Tom Ryder, 27 Oct 2017
Last updated: Sun, 04 Jul 2021 12:10:48 +0000
I host all my own code on my cgit instance. I do have an account on GitHub, but only because it’s a requirement to contribute to certain projects and even to log into some websites. I avoid using the account where possible, and I don’t host code on it anymore since June 2016.
The primary reason I host code on my own domain is a practical one: I can retain control over its location via URI redirects if it needs to move, including redirects to another site if necessary.
However, I also dislike the tacit acceptance of GitHub as the dominant free software hosting platform for a decentralised version control protocol, when it is itself centralised, proprietary, for-profit, closed-source, and politically active. These things make it vulnerable to the same issues and abuse that affected SourceForge. I feel that the free software and open source communities turn a blind eye to this massive liability.
Regardless of your position on individual cases, the fact that so much controversy results from any censorship activity from GitHub should be considered a warning sign that too much depends on their service. Some examples:
The issue here is not political correctness, it’s centralisation. If GitHub were not in this monopolistic position, nobody would care so much about any of the above. The overwhelming monopoly that GitHub has as a code host is a problem that the free software community chooses to ignore.
GitHub has investors who do not care a whit for free software principles, and eventually the company will get acquired—maybe tomorrow, maybe next year—and as we all know, money changes everything.
Don’t leave your project’s nerve centre—its primary address, its means of contribution, its issue tracker, its website, its primary documentation, its continuous integration, everything—in a way you can’t redirect!—at the mercy of people who merely want a return on their investment, and do not care about the principles of a minority of angry nerds.
If you are managing a free software project, please do not host it on GitHub, or at least allow a method of contributing that does not depend on using it or any other proprietary code hosting platform:
Other options include a self-hosted GitLab, Gogs, Gerrit, or Gitea instance. More ambitious or puritan sysadmins might choose to self-host Drew DeVault’s stellar sr.ht system, which implements a much wider range of GitHub’s features, for an “integrated development hosting” environment.
There are some more good reasons not to use GitHub or its ilk discussed here:
Since this page was published, Microsoft has acquired GitHub, and there’s been a small exodus to third-party hosting on GitLab, proving as a community we still aren’t really learning our lesson about third-party code hosting. That said, at least the core software for GitLab is open source, so it’s a marginal improvement, but we could be doing so much better.
If you’re reading this because you’re angry about the acquisition and pondering a move to GitLab, I advise you instead to take the plunge and self-host your code repositories, even if you use the resource-hungry GitLab to do it. It is not as hard as you think, and once done, this problem will never bite you again.
Dave Lane explains in detail why the “Microsoft Loves Linux” slogan is so empty.
GitHub is blocking users from Crimea, Iran, and other places. For developers dependent on it as a service for their projects, this has been crippling, in yet another vindication for the decentralized design of Git that GitHub and other third-party hosting sites have so callously butchered.
Hello, visitors from lobste.rs! Thank you for your discussion and critique. I’ve added mention of the excellent-looking Gogs, Gerrit, and Gitea, and adjusted some wording for accuracy and clarity.
To emphasise: nothing in this essay is intended as praise or criticism specifically of social justice, advocacy for protected groups, censorship, United States foreign policy, or its effect on GitHub specifically—they have to follow the law, like anyone else. The focus here is on centralisation onto a commercial service, running proprietary code, subject to the laws of a single country, that already has a monopoly on code hosting for free and open source software, and the free software community’s wilfully ignoring the issues therewith.
The GitHub section of the GNU Ethical Repository Criteria now links to this page. Thank you, GNU!
It’s become more widely known that GitHub had a contract with United States Immigrations and Customs Enforcement (ICE), an ethical hot-topic at present after similar disputes with config management software Chef. Again, the issue here is not whether this is good or bad, it’s that you’re handing GitHub power over your work, while they may be using their proprietary software to political ends that you find repugnant, and refusing you the right to fork and apply their code in the way that suits you, the user. Avoiding these sorts of problems is the entire basis of Freedom 0.
A short post by Rian Hunter is doing the rounds, pointing out the grave copyright problems with GitHub's “Copilot” experiment. If you needed another indicator that GitHub is testing the waters to see what abuses of your code it can get away with in future, this is a good one. Please do not host your code on GitHub if you can possibly avoid it.