Microsoft acquiring GitHub

Hello everyone!
After that Microsoft bought GitHub and many GitHub users have migrated to GitLab, I was wondering what is next for ROS right now?
Thank you!

I don’t understand this non-sense about migrating to Gitlab.
As long as Github doesn’t change the Terms of Service in a way that annoys its users, I wonder why we should even consider migrating.

4 Likes

I think that users just not trust Microsoft for keeping GitHub policy and respecting the Open Source philosophy

yes , Microsoft change policy surely according to his old behavior

I agree with @facontidavide, there is no point of migrating at this point of time. Basically, Microsoft is trying to invest and acquire many open-source platforms and softwares. They have open-sources few of their softwares on github, so I guess it’s better to wait for sometime

2 Likes

I can’t speak for Microsoft, but it wouldn’t make a lot of sense to buy GitHub and then alter the ToS. I may be giving them too much credit, but I’m sure they’re aware that users (a) won’t want anything to change and (b) have other options and will migrate their code bases if pushed. Seems like it’s at least worth waiting to see if/how things change before running away.

4 Likes

@lisuwang not just changing policy, but in my opinion, ruin the hole technology. After buying Skype, Microsoft stopped releasing the Linux version of Skype. As a Linux user I could not connect to Skype unless I use the web version which slows down my laptop performances. Consequently, I had to give up on using Skype. Microsoft sabotaged Skype and I will not be surprised if they will do the same for GitHub

1 Like

Even ignoring the fact that Microsoft has acquired GitHub, setting up Gitlab mirrors wouldn’t hurt. It’d be just redundancy in case GitHub goes down or is blocked by ISP. Waiting for a ToS change or a first nose-bleed just puts the issue off to the next time, when we might shift the goalposts again to delay a mirror/migration.

AFAIK, Gitlab migrates issues as well (though I don’t know if it keeps the issues in sync also), but the comment section gets spoiled (as expected)

EDIT: <doomsday_warning> For a company that wants to help open-source (and is a member of Linux Foundation), I personally find no Linux release for Skype and MS Office to be on par with authwall on LinkedIn in terms of locking people in the walled gardens. I expect GitHub to follow suit. I might be just pointing out a few anomalies in a big company because we have .NET (to some extent), VS Code, Typescript, other tools like C++ GSL, C++ Rest SDK, etc. as evidence that I might be just ranting </doomsday_warning>

1 Like

I guess next time , Microsoft will acquire ubuntu , Debian …
We will be back dark age again !

I strongly support ensuring that our tools and processes enable users of all public and private Git solutions. Which I do believe we presently do have decent support on a per-package basis. Though the core of ROS is in practice tied heavily to GitHub I don’t immediately see much making it impossible to move if there were the will to do so.

That being said I do support minimizing conflict/chaos and we should remain on GitHub today. It really is up to OSRF, and I very much trust the team’s guidance.

I however, very much DO NOT trust Microsoft as a former employee of several years and encourage an exit plan should anything change. I don’t expect evil behavior just carelessness and poor management similar to Nokia(Microsoft Mobile) and Skype. Both cases where they spent considerable money and effort, did not mean to kill products or ostracize users but did none the less.

1 Like

I believe there is no reason to panic. Every maintainer of a ROS package can already today decide for themselves where to host their packages. Almost everyone is on GitHub though. Here’s a quick breakdown of the current released packages for Kinetic:

github.com 1457 96,75%
bitbucket.org 37 2,46%
gitlab.com 8 0,53%
self-hosted git 2 0,27%

Migrating ~1500 packages away from GitHub is an enormous task. Even mirroring a package on two Git hosting providers has costs: One of the copies has to be read-only, i.e. no pull requests accepted (otherwise chaos will ensue). The copies have to be kept in sync. Etc etc.

In short, it’s already possible today for package maintainers to migrate away from GitHub. Personally, I would recommend staying calm and see what happens before committing an enormous amount of time and creating a lot of confusion needlessly.

5 Likes

People are worried about a company with a bad track record in open source to control a vital piece of infrastructure. Lately Microsoft has improved a lot, but people might still have “evil behaviour” such as during the browser wars, their “Get The Facts” campaign or license fee agreements with Android manufacturers in mind.

Personally, I’m not so worried (I really like some of the work they are doing related to Kubernetes, e.g. helm, brigade and draft, which are all hosted on GitHub), but I understand the worries of older developers.

Also it should be noted that GitLab has some benefits over GitHub, one being that GitLab’s community edition is open source, while GitHub as a platform is closed source. Also GitLab seems to be a better solution for managing large scale centralized open source projects such as GNOME (https://about.gitlab.com/2018/05/31/welcome-gnome-to-gitlab/). Even if GitLab itself gets acquired at some point, the platform could be forked and continued independently. Another major benefit of GitLab is that it can be self-hosted.

For now Microsoft has announced that they will run GitHub as an independent company, which should also remove some worries. Also, the new CEO of GitHub, Nat Friedman, was - ironically - involved with a company developing major parts of GNOME early on, such as the Evolution mail client.

1 Like

Microsoft today does not bear much resemblance to the Microsoft of yesteryear, but that aside Microsoft has always been fairly strong on supporting developers and what they want. Microsoft is aware of the way the software development world is going and has been adapting for several years now. They have a lot of major open source projects, and they are actually open source with the full repository and all development being done in the open, which is not a pattern you see that often from large companies opening up their products’ source.

If you’re worried about a for-profit company purchasing your bastion of open-source freedom, remember that GitHub has always been a for-profit company, and was in desperate need of money to prevent it going under and taking your repositories with it until this week.

6 Likes

Also GitLab seems to be a better solution for managing large scale centralized open source projects such as GNOME.

The reason GNOME switched to GitLab was ideological, not technical. In the article you linked, they said that: “We had a set of hard requirements, with the most important one being that it must be free software, ideally not only in license but also in spirit.” There is nothing wrong with that, and I’m a strong open source advocate myself, but one should keep in mind that there is nothing technical about Gitlab that makes it somehow better for large-scale repositories. Aside from that, ROS does not have any monolithic large-scale repositories.

Even if GitLab itself gets acquired at some point, the platform could be forked and continued independently. Another major benefit of GitLab is that it can be self-hosted.

For self-hosted repositories, there is nothing better than Gitlab IMO. At the institute I work at, we use a big self-hosted Gitlab instance for all our private repositories. However, that all is irrelevant to the question posed in this thread, which is whether we should switch from github.com to gitlab.com (i.e., the cloud-hosted Gitlab instance) right now. The answer to that question is “no” in my opinion.

I agree with you in spirit, but I think it should be noted that GitLab is not just a self-hosted GitHub, but also offers built-in features such as CI/CD which in GitHub you would use external services to manage.

Just to make it clear, I’m not advocating for moving any ROS project to GitLab. Like you said, maintainers can already decide where to host their packages. Maintainers also seem to have a lot of freedom in deciding how to organize their work. I do believe GitLab has some features which benefit centralized projects, but ROS is not a centralized project so I don’t know whether those features are useful for maintainers of ROS packages.

What would it take to regularly back up the entirety of ROS so that it could be reconstituted in the event of for example github.com disappearing forever for whatever reason? Could every package (and all forks) be backed up- and not just the released ones (there could be an opt-in list)? Can all the issues and pull requests and comments be scraped and redeployed into a different set of hosting software- and keep the cross links alive? Users would reclaim their accounts and forks by verifying through the emails they used in commits?

If the answer is ‘it would be really really hard and likely tons of recent work and documentation in comments would be lost’ maybe there ought to be a general plan to steer towards making it easier and reducing the amount of lost work. Mitigating that extreme case would also have the side benefit of making it easier to switch hosts for less cataclysmic reasons, like gradual neglect, or increasing numbers of disaffected open source developers gravitating towards something newer and shinier- ideally something that solves all of the above problems also, by storing all comments in parallel git repos, and providing a seamless web user experience for what is actually a patchwork of distributed servers (both public and private) using a federated user authentication scheme, and integrated blockchain buzzword compliance etc.

Let’s just be clear, M$ bought Github, not git itself. If they decide to create MS-git, then we should look at moving repos.

That said, as many people have stated, it can’t hurt to mirror gitlabs or a local repo to github for High Availability and re-assurance.

Thanks,
D

1 Like

In terms of code, basically every git clone living on people’s machine is already a backup, and it includes all branches (try running git branch -a for example).

Regarding issues, pull requests etc, GitHub has a REST API which you can use for that. If you for example want the issues reported on https://www.github.com/ros/ros, you can simply do curl -i https://api.github.com/repos/ros/ros/issues. For getting a list of forks, do curl -i https://api.github.com/repos/ros/ros/forks.

Maybe this could be integrated with ROS.org’s “browse software” or the wiki for each package (e.g. show branches, list issues).

Nat Friedman, future CEO of GitHub, held an AMA yesterday. It may shed some light on voiced concerns:

Hi, I’m Nat Friedman, future CEO of GitHub (when the deal closes at the end of the year). I’m here to answer your questions about the planned acquisition, and Microsoft’s work with developers and open source. Ask me anything.

https://www.reddit.com/r/AMA/comments/8pc8mf/im_nat_friedman_future_ceo_of_github_ama/

2 Likes