Update on some maintainers / contributors.

Patrick Williams patrick at stwcx.xyz
Fri Apr 4 02:04:40 AEDT 2025 

The Linux Foundation made a clarifying post on this situation[1].

[1]: https://www.linuxfoundation.org/blog/navigating-global-regulations-and-open-source-us-ofac-sanctions

On Thu, Oct 31, 2024 at 12:31:33AM -0400, Patrick Williams wrote:
> Hello,
> 
> This is not a great situation for Open Source as a whole; involving
> legal issues and international politics.  Since there has been some
> public activity on other Open Source projects, especially the kernel,
> it seems like we should be more forward about what is going on.
> 
> In early 2022, some of our contributors associated with a specific
> company lost access to GitHub.  As a result of this they were unable to
> access Gerrit.  Since that time, access has not been restored and they
> continue to not be able to contribute to the project or provide feedback
> as maintainers on sub-repositories (which some of them were).
> 
> I assume the reason those developers had their GitHub accounts
> suspended was due to their company's appearance on a US government
> sanctions list[1].  Recently, the Linux Kernel has removed a number of
> maintainers for seemingly similar reasons.  A good article on the
> situation can be found on Phoronix[2].
> 
> I have not seen any official/public policy from the Linux Foundation on
> this situation, but it appears that high ranking members of the kernel
> community decided to act based on some non-public guidance they were given.
> 
> The way we are handling the situation is as follows:
> 
>    - We use GitHub for authentication to Gerrit and have no plans to
>      change from this.  Anyone interacting with the code there will
>      need to have GitHub access.  Anyone who has been suspended /
>      blocked by GitHub will not be able to interact with the codebase
>      by either contributions or reviews.
> 
>    - We are not accepting new CCLAs from entities on the sanctions list
>      or accepting ICLAs from individuals associated with these
>      entities.
> 
>    - Maintainers who have lost access to Gerrit are being removed from
>      OWNERS files to provide clarity to contributors.  I believe this
>      affects one full repository and one meta layer.  I am assigning
>      myself as the OWNER of the affected repository to ensure continuity
>      of reviews but would greatly appreciate if someone else has an
>      interest to take it over.  If the situation changes and the
>      previous maintainers are able to resume participation, we can
>      restore owner status to them.
> 
>    - No change is being implemented to the mailing list or Discord.
> 
> I do not have any advice for individual contributors on the project.  If
> you have concerns, you may want to seek guidance within your company.
> 
> [1]: https://ofac.treasury.gov/faqs/topic/1631
> [2]: https://www.phoronix.com/news/Linux-Compliance-Requirements
> 
> -- 
> Patrick Williams



-- 
Patrick Williams
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <http://lists.ozlabs.org/pipermail/openbmc/attachments/20250403/2e2cd1a9/attachment-0001.sig>

More information about the openbmc mailing list