Opinion Code is being refused if it comes from developers in sanctioned Russian companies... but it's not clear if this is an effective move. Cui bono?
The Reg has seen two recent incidents of Russian developers being blocked from public development of FOSS code. One was a refusal on the Linux kernel mailing list, the other a more general block on Github. In the last week, these events have both caused active, and sometimes heated, discussions in FOSS developer communities.
The GitHub account of developer Alexander Amelkin has been blocked, and his repositories marked as "archived" - including ipmitool, whose README describes it as "a utility for managing and configuring devices that support the Intelligent Platform Management Interface." Unable to comment on Github itself, Amelkin described what happened on the project's older Soureforge page:
Amelkin works for Russian chipbuilder Yadro, which we described as working on RISC-V chips back in 2021. Microsoft is just obeying US law in this: according to the War and Sanctions database of the Ukrainian National Agency on Corruption Prevention, the NACP, Yadro is a sanctioned company.
However, on LinkedIn, Amelkin disputes his employer's involvement:
Over on Hacker News, commentators seem to be generally in favor of the move, although the discussion on LWN is more measured, pointing out both that there is little threat from server-management tools like this, but that Microsoft probably has no choice.
Amelkin is not alone. Over on the Linux Kernel Mailing List, a contribution from Sergey Semin has been refused with the terse notice:
Semin is a developer at chipmaker Baikal Electronics, a company whose website has been suspended for a year now, as we noted a year ago in a story that also mentions Yadro. We were reporting on Baikal's efforts to develop its own CPUs nearly a decade ago, mere months after the Russian annexation of Crimea. And once again, there is spirited debate over the move on the Orange Site.
Last summer, the Reg FOSS desk speculated whether renewed Russian investment in Linux as a result of Western sanctions might result in improvements and patches flowing back upstream. It looks like the answer here is an increasingly firm no, but not because Russian developers aren't offering them. They are - but their efforts are being rebuffed.
This seems backward to us: the aim of sanctions is to impose additiuonal costs on the bad activities of hostile nations, or to cause them to reconsider their bad behavior. The aim is to make these countries better behaved and more cooperative with others. Code sharing is good behavior: it takes effort to share your code, and it benefits everyone with whom it is shared. Refusing code contributions because they are from aggressive actors does not hurt or hinder any Russian organization. It doesn't matter what uses the companies offering it have for the code they are sharing. It's irrelevant if the uses are military or peaceful civilian ones.
Marking a Git repository read-only doesn't stop anyone getting or using the code. The whole point of Git is that it's decentralized. An archived Github repository can still be cloned or forked, and developers can keep working on their local repositories, and sharing them with each other inside the country... or, of course, simply duplicate the code on a Russian-hosted site. If those didn't already exist, they very soon will, just like Chinese Git host Gitee.
These actions don't inconvenience Russia in any way. The measures don't prevent Russian companies from working on the code, or using it however they wish. It doesn't even make it more difficult for them. It merely means that the rest of the world can't benefit from it.
Political choices aside, we suspect that simple human nature may well mean that anyone thus rebuffed will probably stop trying to share their efforts. Sanctions preventing use of proprietary software are a good idea. However, we already know that the result is a substantial expansion of FOSS use and adoption inside Russia and China. (It's already used inside North Korea). Sanctions against FOSS development are a terrible idea: they just mean that any improvements that work will benefit only the countries being sanctioned, and hurt those enforcing sanctions. ®
Our thanks to Reg reader Ville for drawing our attention to this LKML post.
Will be followed soon after by SLE 15 SP 5 as org continues prep for ALP
Boffins and machines write very differently - and it's easy to tell
Brush up on your coding - more tech jobs are going to be hybrids that mix ops and software, or require AI skills
Suggest that Zuck has yet again unleashed stuff without a thought for the downsides
WWDC And makes developer-grade OS betas available to all ducking loyalists
Deadly accident said to be unavoidable
This could be a useful way to show what you're up against, or give the clueless a stick to beat you with