in any other circumstance only conduct business with Microsoft under very explicit terms, host their open-source software on GitHub.
OSS projects have associated licenses, that have very explicit terms.
Take the tinfoil hat off - Microsoft is not out to get you or your code.
The acquisition will come with changes to Github. I think this is what people are mostly worried about.
I understand your gut feeling about the acquisition, especially considering that Standard Notes is focused on ensuring privacy through encryption.
GitHub explains on their security page that they don't encrypt repositories:
Their explanation makes sense to me, but I don't know if it does it for you.
Do you think you'll look to move to a different platform like Gitlab, or stay on Github and maybe just distribute releases through a different platform?
Ideally the next step would be to use our own CDN (aka AWS), which admittedly is not a huge step up. So I'm not too sure yet what this means. But definitely, I'm more concerned about releases than I am about actual code/issues.
I just came across a security issue relevant to this discussion. Gitea (a GitHub alternative hosted on GitHub) just had its releases on GitHub compromised:
github.com/go-gitea/gitea/issues/4167
The solution they're going for is to GPG sign their releases. Another probably simpler way to resolve your concerns could be to just post the SHA256 hashes of the releases on an external domain and include directions to check the hash of the release from GitHub in the installation instructions.
Yup, this is the direction I'll be going in as well.
To the point of GH being a business: If they are not making enough money through enterprise customers to make it profitable, would you rather be happy if they remove the free-for-open-source benefit, and start charging you for hosting your code? Don't think so. I actually think that would kill the business...
Now, what other company would be willing to pick up the tab? Oracle? FB? Amazon? IBM?
Not a chance you would get the system running as originally was.
Yes, I have based this post on the premise that they were not making money, but the fact that they spent 1 year looking for a CEO makes me doubt about their financials.
Another point I saw in the comments that resonated was: if the code is open anyways, what will you lose? privacy?
This was really more about the CDN aspect for me of GitHub releases :)
To everyone who thinks MS is going to do something malicious with their code now that they own GH:
Your code was already open source. There has never been any physical barrier preventing shady folks from using your legitimate code in shady ways. There are laws and OSS licenses to protect you so that you can sue anyone who tries to do anything shady with your code.
If MS wanted to do something shady with your code, they could/would have done it already, except that they would have been sued for it. And this is still the case. Nothing has magically changed to make the law not apply to them now that they own GH. They acquired GH the company and GH the platform, but they did not acquire your code.
Furthermore, MS has only proven themselves to be great stewards of every major platform they've acquired: Xamarin, Linkedin, Minecraft, Skype, they are all much healthier companies and better products now than they were when MS bought them. Likewise, GH will continue to be the same great product, but will have a healthier company and with more experienced leadership pushing it forward.
The author refers to binaries/build artifacts, not the source. Source code is still tracked by git which does a decent job of making tampering difficult.
Microsoft has a record of not contesting in court requests from the US government. As a Canadian, I do not trust Microsoft to do the right thing.
I'm glad to see that many people does not think in Microsoft as open-source lover even with all the marketing and money they are using. People may forget the past and think Microsoft care about them as the "old school" people who insisted in free software when it was not a thing.
I am extremely concerned about this acquisition by Microsoft. OSS has indeed lost a friend.
On the other hand, it will be really interesting to see how Google, Apple and the likes deal with this news. Do you think they will migrate their projects from Github?
I'm not sure, but I would be surprised if they didn't.
"NO CORTANA, I don't want to make a pull request and share it with all my Skype friends right now!"
Just saying :D
Would you rather Google or Facebook have bought GitHub?
No easy answers :) The only good outcome would have been been for GitHub to be non-VC backed, but a little too late for that..