Switch issues and CI to GitHub

Sergey Ponomarev stokito at gmail.com
Tue Jan 25 11:45:52 PST 2022

Well, we may *speculate* and try to minimise risks but that's what I
tried to say: it's counterproductive.

For example, did you know that GitHub was blocked in Ukraine for one day?
As far as I remember, literally some small court in a village said to
block four hundred sites with GH and LiveJournal among them just
because there was some gist with links to a cryptocurrency exchange.
And Ukrainian laws allow the use of crypto currencies and don't allow
anyone to block anything but there was a funny formulation like "seize
intellectual property rights that Internet users have when using web
resources". That's totally insane and no ISP hadn't blocked anything.
That was quickly undone and maybe the judge was punished but still,
who might predict this?

At least GH is big enough so that it can protect its users and even
Ukrainian ministers were worried about this.
There was a story when Iranian with Canadian citizenship was blocked
in GH when he visited his parents. But hey, the GH CEO Nat Friedman
even, while being a jew, personally worked hard to unblock GH in Iran
Now imagine that OpenWrt or SourceHut or whatewer website will be
blocked. Who will try to dispute?

I'll ask a developer from Crimea if GH is blocked there but I just
tried to say that Crimea is a very popular destination unlike North
Korea and thouthands of developers are visiting it and not only from
Ukraine and Russia. That's a health resort and many astmatic people
have to be there periodically because that's the cheapest way for them
to survive.
The problem here is that you may be blocked *unexpectedly* even before
thinking about using VPN.

I just want to say that I personally agree with this concern and still
for me it looks like GH is at least not a worse option even from this
point of view.

Also any country which tries to protect its sovereignty, morality or
lifestyle from outside influence should limit access from the entire
internet itself. And ironically users may need OpenWrt more than
But I hope that can be simply resolved by mirroring of binaries
downloads and local forums. But participating in discussions and
contribution still may be a problem but there is not a single good
solution for this.
At least we know that for core developers and maintainers that's not a
problem at all. It's fair to use GH or any other hosting even if it
will be accessible only from Germany :)

On Tue, 25 Jan 2022 at 20:31, Sam Kuper <sampablokuper at posteo.net> wrote:
> On Tue, Jan 25, 2022 at 06:56:04PM +0200, Sergey Ponomarev wrote:
> > Speaking about GitHub and access to it from sanctioned territories
> > this is a really big concern. [..]
> Thank you for corroborating that concern.
> Some news reports, think-tank analysis, and legal guidance providers
> suggest the current sanctions will be extended in unspecified ways, if
> conflict escalates further in the region.  If that happens, I would
> *speculate* that for instance GitHub might end up blocking Russia.
>     "Washington is trying to maintain transatlantic unity to build a
>     credible threat of sanctions as a deterrence against Moscow."
>     https://www.theguardian.com/world/2022/jan/25/us-uk-and-europe-totally-united-in-the-face-of-russia-threat-to-ukraine-biden-says
>     "If [Russia] launches a [new] military assault against Ukraine,
>     Western sanctions should target the Russian economy in a major way.
>     ... If the Kremlin choses lesser forms of aggression, consider
>     strong sanctions anyway  ...  the United States and the European
>     Union (EU) should use all options at their disposal, including
>     intensified export controls."
>     https://www.atlanticcouncil.org/blogs/new-atlanticist/what-if-russia-invades-ukraine-again-consider-these-options-for-sanctions-escalation/
>     "In order to prepare [for possible imminent sanctions, Western]
>     businesses should do the following:
>     -   Identify all of their activities which relate to Russia and/or
>         Russian counterparties and/or Russian origin goods
>     -   Review (and expand if necessary) existing KYC to identify all
>         Russian counterparties and their beneficial owners ..."
>     https://www.lexology.com/library/detail.aspx?g=839e7b81-ee92-40bb-87ca-4d9e96eeccb8
> > But let's be honest: that's not only GitHub but any website in the US
> > or in NATO countries,
> I may be wrong, but I think some code/issue-hosting sites, including in
> the USA or in other NATO jurisdictions, are accessible from sanctioned
> territories.
> Potentially, that means SourceHut or CodeBerg would be better solutions
> than GitHub in this (and other) respects.  Certainly, I could find
> nothing in their terms and conditions to indicate that they block users
> by territory:
> https://codeberg.org/codeberg/org/src/branch/main/TermsOfUse.md
> https://codeberg.org/codeberg/org/src/branch/main/PrivacyPolicy.md
> https://codeberg.org/codeberg/org/src/branch/main/en/bylaws.md
> https://codeberg.org/codeberg/org/src/branch/main/Imprint.md
> https://man.sr.ht/terms.md
> https://man.sr.ht/privacy.md
> (Basically, IIUC - IANAL - sanctions are intended as deterrents to
> commercial activities.  Non-profit or volunteer activities are less
> affected.
> I would *hope* that humanitarian activities - like developing free
> software that extends the usable life of computer and network
> infrastructure - would remain unaffected by sanctions, except insofar as
> commercial US hosts like GitHub might be barred from involvement.)
> I will write to SourceHut and CodeBerg to ask whether they block users
> by territory.
> Sam
> --
> A: When it messes up the order in which people normally read text.
> Q: When is top-posting a bad thing?
> ()  ASCII ribbon campaign. Please avoid HTML emails & proprietary
> /\  file formats. (Why? See e.g. https://v.gd/jrmGbS ). Thank you.
> _______________________________________________
> openwrt-devel mailing list
> openwrt-devel at lists.openwrt.org
> https://lists.openwrt.org/mailman/listinfo/openwrt-devel

Sergey Ponomarev,

More information about the openwrt-devel mailing list