8 comments

[ 1.8 ms ] story [ 37.2 ms ] thread
That only occurs due to abusive IP detection

Thank you crypto.

This was my first thought as well.

As far as the OP's statement:

> (Note github does not require any personal information at all and still prevents abuse)

GitHub has also been fighting with crypto-leeches. The difference is that they're loaded with cash and can afford to "eat" more of it than GitLab.

Awaiting crypto apologists blaming Gitlab that they’re the one who should do a better job without any registration.
That says less about crypto and more about default permissions for new accounts. E.g. if your CI let you open connections to tcp/25, got abused by spammers, and then added extra registration steps, would you blame existence of email?
I have a general problem with uploading any proprietary confidential source code to a third party, whether it be github, gitlab, etc... thanks but i will continue to run my own private git server over ssh.
I had public registration enabled my own GitLab instance. No real issues for years, until one day I woke up and noticed everything hosted on that server went down simultaneously. Logged into the server, couldn't even do the simplest operations (like `apt update`).

Long story short, someone decided this was the perfect place to upload well over a terabyte of what looked like random Android ROMs, filling the partition to the brim. I had GitLab configured to make an automatic backup of itself on a root partition (from where it gets moved "off-site"), so my root partition got filled as well, bringing everything else down in the process. Needless to say, I no longer have public registration enabled.

Anyways, I can imagine the horrors that GitLab(.com) has to go through to keep the service public.

Understandable concern, but this kind of fervor over this kind of problem feels a lot like the zealots who tear apart Firefox and it seems to be why open source community leadership suffers constantly. Is this good? Definitely not. But "stop using gitlab" and fleeing like rats into Microsoft's honey pot is like shooting off your face to spite your body.

I know, very clearly, that many HNetizens won't be using Github either. But piling on the hate train for these companies that at least try to support open source in earnest is doing strange things.

>companies that at least try to support open source in earnest

Would caution against ascribing any kind of noble intent to for-profit entities