JOSS runs on a proprietary development environment

[broukema]

According to [1], "We [JOSS] strongly prefer software that doesn’t rely upon proprietary (paid for) development environments/programming languages", but JOSS runs on a Microsoft website (Github), which is very much a proprietary development environment - run by a corporation well-known (in court!) for its "Embrace, Extend, Extinguish" policies [2]. There are other reasons why Software Conservancy is recommending people to switch [3] to ethical git repository servers like Codeberg [4].

Even though I still have a github account, the 2FA that apparently will force people to either provide Microsoft with their smartphone phone numbers or install a non-free gui (a so-called "app") risks excluding me from github (I have a pinephone running Mobian, which is essentially Debian GNU/Linux, but I don't wish to install binaries via flatpak on it).

I'm thinking of making a submission to JOSS soon, but for ethical consistency (and for practical reasons for people who stick to FOSS), JOSS really should start planning a migration to an ethical git repository instead of MS/GH. As for the tyranny-of-convenience argument (network effect), ForgeFed is making good progress for federating free-software git forges [5].

[1] https://joss.readthedocs.io/en/latest/submitting.html#submissions-using-proprietary-languages-development-environments [2] https://en.wikipedia.org/wiki/Embrace%2c_extend%2c_and_extinguish [3] https://giveupgithub.org [4] https://codeberg.org [5] https://forgefed.org

[labarba]

With all due respect: feel free to start your own journal on a different platform. The software submitted to JOSS can be hosted anywhere the authors like to, as long as it is accessible publicly and has an open issue tracker people can post to. The statement you quoted from the docs refers to running the software—for example, Matlab—and it is stated as a preference not a hard ban. (JOSS has published Matlab-based submissions, often requesting that it can be run on Octave, or simply allowing it to be reviewed if sufficient reviewers can be found that have access to Matlab.)

After a JOSS paper is accepted, it is published via the current GitHub workflow, but notably it is deposited in a persistent archive (I think Portico, which is similar to CLOCKSS). Combined with a DOI, this makes the final article persistent in the scholarly record regardless of what happens to JOSS or GitHub in the future.

I realize some folks have strong opinions regarding corporate-backed services, even if free and available to everyone. But your opinion as a criticism of a purely volunteer-led, grassroots effort to enable credit for software in science, a huge effort by the way, of dozens of well-meaning editors and hundreds of reviewers, leaves me unstirred.

[arfon]

Thanks for the feedback @broukema but as @labarba points out, our policy around proprietary environments applies to the submitted software here.

Would I rather GitHub was open source software too? Yes. Does the fact that it isn't preclude running the reviews for JOSS here? In my opinion (as EiC of JOSS) no.

In my opinion (full disclosure, I am an employee of GitHub), open source has benefited immensely from the existence of GitHub (and now, by extension Microsoft).

Also, while I suspect you might not find this a compelling reason, the purpose of the 2FA requirement for GitHub commiters (pushing code) is about making open source software more secure, not for Microsoft to collect your phone number.

Feedback is always welcome, but on this point we'll have to agree to disagree 🙂

[broukema]

The statement you quoted from the docs refers to running the software—for example, Matlab—and it is stated as a preference not a hard ban.

True, but it would make sense ethically and practically for the journal itself to be run on FOSS and on servers run by organisations whose activities are compatible with the FOSS ecosystem.

This makes the final article persistent in the scholarly record regardless of what happens to JOSS or GitHub in the future.

True, but scholarly ephemera are significant. The whole point of having open-access review is that these reviews remain available. If MS/GH becomes forgefed-compatible, then easy portability of these ephemera will become possible. See [5] above.

I realize some folks have strong opinions regarding corporate-backed services, even if free and available to everyone.

It is false to state that MS/GH is 'available to everyone'. Many people are blocked from access, based on nationality and/or geographical location. In plain English, that's a form of racism: the people excluded are real people. See Roukema [2020] and the references therein.

As for the word 'free', this is not just a question of opinion, and it's not the question of corporations and other dictatorships in general, it's the case of a particular corporation whose track record in terms of serving the community and the FOSS community in particular is extremely negative.

But your opinion as a criticism of a purely volunteer-led, grassroots effort to enable credit for software in science, a huge effort by the way, of dozens of well-meaning editors and hundreds of reviewers, leaves me unstirred.

There are plenty of well-intentioned efforts by many groups of people around the world, in all sorts of domains, that happen to be flawed. I don't see anything in my message that violates WP:AGF - it seems quite clear that there are many well-intentioned people who have built up JOSS.

Whether you are "stirred" or not is not the point. You and others involved in JOSS may choose to ignore the flaw.

• Roukema [2020] - https://zenodo.org/record/3956058 (ArXiv: https://arxiv.org/abs/2008.07380)

[broukema]

In my opinion (full disclosure, I am an employee of GitHub),

Thanks for that disclosure of your conflict of interest. That will help readers of this issue put this discussion into context.

Also, while I suspect you might not find this a compelling reason, the purpose of the 2FA requirement for GitHub commiters (pushing code) is about making open source software more secure, not for Microsoft to collect your phone number.

I'm distinguishing the reason for 2FA from the way that it's implemented. If it were implemented in a way with clear instructions of how to do 2FA with a standard GNU/Linux smartphone (Pinephone, Librem 5, or rooted Android system with PostmarketOS replacing the Android system) using software verified by the community (e.g. Debian), then I might be able to continue using GH for some time while it's still difficult to avoid.

Feedback is always welcome, but on this point we'll have to agree to disagree

If you trust the JOSS community, then you should allow a reasonable delay for people to discuss the issue rather than closing this issue so quickly. A single day is not a reasonable time to allow for rational discussion on an issue like this.

[labarba]

it would make sense ethically and practically for the journal itself to be run on FOSS and on servers run by organisations whose activities are compatible with the FOSS ecosystem.

That's just your opinion, man

point of having open-access review is that these reviews remain available

JOSS reviews are persistently archived together with the paper using Portico.

[arfon]

The issue was closed as 'unplanned' to make clear that we have no plans to make the change you are proposing.

One small point of additional information - the reviews are also archived with Portico (together with the paper PDFs and JATS XML).

I will leave the issue unlocked so others may comment, however I personally do not plan to engage further on this thread.

[broukema]

That's just your opinion, man

The argument is valid or invalid independent of the fact that I stated it.

JOSS reviews are persistently archived together with the paper using Portico.

Thanks for the info.