2022年03月08日

受俄乌冲突的影响,GitHub 目前正在考虑限制俄罗斯开发人员访问开源代码存储库的可能性。无独有偶,早在 2019 年,GitHub 就曾经因为美国出台贸易制裁国家名单,对名单上的国家/地区的用户进行过 “封杀”。

2019 年 7 月,微软旗下的 GitHub“限制” 住在乌克兰克里米亚地区的一名开发人员的帐户。这名开发人员利用 GitHub 服务来托管其网站和游戏软件。

GitHub 告诉住在克里米亚的 21 岁俄罗斯公民 Anatoliy Kashkin,“由于美国贸易管制”,GitHub“限制” 了他的帐户。Kashkin 称,GitHub 给他看了关于美国贸易管制的页面,该页面显示将克里米亚、古巴、伊朗、朝鲜和叙利亚列为面临美国制裁的国家或地区。

随后,他托管在 GitHub 上的网站返回 404 错误信息,同时也无法创建新的私有 GitHub 存储库或访问它们。 2022年3月3日,GitHub CEO Thomas Dohmke 发布《我们对乌克兰境内战争作出的响应》一文。原文贴到文末。



EBR 法律代理机构的执行合伙人 Alexandra Zhuravleva 针对该问题表示:“许多许可证都附有制裁方面的条款;如果美国和欧盟愿意,它们可以实行制裁,禁止被制裁方使用开源软件或架构——那么俄罗斯产品将无法获得支持和更新,也无法正式使用此类软件”。毋庸置疑,当技术和政治战争挂钩,会无形的波及更多无辜的人民和机构。

在今年 2 月初,俄罗斯宣布计划在 2022 年底之前建立一个类似 GitHub 的本国平台,其运营商将是俄罗斯信息技术发展基金会。作为这个项目的一部分,计划公开由俄罗斯开发的免费软件。


源代码作为一个企业乃至国家的无形资产,在和平年代,托管到任何机构可能都没有问题。但是我们无法确保未来一定如我们所预期。适当把代码在国内服务商甚至本地做一个备份并不是杞人忧天。其实,除了众所周知的 GitHub,国内也有很多优秀的源码托管服务商,比如码云、CodeFever 等等。其中 CodeFever 作为国内为数不多的支持本地化部署的 git 服务,功能齐全、服务更轻、UI 更好看。

GitHub CEO Thomas Dohmke 发表于 Github 官网的《我们对乌克兰境内战争作出的响应》全文如下:

As the global response to the tragedies in Ukraine and other impacted regions continues to evolve, I wanted to share with our community an expansion of the message that I shared earlier this week with our Hubbers.

GitHub is united with the people of Ukraine and the international community in condemning these horrific acts of violence against a sovereign nation and its people. We continue to monitor the events in Europe surrounding the unlawful Russian military invasion of Ukraine.

We care deeply about our global community, and many of us have loved ones all over the world, including in Ukraine, Russia, and other impacted regions. I grew up in East Germany during the Cold War, and I remember the happiness and optimism in the early 1990s that the world would come closer together. What we are witnessing now is something I never wanted to see again. It is devastating for the innocent people in Ukraine, and it is leading to feelings of helplessness and anger for those of us near and far away.

As the home of open source and the home for all developers, we take our role seriously in protecting open collaboration and the free flow of information in our interconnected community. This includes keeping the platform open and available to all developers, no matter where they reside. I want to share the latest updates on how we are responding as a company, as a platform, and as a global community of Hubbers.

Maintaining the integrity of our platform and company

GitHub is a powerful tool for communications, humanitarian work, and organizing for change, as well as for incredible technological advancement. We truly believe in the power of open source, so we will continue to work hard to keep our platform available and safe for all developers around the world. In parallel with our efforts to make sure GitHub is available to developers in all countries, we are continuing to ensure free open source services are available to all, including developers in Russia.

We are also committed to providing strong security capabilities that can prevent GitHub users and their accounts from compromise, and we urge developers to set up 2FA, ideally with WebAuthn, to protect their accounts.

At the same time, we are taking action to support our platform and comply with the many government mandates you’ve likely read about in the context of this war. Our legal team examines such mandates thoroughly, and we are complying with export controls and trade regulations as they evolve. This includes implementing stringent new export controls that are aimed at severely restricting Russia’s access to technologies and other items it needs to sustain its aggressive military capabilities. Additionally, any government takedown notices we process are publicly posted because we believe that transparency is essential to good governance.

Understandably, our community has had strong reactions to the conflict in Ukraine during this particularly stressful time. We are enforcing our Acceptable Use Policies and Community Guidelines to make GitHub safe for everyone. If you observe behavior that represents a potential violation of our Acceptable Use Policies or Community Guidelines, please report it.

The Community and Product Operations teams are monitoring conversations in our forums and making assessments that abide by our codes of conduct for community forum and public feedback. We will lock discussions that violate these codes of conduct.

Prioritizing Hubber safety and well-being

I want to be very clear: we stand by every Hubber around the world regardless of your nationality or country of origin. Your well-being is of the utmost importance and you have our full support.

Many of you have messaged me, the leadership team, and your managers looking for ways you can directly support those in Ukraine. GitHub always matches up to $15,000 in donations per Hubber annually, and the Social Impact team has shared a list of organizations in support of Ukraine where Hubbers can donate. I have personally donated to United Help Ukraine and the Benevity fund supporting Ukrainian refugees.

GitHub as a company is also donating $100,000 to Razom and matching an additional $200,000 of donations from employees to help support relief efforts in the region. This includes matching donations for any volunteering hours Hubbers spend working for charities and doing humanitarian work across the world.

I want to reiterate that we take our role seriously in protecting open collaboration and the free flow of information in our interconnected, global community. We will continue to closely follow the events and adapt as we learn more. And like many others around the world, we hope for a peaceful resolution for the people of Ukraine and other impacted communities. 💙💛

