this post was submitted on 11 Jul 2024
89 points (95.9% liked)

Opensource

1406 readers
5 users here now

A community for discussion about open source software! Ask questions, share knowledge, share news, or post interesting stuff related to it!

CreditsIcon base by Lorc under CC BY 3.0 with modifications to add a gradient



founded 1 year ago
MODERATORS
 

The external developer who started the work and was highly praised by Gitlab offered to work for them if they made a team around federation --> nothing.

A group of French universities are now considering making a group in order to work on it themselves and contribute back to Gitlab.

Gitlab will most likely use it as a big selling point once all the work has been done by externals with little to no cost to Gitlab.

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 10 points 4 months ago (1 children)

I would not do any work for Gitlab nor run any software on Gitlab due to how poor they are doing at software security. https://arstechnica.com/security/2024/05/0-click-gitlab-hijacking-flaw-under-active-exploit-with-thousands-still-unpatched/

Also while trying to look that up there's a another one that is making the news from just the last couple of days? https://www.bleepingcomputer.com/news/security/gitlab-warns-of-critical-bug-that-lets-attackers-run-pipelines-as-an-arbitrary-user/

Good luck to anyone attempting to federate on top of a foundation like that.

[–] [email protected] 5 points 4 months ago

I interviewed for them once, got rejected because I didn’t know some tiny corner of ruby on rails syntax despite working on it for 3 years. Huge bullet dodged..