Important open source projects should not use GitHub

Published on 2020-10-23. Modified on 2022-09-01.

Thousands of the worlds best open source projects are still hosting their code repositories on GitHub. Since Microsoft has purchased GitHub this has become a serious problem.

It is no news that Microsoft purchased GitHub in 2018, everyone knows that. Yet despite that fact thousands of the worlds most important open source projects continue to host their code on GitHub.

Microsoft is very actively purchasing important projects related to open source and in April 2020 it was announced that they had now also acquired npm, a JavaScript packaging vendor, for an undisclosed sum of money.

Perhaps the younger generation don't know anything about the past "evils" of Microsoft and naively believe that Microsoft is now the good friend to open source, but the truth is that all these acquisitions of open source projects is a business tactic that is put in place to improve Microsoft's loosing position to open source. It is a matter of control.

Some project developers only keep parts of the code in personal repositories, others haven't even got a backup but trust fully that GitHub will always have a working and current release of the latests commits.

For years people have warned about the "dangerous" position of GitHub because it concentrates too much of the power to make or break the community in a single entity. Having Microsoft behind the steering wheel makes the situation much worse.

Nobody in the world of open source or free software could ever have imagined uploading code to Microsoft just a decade ago. Microsoft where the archenemy of open source and free software in the nineties and they deployed all kinds of dirty tactics to keep other operating systems out of the market, especially dirty tactics against Linux. In the early 2000s the then CEO Steve Ballmer said:

Linux is a cancer that attaches itself in an intellectual property sense to everything it touches.

And for many years they tried to gain control over Linux and manipulated the market in different ways in order to "crush the competition". When they realized they couldn't do that and that the battle was lost, they deployed a new tactic in which they instead try to make money of Linux, which is what that are doing now in a lot of areas, and which is why they now contribute the open source communities.

Having the worlds largest repository of important open source code reside in the hands of Microsoft is madness.

Why haven't all the major projects migrated? Running a self-hosting Git server isn't that difficult and there even exists several open source solutions that are pretty solid.

Why is it that we have stopped caring? Have everything really gotten so damned convenient that we have become too lazy to do anything?

Large/important open source projects should always self-host their repositories in order to stay completely independent. For smaller projects alternative solutions to the more popular services such as GitHub, GitLab and BitBucket does exist (not an exhaustive list):

A few good solutions for self-hosting (not an exhaustive list):

Relevant reading