Update on some maintainers / contributors.
Patrick Williams
patrick at stwcx.xyz
Fri Apr 4 02:04:40 AEDT 2025
The Linux Foundation made a clarifying post on this situation[1].
[1]: https://www.linuxfoundation.org/blog/navigating-global-regulations-and-open-source-us-ofac-sanctions
On Thu, Oct 31, 2024 at 12:31:33AM -0400, Patrick Williams wrote:
> Hello,
>
> This is not a great situation for Open Source as a whole; involving
> legal issues and international politics. Since there has been some
> public activity on other Open Source projects, especially the kernel,
> it seems like we should be more forward about what is going on.
>
> In early 2022, some of our contributors associated with a specific
> company lost access to GitHub. As a result of this they were unable to
> access Gerrit. Since that time, access has not been restored and they
> continue to not be able to contribute to the project or provide feedback
> as maintainers on sub-repositories (which some of them were).
>
> I assume the reason those developers had their GitHub accounts
> suspended was due to their company's appearance on a US government
> sanctions list[1]. Recently, the Linux Kernel has removed a number of
> maintainers for seemingly similar reasons. A good article on the
> situation can be found on Phoronix[2].
>
> I have not seen any official/public policy from the Linux Foundation on
> this situation, but it appears that high ranking members of the kernel
> community decided to act based on some non-public guidance they were given.
>
> The way we are handling the situation is as follows:
>
> - We use GitHub for authentication to Gerrit and have no plans to
> change from this. Anyone interacting with the code there will
> need to have GitHub access. Anyone who has been suspended /
> blocked by GitHub will not be able to interact with the codebase
> by either contributions or reviews.
>
> - We are not accepting new CCLAs from entities on the sanctions list
> or accepting ICLAs from individuals associated with these
> entities.
>
> - Maintainers who have lost access to Gerrit are being removed from
> OWNERS files to provide clarity to contributors. I believe this
> affects one full repository and one meta layer. I am assigning
> myself as the OWNER of the affected repository to ensure continuity
> of reviews but would greatly appreciate if someone else has an
> interest to take it over. If the situation changes and the
> previous maintainers are able to resume participation, we can
> restore owner status to them.
>
> - No change is being implemented to the mailing list or Discord.
>
> I do not have any advice for individual contributors on the project. If
> you have concerns, you may want to seek guidance within your company.
>
> [1]: https://ofac.treasury.gov/faqs/topic/1631
> [2]: https://www.phoronix.com/news/Linux-Compliance-Requirements
>
> --
> Patrick Williams
--
Patrick Williams
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <http://lists.ozlabs.org/pipermail/openbmc/attachments/20250403/2e2cd1a9/attachment-0001.sig>
More information about the openbmc
mailing list