Very interesting... Obviously imperfect, but couldn't they just find a way to identify if a miner is running on the pipeline? Antivirus heuristics come to mind, but I'm not an expert at all in these topics.
On our SaaS app, we had to introduce a Captcha when adding users to an account. Spammers would write scripts to continually add, send welcome emails, and then delete users (getting around the 5 free user limit). They would place their spam in the account name, and the users first and last name.
Before we caught it, they were sending thousands of emails a minute via our paid-for upstream transactional email provider.
> Include public projects in pipeline minutes quota for free users.
Does that mean they just changed open-source projects from unlimited build minutes to 400 minutes a month? E.g. a single build a day if your build is 13 min (summing up every job's duration)?
> Jackie Porter: Remram - The 400 minutes per month will be a enhancement, coming in a future milestone for public projects. So, it is not effective immediately. We are researching the amount of minutes across open source contributions to make sure that we do not impact open source contributions in any way!
> Remram: 400 is low for active projects with multiple jobs so this sounds really scary! I am glad this is not set in stone.
> John Coghlan: Open source projects can also apply for the GitLab for Open Source program. Qualifying projects and organizations get 50,000 CI pipeline minutes and free licenses for GitLab's top tiers.
10 comments
[ 2.7 ms ] story [ 27.9 ms ] threadOn our SaaS app, we had to introduce a Captcha when adding users to an account. Spammers would write scripts to continually add, send welcome emails, and then delete users (getting around the 5 free user limit). They would place their spam in the account name, and the users first and last name.
Before we caught it, they were sending thousands of emails a minute via our paid-for upstream transactional email provider.
If it’s free, it’ll get abused eventually.
Does that mean they just changed open-source projects from unlimited build minutes to 400 minutes a month? E.g. a single build a day if your build is 13 min (summing up every job's duration)?
> Jackie Porter: Remram - The 400 minutes per month will be a enhancement, coming in a future milestone for public projects. So, it is not effective immediately. We are researching the amount of minutes across open source contributions to make sure that we do not impact open source contributions in any way!
> Remram: 400 is low for active projects with multiple jobs so this sounds really scary! I am glad this is not set in stone.
> John Coghlan: Open source projects can also apply for the GitLab for Open Source program. Qualifying projects and organizations get 50,000 CI pipeline minutes and free licenses for GitLab's top tiers.