this post was submitted on 26 Jun 2024
848 points (97.9% liked)

Technology

59578 readers
3048 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 1 year ago
MODERATORS
 

GitCode, a git-hosting website operated Chongqing Open-Source Co-Creation Technology Co Ltd and with technical support from CSDN and Huawei Cloud.

It is being reported that many users' repository are being cloned and re-hosted on GitCode without explicit authorization.

There is also a thread on Ycombinator (archived link)

top 50 comments
sorted by: hot top controversial new old
[–] bionicjoey@lemmy.ca 373 points 5 months ago (33 children)

Solution: create a GitHub repo with Markdown articles outlining human rights abuses by the CCP and have a large number of GitHub users star and fork the repo.

[–] Colonel_Panic_@lemm.ee 171 points 5 months ago

You've heard of CamelCase and lowercase and intVariableName variable naming styles. Get ready for:

for (int Taiwan == 0; Taiwan < HongKong; Taiwan++) { int TianamenSquare == 0; ... }

[–] Tramort@programming.dev 87 points 5 months ago (3 children)

That's the whole point of this: they will automatically filter that out, and this is an impotent, though well intended, gesture.

[–] Morphit@feddit.uk 77 points 5 months ago (1 children)

How will they filter it out? If they just don't mirror anything with 'forbidden' terms, we can poison repos to prevent them being mirrored. If they try to tamper with the repo histories then they'll end up breaking a load of stuff that relies on consistent git hashes.

[–] jorp@lemmy.world 28 points 5 months ago

I feel like the effort to make such a repo and make it popular enough to be cloned and rehosted is a lot more effort than someone manually checking the results of an automated filter process.

The "effort economy" is hugely in favor of the mirroring side

[–] bionicjoey@lemmy.ca 25 points 5 months ago (4 children)

Yeah I figured as much. It was mostly a joke. At the end of the day, if stuff is on GH, people can take it. It's barely even stealing. Unless the license disagrees of course but then you were putting a lot of trust in society by making it public in the first place.

load more comments (4 replies)
[–] Azzu@lemm.ee 23 points 5 months ago (5 children)

The real solution is to include a few tiananmenSquare variables in all the repositories. Either they exclude the entire repository or just the specific file, in either case the entire project may be unusable.

load more comments (5 replies)
[–] HubertManne@moist.catsweat.com 28 points 5 months ago

everyone should have stuff in their code comments, tianamen, hong kong, taiwan, uyghurs

load more comments (30 replies)
[–] 0x0@programming.dev 129 points 5 months ago (5 children)

The vast majority of projects on GitHub is open-source and forkable, why would that need authorization?

It's... suspicious that China's doing it en masse, but there's nothing wrong in cloning or forking a repo last i heard.

[–] passepartout 110 points 5 months ago (5 children)

It's not about authorization. They want to build a knowledge base for when the Great Firewall gets some more filters. Just like russias mirror of wikipedia which is heavily edited to discredit the west.

[–] FaceDeer@fedia.io 41 points 5 months ago (2 children)

And under copyleft licensing, they're allowed to do that. Both to GitHub repositories and Wikipedia.

[–] passepartout 38 points 5 months ago (1 children)

Of course they are, it's not like there is some kind of international jurisdiction anyway. What is bothersome is why they do it.

load more comments (1 replies)
load more comments (1 replies)
load more comments (4 replies)
load more comments (4 replies)
[–] csm10495@sh.itjust.works 88 points 5 months ago (6 children)

It's a bit odd, but isn't it equivalent to forking and putting up a fork elsewhere?

I guess I don't see the problem.

[–] KingThrillgore@lemmy.ml 23 points 5 months ago (3 children)

It depends on the software license.

load more comments (3 replies)
load more comments (5 replies)
[–] raspberriesareyummy@lemmy.world 85 points 4 months ago (27 children)

With the obligatory "fuck everyone who disregards open source licenses", I am still slightly amused at this raising eyebrows while nearly no one is complaining about MS using github to train their copilot LLM, which will help circumvent licenses & copyrights by the bazillion.

load more comments (27 replies)
[–] dan@upvote.au 82 points 5 months ago* (last edited 5 months ago) (13 children)

I don't understand why this is a bad thing? Open source code is designed to be shared/distributed, and an open-source license can't place any limits on who can use or share the code. Git was designed as a distributed, decentralized model partly for this reason (even though people ended up centralizing it on Github anyways)

They might end up using the code in a way that violates its license, but simply cloning it isn't a problem.

[–] BlueMagma@sh.itjust.works 32 points 4 months ago (9 children)

I expect it's going likely to be used to train some Chinese AI model. The race to AGI is in progress. IMO: "ideas" (code included) should be freely usable by anyone, including the people I might disagree with. But I understand the fear it induces to think that an authoritarian government will get access to AGI before a democratic one. That said I'm not entirely convinced the US is a democratic government..

PS: I'm french, and my gov is soon to be controlled by fascist pigs if it's not already, so I'm not judging...

load more comments (9 replies)
[–] barryamelton@lemmy.ml 23 points 4 months ago (2 children)

The code needs to maintain the copyrights and authors. They are "mirroring" usernames into their own domain, with mails that dont correspond to the original authors, stealing their contributions.

load more comments (2 replies)
load more comments (11 replies)
[–] romp_2_door@lemmy.world 75 points 5 months ago (8 children)

fun to think that my shitty program is now stored in an artic vault and stored in some Chinese servers

So many bugs I never fixed and yet here we are lol

load more comments (8 replies)
[–] psycho_driver@lemmy.world 53 points 5 months ago

Quick, someone tell Nintendo!

[–] Rentlar@lemmy.ca 50 points 5 months ago

Someone reupload yuzu, stat!

[–] nutsack@lemmy.world 49 points 5 months ago* (last edited 5 months ago) (2 children)

I love how every Chinese company is called "China"

[–] DoucheBagMcSwag@lemmy.dbzer0.com 38 points 5 months ago (8 children)

Yeah.. That's because they are. it is required that every Chinese Company has to be owned by "tHe PeOpLe" (CCP)

load more comments (8 replies)
load more comments (1 replies)
[–] callmepk@lemmy.world 44 points 4 months ago* (last edited 4 months ago) (1 children)

I think the major issue is here is that they are “mirroring” with the same username without clear indicating they are mirrors and they are modifying all the github links in Readme to GitCode. But if you want to claim your project, they want to only comment using the issue section of a project which requires account; but then you have to have a Chinese phone number to register account, and you will automatically get a Huawei Cloud account when you registering it

Edit: also some background info about the company behind GitCode from my other comment: the company behind GitCode is funded and owned by CSDN (China Software Developer Network) and the actual infrastructure and service is provided by Huawei Cloud. On the website they have written this statement in the registration page.

CSDN is mostly a platform to share posts on software development, but it is known to have a lot of issues, including:

  1. poor content and directly copied posts from other people without consent, which to a point people is considering the site a content farm; it is even a top blocked site on Kagi;
  2. All code provided there requires “coins” to download, even they are open-sourced code; it was reported multiple people in China got scammed via CSDN;
  3. You have to login to copy code on the post, and sometimes hides half the post to require you to login to read.
load more comments (1 replies)
[–] ZILtoid1991@lemmy.world 43 points 4 months ago (3 children)

Put content that is illegal in China into your code, problem solved!

load more comments (2 replies)
[–] PanArab@lemm.ee 37 points 4 months ago (2 children)

It is not illegal is it?

If it is legal, then thank you China for the free backup.

[–] kuberoot@discuss.tchncs.de 40 points 4 months ago (6 children)

I do believe it's illegal if they take a repository with a restrictive license (which includes any repository without a license), and then make it available on their own service. I think China just doesn't care.

load more comments (6 replies)
load more comments (1 replies)
[–] kersplomp@programming.dev 34 points 5 months ago* (last edited 5 months ago) (2 children)

Some random Chinese company: does something jenky

Blogger: "The entire country of China is doing this jenky thing!"

[–] Telodzrum@lemmy.world 40 points 5 months ago (5 children)

All Chinese companies are the CCP. That’s how the system works.

load more comments (5 replies)
load more comments (1 replies)
[–] A1kmm@lemmy.amxl.com 33 points 4 months ago (1 children)

GitHub are not some bastion of righteousness - they are literally owned by Microsoft. And they work hard to stop people from getting too much Open Source from them, with rate limits and the like, so essentially gate keep.

I think CSDN probably want to gatekeep their clone even harder, but in general having archives of GitHub on the Internet is a good thing.

load more comments (1 replies)
[–] Melvin_Ferd@lemmy.world 31 points 4 months ago* (last edited 4 months ago) (7 children)

If we steal IP from China does the American government give us a business loan?

load more comments (7 replies)
[–] Muffi@programming.dev 27 points 4 months ago (2 children)

Great! Now I know who to contact when I accidentally delete all the plaintext API keys and passwords I had stored in a public github repo.

load more comments (2 replies)
[–] crazyminner@lemmy.ml 25 points 5 months ago (1 children)
load more comments (1 replies)
[–] mlg@lemmy.world 24 points 5 months ago

omw to get all the homebrew stuff NIntendo got removed from github lol

[–] Grimy@lemmy.world 24 points 5 months ago (4 children)

They should definitely respect the licenses, that being said, Microsoft owns GitHub and can be a bit quick in what they ban. It also means they are beholden to US laws, which could turn anti FOSS-AI in the near future.

This is a smart move and I honestly hope more countries start doing it. It would probably lead to a better ecosystem.

load more comments (4 replies)
load more comments
view more: next ›