Developers in several countries are finding their use of GitHub’s repository service restricted following US trade sanctions.
GitHub has implemented new restrictions on developers in North Korea, Crimea, Iran, Syria, and Cuba. Public and open-source repos are unaffected, but private and paid accounts will face new limitations.
Nat Friedman, CEO of GitHub, tweeted an explanation for the restrictions: "We have gone to great lengths to do no more than what is required by the law, but of course people are still affected. GitHub is subject to U.S. trade law, just like any company that does business in the U.S."
The restrictions – which Friedman affirms are based on place of residence and location, not on nationality or heritage – are reportedly unable to be flouted through use of a VPN.
In a statement, GitHub-owner Microsoft wrote:
“GitHub is subject to U.S. trade control laws, and is committed to full compliance with applicable law. At the same time, GitHub's vision is to be the global platform for developer collaboration, no matter where developers reside.
As a result, we take seriously our responsibility to examine government mandates thoroughly to be certain that users and customers are not impacted beyond what is required by law.
This includes keeping public repositories services, including those for open source projects, available and accessible to support personal communications involving developers in sanctioned regions."
Iranian developer Hamed posted on Medium about his experience with the headline ‘GitHub blocked my account and they think I’m developing nuclear weapons’.
Originally, all Iranian accounts had been blocked; even free accounts and public repos. Many developers were locked out from their accounts without the ability to download a backup of their data.
In a response to a developer who requested a copy of their disabled repo, GitHub wrote: “Unfortunately we are not legally able to send an export of the disabled repository content. I’m sorry for the frustration here, but GitHub must comply with U.S. export control laws and sanction requirements.”
Developers can now download a backup of their repo, but only if they make it public first. Needless to say, affected developers aren’t too happy about it.
GitHub has found itself in a rather difficult situation. On the one hand, it has to legally comply with sanctions. On the other, developers in sanctioned countries are understandably frustrated; especially with GitHub’s initial complete blocking of accounts.
When some developers are wary of GitHub following Microsoft’s takeover anyway, it’s a bad time for such an unwinnable situation.
Interested in hearing industry leaders discuss subjects like this? Attend the co-located IoT Tech Expo, Blockchain Expo, AI & Big Data Expo, and Cyber Security & Cloud Expo World Series with upcoming events in Silicon Valley, London, and Amsterdam.