Hacker News new | comments | show | ask | jobs | submit login

I’m going to be a bit contrarian to “the sky is falling” posts on HN and say: I think Microsoft is handling this really well.

1) They’ve acknowledged the skepticism around the acquisition.

2) They’ve expressed their commitment to keep GitHub an independent platform (like they did with LinkedIn.)

3) Nat Friedman, although I was not familiar with him prior to this, seems like an ideal candidate to run GitHub.

This, overall, is giving me a more positive impression of Microsoft. Now what remains to be seen: Will they follow through on these commitments? Will they continue to listen to the community?




I agree, my biggest concerns are:

1. What is happening to Atom? I have tried VS code and don't really like it due to the difference in how the 2 systems are designed to work (Atom being more "plugins are king", VSCode being more "kitchen sink included by first-party"). I'd hate to see my favorite editor lose it's major backing. If MS makes a commitment to continue to develop Atom, or they work with someone else to "transfer" development over to them in a way that's not half-assed, it would go a LONG way toward solidifying the trust they are trying to build (at least to me).

2. How will other companies who are hosting on GitHub react to this? Will Facebook/Google/Apple start pulling their code from GitHub? Will we go back to having to learn how to contribute to each project individually?

There's definitely major benefits for diversity in this area (meaning not having the vast majority of projects on one platform), but I'm hoping we (as developers in whole) don't throw the baby out with the bathwater here.

GitHub has by most accounts helped bring in a renaissance of open source software. It's never been easier to contribute to FOSS at any level, and I'm hoping we don't lose that as everyone diversifies where they host their source code...


> Will Facebook/Google/Apple start pulling their code from GitHub?

For these companies who owned GitHub hardly plays a role. They want to attract developers and go wherever the crowds go. If there is mass migration to mercurial-superhost.com they will follow. It's just an outlet.

The question is more relevant for companies and communities who built their infrastructure on it and might worry for good or not so good reasons.


I think public code will still live on github, but I See FAANG 100% avoiding any private github repos from now on.


Bigger tech companies not only do not host important private source code on Github but won't even host on outsourced physical servers. Where I've worked (incl. well-known names), information that we wanted spread to the world could be hosted on trusted external systems (trust still mattered to keep it from being "edited"), but non-public info was always hosted inside a physical building that we owned watched 24/7 by human guards we employed.


MS employee here:

Long before the acquisition, we've been hosting important stuff in private GitHub repositories. Including having strategic discussions in those private repositories.

We've also done a lot of that stuff in public too. Some might say a bit too much, given that we've had things leaked and/or misinterpreted w.r.t product direction in the past.

I still agree with your point, but I believe more of this sort of thing is happening. Lots of stuff that has no real reason to be private is just being open source by default.


> Long before the acquisition, we've been hosting important stuff in private GitHub repositories. Including having strategic discussions in those private repositories.

Wow! I am very surprised by that. Is that an officially allowed policy? Or is it something that is "don't ask for permission, ask for forgiveness"?


Yes, it's absolutely an allowed policy. When we made .NET (Core) open source, we meant it. We still use email like any other org, but whenever we're working on our product we try to keep discussions on GitHub. It's also made collaboration with other teams far, far easier.


How so? What was going to be controlled, by whom?


I assumed that Microsoft has security policies to ensure that all confidential information (e.g. non-open-source code and strategic discussions) is stored on infrastructure controlled by Microsoft.

The company I work at is very careful about keeping our intellectual property on our infrastructure, and I am surprised that a larger company like Microsoft doesn't have similar policies.


Microsoft aims to make most of its money in the immediate future by convincing every major business in the world to let MS host that company's email, internal documents, spreadsheets and powerpoints on Microsoft's office365 servers.

It would be highly contradictory for MS to take the position, as a matter of policy, that it is too risky for them to ever place confidential business data onto a third party cloud-hosted SaaS system, because that is precisely the risk they are asking every one of their customers to take.

Similarly, if you have concerns about putting your company's source code into GitHub now, you should be equally concerned about putting your company's prerelease annual report on the office365 onedrive.


My company is concerned about that as well. We don’t use any cloud storage from Microsoft or anyone else, and we self host Exchange and SharePoint servers.

That is a good point though, it’s becoming more and more inconvenient for a company to self host everything. Microsoft does stand to benefit from everyone becoming more accustomed to relying on 3rd party services in the cloud.


Serious question: do you think your company has better security than the Azure cloud? Or is it a trust issue with the cloud vendors themselves?


.... and if you don't trust Microsoft: Why use Exchange and such? :-)


Better is relative - especially in one metric: many eggs in one basket make that basket exponentially more attractive to evil actors. Bigger attack surface and whatnot...


Flipside (pro-cloud pov): if the work to protect one egg applies to all eggs, then cloud providers will always hypothetically be able to spend more on security due to economies of scale

Essentially, choose your vulnerability: cloud provider single point of failure or in-house lack of resources


Yup. It all boils down to a business decision, the technical merits are not prevalent for either case.


Maybe info sec drove the decision to purchase github because that was the easier way to reign in the data leak. =)


> I assumed that Microsoft has security policies to ensure that all confidential information (e.g. non-open-source code and strategic discussions) is stored on infrastructure controlled by Microsoft.

It depends on how important the code is.

I don't imagine MS will ever move Office or Windows to external servers, but a lot of other stuff is fair game.

There is always a security/convenience trade off.


I'm almost sure you mean private repos on github.com, but just wanted to confirm it. You don't mean corp github right?


Yep.


Not entirely true. Microsoft puts (almost? Yet to find anything that isn't) all our code on VSTS which is accessible remotely, without VPN. I've checked in a (very very minor docs) fix to the Windows code base from my Android phone over LTE.


That's amazing. Contrast that to my friend who works on code at Apple that's so guarded that he can't even access it from Apple HQ. He has to travel to his office in an unmarked Apple bldg several miles from HQ (in an unmarked van) and access the code from inside the bldg. Any attempt to work on his code outside that bldg, on the Apple employee shuttle for example, will result in immediate firing with possible criminal charges. Admittedly, that's not the usual Apple employee, but the contrast between that and Microsoft's, which may as well be hosted on a set of Chinese night market DVDs, is LOL-worthy.


LOL-worthy

and yet, which company released an OS update with an open root account with no password, patched it in a way that broke file sharing, then a couple of months later released an update with another password bypass bug? Hobbling people with security theatre isn't begetting good or secure code.


Opsec and AppSec usually handled by different teams :)


This sounds proportionate if a state might go after the code. For example phone encryption might be a big prize for the Chinese or even American government.

Microsoft actually hand over OS code to states regularly for certain contracts so I figure they don't need to protect most of thier code like that.


I disagree. Phone encryption should ideally be open source-able and it's security should rely as entirely on a device specific key as possible.

I think this makes more sense for a secret project (e.x. the next iPhone), but honestly as a security person it seems overkill for anything outside national security responsible code, like state sponsored malware.

I also find it strange that the code is apparently somehow accessible outside that building (see the fired comment). If this was anything beyond security theatre, it'd be on an airgapped network and that wouldn't even be a concern (as the employee wouldn't be able to access the code from their laptop). Seems excessive for very little gain.


I wouldn't take SiVal's comment as ground truth. I think it conflates rules for general employees with rules for his friend, and mixes it with a dash of unfounded hyperbole (criminal charges?).


The code isn't available outside the building unless someone takes it outside, which they make clear is not only a fireable offense but might qualify as criminal. They made it quite clear: If you're in crunch mode, don't be tempted to just take a bit of work with you to get a bit more done on the long shuttle ride.


Fair enough. I obviously don't know your friend or his project, so I can't with certainty say anything about his situation. I viewed your post through a critical lens because the details given didn't match my experience or the experience of any of my old colleagues, and you are a second-hand witness.


I am going to agree with what doctorsher said in response to your comment. I can confirm that what SiVal said is not a typical experience in Apple.


For reading, I agree, but if you're making changes it is a different story.


This has to be something very mission critical like phone encryption. No way this is the norm even at Apple.


I thought it was widely known Apple was extremely secretive, compared to the broader tech company at the very least.


> unmarked van

You may think it’s unmarked, but if you know how to spot them they’re very easy to pick out.


If I was an intelligence agency, I would do the trivially obvious thing and only use "unmarked cars" when I didn't care about being spotted, and an actual nondescript vehicle the rest of the time.


What's the difference between an "unmarked car" and a "nondescript vehicle" ?

You think the CIA would do their clandestine work on cars labeled "CIA" ?


> What's the difference between an "unmarked car" and a "nondescript vehicle" ?

Unmarked police cars often have multiple radio antennae, flexible lights, and even government plates, they simply lack explicit police markings and light bars.


Surely an unmarked van owned by Apple would have none of that?


The point is that the "unmarked" vehicle sticks out as unusual even without having "Apple" or "Police" emblazoned on its side.


Yeah, which is hosted on Azure, a data center that Microsoft owns and employs guards for, and secured behind our standard corporate authentication. :) (Source: I work at Microsoft, near the VSTS team.)


> Yeah, which is hosted on Azure, a data center that Microsoft owns and employs guards for, and secured behind our standard corporate authentication. :)

Way back when, Microsoft used to host a bunch of auth servers for banks. A friend of mine mentioned an armed guard in front of the data center for that particular service.

I've worked on teams at MS where there was a (non-armed) guard checking everyone who got off the elevator, but before I joined MS I was once left alone in a room full of computers open to the Windows source tree, wearing my "do not leave guest unattended" badge.

Mileage might vary and all that.


Yeah, all I was really saying was that the grandparent's comment and the parent's comment weren't in opposition.

Microsoft owns the data center the code lives in and certainly takes care of physical security.


The only thing a VPN would do in this case is hiding that you're even accessing VSTS and providing modest proteaction against MitM attacks. You still have to use 2FA to log in, and the code you access is still logged.


VPN puts you on corpnet. And yes, I'm well familiar with our various account protection techniques (I work on the token server) - I was calling out that some companies trust their systems enough to make it remotely accessible, not saying it's a bad thing that I could be productive on the bus ride home.


Github offers an enterprise version and I know of at least one big company which hosts their code there.


Note that this doesn't preclude the possibility of an on-prem Enterprise Github setup.


As an owner of several Google org repos on GitHub, I can vouch that this is definitely true. Only open sourced code goes into GitHub. Private repos are only used for staging purposes thereof, i.e. getting a release of open source code ready prior to the world visibility bit being flipped.

We would definitely never store our proprietary code on systems run by anyone else, regardless of who runs/owns them.


They already did. Except maybe for test setups and to configure a project before announcing it.

All those companies keep their privates private. GitHub is just a public showroom for them.

Again this is different for other/smaller companies.


Ah, I think that's how it's always been. What's the difference between me running my small company out of Azure, and keeping the source code in GitHub, now that Microsoft owns it?

Nothing changes immediately for any of us, to me the biggest concern is what happens after those roadmapped projects have run through. What goes next on that roadmap, and will it stick to the principles I love about GitHub, or will it start to veer into Microsoft's territory?


FAANG, I've never seen this before! Facebook, Apple, Amazon, Netflix, Google?


Correct, It's often used in modern context when talking about what stock is powering the market right now. It's a "FAANG" market.

EDIT: https://www.investopedia.com/terms/f/faang-stocks.asp


Oh, it's a stock thing? It makes more sense as Wall Street slang - in terms of the technological landscape, one of those companies is so obviously dissimilar to the others that the phrase makes little sense.


I don't understand by what metric Netflix is included but Microsoft is excluded. It should really be FAAMG, or maybe FAMANG.


The acronym was coined in 2013 to describe the best-performing tech stocks at the time. Microsoft's resurgence hadn't really happened yet. The acronym was so convenient that no one's updated it except to add Apple (which didn't require a change in pronunciation).


Well in this very specific context, it's hard to imagine that Microsoft will be avoiding using GitHub just because it's owned by Microsoft.


FAANG is used very generally to refer to these five companies. It's not just in this specific context. I'm wondering why Microsoft is excluded.


I see Big Four (Google, Facebook, Amazon, Microsoft) more often than FANG although that is obviously confusing on Wall St where that phrase usually refers to the large accounting firms. Apple is excluded because it is a hardware company not a software company although sometimes it is subbed in for one of the others, depending on who is using the phrase.


If you include MS, you have to also include IBM. FAMAING.


I thought the N was Netscape, a major competitor to Microsoft (browser and server) and Google (browser)


Netscape was a competitor to Microsoft in the 90s, and it has never been a competitor to Google.


I thought they already have their own version control systems?


"For these companies who owned GitHub hardly plays a role. They want to attract developers and go wherever the crowds go. If there is mass migration to mercurial-superhost.com they will follow. It's just an outlet.

No-one's going to join a company because of which front end to git they use. It's more a question "do Apple/facebook etc want Microsoft to have all of their private source code to look for exploits/rip off/hand over the government etc etc"?


First, as pointed out elsewhere, the Apple/Facebooks of the world already aren't putting their private repos on any external service (perhaps they rent iron on a cloud, but certainly not SaaS).

Second, this is the same business model as Office 365, and I'm not aware of that raising any particular eyebrows outside of the fairly limited crowd that can't trust anyone. If you're cool with entrusting your email to Microsoft, your source code is not a great leap.


> Atom

I could be wrong but my perception is that Atom is losing market share to VSCode all on its own– new devs are much more likely to adopt vscode & no growth ~= decline for an editor. Couple that with the fact that no one pays for Atom...

IMO They don't need to "kill" atom, they just need to wait a couple years, at which point it will just Yet Another Editor down the list with TextWrangler et al., if the next Atom doesn't come along and hasten its decline even further.


This sounds entirely anecdotal. I haven't seen any significant exodus from Atom to VSCode among people I interact with. It seems like folks moving from other editors are about as likely to choose Atom as VSCode, and the things that used to lead to people choosing one or the other (i.e. performance, VSCode only opening one project at a time, the stupid huge icon bar in VSCode, etc.) have been resolved...Atom is now reasonably fast, VSCode can open multiple projects and you can close the stupid bar. I tried them both and ended up with Atom (and vim, where I actually still do most of my work, but new JavaScript projects are in Atom).

Atom still has more plugins, or did last time I looked (which was, admittedly, quite a while ago), and I think the ecosystem is a good indicator of how many people are actively using something.


The 2018 Stack Overflow Developer Survey [1] puts VSCode at almost double the number of developers compared to Atom (34.9% vs 18%). You're right about the package count: atom.io lists 7654 packages, compared to 6802 at marketplace.visualstudio.com, many of those being color themes (some seem generated and machine-published, too). That said, workflow for extension authoring in VSCode is amazing, the community is very much alive, and sometimes it almost feels like there's an "extension for everything". Quality may vary, naturally.

[1] https://insights.stackoverflow.com/survey/2018/


Wow, that's surprising. VSCode is not just (far) ahead of Atom, it's the leader on that survey. I'll have to give it another look. Last time I used it, it had far too many annoying characteristics.


> VSCode is not just (far) ahead of Atom,

Tutorial eco-system as well. When I jumped into JS development, all the getting started guides had Install VSCode as step 1.

So now I use VSCode.


> This sounds entirely anecdotal. I haven't seen any significant exodus from Atom to VSCode among people I interact with.

Were those two sentences in the wrong order?!


Anything that came out after vi is just another editor.


I picked up emacs in 1993 when I first got my hands on a unix system, and it was the only thing there that made remotely any sense. Fast forward to 2018, I'm still using emacs, and the upside is I haven't had to learn anything new in the intervening 25 years.


Please refrain to divert the discussion towards operating systems, we're talking about text editors here, for which ed is the standard.

https://www.gnu.org/fun/jokes/ed.msg.html


I very much share the sentiment and I’ve been using Vim (recently Neovim) pretty much exclusively for the last ~20 years. But VS Code “just works” to such an extent that I’m seriously tempted to use it.


(OT editor wars)

This was me basically 100%. If you're doing JS development, VSCode gives you so much out of the box it's hard to bring myself to even attempt to configure Vim to do all that, even if it is ""totally possible."" I miss the advanced text manipulation capabilities from vim (along with a few other things) but the upside of VSCode is just too great.


What is vi? Lol


It’s the successor to v.


I thought it was the successor to ex.


Personally I've seen more people using Atom than VSCode, but that is just anecdotal.


Fellow Atom user here. According to Lee Dohm, Open Source Community Manager at GitHub, "Atom remains key to GitHub. Our product roadmap is set, and the team will continue all of their work." [0]

[0] https://github.com/atom/atom/issues/17454#issuecomment-39442...


A product roadmap is set until it changes. "I am altering the deal. Pray I don't alter it any further".

Besides, Microsoft has enough PR skills to avoid unpleasant announcements about redundant products for a while after an acquisition they know to be worrying.


In a buyout, always be sensitive to situations where promises of status quo come from someone who is not in control of the situation.

Quite common for new owners to let old employees make promises they can’t keep and then make them disappear and change plans.


This.

Not saying that Microsoft has a plan to 'embrace extend extinguish', but if they did, this is how they would go about it.


> and the team will continue all of their work

Until they aren't. I really don't see MS putting work into two code editors that are in direct competition with each other. I'm sure they'll let the dust settle for a while, but Atom will vanish from Microsoft's product list. No doubt.


I actually really like Visual Studio Code, I could imagine a great product coming out of the marriage of Code and Atom. I could also imagine infighting killing Atom, but I’ll try to be optimistic.


Until the deal closes.

Then... who knows.


The really nasty changes always seem to come at the beginning of the second fiscal year after acquisition. So meet me back here in 18 months and we’ll talk.


Obviously Microsoft doesn't want or need two open source editors. I think the smart move would be what I call the Adobe strategy.

Github should announce that Atom has become an Apache foundation project. Github then says it will provide x number of developers for an initial three year period. Probably won't make everyone happy but it should defuse most of the angst.


Ah yes, Apache Foundation, the place where ambitious but under-resourced projects go to die. /s


You joke but, for the vast majority of projects, it's kind of true. It's gotten to the point where, if it's not out of incubator, I have a really hard time convincing any one of my colleagues to put any time into projects hosted there.


I've got a few friends that are still very involved in the Flex community which is now at the Apache foundation. Adobe if I remember correctly is still funding staffers to work on Flex many years later. I believe Flex is either the second or third most successful project at Apache in terms of downloads.


Thought you were talking about the good old lexical analyzer "flex" there at first.

How silly of Adobe to name it like that. :D


RE> I believe Flex is either the second or third most successful project at Apache in terms of downloads.

How can that be given that Adobe is killing the flash runtime?


The team has created a ActionScript to JavaScript compiler so it will have a future without the Flash runtime.

https://cwiki.apache.org/confluence/display/FLEX/Flex+JS


I talked to the flex team a couple of years ago - and they did not think this was possible. I wonder how complete it is. At the time they said though Actionscript claims to be ECMAScript it is far from Javascript in very fundamental concepts they are based on such as inheritance and encapsulation (AS) and closures (JS).


> 1. What is happening to Atom?

Funnily enough, this was my immediate concern, followed by Electron generally. It actually prompted me to go all-in on Vim: I've used Vim in terminals for a very long time, but never found a graphical Vim that I liked. Happily, I've now found Oni, which provides a VS Code-like interface around Neovim: https://www.onivim.io

Git hosting and the associated tools are replaceable, the strength of GitHub is the network effect, so we'll have to see what happens. Regardless of what happens, we've progressed a long way from Subversion and BugZilla, so I don't mind if projects move to a more diverse set of modern hosting. Personally, I'll put my own public repositories whereever the community goes.


> What is happening to Atom?

Since they said Github will remain independent, so Atom will, I think. Maybe I'm too optimistic but when I think about VSCode's business model, promoting Azure rather than selling the editor itself, they have no reason to kill Atom. They might be integrating Azure with Atom.


This is exactly what they will do. Make it easier to connect to azure. It might just work.


I wouldn't be worried about Atom; half of Facebook is using it; if anything were to happen, they would fork it.


While i'm confident that Atom will not "die" any time soon, if MS pulls the team that's currently working on new features and reassigns them, then at best it's going to be a large blow to the project.

A fork won't have the same team working on it, a fork won't have the same domain knowledge over the internals, a fork won't have the roadmap or what was currently planned and how to do it, a fork won't have the same unified development effort (if MS "kills" atom, FB won't be the only one picking it up, there will absolutely be others that won't like the direction FB is taking, and now you don't just have Atom, you have AtomFB, Atom2, NuAtom, etc...)

It won't be that big of a deal at the end of the day (it's not like there is a shortage of competition in this area), but I would be much more on-board with this if MS handles Atom well.


Nuclide (https://nuclide.io) is what FB uses/develops internally. I think even if the original team departs, they are going to be just fine. They could hire the original team right away if needed.


MS wouldn't pull the team; it would be GitHub that pulls the team. GitHub is operating as an independent company.


It is, now. A year down the road...?


So MS is just going to pay engineer salaries to maintain a free tool used by FB?


The way I see it, it's not worth the risk of Facebook forking it and essentially getting control of the community of developers who are using Atom. A better way to do it IMHO, as other people in the thread mentioned, is just integrating Microsoft products like Azure to promote their enterprise offerings (where they make their money).

Eventually, though, they might want to allow an easy transition to VS Code in some way to cut redundancies but doing it too soon would anger too many people. Atom seems to be losing market share anyways.


I'm curious if Electron will get a boost of some kind now. Considering how famous/notorious it is, MS could get a hell of a lot of goodwill here if they invest in the tech.


(consumer) Skype is famously Electron based. Microsoft has already been investing heavily in the project and I think we will see them double down on their commitment now that they own GitHub.


More likely, they will make the new, NEW Windows API essentially Electron. Instantly Electron apps run better on Windows because each app doesn't have its own browser runtime taking ip disk/RAM.


The Microsoft/Windows implementation of PWA is already basically this


They're reinventing HTA, in other words. Oh the horror!


I'm sure we can look forward to the next electronconf not being cancelled.


Wouldn't that mostly look like an investment in v8?


Or a common API where it uses Chakra on Windows and V8 everywhere else, until someone plugs in Webkit or some other engine for other OS'. Wishful thinking :)


My biggest concern is that the FBI has turned Microsoft into a "one-stop shop" for its National Security Letters, which at one point represented 40 percent of all the requests Microsoft got from the FBI.

How will Microsoft/GitHub handle such secret requests? Will Microsoft even sue the DoJ to stop it - or will they settle again the moment they obtain a small compromise from the government?


Contributing has always been different for each project and I don't see any real benefit by using github regarding that topic.

Biggest hurdles normally are: - big chunk, own branch, small chunks? - Contract to sign? - signed commits, unsigned commits? - changelog file? - patch via mail? - extra review tool? ...

In the end it's always a git push. Github only makes it look more beautiful.


I had the impression VSCode had the technical superior plugin system and I found it much more performant.

Atom had more plugins for some time, but they had mediocre quality.


> I had the impression VSCode had the technical superior plugin system

From my very limited exposure to VSCode's plugins, it seems they are a lot more limited in how they can change the editor's behavior compared to elisp code in Emacs[1]; if Atom plugins are similarly flexible, then I'm not sure you can say it's (strictly) technically superior if you can only implement a small subset of what you can do in competitor's system. At most it's better at some tasks and worse at others if this is the case.

[1] I didn't say "Emacs plugins" since there is no distinction between user-written elisp code and core editor elisp code and you don't need to create any plugin project or such, which I think makes for a much more organic and pleasant customization experience.


Technically superior could mean in this case that a rogue plugin does not affect the core editing experience. Having a fixed extension API, if the API is well done, could provide that.

You lose flexibility, you gain stability, discoverability, speed, etc.


I meant superior to Atom and not to Emacs.

As far as I know, the VSCode plugins run in their own process, which makes the editor much more responsive when it loaded many plugins.


I was assuming that Atom extensions were similarly powerful as in Emacs, if that's not the case, then my point is moot.

I agree that restricting what plugins can do can lead to better stability and speed at the expense of extensibility.


> I found it much more performant

Sincere question: Does "more performant" simply mean "faster"?


Oh. sorry.

I meant, I found it much more responsive.


I'm more interested in how companies with private repos on GitHub react.


Companies that complete with MS still use Windows, Sharepoint, Office 365, and OneDrive.

Microsoft isn't going to go around snooping competitors' source code any more than they are going to go around snooping competitors' email.


And more relevantly to GitHub, they still use Azure and VS Code and Surface computers and XBoxes and keyboards and etc. etc. etc.

I don't expect Microsoft, as a company, "to go around snooping competitors' source code any more than they are going to go around snooping competitors' email" or Azure infrastructure or code editor or putting loggers in peripherals or any other tinfoil theories.

I _do_ expect some companies to reconsider their policies in light of the acquisition and decide that other options make more sense for them for numerous reasons, including but not limited to not wanting to hand (even more) money over to a competitor for a service they don't necessarily need Microsoft to provide to them, or if they suspect Microsoft will significantly change the existing ToU/ToS in ways those companies would rather not deal with.


Microsoft did snoop through the email account of a blogger who received leaked information[0].

[0] https://www.recode.net/2014/3/20/11624792/blogger-psa-dont-u...


Google doesn't. Do Apple and Amazon?


Did you know Gitlab.com was hosted on Azure?


GitLab was migrating to the Google Cloud Platform: https://about.gitlab.com/2018/04/05/gke-gitlab-integration/

I do not know whether this migration has finished.

More links:

- http://fortune.com/2016/11/14/gitlab-cloud-storage/

- https://venturebeat.com/2018/04/06/why-and-how-gitlab-abando...


Especially those that compete with MS or their subsidiaries. But then again, Netflix uses AWS, so who knows?


I don’t understand your comment about Netflix using AWS. AFAIR, Netflix is a reference customer for AWS. Every re:invent is full of Netflix people. Care to elaborate?


Netflix is paying money to its competitor. i.e. Amazon Prime Video.


Does Prime Video actually make money? It seems like a side project compared to some other Amazon stuff.


Amazon is Netflix's largest competitor.


> There's definitely major benefits for diversity in this area (meaning not having the vast majority of projects on one platform), but I'm hoping we (as developers in whole) don't throw the baby out with the bathwater here.

Perhaps tooling can help with this. Github, Bitbucket, and Gitlab (and I presume some of the lesser used solutions out there) all support some type of forking and pull request model, even though that's not core git. An abstraction layer atop that can hopefully obviate a hard dependency on one platform.


> I agree, my biggest concerns are:

> 1. What is happening to Atom? I have tried VS code and don't really like it due to the difference in how the 2 systems are designed to work (Atom being more "plugins are king", VSCode being more "kitchen sink included by first-party"). I'd hate to see my favorite editor lose it's major backing. If MS makes a commitment to continue to develop Atom, or they work with someone else to "transfer" development over to them in a way that's not half-assed, it would go a LONG way toward solidifying the trust they are trying to build (at least to me).

> 2. How will other companies who are hosting on GitHub react to this? Will Facebook/Google/Apple start pulling their code from GitHub? Will we go back to having to learn how to contribute to each project individually?

> There's definitely major benefits for diversity in this area (meaning not having the vast majority of projects on one platform), but I'm hoping we (as developers in whole) don't throw the baby out with the bathwater here.

> GitHub has by most accounts helped bring in a renaissance of open source software. It's never been easier to contribute to FOSS at any level, and I'm hoping we don't lose that as everyone diversifies where they host their source code...

I started with sublime, went to atom, went back to sublime, and finally moved to vscode.. trust me you can't go wrong. It has everything and extensions.

It's everything I wished for.


This is my thinking as well. Do I bail ship to gitlab and support more open software, or do I try to stay centralized?


Personally, I'm not "bailing" from anywhere.

I am however using this as an opportunity to rely on any one single place less.

I'm in the process of mirroring my git repos on GitLab, and trying to think of a way to signify that both the GitHub and GitLab repos are "canonical", and that issues/PRs/contributions can happen at both.


I do not think the word "canonical" means what you think it means.


> accepted as being accurate and authoritative.

> synonyms: recognized, authoritative, authorized, accepted, sanctioned

That's what I meant for it to mean anyway...


In software the "authoritative" aspect of the definition is crucial.

How can two different endpoints both be authoritative? What happens if they differ?


Then people will be confused, which is why I'm exploring options to ensure they stay in-sync.


I'd recommend simply designating one as master, one as slave. Why try to appoint two captains of one ship?


Because having one as master and one as slave is exactly the problem i'm trying to solve here.

I want both to be master, so that users who are comfortable on both platforms are willing to make contributions to the codebase, so that any one service/system going down won't stop development, and so that as the "community" migrates around different platforms they can always find the full version of the software.

Recommending simplifying a process to the point that it no longer solves the problem it's trying to solve isn't helpful.


Sorry if my comments haven't been helpful. But I don't think the problem you're trying to solve is tractable. I'd be very interested to hear of a solution that doesn't rely on locking and is immune to conflicts.

You might fake it (and meet your stated goals) by maintaining a true master behind the scenes and syncing to two public slaves... (ie, forks you treat as peers, each with a "master" branch) but that still leaves neither of them truly "canonical" -- a designation of authority that would apply to the place where you'd resolve conflicts given simultaneous commits.


Sounds like that would be a pain having that kind of work done in two places.


Which is rather unfortunate for something that all revolves around git.


... and when GitLab inevitably gets acquired by another ${megacorp}?..


Then I'll change part of the URL I've soft coded from ...hub... to ...lab... to ... bucket...


Any reason why you implicitly trust Atlassian?


Does s/he implicitly trust Atlassian?

If anything, that comment makes it clear to me that they're staying mobile because they don't implicitly or explicitly trust any of the current providers.

I think if they implicitly trusted someone, they'd just migrate to them immediately - why wouldn't you?


I don't. I use jira at work. It's shit.


You missed the point of that comment


The reason you can trust Atlassian a bit more because they have more narrow focus on dev tools so less chances that they could become a competitor. Unless you’re developing another (git/bit)(hub/lab/bucket)


Seeing potential in the unused combinations: GitBucket, BitHub, BitLab.


Yes same here. I’m really surprised by all the Microsoft hate as if we were still in the 80-90’s. MS is one of the biggest open source contributors nowadays.

It's also really weird how people idealize GitHub. Did they forget GitHub was not a non-profit association, they were losing money, they deleted users repositories on their own, they had management issues, and people have been waiting some features for very long, specially open source maintainers? Also GitHub "forced" a lot of organizations to migrate somewhere else when they changed their pricing model[1].

[1]: https://news.ycombinator.com/item?id=11673103


Once bitten, twice shy.

Moreover, although I agree Microsoft is making efforts to change [1], pro-Microsoft partisans make it clear much of this is due to the new CEO. What one CEO does, another can undo. GitHub's bus factor is now 1.

I would much rather have seen them go public. They were losing money, but not, last I saw, at a rate that was absurd for building a SaaS business. Is there some reason to think they couldn't have gotten into the black? And if so, is there some reason to think Microsoft will let them burn cash forever without getting anything valuable in return?

Previously, GitHub's success depended on GitHub serving their customers and users. Now it depends on the notions of some guy in Seattle. Some guy whose job is, at least by market cap, 99% focused on other things. It's reasonable for customers to worry about that.


I think the biggest thing suggesting they couldn't have gotten into the black is the fact that they had been looking for a CEO for 10 months and still hadn't found someone. I'm not entirely sure why they couldn't find anyone, perhaps they were just being picky, but it certainly didn't look good.


Or it could be that the board has been looking to sell the company for that period and nobody wanted to come on to be the CEO for 20 minutes before being replaced by somebody from the acquirer. Hard to say.


You're acting as if the opensource initiative in MS of late is down to Nadella and nothing else. It's much more a case of market forces changing and an acceptance of opensource within corporations.


That's certainly what I'm seeing from people. There are a ton of "it's fine because Nadella" comments out there. E.g.: https://twitter.com/kellabyte/status/1003660575690244096

If they are merely yielding to market forces, then that's not much of a comfort. Github was a leader in this, and Microsoft's customers have a strong bias toward followers and laggards.


> Once bitten, twice shy.

With Microsoft, the bites have been numerous and some are ongoing.


>What one CEO does, another can undo.

I completely agree with that as a general principle, and I don't disagree with anything you've said outside of this quote. But are you suggesting that Nadella is going to leave Microsoft anytime soon?


No, but he's not immortal. He could get hit by a bus tomorrow. The median CEO in the Fortune 500 lasts only 5 years or so, and he's already in year 4.


Probably want to adjust that metric for stock price ...


Buses are not big respecters of stock price, and what goes up can come down. Microsoft's numbers could get squishy for a number of reasons unrelated to open source efforts, and a revenue dip could either mean a new CEO or some quick cuts to things that aren't producing a lot of short-term profit.


GitHub's success as an ongoing concern was based on their investors willing to keep giving them more money or alternatively the public market giving them more money until they could become profitable.


We don't know how far they were from being profitable. But even unprofitability is not a big problem these days. E.g., Okta IPOed in the red with explicit plans to keep losing money for the foreseeable future.

Github was making over $200m/year, and was poised for strong growth in enterprises as they got with the times. I expect they could have gotten to GAAP profitability whenever they needed to. But they should have kept spending on growth to maximize market share.


How does being profitable and IPOing stop a company from being an acquisition target (see LinkedIn)? Just like the private investors could be swayed by a tempting acquisition offer so can public investors.

The only way that you guard against being an acquisition target is to remain private and not take money from outside investors.


Even with best intentions from both sides, acquisitions don't go well in a lot of cases.

It's quite common to have the following scheme:

1) nothing significant happens for 1 to 2 years, the big company slowly integrates the smaller one.

2) historical dev/ops starts to be tired of the heaviness of the processes and all the politics going on in the big organization. After 3 to 4 years, they start leaving, and knowledge begins slowly to get lost.

3) new features are slower to be pushed in production, often with major regressions.

4) after 5 years the service is becoming more and more unstable and/or is not evolving anymore.

5) after 7 to 10 years, the product is killed-off or put in limbo.


Yeah, but most of that happens whether or not your product is acquired or not. Acquisition may, and often does, accelerate the process, but almost every application eventually suffers from loss of focus, feature bloat, and changes within the industry. Those that don't tend to stagnate completely and get replaced when someone re-invents the wheel from the ground up with a few improvements. I mean, forget that happening to GitHub, that will probably happen to git in 10 years or so.


> MS is one of the biggest open source contributors nowadays.

Really? For its size? It seems like Google, Apple, and Facebook are all much more productive in OSS. The only open source Microsoft product I'm aware of using is VS Code. To my understanding, they haven't open sourced Edge, their JS engine, their compiler, their word processors, or really anything else of note. I guess I can give them a little credit for .NET Core, but would that even have happened of Mono hadn't existed?


> their JS engine

https://github.com/Microsoft/ChakraCore

> their compiler

Microsoft makes half a dozen compilers, for as many languages:

https://github.com/dotnet/roslyn https://github.com/fsharp/fsharp https://github.com/PowerShell/PowerShell

The only one that I know of that is closed is C++.

> anything else of note

https://github.com/Microsoft/GVFS https://techcrunch.com/2016/11/16/microsoft-joins-the-linux-...


PowerShell is a pile of slightly incompatible versions, you end up with code targeting the oldest version you need (often version 2 for Windows 7).


I stand corrected, thanks! I still have a sense that they are rather less proportionately open source than those other companies, but less so than before.


Remember Skype? That wasn’t in 80-90s...


personally, I really like the performance of 'skype for business' but maybe I am in the minority there.

all of the tools and integration with outlook is pretty smooth...


"Skype" for business isn't even Skype code. It's Lync with a sticker slapped over the top.


Skype for Business is really, really bad on MacOS. Half of the time i'm trying to use it, messages don't get sent with an error message. Sometimes they do get sent but i still get an error message.

Skype on MacOS tends to get stuck in some loop that eats my CPU. So does MS Excel. MS Excel also had other, very annoying issues in the not so distant past.

Sure, as a MacOS user i'm maybe not that important to MSFT, but the quality of some of their products is surprisingly low.


The excel bit is likely because multi core support isn’t on Mac just yet. If you opt into their latest beta channel for updates, it gets way better.


No i had a different issue. I think it was after hard resets when excel goes "do you want me to restore the stuff i had open before?"

I would ignore this for a while (since plenty of other apps would also start up again) and then wonder what is eating my CPU. Surprise surprise, it's an Excel message box.


Well, then you won't be glad to know it's going away: https://www.theverge.com/2017/9/25/16360072/microsoft-teams-...


Skype and performance are two words that don't ever belong in the same sentence.


You just gave a counter example ;)


"Skype has performance issues"

"Skype has abysmal performance"

"Performance in not Skype's priority"

I thought I would give some excellent examples of how to use "performance" with "Skype" - all of which are true!


It could have the word 'bad' somewhere in the middle.


but what if we don't use outlook - not everyone does. this is at the fundamental heart of the problem with Microsoft (Apple is just as guilty, btw). It is the "hey, we have a nice ecosystem - everyone should use it" viewpoint. As a developer and consultant - I will decide which tools are appropriate and best for the job at hand, not something dictated by corporate marketing. Skype has gotten much worse since Microsoft acquired them. Every time I start Skype I have to update it and its not as stable as it once was, especially on OSX


> I’m really surprised by all the Microsoft hate as if we were still in the 80-90’s.

You think the privacy nightmare of windows 10 happened in the 80's-90's?


And now Microsoft is going to solve all those problems? This'll be interesting to see how it plays out, but all of these issues are not confidence inspiring.


> Nat Friedman, although I was not familiar with him prior to this, seems like an ideal candidate to run GitHub.

Nat Friedman is a legend in the open source community. He founded Ximian in '99 with Miguel de Icaza, who both meant a lot for the Gnome community (e.g. via products such as Ximian Evolution) and Mono (FOSS .NET for *NIX). They got bought by Novell where he also got a top position. Nat has been busy with FOSS for a long time, and he _believes_ in it.

Some verification on the above plus other details can be found here on Wikipedia [1]

As a final note, "I’m not asking for your trust, but I’m committed to earning it." is very humble, professional, and clever.

[1] https://en.wikipedia.org/wiki/Nat_Friedman


He is the perfect transition guy, who is likely going to be replaced in a few years time when MS decide they want to capitalize on the money they spend on a un-profitable but popular service.

Which is a pattern we have seen from their takeover of hotmail and more recently with skype, where they also waited a few years before starting the transition from independent brand to a sub brand under one of Microsoft estates.

What you are going to see when MS is done integrating the leadership of github into MSFT and Nat have been replaced by a next phase CEO, is that githubs CI hooks will become more and more symbiotic with azure, and the a lot of the documentation tools offered will hook directly into office365 tools, which will require a synchronization of accounts with MS other SaaS offerings.


I think everyone can agree that Microsoft is going to push Azure very hard once they start sinking their teeth into GitHub-- that's not surprising.

However, I'm very skeptical about the idea that GitHub is going to somehow become an Azure-only walled garden. It makes little sense business-wise. The entire point of buying GitHub was to acquire an audience that they are aware is not necessarily interested in Azure or their stack. Forcing it on them will only cause them to leave (there is plenty of competition in the code hosting space now), which will in turn reduce revenue. I give MS enough credit to know that the only way they succeed in this space is to provide value, not vendor lock-in. This is true now, and it will be even more true in 5 years when other big companies inevitably start following Microsoft into this space and competing for market share.

If they wanted to just sell services to people already using MS products, they already had VSTS for that.


[flagged]


This is not controversial opinion Miguel is close to Satan in the free software wing of the community.


I’ve seen many acquisitions commit to 2) only to slowly walk back from that “in the interests of operational efficiencies”. And next thing you know you have to change over to using a Microsoft account to log in...


Having seen a big Microsoft acquisition from the inside, I can also tell you that this dynamic occurs:

Microsoft is a gigantic organisation with very good working conditions. This leads to people with very long tenures working in highly defined and specialised roles within the company. Career development does happen, and is actively encouraged by Microsoft, but you're usually moving into a role which is just as niche as your last.

When a major acquisition occurs of a smaller organisation, it's usually done with a promise of keeping independent leadership and a degree of organisational separation. However, as middle-management staff rotate out of the smaller company naturally, the roles that they vacate are very attractive to Microsoft employees who want to have a bit more of that start-up feeling, and a slightly wider remit to make change.

So through a kind of organisational osmotic pressure, even if the leadership of the acquired company remains independent, the middle ranks of the acquired company become permeated by life-long Microsoft-ers. None of this is particularly bad - I just want to make it clear that Microsoft's definition of independence is not everyone's definition thereof.


> organisational osmotic pressure

OT, but I love that term!


I actually just made a bet with a friend on whether or not they'd switch GitHub over to Microsoft logins. My strong bet (that I put money behind) is that they won't. They're specifically acquiring this to win over developers and community, and they should hopefully know from the Skype transition how much negative perception that granted them.

Their absolute best bet is to sit on GitHub, feed it money, offer the paid features as an additional perk for MSDN subscribers through an account linking method, and call it a day. The developer goodwill they can buy being a good steward of GitHub far surpasses any other value they could extract from it.


Microsoft has you use a Microsoft account to sign into Windows itself; I think they will merge Github in somehow. They might be trying to win over developers, but they'll want to cross-sell to MS ecosystem developers as well.

Starting with "any existing Microsoft account is now a valid Github login". Then maybe "you can more easily use VS (or VS Code) with Github and deploy to Azure, if you use a Microsoft account with Github" and "you can merge your Github account into your Microsoft account". Then "all new accounts on Github are Microsoft accounts, you can no longer make a separate one".

Whether they go all the way to "there's no such thing as a separate Github account anymore", not soon, but probably one day - they've been trying to centralize accounts between all their services for years and years, haven't they?


It's already trivial to host on GitHub and deploy on Azure using Visual Studio Team Services - in your deployment pipeline you choose github as your source repository instead of the built in git repo that's part of VSTS. It works using web hooks just like every other CI/CD tool.


Their "for years and years" strategy though has not been working.


On Skype, when they migrated to MS accounts, I’ve lost 2/3 of my contacts list and tried contacting support but they wouldn’t admit it, blaming me with a line like “you must be having another Skype account”.

After several retries to talk to them and maybe get somebody more technical on the line, I just gave up and being disappointed I simply gave up on Skype altogether – thankfully it has fallen out of favor at work too.

Skype has been a monumental fuck up and just thinking about it on a thread about GitHub being acquired makes me sad.


> I actually just made a bet with a friend on whether or not they'd switch GitHub over to Microsoft logins

Did your bet stipulate a time frame? I think the odds of this go up considerably after a honeymoon period of 2-4 years.


Yeah, we went with three years (after close of the acquisition). If we didn't have a timeframe, I'd never get paid. :O I'd be inclined to pay my friend back if it happened sometime reasonably thereafter though.


WhatsApp and a number of Apple and Google aquisitions comes to mind in addition to Microsofts own Skype.

(Although, IIRC except for WhatsApp most of these didn't make many promises.)


...which one year is a Microsoft account, the next it's live.com, then msn.com, then passport.com, then outlook.com. And what about that 20-year old MSDN account, which was always associated with Hotmail? You can login but it hangs on some obscure error message. Googling suggest to associate with a non-Hotmail address, but that one doesn't let me access MSDN subscriptions. Next forum suggestion: create a VisualStudio.com login and link with Live.com... but it still doesn't work. Several support emails later, I just need to delete all existing associated MSDN email accounts and start over with my work email address. I just wonder how long until I need to migrate again to the next email/login-flavor-of-the-year. Maybe I'm just an edge case?


What would be wrong having a Microsoft account to log in exactly? They aren't getting any more information from you then they have currently purchased. I remember when I had a YouTube account, a blogger account and a Google account and I am glad I just use one google account myself.


Because it’s an indicator of a loss of independence. And if you went through the Skype changeover you’ll know exactly what a fiasco that change to a Microsoft account was.


You mean from 2011 when Microsoft had totally different management and business model? I don't see the Steve Ballmer Microsoft has much bearing on today's Microsoft.

Also it wasn't the Microsoft Account change as much as the they had the weird MS Store or Local account sign in options. I removed the Store sign in and only used local and had no issues. Am I missing something?

zeth___ 42 days ago [flagged]

Jesus Christ. Is everyone here a teenager? Microsoft in the 80s might bot be a valid comparison today, but something that happened 6 years ago is barely yesterday. Institutions do not change that much that quickly.

Microsoft 15 minutes ago isn't the Microsoft of today is just as true a statement and one just as vacuous.


I'm closer to 50 and certainly not a teenager. Yes, Steve was the issue and his style was old fashion. There is no going back once you open up the shed. Why do people continue to want to punish a company for their past when their present has been so good? To keep punishing them and not rewarding them for their good deeds?

P.S. I thought the whole anti-OpenSUSE movement was also plain old stupid.


> their present has been so good

- Putting adverts directly into their OS (which people pay for by the way)

- Forcing their shitty updates, (and restarts) at the most inconvenient times

- making it impossible to permanently and easily turn off telemetry

Wow, you have low standards. I bet if you ate dog shit, you'd say it's not so bad.


So Windows 10 isn't leaps and bounds better than Windows 7 or Windows 98???? Seriously Windows 10 is the first Windows I have ever actually liked. I got my OpenSUSE terminal open and using ranger and my other terminal programs working in Windows (At work I have to have Windows due to many issues on one computer)

> Forcing their shitty updates, (and restarts) at the most inconvenient times

Weird I have a pop up that says there is an update coming and when do I want to schedule it....

>Putting adverts directly into their OS (which people pay for by the way)

Didn't care for it and I hit the disable on 3 switches

> making it impossible to permanently and easily turn off telemetry

They did push out an update over a year ago that makes it so you don't have to use the tools that were out since 2015. Telemetry was specific for Inside program and beta but I certainly see why people were freaking out. I looked at what was being collected and it seemed fine for me.


So you haven't been getting the Candy Crush Saga, One Office trial, et al. games/software installed to the top of your "Start Menu" after every major OS update? It's only 2 clicks per app. And I'm sure it's part of why the last big update took 2 hours to finish (with only a warning, this may take a while... good thing my deadline was the next day and not in 2 hours... still ended up being a very long night, since the update broke other things). Also this last major update (Content Creator?) bricked a bunch of PCs... I had to do a "system reset" with USB stick to get things moving again.. but I'm still getting BSOD about once a week since then.

What about them mucking up the Spectre/Meltdown patches which bricked a bunch of PCs? In my case I wasn't bricked but I had to rollback a patch.

What about re-enabling of disabled services (e.g. Firewall, Defender) after some updates?

Going back a couple years ago, what about downloading/pre-loading Windows 10 on Windows 7/8 computers, without the user asking first? Can we forgive them for that? It used up several GB of space and burned sometimes expensive bandwidth? Happened to my laptop while I was traveling, I only noticed after I started getting low disk space warnings.

If I had a real list of the all the actual problems I've ever encountered with Windows, Windows 10 is definitely approaching Windows ME levels of incompetence.

Maybe some of us are just having more issues because we have unique hardware configurations which don't play well with Microsoft's newest foray into OS experimentation. Or perhaps our expectations are too high?


On my evil list Micrisoft is better than Google and Facebook. But worse than Github. If I heard Microsoft was buying Oracle I'd be dancing in the streets.


> Why do people continue to want to punish a company for their past when their present has been so good

I don't agree that their present is good.


Because the whole "live" account thing is a total mess on their other properties that support it, and github's login system is great?


Microsoft accounts are a trainwreck... I've got at least three or four of them all with the same email address, and despite years of effort to link them together and consolidate, I still have to use all of them to log into different services and access different resources. The permissioning on things like Azure and VSTS doesn't make a lick of sense.


I began the process of creating an Azure account recently and somehow the Canada region was selected. The system locked my email address into Canada even though I already have a US region live account with the same email address. Since I don't have a Canadian zip code, I can't submit billing information and complete the provisioning process. I was willing to try Azure for a new project, but now I'm not because their accounts are such a mess. I talked with a project support technician for Azure who actually understood the issue but was unable to resolve it suggestion I use a different email address. I know I could, but on principle I won't.

I'm actually really excited about MS+GitHub, but have to agree the account situation sucks.


Google kind of managed to force most accounts together. ;-)

In the process it seems they managed to seriously undermine their new, really really nice social network by using the same name for that and now me and a few others have a nice social network all to ourselves :-\


> Microsoft accounts are a train wreck.

Now you put it like this, I realize I suffer from this too. The UX of having accounts in the Microsoft ecosystem sucks severely.


I've felt similar. There's been some impressive innovation from MS in the dev space recently: VS Code is a pleasure to use, Azure wasn't quite as intimidating as AWS can be (but who can blame them, AWS has a lot more legacy). Windows 10 was pleasant to work with, telemetry issues aside. Things are shifting.

In fact, I think there's a strong 'once a criminal, always a criminal' mentality that takes a healthy skepticism to an unreasonable level. At least with the benefit of the doubt you can be wary of what Microsoft's intentions really are, but I don't think it's productive to go 20 years into the past and pretend that absolutely nothing has changed since, and rehashing everything from that time as if it only happened yesterday. It's an unreasonable standard and if nothing else, it presents the self-fulfilling prophecy where you're only satisfied once you've found proof that Microsoft today hasn't changed at all. So you've practically doomed GitHub to fail post-acquisition because you've already decided it _will_.

I'm not sure why you'd want that. So on that level I hope that Microsoft doesn't betray the gigantic community that has built around GitHub, which itself has taken open source to a whole new level. It's an appeal to emotion, I know, but I just don't see the value in being straight up negative in the light of recent evidence that suggests the contrary. You would never hold yourself to such an unforgiving standard (unless you wanted to sacrifice yourself on the altar), so it's better to give it a chance instead of throwing out the baby with the bathwater.

(Secretly, I'd love it if they, for example, rethought the pricing strategy and offered free private repos the same as every competitor does.)

That said, it's a little worrying that tech is continuing to consolidate around the giants.


> It's an unreasonable standard and if nothing else, it presents the self-fulfilling prophecy where you're only satisfied once you've found proof that Microsoft today hasn't changed at all.

That's a good general point; if you find you dislike someone's POV or behavior, and you're not simply being tribalistic, you should be thinking along the lines of, "what do I want this person / group to do differently?"


It's the negative winning out over the positive. If you genuinely want things to get better you have to stop thinking about how they won't.

If you can't, you're part of the reason why things won't improve. You want your negativity (or your ego) to be proven right.


Microsoft has been embracing and extending Git for a while, and now they have bought captive users who are going to use whatever Microsoft tells them to use just to keep their code on Github and avoid a difficult migration.

They clearly have greater ambitions than increasing Visual Studio sales. For example, what about forced integration of LinkedIn with personal Github repositories?


I'm not sure what these facts are based on, but to make something clear, 'embracing and extending' is practically the definition of open source and how you contribute. 'Extending' here is a synonym for contributing. Embracing is good, extending and improving is good. You just put Microsoft in there and suddenly it's not. It's stupid.

So in all that, you're waiting on the extinguish step where WinGit comes out and blows away Git, Github, GitLab, BitBucket, etc. etc. etc. because you cannot possibly maintain a modern git repo unless you're running it on Windows. Only MS are building Linux based cloud infrastructure so it's not even loyalty to their past anymore.

Never mind the fact that 'extinguish' blew up in MS' face and their attempts to monopolise the internet ensured they never would. Firefox and Chrome are direct products of that particular power grab, so is the shitty reputation MS has, so is the existence of Edge to get away from the Internet Explorer branding. Why even bother trying all of that again?


Okay, this is my greatest concern with Linkedin and Github. For many (most?) dev job applications, not having a 'ticks all boxes' profile on both sites means pass on initial callback; and now MS controls both. What they purchased for so much $$ is industry branding mindshare.


I really can't think of a better large tech company to buy GitHub (Which has been closed sourced since creation and I don't know why people are so scared). Now Oracle would make me put on my tin foil hat on immediately and deleting of my account.


Because people with closed source, the paying customers, now have to trust their potential biggest competitor with their source code ‽


Are you suggesting MSFT is going to _steal people's code_ from private github repositories? This strikes me as a bit fantastical.

What software hosting platform is not also itself a software company? Atlassian, Gitlab...?


Not steal source code, but platform companies have been known to use their insight into platform user metrics as a source of competitive intelligence metrics. Knowing which private repos are large and active is valuable info.


What if you run a recruitment web app that competes with LinkedIn?


What if? What if I run an operating system project, IDE project, email client, etc.? MSFT is going to steal or shutdown every type of software that competes with one of their products?

Doesn't add up to me.


The amount Microsoft would have to lose - in courts and public trust - if they were to abuse the private sensitive data held in their systems - would massively outweigh any benefit they could hope to achieve from that information.


That's already been tested:

https://www.theguardian.com/world/2013/jul/11/microsoft-nsa-...

They're still in business. Numbers look good. They also have advertising and telemetry on paid stuff that people would usually assume doesn't sell them out like free, ad-driven services. Windows, Office, and Xbox are valuable enough that customers will tolerate quite a lot before leaving.


>"What if? What if I run an operating system project, IDE project, email client, etc.? MSFT is going to steal or shutdown every type of software that competes with one of their products?" Doesn't add up to me.

It doesn't matter.

The "what if?" is enough to cause a chilling effect. This will be the effective death of GitHub. I'm certain projects that are all-in on the platform will stick around out of momentum. But yesterday was the last day anyone would ever consider starting a new major project on GitHub.


Ridiculous. Please define "anyone" and "major project" and then let's make a bet.


So you tell that people trust private company which was loosing money since the creation better than Microsoft with all of its reputation at stake?


Yes. Financial stability and conflict of interest are two orthogonal issues.

The worst case scenario with Github closing the door, assuming no heads up, is that you'd lose your issues and PR. You have your git history on a bunch of machines (your devs + you should really have a dedicated backup).

The worst case scenario with Microsoft having visibility of your "closed" source code is that they take a peek at it and implement a better faster more integrated version of them in their own product competing with you, or heck even copy/paste your code. What can you do about it? How could you prove it? Remember, they can afford orders of magnitude more number of lawyer hours than you.


Is it unfair that I keep thinking of the SCO–Linux dispute at the moment?

https://en.wikipedia.org/wiki/SCO%E2%80%93Linux_disputes#Mic...


That's the overarching style of business that I associate with the Microsoft brand


That's comparing oranges with a monkey. How do they relate?


yes :)


Yes. 100% yes. Microsoft didn't care about their reputation for a long time. They currently do, at least a little, but that could change back.

Github was losing money, but that's pretty typical for SaaS businesses. I have no reason to think they couldn't have gotten to break-even. And if the can't get to break even, I have no reason to think Microsoft will subsidize them indefinitely.


I still think Microsoft had the lion share of the programmers mind with Virtual Studio? I am guessing it really has more to do with emotional response to the name MS then anything MS has done in the past 5 years.

I use Bit Bucket because I knew they were making money and were solvent and I knew GitHub was just waiting for a big pay day. BOY was I wrong with the timing and the amount.

> And if the can't get to break even, I have no reason to think Microsoft will subsidize them indefinitely.

This fits perfectly with their developer system with Virtual Studio, VS Code and Azure. I can't see how this isn't a great buy for them and their ecco-system.


That's not just a scummy breach of trust though, that's a blatantly illegal breach of trust. Source code is a trade secret. Copying it without permission is corporate espionage. People would go to jail if they tried. You are asserting that Microsoft's intentions are criminal.


I'm 100% sure that this is not their intention... But can you guarantee that this is not going to happen in the future?

All it takes is one rogue employee, and it could have devastating irreversible effects on a small startup.

https://en.wikipedia.org/wiki/J%C3%A9r%C3%B4me_Kerviel#Unaut...

https://en.wikipedia.org/wiki/Enron

https://en.wikipedia.org/wiki/Nick_Leeson#Downfall


What's stopping a Github or Gitlab or Atlassian employee from going rogue? That's not an MS specific problem.


Did you reply to the wrong comment? Because I don't think I am asserting anything like that.

Of course, Microsoft was famous for their dirty pool tactics in the past, so it's not irrational to worry that they'd return to them. E.g.: https://en.wikipedia.org/wiki/Microsoft_litigation#Private


În a word, YES. Profitability <> quality.

I would argue that the case here is quite the opposite.

Github is loved for a variety of reasons, small & large decisions that are influenced by how profit-oriented the company is. And how willing they are to annoy their users to squeeze some more "profit" and/or data out of them.


It would seem Github had $7.5B at stake.


What's the evidence that Github was loosing money? Their first (and only, AFAIK) round was with Andreesen Horowitz for $100 million, many years after they had already become the go-to host for open source projects. Before that round the company was bootstrapped with personal funds.


This is not a concern that many real people have, just people on HN.

In the real world, people trust companies and context contracts with companyies to protect them. Eg all the people using clouds like azure.


Any company who is small enough to not host their own code repo are of little interest to Microsoft.


Google or Amazon?


I don't see how their reputations would be even garner half the trust.

More

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact

Search: