Veganism Social

13 posts13 participants0 posts today

Arty-chan (Cynthia) @artychan@mastodon.social

Cool. 20th anniversary of #git and #GitLab celebrated with an interview with Linus Torvalds: https://about.gitlab.com/blog/2025/04/07/celebrating-gits-20th-anniversary-with-creator-linus-torvalds/

about.gitlab.comCelebrating Git's 20th anniversary with creator Linus TorvaldsDiscover the origins of the open-source version control system, why he handed over the reins a few months in, and what he thinks about adding new programming languages to Git.

14h

InfoQ @infoq@techhub.social

GitLab Duo with Amazon Q is here!

This integration of Amazon Q Developer with GitLab brings generative AI capabilities directly into GitLab, helping developers with feature development, code upgrades, reviews, and unit testing.

Learn more: https://bit.ly/4jql9Qb

#InfoQ #GitLab #AmazonQ

David Pape @zyzzyxdonta@social.tchncs.de

OK everyone, I did it. I started a blog. It has a welcome post and a small tip on sorting your emails from Git forges. More to come soon. Feel free to check it out!

https://www.zyzzyxdonta.net/

David PapeHomewww.zyzzyxdonta.net -- Home of David Pape's website

#Indieweb #Blogging #GitHub

The New Oil @thenewoil@mastodon.thenewoil.org

#Europcar #GitLab breach exposes data of up to 200,000 customers

https://www.bleepingcomputer.com/news/security/europcar-gitlab-breach-exposes-data-of-up-to-200-000-customers/

#DataBreach #cybersecurity #privacy

musicmatze @musicmatze@social.linux.pizza

Sure #gitlab,... sure...

#shitlab

Heptapod @heptapod@fosstodon.org

#heptapod 17.9.0 released, featuring #gitlab 17.9 and Mercurial 7.0 Changelog: https://foss.heptapod.net/heptapod/heptapod/-/blob/heptapod-17.9.0/HEPTAPOD_CHANGELOG.md Download instructions: https://heptapod.net/pages/get-heptapod.html#get-heptapod #git

GitLabHEPTAPOD_CHANGELOG.md · heptapod-17.9.0 · heptapod / heptapod · GitLabGitLab CE Rails application, converted to a Mercurial repository and modified for Mercurial support in a Mercurial branch called "Heptapod".

GerritForge @gerritforge@mastodon.social

We work together every day, so how about we get to know each other a little better? Come on in, welcome to GerritForge.

Discover more www.gerritforge.com.

#Git #DevOps #GitLab #GitHub
"

GIF

Sébastien Maret @sebastienmaret@scholar.social

Many universities and research institutes have their own #Gitlab or #Gitea instances, which is a good thing. But are there any plans for these instances to be federated ? It's a bit cumbersome to open a new account on a new instance every time I want to collaborate on a project. #openscience

Ryan Schultz @theoryshaw@mastodon.social

Why does #gitlab make you authenticate. each. and. every. time?

N-gated Hacker News @ngate@mastodon.social

So, you were wondering what to do with your life and stumbled upon GitLab's Encyclopedia Britannica of #OKRs . Spoiler alert: the only tip is how to drown in a sea of acronyms . Prepare yourself for a time-traveling odyssey of corporate jargon from 2017 to FY24, because who doesn't need more OKRs in their life?
https://handbook.gitlab.com/handbook/marketing/developer-relations/developer-advocacy/social-media/ #GitLab #CorporateJargon #TimeTravel #LifeAdvice #HackerNews #ngated

The GitLab HandbookDeveloper Advocacy on Social MediaIntroduction Developer Advocacy builds out their thought leadership through social media and community engagement. The tips and strategies shared here can be used by team members and the wider community to help build their own profile as an evangelist and advocate for GitLab. Topics: Education and Learning: Tips from own experience. Workshops, slides, blog posts, videos, etc. Events live posts. Amplify talks with screenshots, pictures and messages. Release Evangelism: Share feature insights with personal views. Community and customer best practices and GitLab insights. Contributions to GitLab, encouraging customers to co-create with GitLab. UTM Tracking Developer Advocates at GitLab are encouraged to add UTMs for URL tagging and tracking to provide analytics and insights on how well content shares are performing. This method helps to verify KPI metrics.

Hacker News @h4ckernews@mastodon.social

Gitlab Bluesky Tips

https://handbook.gitlab.com/handbook/marketing/developer-relations/developer-advocacy/social-media/

#HackerNews #Gitlab #Bluesky

Curated Hacker News @CuratedHackerNews@mastodon.social

Gitlab Bluesky Tips

https://handbook.gitlab.com/handbook/marketing/developer-relations/developer-advocacy/social-media/

#bluesky #gitlab

Christian Mayer @TheFox21@mastodon.social

@alexanderdyas That's true, but only for (more or less) 'advanced' users.

When you create an empty #GitHub or #GitLab repo, they literally tell you use 'git add .' in their 'Configure the Git repository' tutorial. There is no section how to setup a .gitignore file. Because .gitignore is very project/tech-stack specific.

Why is this even a problem, because the files stay in Git forever. Unless you invest a lot of time. And time = money.

Baa @Baa@mk.absturztau.be

The way Gitlab, Forgejo, Gitea etc. use the server-side SSH server to accept pushed data over SSH relies on a system user called git having SSH access. (or forgejo in their case).

Access is granted by the standard authorized_keys inside ~/.ssh, which for forgejo means /var/lib/forgejo/.ssh/authorized_keys. When a user adds an SSH key to their account, it's added to this authorized_keys file.

I really hate this, this means that any user of Forgejo is only inches away from having full shell access. The default shell of the forgejo user is /bin/bash, it exists inside of /etc/passwd:

forgejo:x:122:130:Forgejo (Beyond coding. We forge.):/var/lib/forgejo:/bin/bash

I really really hate this. The only thing preventing random users of Forgejo having shell access is the default command of the SSH session as stipulated by the authorized_keys entry, this is what it looks like:

command="/usr/bin/forgejo --config=/etc/forgejo/app.ini serv key-1",no-port-forwarding,no-X11-forwarding,no-agent-forwarding,no-pty,no-user-rc,restrict ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOgnZeNC4fMCXYuWxir7NlKts9Zj4sYZZJzzHh4IyTm2 Baa-New

This is technically secure, there is no publicly known way of bypassing this and gaining shell access by adding your own SSH key to forge and SSHing into the server as the forgejo user. It will immediately disconnect you, and if you try submitting any specific command you'll receive Disallowed command.

But still, I really really really hate this. We're just one tiny misconfiguration, one minuscule exploit away from granting all forgejo users shell access into the server

Imagine for example, you were hosting a Minecraft server on Windows. And to grant a user access to it, you had to create them a Windows User inside control userpasswords2 and then explicitly disallow them RDP access. That RDP config is the only thing preventing them for remoting straight into your server. This si what it feels like, I can't help but wish SSH was entirely separate from everything else going on here.

Which is exactly what Forgejo's own built-in SSH server does, I'll enable that and move it to a different port, because I'm too scared otherwise, and my server's not even public, and I haven't even started with Runners yet, those scare me even more

Feel free to correct me if I'm wrong, or add your own insights I'd like to know more about this mentality #ssh #git #forgejo #linux #security #gitlab

Mar 31

Sebastian Stenzel @overheadhunter@mastodon.social

Can somebody explain why people create #spam #pullrequest|s? Who benefits from this? How does this scheme work?

#antispam #github #gitlab

Mar 31

~/phranck @phranck@nerdculture.de

Ich weiss, es gibt viele #GitHub und #GitLab Alternativen. Einige kenne ich auch schon. Aber, welche in Deutschland(!) oder auch AT gehosteten Git Alternativen wuerdet ihr empfehlen? Muss nicht unbedingt kostenlos sein, sollte halt nur da gehostet werden.

Gerne boosten/teilen.

Replied to Science ouverte UnivRennes

Mar 31

Science ouverte UnivRennes @SO_UnivRennes@mastodon.social

For the offsite copy, we recommend using a remote service that is compatible with versioning tools such as Git, to ensure seamless integration with versioning tools. Once again, be aware of the risks associated with Microsoft GitHub's terms of service. Your institution may provide a #gitlab instance, also known as a gitlab forge, for storing your files. This option is highly recommended. Remember to download a copy of your files before leaving your institution for a new job.
10/11

Mar 31 *

Areskul @jean_dupont@mastodon.social

*Decentralized source code hosting: we can do better.*

- #Github succeeded in providing us a space to swarm.

- #Gitlab #Forgejo and others gave us sovereignty back over our code hosting.

- @radicle now brings communication back between those independent hosts.

(Works like the #fediverse )

This #git forge is a big step on the path to freeing uncensored project collaboration.

A much needed tool to bulletproof #foss

https://radicle.xyz/

radicle.xyzRadicleSovereign code infrastructure.

Mar 28

emaksovalec @emaksovalec@fosstodon.org

Using non-guix #guix channel on #ipv6 host is unreliable for me. I often have to disable ipv6 in order to reach #gitlab server while I never had any issues with #gnu savanah's hosted default channel.

Mar 28

Python for Data Science @Python4DataScience@mastodon.social

We have expanded our section on GitLab CI/CD pipelines with examples of
• GitLab Pages
• npm deployments with rsync
• building Docker containers
• multi-arch images with Buildah
• migrating GitHub Actions
https://www.python4data.science/en/latest/productive/git/advanced/gitlab/ci-cd/index.html
#GitLab #CICD #DevOps #DX

Python for Data ScienceGitLab CI/CDGitLab CI/CD can automatically build, test, deploy and monitor your applications during iterative code changes. This reduces the risk that you will develop new code based on buggy previous versions...

Recent searches

Search options

Administered by:

Server stats:

#gitlab