re: What's your opinion on Microsoft's GitHub Acquisition? VIEW POST

re: Everyone is talking about open source, but what about all those software companies that paid GitHub to keep their repositories private? Now GitHub ...

It's always a risk decision to put source code in the hands of a 3rd party. Here in GBG, right now we have a significant amount of code in Bitbucket on premise, and in VSTS in the cloud. We did due diligence reviews and chose /not/ to use Github, or Gitlab, or any other cloud hosted SCM aside from VSTS a couple of years ago, mostly due to the information security risks they presented at the time: lack of redundancy for Github (now fixed), contractual issues with Gitlab, lack of multi-factor authentication support for Bitbucket in Atlassian cloud (also now fixed). We /do/ have a public Github organisation, for public working with collaborators (early days BTW!) for such things as maintaining API wrapper libraries. Even there, Github is not master, it's a public clone of selected source code.

Other large orgs (including the other big players) all have Github accounts, and use them for similar things, in similar ways to us, open source work with communities of interested parties to help sell their actual value-delivering products (eg: AWS templates, Mulesoft API samples, etc.)

Microsoft have very little to gain by pushing these things away (there are several perfectly workable alternatives after all so it's not going to dent the other orgs collaboration, just generate legal pain), and they are unlikely to have access to the 'crown-jewels' intellectual property of serious competitors, unless said competitor really didn't do much risk assessment. Even then, it would be a direct breach of contract if such access occurred, and likely a PR nightmare in a social media world.

I'm pretty happy with this from a day job POV, and personally it really doesn't make much difference, I have no private repos to worry about.

code of conduct - report abuse