
How Microsoft stole my code and then spit on it - infodroid
https://threadreaderapp.com/thread/1002696910266773505.html
======
martinwoodward
Hey – I’m Martin Woodward from Microsoft. I have talked to Jamie and are
investigating his concerns and will come back to this thread with any
findings. An initial review hasn’t indicated we’d previously heard about this
issue. We’ve also reached out to the original copyright owner to ensure we’re
taking all the needed steps. If anyone has concerns or spots an issue where a
project is missing correct and full attribution then please log it as an issue
with the project or contact opensource@microsoft.com and we’ll be sure to take
action right away. We have over 1,800 repos in the Microsoft org and thousands
of Microsoft engineers contributing to open source. We try really hard to get
it right, and we take this very seriously.

~~~
martinwoodward
FYI - I created this issue to track any fixes needed:
[https://github.com/Microsoft/web-build-
tools/issues/673](https://github.com/Microsoft/web-build-tools/issues/673)

------
harrygeez
What happened was truly awful, but I don't think it's fair to blame MSFT when
probably what happened was a few employees trying to take all credit for code
they didn't write. From the thread it seems that he did not reach out to MSFT
via any official channels and only informed "people he knew at MSFT".

~~~
hliyan
Unfortunately, the thing about corporate personhood is that corporations are
responsible for the actions of their employees. Unless of course, they can
show that the employee was acting against explicit instructions or policies.

~~~
djajshgsjja
Without a doubt, stealing code like this is against policies at Microsoft.

~~~
jen20
So, someone should be fired for violation of these (serious) policies?

~~~
lobotryas
If what the author says is true then yes. Unfortunately they really bungled
their case by trying to reach out through unofficial channels first.

~~~
swerveonem
Why does reaching out informally bungle the case?

------
TheWiseOne
There isn't a single link to a commit, file or repo that shows the
similarities between the two code bases, let alone alleged plagiarism. It is
conceivable that they truly are two different projects that happen to be
developed around the same time. It's not the first time that has happened.

I wish the author actually substantiated his claims a bit better.

~~~
eicnix
I also seems like the projects have different architectures. The author
claimed they were copying his code and modifying it for their "weird event
system they added". It is not clear to what degree they changed any of his
code or if they only used his project is an inspiration.

------
jimrandomh
Based on this description, it sounds like an employee committing plagiarism in
order to defraud their boss. Retroactive editing of the commit history is
particularly suggestive; it implies someone tried to cover their tracks.

~~~
hungerstrike
Are you sure that it wasn't Microsoft, the corporate person? They are a
company of 35,000 people and I'm quite sure that they always act in unison.

Also, when some random blogger contacts Microsoft and asks Microsoft to do
something about something, then Microsoft better stop what they're doing and
listen!

Enjoy your Microsoft-hate-train all. _yawn_

~~~
dang
Please don't do sports-team-style BigCorp flamewars on HN. It's not
substantive and leads to worse.

~~~
hungerstrike
You’re kidding right? I’m responding to the one that already going.

~~~
dang
Sure, but please don't. That's going the wrong way down a one-way street.

~~~
hungerstrike
Oh, OK so you’re not going to say anything to people who are fucking putting
all the anti-Microsoft bullshit out there and just say something to me because
I disagreed?

------
ms013
I just dug around in the rush GitHub, and was surprised to find no pull
requests by the author of Lerna trying to rectify the missing copyright ("Hey
guys, you forgot to keep my copyright in there since this is a fork of Lerna,
so here's a pull request"), or any issues raised ("The copyright of my MIT-
licensed project is missing. What's up with that?").

The only instances of lerna being mentioned are people who use or work on rush
mentioning differences between the two projects.

Assuming the lerna author is accurate, why just the angry blog post? If I had
contacted MS and raised the issue via email, and nothing happened, I would
have started raising issues on the project GitHub and making pull requests to
rectify the situation. Not only could that actually work to resolve the issue,
but the discussion would be public.

~~~
gcb0
You are assuming someone who is scrambling to change function names and hide
git logs will be going back to the code they stole to re-check for an update
license?

a pull request would be the same as an email or blog post at this point. it is
just a way to communicate. why is a PR better then what they are doing now?

~~~
ms013
It would be publicly visible on github, such that the community can see the
dispute and the response (or lack thereof) from the other project. While it
won’t necessarily fix the problem, it is more visible.

------
parvenu74
If true then it’s bad faith use of open source at MSFT and not typical of
them. Have you tried contacting Scott Hanselman - @shanselman on Twitter - or
anyone else via twitter instead of “normal” channels? One of the great things
about the Devs at MSFT is that they are very responsive on twitter. If someone
was being a douche with your code then the right people haven’t gotten the
message yet.

~~~
AnIdiotOnTheNet
> If true then it’s bad faith use of open source at MSFT and not typical of
> them.

Only if you ignore pretty much all of Microsoft's history.

~~~
smaddox
Clearly you ruffled some feathers, but I have to agree. Microsoft playing nice
with open source is a very new phenomenon.

------
JdeBP
> _Files and directories were named the same things, it had many of the same
> core functions with code that I distinctly remembered writing._

Here are the respective codebases as of Christmas Day 2015, 21 days into the
lifetime of one and 11 days into the lifetime of the other. They do not appear
to match that description.

* [https://github.com/lerna/lerna/tree/9aabe1664399d5f233a89d37...](https://github.com/lerna/lerna/tree/9aabe1664399d5f233a89d373fc2101625bf174c)

* [https://github.com/Microsoft/web-build-tools/tree/c4bb2127e6...](https://github.com/Microsoft/web-build-tools/tree/c4bb2127e67522c69a19f7cd8cd90bb6fc663a35)

------
bigtunacan
I will start by saying I'm not giving Microsoft or the "Rush author" a pass on
this.

Obviously the license was broken by removing the copyright notice of the
original author, but it also doesn't sound like the author really did anything
to try and handle the issue properly so now they are posting a rant.

Here is the extent of what the author did, "So I reached out to people I knew
at Microsoft. This was probably a year ago now. They were shocked and
apologized. But since then nothing has happened."

We don't know who those people are, what they're roles are, but I suspect they
are not involved with the Rush project nor is it their job to handle potential
copyright violations for all of Microsoft.

The author could have posted an issue to the repo expressing their concern. If
this was ignored then they could issue a DMCA takedown notice through GitHub.
If this was not successful then the author could contact Microsoft legal or
file a lawsuit.

------
hungerstrike
Lerna was released with an MIT license as was Rush.

So, nothing was stolen and if the story is true, the only infraction here
would be that the Lerna copyright line was not included in the Rush license.

~~~
dvfjsdhgfv
So you have just one single thing to do, and you don't do it - how can you be
trusted then?

~~~
hungerstrike
Do you disagree about what the actual infraction was here if the story is
true?

My comment isn't about trust, it's about what the actual infraction was.
Microsoft is made up of 35,000 people. There's no way I trust all of them. Of
what company do you actually have trust in every employee?

------
TheRealDunkirk
"The consolidation of our infrastructure is dangerous."

Have we not learned our lessons yet, by boiling, basically, the entirety of
the internet down to Google, Facebook, Twitter, and Reddit? (And maybe
Amazon.) The trend in the US capitalistic system towards monopoly is
inescapable, and harmful in so many ways.

------
msie
The developer’s twitter pic is distracting. He has a point but I have a hard
time taking him seriously. That’s just me being an old man i guess.

