gitlab
gitlab-foss
Our great sponsors
gitlab | gitlab-foss | |
---|---|---|
448 | 47 | |
- | - | |
- | - | |
- | - | |
- | - | |
- | - |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
gitlab
-
Gitlab Duo
Since the relevant code appears to be in the "ee" directory <https://gitlab.com/gitlab-org/gitlab/-/blob/v16.11.0-ee/ee/l...> and is not present in the foss repo, I'm guessing the answer is no, at least for now. They do have a history of "releasing" features from EE back to CE but my suspicion is not for LLM stuff
- Code Search Is Hard
- XZ Backdoor Investigation Request to Gitlab Team
-
Client side Git hooks 101
(Side note: Issues are usually hash-prefixed like #1234 both on GitLab and GitHub. However, commit messages must not begin with a hash, they would be considered a comment and ignored. Therefore, GitHub has introduced the alternative prefix GH- and I've contributed a similar prefix GL- to GitLab a while ago.)
- Assign Issue to an AI Developer
-
BuildKit in depth: Docker's build engine explained
and its "oh, you want multi-arch, do you?" friend. While prosecuting this <https://gitlab.com/gitlab-org/gitlab/-/issues/339567> I learned that https://hub.docker.com/layers/multiarch/qemu-user-static/7.2... actually mutates the binfmt_misc in buildx's context in order to exec the static copy of qemu in it https://github.com/multiarch/qemu-user-static/blob/v7.2.0-1/...
and, that the buildx plugin itself has some qemu magick in it, which got addressed in a minor version bump but I couldn't track down the relevant GitHub issue this second (I've flushed it from my mind, only recalling that there were a lot of actors in that tire fire)
-
Gitlab password reset bug leaves more than 5.3K servers up for grabs
This is actually a follow-up refactor, the fix is here: https://gitlab.com/gitlab-org/gitlab/-/commit/abe79e4ec43798...
- ExifTool CVE-2021-22204 – Arbitrary Code Execution
- Critical Gitlab vulnerability exposes 2FA-less users to account takeovers
- Upcoming critical Gitlab security issue
gitlab-foss
-
GitHub Actions Are a Problem
* Gitlab EE (enterprise edition) is closed, but Gitlab CE (community edition) is open source (https://gitlab.com/gitlab-org/gitlab-foss/)
* I didn't follow the Gitea drama too closely, but my understanding is that Forgejo was a fork born out of that situation
* I've heard the SourceHut guy is a controversial figure, so avoiding it because of that isn't unreasonable. I will just say that "spite forks" tend not to last very long
-
Server-Side Request Forgery in Rails
Gitlab uses an UrlBlocker class to prevent malicious users from exploiting SSRF via the webhook URL. This class validates the URL and blocks everything which is a local network, but before the 11.5.1 version, they didn't think about an IPv6 format, which maps to IPv4: [0:0:0:0:0:ffff:127.0.0.1]. Replacing the part of 127.0.0.1 to any IP address also worked, and this vulnerability made it possible to send requests to the internal network of a GitLab instance. You can read the issue report here: (https://gitlab.com/gitlab-org/gitlab-foss/-/issues/53242 )[https://gitlab.com/gitlab-org/gitlab-foss/-/issues/53242]
-
Automating deployment to kubernetes
I recommend Auto DevOps and hooking your project up to the Kubernetes cluster. Auto DevOps is a standard CI/CD template that GitLab uses by default when .gitlab-ci.yml is not present. It can automatically package up certain types of applications, including those with a Dockerfile in the root of the repo. If the project is hooked up to a Kubernetes cluster and all the right variables are present, it builds that docker image and then fills in a Helm chart template containing that image and deploys it to the cluster.
-
Beautifying our UI: Giving Gitlab build features a fresh look
Thanks. This was also requested for the UI 7 years ago
https://gitlab.com/gitlab-org/gitlab-foss/-/issues/12776
and then closed with the claim that this was implemented, when in fact, it was not.
-
How we cut down our CI build times by 50%
Similar to fsync, these are designed to ensure data integrity, but in a test setup, they don't matter. You can read more about these in the Postgres doc on non-durability. and explore some benchmarks from Gitlab here. Interestingly, CircleCI's old Postgres images had these features disabled by default, but the newer ones don't seem to.
-
Is Jenkins still the king?
Most all of those things are possible with Argo Workflows or Tekton with very great effort. But a sustainable system with all the features built-in.
- So weird, stage named test is not displayed in pipeline
-
Gitlab for FOSS reporting
If you wish to clone a copy of GitLab without proprietary code, you can use the read-only mirror of GitLab located at https://gitlab.com/gitlab-org/gitlab-foss/. However, please do not submit any issues and/or merge requests to that project.
-
Gitlab runners unable to clone over http(s) when git access set to SSH only.
GitLab versions 10.7 and later, allow the HTTP(S) protocol for Git clone or fetch requests done by GitLab Runner from CI/CD jobs, even if you select Only SSH.
-
No words v2💀
it sure does
What are some alternatives?
Gitea - Git with a cup of tea! Painless self-hosted all-in-one software development service, including Git hosting, code review, team collaboration, package registry and CI/CD
emacs - Mirror of GNU Emacs
Harbor - An open source trusted cloud native registry project that stores, signs, and scans content.
CryptPad - Collaborative office suite, end-to-end encrypted and open-source.
onedev - Git Server with CI/CD, Kanban, and Packages. Seamless integration. Unparalleled experience.
taiga-docker - [Moved to: https://github.com/taigaio/taiga-docker]
rich-markdown-editor - The open source React and Prosemirror based markdown editor that powers Outline. Want to try it out? Create an account:
cmark-gfm - GitHub's fork of cmark, a CommonMark parsing and rendering library and program in C
chatwoot - Open-source live-chat, email support, omni-channel desk. An alternative to Intercom, Zendesk, Salesforce Service Cloud etc. 🔥💬
markup - Determines which markup library to use to render a content file (e.g. README) on GitHub
Gitbucket - A Git platform powered by Scala with easy installation, high extensibility & GitHub API compatibility
taiga-docker - Deployment utilities for Taiga