Announcement

Collapse
No announcement yet.

GitLab Is A Vast Improvement To FreeDesktop.org's Infrastructure

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • GitLab Is A Vast Improvement To FreeDesktop.org's Infrastructure

    Phoronix: GitLab Is A Vast Improvement To FreeDesktop.org's Infrastructure

    Taking place the past few months has been migrating the FreeDesktop.org infrastructure to GitLab and the developers/administrators involved are quite happy with this big improvement to better their code hosting, issue tracking, etc...

    http://www.phoronix.com/scan.php?pag...esktop-Success

  • #2
    I wish they didn't rely on Google...

    (or at least hopefully they keep their anongit server avilable forever)

    Comment


    • #3
      Originally posted by tildearrow View Post
      I wish they didn't rely on Google...
      Why is that a problem? (Curious, not assuming any reasons and not trying to judge them)

      Comment


      • #4
        So when will we be able to file Mesa bugs through their Gitlab?

        I see just no issues there now: https://gitlab.freedesktop.org/mesa/mesa

        So it looks like the issue tracker wasn't migrated yet.

        Wayland at least is migrated already: https://gitlab.freedesktop.org/wayland/wayland/issues
        Last edited by shmerl; 07-29-2018, 03:05 PM.

        Comment


        • #5
          Originally posted by Tomin View Post

          Why is that a problem? (Curious, not assuming any reasons and not trying to judge them)
          The problems with Google mostly related to data privacy and the fact that Google is PRISM-complient. Also to the use of any cross-site widgets or adservers that have the effect of serving as cross-site trackers. Hosting code for git access is an interesting case, so long as only PUBLIC code where there is no need for any form of privacy concerning what is intentionally sent to the server is involved. Access by browsers could pose future privacy issues if Google decides to put Google ads on the site, but command line access using git simply does not support the use of 3ed party widgets and ads.

          Similarily, PRISM won't tell the NSA anything they could not get by simply running git clone on every repo by a script except possibly IP addresses of those pushing code. Where that is a concern, running git (and even web browser access) via Tor will block any such IP address tracking.

          Non-Tor IP address tracking could indeed pose a serious issue for those running encryption-related projects from inside the US in the future. If the FBI exploits a future terrorist attack to get their long-sought US ban on secure encryption, these projects will become illegal for US based programmers to work on. If that happens, known contributers may find themeselves under a microscope and future work would have to be done while considered an individually targetted high value opponent. At that point, such projects would have to migrate away from Gitlab, assuming the FBI and the Trump administration don't decide to force US based hosts to take them down rather than leave them up as honeypots to catch the authors of illegal strong encryption.

          Let's not forget: PGP was first posted online to defeat US government export controls on cryptography, so this sort of thing could easily happen. Both government-ordered takedown and silent PRISM honeypot scenarios are possible for encryption projects. All of this has no bearing on things like desktop environments, window managers, etc except to the extent that file managers in order to support encryption would probably need to hook into external projects offering both US legal weak versions and global/underground versions that almost everyone actually uses. This would duplicate the mid 2000's relationship between sound and video editors and external codec handling libraries like LAME and FFMPEG, except that import controls, export controls, and governmental bans on strong encryption replace software patents as the issue.

          Comment


          • #6
            Originally posted by Tomin View Post

            Why is that a problem? (Curious, not assuming any reasons and not trying to judge them)
            The main reason is privacy.

            Google is a huge monster who is consuming our souls, and I hate it.

            Comment


            • #7
              Originally posted by Luke View Post

              The problems with Google mostly related to data privacy and the fact that Google is PRISM-complient. Also to the use of any cross-site widgets or adservers that have the effect of serving as cross-site trackers. Hosting code for git access is an interesting case, so long as only PUBLIC code where there is no need for any form of privacy concerning what is intentionally sent to the server is involved. Access by browsers could pose future privacy issues if Google decides to put Google ads on the site, but command line access using git simply does not support the use of 3ed party widgets and ads.

              Similarily, PRISM won't tell the NSA anything they could not get by simply running git clone on every repo by a script except possibly IP addresses of those pushing code. Where that is a concern, running git (and even web browser access) via Tor will block any such IP address tracking.

              Non-Tor IP address tracking could indeed pose a serious issue for those running encryption-related projects from inside the US in the future. If the FBI exploits a future terrorist attack to get their long-sought US ban on secure encryption, these projects will become illegal for US based programmers to work on. If that happens, known contributers may find themeselves under a microscope and future work would have to be done while considered an individually targetted high value opponent. At that point, such projects would have to migrate away from Gitlab, assuming the FBI and the Trump administration don't decide to force US based hosts to take them down rather than leave them up as honeypots to catch the authors of illegal strong encryption.

              Let's not forget: PGP was first posted online to defeat US government export controls on cryptography, so this sort of thing could easily happen. Both government-ordered takedown and silent PRISM honeypot scenarios are possible for encryption projects. All of this has no bearing on things like desktop environments, window managers, etc except to the extent that file managers in order to support encryption would probably need to hook into external projects offering both US legal weak versions and global/underground versions that almost everyone actually uses. This would duplicate the mid 2000's relationship between sound and video editors and external codec handling libraries like LAME and FFMPEG, except that import controls, export controls, and governmental bans on strong encryption replace software patents as the issue.
              This is why, nothing open-source should *ever* be hosted in the US. Because now, it is under the microscope of the US government, who is not trustworthy.

              Comment


              • #8
                Originally posted by mzs.112000 View Post

                This is why, nothing open-source should *ever* be hosted in the US. Because now, it is under the microscope of the US government, who is not trustworthy.
                Uhh, open-source code by definition is "under the microscope" of everyone. That's the whole point of opensource. What exactly do you think they're going to spot in the freely viewable code that they wouldn't if it was hosted elsewhere?

                Comment


                • #9
                  Originally posted by Luke View Post
                  At that point, such projects would have to migrate away from Gitlab, assuming the FBI and the Trump administration don't decide to force US based hosts to take them down rather than leave them up as honeypots to catch the authors of illegal strong encryption.
                  Do note that Gitlab is first a webapplication and second a code hosting service.

                  In most cases this is just a matter of migrating the VM somewhere else. In this specific case they are using a VM running a Gitlab instance.

                  Comment


                  • #10
                    Originally posted by smitty3268 View Post
                    Uhh, open-source code by definition is "under the microscope" of everyone. That's the whole point of opensource. What exactly do you think they're going to spot in the freely viewable code that they wouldn't if it was hosted elsewhere?
                    I'm going to guess that he used the wrong wording, I think he meant more like "under control", as anything hosted in 'Murrica is subject to the "oppressive bs of the week" they come up with to oppress their citizens evry so often, and is imho a bad choice for everything at the current moment.

                    Really, just look at how they removed Net Neutrality (all the things that happened up and to the point of the event, as it was a fun ride), or the retarded FCC ruling on radio device safety that basically says firmware of wireless network devices should be locked down so the users can't hack them to wreak havoc on radio frequencies, which is a 100% genuine issue right now, like they have terrorists hacking routers to ECM aircraft all over the place, not some of their usual bs lobbying from someone that has a vested interest in shutting some projects down.

                    Comment

                    Working...
                    X