There seems to be a lot of hysteria going on in various communities that depend on GitHub for their project hosting around the Microsoft acquisition (just look in the comments here and here). Obviously a lot of social media ink will be expended on this, so I’d just like to explain why as a committed open source developer, I think this will actually be a good thing.
Firstly, it’s very important to remember that git may be open source, but GitHub isn’t: none of the scripts that run the service have much published source code at all. It may be a closed source hosting infrastructure that a lot of open source projects rely on but that doesn’t make it open source itself. So why is GitHub not open source? Well, it all goes back to the business model. Notwithstanding fantastic market valuations there are lots of companies that play in the open source ecosystem, like GitHub, which struggle to find a sustainable business model (or even revenue). This leads to a lot of open closed/open type models like GitHub (the reason GitHub keeps the code closed is so they can sell it to other companies for internal source management) or Docker Enterprise.
Secondly, even if GitHub were fully open source, as I’ve argued in my essays about the GPL, to trust a corporate player in the ecosystem, you need to be able to understand fully its business motivation for being there and verify the business goals align with the community ones. As long as the business motivation is transparent and aligned with the community, you know you can trust it. However, most of the new supposedly “open source” companies don’t have clear business models at all, which means their business motivation is anything but transparent. Paradoxically this means that most of the new corporate idols in the open source ecosystem are remarkably untrustworthy because their business model changes from week to week as they struggle to please their venture capitalist overlords. There’s no way you can get the transparency necessary for open source trust if the company itself doesn’t know what its business model will be next week.
Finally, this means that companies with well established open source business models and motivations that don’t depend on the whims of VCs are much more trustworthy in open source in the long term. Although it’s a fairly recent convert, Microsoft is now among these because it’s clearly visible how its conversion from desktop to cloud both requires open source and requires Microsoft to play nicely with open source. The fact that it has a trust deficit from past actions is a bonus because from the corporate point of view it has to be extra vigilant in maintaining its open source credentials. The clinching factor is that GitHub is now ancillary to Microsoft’s open source strategy, not its sole means of revenue, so lots of previous less community oriented decisions, like keeping the GitHub code closed source, can be revisited in time as Microsoft seeks to gain community trust.
For the record, I should point out that although I have a github account, I host all my code on kernel.org mostly because the GitHub workflow really annoys me, having spent a lot of time trying to deduce commit motivations in a sparse git commit messages which then require delving into github issues and pull requests only to work out that most of the necessary details are in some private slack back channel well away from public view. Regardless of who owns GitHub, I don’t see this workflow problem changing any time soon, so I’ll be sticking to my current hosting setup.
“Firstly, it’s very important to remember that git may be open source, but GitHub isn’t: none of the scripts that run the service have much published source code at all.”
A fair point, but non-Enterprise accounts host for free. And do so on a platform that isn’t one of the world’s largest geopolitical tech companies.
“…struggle to find a sustainable business model”
If your vision of creating a basically free code-hosting service is to make a profit then you understand nothing about the nature of science.
“As long as the business motivation is transparent and aligned with the community…”
Absurd. There is no trust in extreme competition and I personally will never take a Microsoft “at their word” or their contract, for that matter.
Yes, Github is a private corporation run by a young and fairly ignorant CEO who was known to be so. Is it shocking that they sold to Microsoft? No. But Github is essentially a public utility now for code-hosting. Allowing a ruthless behemoth like Microsoft to control such a resource is a blow to people with no money. Why? Figure it out. Is it guaranteed that Microsoft will privatize, monetize, fuck-up-itize Github? No. Is it good that they bought the one place where everyone kind of felt “yeah just go host your code on ‘there'”? No. It is not. I disagree with such moves all the way down, whether they relate to healthcare, the internet or Github.
I think you misunderstand my position. I argue you can’t “trust” any company at all. All corporations only act in their own self interest (profit motivation) and being a ruthless competitor is merely a manifestation of that. What I did in the GPL essay was to evolve a model of corporate to open source community interactions that didn’t require trust but instead relied on goal alignment. The essay was saying that in terms of that model Microsoft makes a better steward of GitHub than GitHub did principally because Microsoft is motivated by self interest and the business cost to it (and the growing Azure ecosystem) of doing something that the community would see as damaging to GitHub would be pretty severe.
“If your vision of creating a basically free code-hosting service is to make a profit then you understand nothing about the nature of science.”
Ate you claiming that GitHub was nonprofit? I am pretty sure that it was a company that at least tried to be profitable.
This reasoning has a huge fallacy: it assumes that Microsoft’s business model for GitHub is known, while it’s not at all.
If you consider that Microsoft has a P/E ratio of 30 (https://www.nasdaq.com/symbol/msft/pe-ratio ), GitHub will need to generate at least 250 M$/y in earnings for Microsoft. (Let’s not even talk profits.) How much is it generating now? Some forecasts say 200 for 2017. So maybe Microsoft doesn’t need to change much, or maybe it does.
Some speculate it’s about sinergies with LinkedIn (aka selling personal data to recruiters) but that’s not clear. Maybe we’ll know more before the deal is closed, assuming there is some serious antitrust process.