Open Source Body exits GitHub, prompting you to do the same

Open Source Body exits GitHub, prompting you to do the same

Software Freedom Conservancy (SFC), a non-profit organization focused on free and open source (FOSS), said it has stopped using Microsoft’s GitHub as a project host – and urges other software developers to do the same.

In a blog posts On Thursday, Denver Gingerich, SFC FOSS license compliance engineer, and Bradley M. Kuhn, SFC policy fellow, said that GitHub has come to play a dominant role in FOSS development over the past decade by building an interface and social features around Git, using software for open source version control.

By doing so, they claim, the company has convinced FOSS developers to contribute to the development of their own service that uses FOSS.

“We are ending all our own use of GitHub and announcing a long-term plan to help FOSS projects migrate away from GitHub,” Gingerich and Kuhn said.

We will no longer accept new member projects that do not have a long-term plan to migrate away from GitHub

SFC mostly uses self-rated Git repositories, they say, but the organization used GitHub to mirror its repos.

SFC has added one Give up on GitHub section of their website and asks FOSS developers to voluntarily switch to another code hosting service.

“While we will not be authorizing our existing membership projects to move right now, we will no longer accept new membership projects that do not have a long-term plan to migrate away from GitHub,” Gingerich and Kuhn said. “We will provide resources to support all our member projects that choose to migrate, and help them how we can.”

GitHub claims to have approximately 83 million users and more than 200 million archives, many of which are under an open source license. The cloud hosting service markets itself specifically for open source development.

For SFC, the interruption with GitHub was triggered by the public availability by GitHub Copilot, an AI coding assistant. GitHub’s decision to release a for-profit product derived from FOSS code, SFC said, is “too much to bear.”

Copilot, based on OpenAI’s Codex, proposes code and features for developers as they work. It can do so because it was trained “on natural language text and source code from publicly available sources, including code in public archives on GitHub,” according to GitHub.

Gingerich and Kuhn see it as a problem because Microsoft and GitHub have failed to provide answers about the copyright implications of training their AI system on public code, why Copilot was trained on FOSS code but not copyrighted Windows code, and if the company can specify all software licenses and copyright holders associated with the code used in the training data set.

Kuhn has written earlier about his concern that Copilot’s training could involve legal risks and others have raised similar concerns. Last week, Matthew Butterick, a designer, programmer and lawyer, published a blog post states that he agrees with those who claim that Copilot is an engine for violating open source licenses.

“Copilot completely breaks the connection between its inputs (= code under different open source code) and its outputs (= code algorithmically produced by Copilot),” he wrote. “Thus, after 20+ years, Microsoft has finally produced exactly what they falsely accused open source of being: a black hole of IP rights.”

Poison pills

Arrogant, subtle, titled: ‘Toxic’ Open Source GitHub Discussions Examined


Such claims have not been settled and are unlikely to be until there is an actual litigation and judgment. Other lawyers note that GitHub’s Terms of Use give it the right to use host code to improve the service. And of course, legal experts at Microsoft and GitHub think they’re looking for license compliance, which they do forward to those who use Copilot to generate code.

“You are responsible for ensuring the security and quality of your code,” explains the Copilot documentation. “We recommend that you take the same precautions when using code generated by GitHub Copilot as you do when using any code you did not write yourself. These precautions include rigorous testing, IP scanning, and security vulnerability tracking.”

Gingerich and Kuhn claim that GitHub’s behavior with Copilot and in other areas is worse than its peers.

“We do not believe that Amazon, Atlassian, GitLab or any other for-profit host are perfect actors,” they said. “But a relative comparison of GitHub’s behavior with its peers shows that GitHub’s behavior is much worse. GitHub also has experience of ignoring, dismissing and / or belittling community complaints on so many issues that we must urge all FOSS developers to leave GitHub as such. as soon as they can. “

Microsoft and GitHub did not immediately respond to a request for comment. ®

#Open #Source #Body #exits #GitHub #prompting

Leave a Comment

Your email address will not be published.