sweng @ sweng @programming.dev

Posts

1

Comments

206

Joined

2 yr. ago

You would be vulnerable on Windows, if you were running CUPS, which you probably are not. But CUPS is not tied to Linux, and is used commonly on e.g. BSDs, and Apple has their own fork for MacOS (have not heard anything about it being vulnerable though).

Wait, which list of filtered IPs are you even talking about? The list in the article is a list of unique kernel versions, not IPs.

I'm not sure why you say it's "artificially" inflated. Non-linux systems are also affected.

this will affect almost nobody

Is that really true? From https://www.evilsocket.net/2024/09/26/Attacking-UNIX-systems-via-CUPS-Part-I/

Full disclosure, I’ve been scanning the entire public internet IPv4 ranges several times a day for weeks, sending the UDP packet and logging whatever connected back. And I’ve got back connections from hundreds of thousands of devices, with peaks of 200-300K concurrent devices.

The point is, it's not at all clear, because Github has it's own definition of what "fork" means. I'm honestly not sure why it's so hard to grasp.

Tying "fork" to "repositories" is nonsense, because software forks have existed longer thsn e.g. git.

How do you define "repository", such that it makes sense? Is it only Git repositories? Any version control system? How about a .zip-file placed on an FTP server?

Can you fix dictionary.com as well?

Computers. to copy the source code from (a piece of software) and develop a new version independently, resulting in two unique pieces of software

https://www.dictionary.com/browse/fork

Thst's not at all how it works. The definitions made in the TOS do not "leak" out of said TOS (unless the TOS specifies that, which it does not).

So you also agree that copying is not forking as it is commonly understood?

Do you then claim that the license refers ro "fork" as defined in a specific service's TOS (without referencing said servixe at all)?

Otherwise I don't see how you can come to the conclusion that "forking" in the license does not also necessify modification (which is what the common meaning is).

An article exactly about how Github misuses the word "fork": https://drewdevault.com/2019/05/24/What-is-a-fork.html

Why on earth would the license use Github's very niche definition? "Forking" as a software concept has been around for decades longer than Github or it's "fork" button has existed.

Also, how about reading the full psragraph?

You may not create, maintain, or distribute a forked version of the software.

(emphasis mine). It only does what you think it does if forking = copying. Which it doesn't.

Question to you: Github provides a button labeled "Download ZIP" for downloading a .zip-file containing the source. If I press that button, am I in your opinion creating a fork?

How about you continue reading a bit further, until you hit the word "and".

take a copy of source code from one software package and start independent development

(emphasis mine).

Github defines "forking" as just copying, while normally it is understood as copying + further development (creating a "fork" in the development history, hence the name).

?

I edited my reply to include the definition from Wikipedia, but there are of course many other sources.

I got it from the TOS:

By setting your repositories to be viewed publicly, you agree to allow others to view and "fork" your repositories (this means that others may make their own copies of Content from your repositories in repositories they control).

They explicitly define it as making copies. There is no mention of being allowed to modify said copy. Also note the quotes around "fork", since it differs from the usual definition.

E.g. wikpedia (https://en.m.wikipedia.org/wiki/Fork_(software_development) defines it thusly:

In software engineering, a project fork happens when developers take a copy of source code from one software package and start independent development on it, creating a distinct and separate piece of software.

(Emphasis mine)

The TOS actually does not say you are granting users permissions to fork in the usually understood sense. The TOS gives you permission to copy, which Github calls "forking" even though it isn't.

Just because you can do something, does not mean you are allowed to.

Yes, but that has nothing to do with Github TOS. It does not require you to accept or even allow pull requests.

I feel most people are fundamentally misunderstanding what forking means.

Generally, forking means making a copy and modifying it.

Github, however, seems to define "fork" as just making a copy.

So, in fact there is no "TOS violation". The license forbids making a copy and modifying it, while github requires that you allow making copies. There is no conflict between the two.

Even if it were, just having a license that contradicts the github TOS is not a TOS violation (unless that is separately mentioned somewhere).

You can self-host it, making it as private as you want.