Russian developers blocked from contributing to FOSS tools
The war in Ukraine is bad and wrong… but does blocking these contributions help Ukraine?
Opinion Code is being refused if it comes from developers in sanctioned Russian companies… but it's not clear if this is an effective move. Cui bono?
The Reg has seen two recent incidents of Russian developers being blocked from public development of FOSS code. One was a refusal on the Linux kernel mailing list, the other a more general block on GitHub. In the last week, these events have both caused active, and sometimes heated, discussions in FOSS developer communities.
The GitHub account of developer Alexander Amelkin has been blocked, and his repositories marked as "archived" – including ipmitool, whose README describes it as "a utility for managing and configuring devices that support the Intelligent Platform Management Interface." Unable to comment on Github itself, Amelkin described what happened on the project's older Soureforge page:
Sorry to say, but on March 1st without any prior notice or any explanation whatsoever, GitHub has suspended my personal account and made orphan all the projects that I owned/maintained.
That includes ipmitool and frugen.
This mailing list and the old sourceforge project page are the only means of communication with you that I have left. I am currently searching for a way to unblock my GitHub or (less preferably) migrate ipmitool once again to another less hostile service.
Amelkin works for Russian chipbuilder Yadro, which we described as working on RISC-V chips back in 2021. Microsoft is just obeying US law in this: according to the War and Sanctions database of the Ukrainian National Agency on Corruption Prevention, the NACP, Yadro is a sanctioned company.
However, on LinkedIn, Amelkin disputes his employer's involvement:
You may rest assured that this "sanctioned corporation" takes no part in this awful war, and even if making civilian server products can be viewed as somehow taking part, that part is definitely far less than what, say, BMW or Bosch took in WW2, yet nobody seems to have cancelled them or at least remembered what they've done, let alone their individual employees. All this is stupid, xenophobic and racist. Especially you labelling me as a terrorist on the basis of my ethnicity.
Over on Hacker News, commentators seem to be generally in favor of the move, although the discussion on LWN is more measured, pointing out both that there is little threat from server-management tools like this, but that Microsoft probably has no choice.
Amelkin is not alone. Over on the Linux Kernel Mailing List, a contribution from Sergey Semin has been refused with the terse notice:
We don't feel comfortable accepting patches from or relating to hardware produced by your organization.
Please withhold networking contributions until further notice.
Semin is a developer at chipmaker Baikal Electronics, a company whose website has been suspended for a year now, as we noted a year ago in a story that also mentions Yadro. We were reporting on Baikal's efforts to develop its own CPUs nearly a decade ago, mere months after the Russian annexation of Crimea. And once again, there is spirited debate over the move on the Orange Site.
Core-JS chief complains open source is broken, no one will pay for itSEE ALSO
Last summer, the Reg FOSS desk speculated whether renewed Russian investment in Linux as a result of Western sanctions might result in improvements and patches flowing back upstream. It looks like the answer here is an increasingly firm no, but not because Russian developers aren't offering them. They are — but their efforts are being rebuffed.
This seems backward to us: the aim of sanctions is to impose additiuonal costs on the bad activities of hostile nations, or to cause them to reconsider their bad behavior. The aim is to make these countries better behaved and more cooperative with others. Code sharing is good behavior: it takes effort to share your code, and it benefits everyone with whom it is shared. Refusing code contributions because they are from aggressive actors does not hurt or hinder any Russian organization. It doesn't matter what uses the companies offering it have for the code they are sharing. It's irrelevant if the uses are military or peaceful civilian ones.
Marking a Git repository read-only doesn't stop anyone getting or using the code. The whole point of Git is that it's decentralized. An archived Github repository can still be cloned or forked, and developers can keep working on their local repositories, and sharing them with each other inside the country… or, of course, simply duplicate the code on a Russian-hosted site. If those didn't already exist, they very soon will, just like Chinese Git host Gitee.
- UNIX co-creator Ken Thompson is a… what user now?
- Reg FOSS desk test drive: First beta of Fedora 38 drops
- AmigaOS 3.2.2 released for those feeling nostalgic
- Pop open a cask: Homebrew version 4.0.0 is here
These actions don't inconvenience Russia in any way. The measures don't prevent Russian companies from working on the code, or using it however they wish. It doesn't even make it more difficult for them. It merely means that the rest of the world can't benefit from it.
Political choices aside, we suspect that simple human nature may well mean that anyone thus rebuffed will probably stop trying to share their efforts. Sanctions preventing use of proprietary software are a good idea. However, we already know that the result is a substantial expansion of FOSS use and adoption inside Russia and China. (It's already used inside North Korea). Sanctions against FOSS development are a terrible idea: they just mean that any improvements that work will benefit only the countries being sanctioned, and hurt those enforcing sanctions. ®
Our thanks to Reg reader Ville for drawing our attention to this LKML post.