This is a bit depressing.
https://www.nerdmeritbadges.com/products/octocat
This underlying problem needs to become a priority. Either pressuring #github to go free software or getting free software to go elsewhere.
Github becoming synonymous with open source just muddies free software waters more.
Free Software needs free tools.
@satchmoz In the long term people will cry in disappointment when the company eventually tanks or gets bought and corrupted. But something else will replace it. Alternatives will be able to step in at the right moment.
Meanwhile, grown-up open source projects which have existed much longer mostly still run their own infrastructure, so it's _not_ going to brielfy take out absolutely everything.
@satchmoz BTW I am always amused when a new project arrives at the Apache Software Foundation and demands that their primary repository will be on Github and the ASF tells them "No, that would be incredibly short-sighted; you can only have a mirror there". This discussion repeats roughly every 6 months...
@paco The point is to stay independent. ASF projects do not host critical services outside of ASF infrastructure. This way the ASF can ensure long-term stability.
This is not specific to github and it applies to any critical services (of which version control is just one).
@deejoe @stsp i look at that list and cannot identify the harm those practices avoid. I think βpick your battlesβ. Itβs hard enough to produce free software. Donβt fight desktop OS battles, web browser battles, web browser plugin battles, UX battles and every other battle while trying to bring your free software to the people. Lose some battles in a few places, overall make progress towards the end goal.
It is hard. It's especially hard given the headlong rush to introduce dependencies on software into every facet of our lives. I'm generally inclined to see entreaties like yours about priorities benignly: I'm a glass half-full kind of guy most of the time. On the other hand, I'm reminded of the caution about getting someone to understand a thing when their job depends on them not understanding it.
@deejoe I also think you need to define βproprietary code hostingβ. I asked naively before (literally because I donβt know). What is βproprietaryβ about GitHub? Is there some licensed extension to the git protocol? Is there something they require of a project or an individual that is βproprietaryβ? I thought git was git, and theyβre effectively a commercial, value-added git-as-a-service business. Iβm open to being corrected.
But, to the extent anyone *only* uses github as *just* a git remote, you're right: There are only the usual worries one has about any generic host about capacity and availability, and on that count they're usually fine.
But "value added" is pretty much synonymous with "proprietary" and ushers in rent-seeking lock-in concerns.
After all, the Franklin Street statement about online services is 10 years old this year. The AGPL is older than that.
What we mean and where we all stand is not that hard to sort out to, as they say, one with ordinary skill in the art.
@deejoe If I am an open source project that has money (through endowment, patreon, whatever) can I pay a vendor for services (github, aws, rackspace)? Or is there really some expectation that I screen all my vendors for similar ideological purity? When someone says i canβt pay GitHub to host my code for ideological reasons, I wonder βhow could my project ever scale up?β
Consider insect parts in food: Insects are a part of some food cultures. The broader class of arthropods are even more commonly eaten (eg, prawns).
And yet, for non-insect foods, there are often permissible limits on how much insect contamination is permissible that has, in part, to do with limits of detection, how much harm their presence poses, etc.
I'm saying, I don't want cockroaches in my peanut butter. You're saying you like peanut butter, peanut butter contains some cockroach in it, so eating insects is OK.
Which, you know, again, I'm somewhat fine with. Except under pretty narrow circumstances I try not to tell people what to do. But by the same token, I want to be clear what is what, so I can also be clear in where we all stand, and in trying to get what I want.
Calling this stance "ideological purity" isn't quite on.
An ideology is a world view. We all have them. But using the term "ideology" to describe someone else's world view is a form of othering, trying to put one's own world view in a privileged, unexaminable position.
In other words, *you* have an 'ideology' but *I* just have common sense.
@deejoe I do think the word "ideology" fits just fine. It's not perjorative. That "ethical repositories" link you sent a couple days ago talks about "compatibility with copyleft ...philosophy". That is absolutely an ideological criteria. Ideological doesn't imply "mindless" or "bigoted" or something bad. It means driven by a set of principles, and that's exactly what this whole definition of "proprietary" is about. My own principles are different and absolutely open to scrutiny.
OK, you're doubling down on the word.
If you're willing to apply the term "ideology" to your own perspectives, then fine. If not, we might be done.
@deejoe It must be coming off wrong. When I'm saying "ideological" maybe you're hearing something negative implied like "narrowminded" or "blindly dogmatic" or something. It's not meant that way. These open source criteria are all guided by a philosophical principle. And they're making pragmatic decisions about what is desirable/undesirable based on alignment with those philosophies. I used "ideological" as a shorthand for "principled and pragmatic" not for "mindlessly bigoted".
as before, 'If you're willing to apply the term "ideology" to your own perspectives, then fine.'
@deejoe Absolutely. Of course. I'm principled and pragmatic as well. I have my own ideology based on the various principles that are important to me. I totally do NOT mean the way you phrased it that my ideology is "common sense" that's not open to interrogation, but your "ideology" is some crazy shit that should be discussed. The reason I engaged in the conversation is because I wonder if I'm wrong. I figure I'm probably making decisions off assumptions I can't support.
fair enough
FWIW, I've very recently argued for an option to use, eg, an extension of the Wordpress business model. I think it would be *great* to be able to pay a company to run their "community edition" cloud services for me, knowing that the price paid is a fair one in a competitive market in which I have the option at any point to switch to self-hosting (or, more likely, a different vendor).
Paying for proprietary "enterprise editions" co-mingles single-supplier vendor lock in. ie, rent-seeking
@deejoe Thatβs an extraordinary extreme position. At some layer in the stack there will be βproprietaryβ software. That free OS runs on CPUs that run proprietary microcode. The network routers (my ISPs, if not mine) that connect the hosts to the net run a proprietary OS. Look at the OSI reference model. How many layers can one operate with zero proprietary software? Maybe layer 5 on up? Proprietary layer 7 code is bad, but we shrug at layers 1-4?
You've shifted the discussion.
You started with "define proprietary".
Now you're arguing *for* proprietary.
Which, you know, fine: You be you.
But let's just be clear the direction you've taken this.
@deejoe @satchmoz I'm trying very hard to challenge my assumptions and beliefs. I work for a massive vendor of proprietary software and services. I absolutely come at this with an obvious world view that I am quite open about. And yet, here I am trying very hard to respectfully understand your point of view. There is need to mock. If the viewpoint is worth believing in, it will withstand this scrutiny.
@deejoe I asked for the definition because I didn't understand what was "proprietary". One pays to use their service. That's true. But that's neither here nor there for the definition, right? They don't make all the code available that they write/run in order to deliver the service one pays for. That seems to be the sticking point. The API that they support is open (right?), and they receive no rights to your IP if you host code there, right?
https://mastodon.sdf.org/@deejoe/99933207332221161
If the criteria in the links in the above do not apply, it's proprietary.
There are of course more references here. And I threw in the OpenBSD stuff even though, in one sense, they are the most stringent in terms of what they accept from upstream projects (in turn, they can be the most generous in what they offer their downstreams).
@deejoe I've read these criteria and I understand them. But what drew me into this conversation was the assertion that "GitHub"βjust the use of it as a service to host codeβwas incompatible with these principles. Do they impose license conditions on code they host? Does using GitHub to host one's code somehow tie your hands on how free and open you can make your code? I'm trying to get down to the root of the "GitHub == proprietary" assertion. If my code is on GitHub is it less free?
It's an unfree dependency.
I think it's healthy to talk about how much of a priority it is to remove that dependency, but unhealthy to deny it exists or that it has particular consequences.
@deejoe We're talking "free" WRT rights, not cost. And using GitHub doesn't grant anybody any rights and it doesn't restrict which rights I can grant. I don't see how it is an unfree dependency. Does signing up at GitHub cause users to agree to so something that we don't want them to be forced to agree to? They're just an online service. I'm expecting a pointer to some Ts&Cs or license language at GitHub where you say "THIS is what people should not have to agree to, just to host their code"
I'm sorry to put this so bluntly, because I'm pretty sure you understand this, but ... you realize Github runs *software* to provide that service, right? And that when you use Github, you are using that software?
That's the essential point: It's software that isn't free.
@deejoe Perfect. That's where I thought you were heading, and I think it's an impractical stance. The CPU your free OS runs on has proprietary microcode at its core. The hard drives and RAID controllers you might use all have proprietary firmware/microcode. Routers, switches in your network? Most have proprietary microcode/firmware. How does one run a service equivalent to GitHub in speed, reliability, scale, etc. but having no proprietary code in the infrastructure?
#freesoftware discourse 1/2 Show more
#freesoftware discourse 2/2 Show more
@deejoe So if I pay someone for a technical service (hosting code, software-as-a-service, whatever), they are proprietary unless they open up all the code that runs the services I pay for? Even if my business runs only on free software (apache, linux, whatever), I can't run a real business without a bunch of code that I will never share. Configs for servers, boot scripts, ansible playbooks, whatever. So the "if you can't fork it, it's proprietary" is too glib. That's an unusable shorthand.
@stsp Ok. But βwe have a unique, long-term vision to be independentβ does not translate into a justification for saying βitβs incredibly short-sightedβ to use github. Perhaps it is incompatible with the orgβs values (and I think the values should be reconsidered, but thatβs a separate argument). Being antithetical to ASFβs principles doesnβt support a statement that using github is βshort-sightedβ.
@paco I don't think many people in the ASF have ethical issues with this (many promote a proprietary + free software co-existence model). Rather, it is a more practical concern. They have built a long-term home for projects who share their vision, licence, and community process. This home is supposed to last "forever". Some ASF members attempt to plan ahead for an ASF in 50 years from now. I realize that "short-sighted" may sound harsh if we apply a much smaller time scale.
@paco It boils down to controlling your infrastructure, and yes that is naturally not something every project wants to do.
Hosting sites such as sourceforge and github are a good quick solution but their lifetime is determined by market forces.
The ASF provides long-term hosting on a non-profit basis but there is also a catch: The ASF will own the project. Its board has the power to exclude developers and even replace the entire developer base if deemed necessary for the project's survival.
@paco This same catch applies in other self-hosted communities: BSD projects for example also run their own infra and each has a unique process for giving a "key to the house" to a developer and for revoking such access. And so does the Linux kernel.
I think the question which kicked this thread off raises a valid concern: When hosting sites go down they can throw projects into temporary or permanent disarray. That's a huge responsibility if the site hosts a large chunk of the FOSS community.
@paco Of course, in practice projects can migrate away before business is closed for good. But it is disruptive. The last time mass migration occurred was when Google Code was shut down, and I don't remember anyone cheering.
@stsp Thereβs an implicit assumption that the ASF itself is less likely to go away than the commercial alternatives. Thus, self hosting is the better option. Iβd need to see why the forces that could (end? destroy? close?) the ASF are less likely to do so than the forces that would end a commercial hosting platform. Fundamentally I guess it boils down to whose charity youβre allowed to depend on: ASFβs or someone elseβs.
@stsp I donβt see what is βincredibly short-sightedβ. It is inexpensive, reliable, and effective, no? What is the thing that these naΓ―ve people donβt get? If this is so obvious and these arguments are made so often, feel free to point me to some blog somewhere. Iβll read.