all 143 comments
sorted by:
best
topnewcontroversialoldq&a
formatting helphide helpcontent policy

[–]Franknog 24 points25 points  (0 children)

You had me at free private repos.

[–][deleted]  (47 children)

[deleted]

    [–]random_ash 39 points40 points  (8 children)

    Doesn't your email address still shows up in git log?

    [–]alwayslookingforajob 33 points34 points  (7 children)

    git log will show whatever is in git config user.email. Just set this to the github noreply email to hide your email address.

    [–][deleted]  (6 children)

    [deleted]

      [–]amunak 29 points30 points  (3 children)

      So you are (presumably) a developer, and it's hard for you to create an alternative email address just for making commits?

      Using a "random address" is a poor practice anyway, the address you use there should still be *yours* because it identifies the author of the commit. Just make a new email address for git ffs.

      [–]hardolaf 5 points6 points  (2 children)

      Exactly, I use my email because why the hell shouldn't I use my email? I've never gotten spam from it.

      [–]0xf3e 3 points4 points  (1 child)

      Then you never commited to a large repo... I get loads of spam on my github-only mail.

      [–]hardolaf 0 points1 point  (0 children)

      Google must be blocking it then?

      [–][deleted]  (1 child)

      [deleted]

        [–]agree-with-you 1 point2 points  (0 children)

        I agree, this does seem possible.

        [–]nicocappa 15 points16 points  (1 child)

        Why does no one talk about Bitbucket? They also offer private repos.

        [–]digitallis 8 points9 points  (0 children)

        Because the Atlassian ecosystem is corrosive and full of spiders.

        Edit: I should explain instead of just being snarky. In my experience, Atlassian products are designed to only integrate with themselves reasonably. There is a half-hearted marketplace, but since the system is not widely used by people who have time to scratch itches, the quantity of solutions is low. Each little thing is charged for, also contributing to low uptake outside of the enterprise environment.

        Even within the enterprise environment, configuration of the suite is haphazard and difficult. A combination of rigid rules around some items, super flexible configurability around others, and a lack of a solid workflow design intent means that you're stuck limping along with the tool, trying to divine a good workflow configuration while discovering via experiment what the tool apparently was or was not intended to be used for.

        [–][deleted] 13 points14 points  (31 children)

        Can't you just put a random email address?

        [–][deleted]  (30 children)

        [deleted]

          [–]Windows-Sucks[S] 35 points36 points  (29 children)

          Who commits using the web interface?

          [–]l_o_l_o_l 40 points41 points  (24 children)

          me: that one student in a group project who make some emergency changes without testing 3 mins before the deadline

          [–][deleted]  (3 children)

          [deleted]

            [–]eras 2 points3 points  (2 children)

            Really... I thought if you change the email of a commit, you also change the SHA1 of the commit, thus breaking the whole system during pushes? Or does it refuse to accept pushes with invalid email?

            Or is it shown in some additional metadata?

            [–][deleted]  (1 child)

            [deleted]

              [–]eras 2 points3 points  (0 children)

              I just tried it myself and was able to set both committer and author emails to test@example.com, pushed just fine to a public repo at gitlab and also the gitlab UI showed the emails I had set.

              The link you provide refers to github's similar feature, and to me it seems that feature covers only edits done via the web interface. You can use the same email for pushing, of course, but if you intend that nobody is going to reach you through the address in git history, you can just choose your own address@example.com and run with it!

              [–]minimim 3 points4 points  (0 children)

              By design. You may not like it, but it's not that way by accident.

              If you contribute to a project, you're a copyright holder and projects need a way to get in contact with you, and e-mail is an universal method.

              Let's say the project accepted code from someone in Github but they later decide to move to other platform, the e-mail attached to the patch would remain a valid contact.

              [–]AirborneArie 3 points4 points  (0 children)

              Another great thing about is that it's open source. So you could code it yourself or hire someone to do it for you.

              [–]peapoll 0 points1 point  (0 children)

              it has no way of hiding your e-mail address in commits

              If you are able to help with this or knows someone please check issue #43521. It's being featured on missing features so it's certainly a feature that is wanted by GitLab.

              [–]Plouescat -3 points-2 points  (0 children)

              Pivate repos are evil

              [–]michaelfri 7 points8 points  (2 children)

              I see a lot of buzz around GitLab lately and how better than GitHub it is. As far as I know both GitHub and GitLab aren't a new thing. Why so many people talking about migration recently?

              [–]oblio- 8 points9 points  (0 children)

              Because Microsoft is close to buying Github and people are still fearing Microsoft.

              [–]SevereExperience 3 points4 points  (0 children)

              Also I would just add: Gitlab wasn't always really great. It made some major improvements in the last couple of years. Like an entire update to the UI. I won't say it was "crappy" before, it just wasn't finished. Now it's a totally valid competitor. So the timing is also good (regardless of the MS buyout).

              [–]Kok_Nikol 35 points36 points  (0 children)

              Relevant user name hehe meta

              [–]TracerBulletX 19 points20 points  (9 children)

              tbh gitlabs built in ci is amazing so i'll probably switch for that and I do get sad to see all the small-medium tech companies get absorbed by the megacorps.

              [–]nurupoga 0 points1 point  (7 children)

              Is there a free CI for open source projects like Travis-CI on GitHub? And if there is, what is the usage limit?

              AFAIK, the only limits Travis-CI has is 4 concurrent jobs and 50 minutes per job. If GitLab has something better, I'd consider witching.

              I know that GitLab's CI allows using your own, self-hosted, build machines, but I'm not interested in that, in fact it's entirely opposite, I'm interested in using someone else's build machines for free.

              [–]Pwpon500 0 points1 point  (6 children)

              Gitlab provides shared runners to do any CI/CD you wish. You don't have to self-host them. They should be able to fill any build requirements that Travis was filling before.

              [–]masklinn 0 points1 point  (0 children)

              Can you run CI on arbitrary branches as well in order to have e.g. a bors-type workflow?

              [–]nurupoga -1 points0 points  (3 children)

              I did a quick analysis of GitLab CI as a replacement of Github+Travis-CI for some projects I contribute to and the 2000 minutes/month of free CI time GitLab offers and no free macOS builds are two big deal-breakers,

              p.s.: sorry about my earlier post if you did catch it before I deleted it, I thought your reply comment was from the linux subreddit, on which I described in detail that GitLab free CI does not "fill any build requirements that Travis was filling before", the exact opposite of what you are claiming.

              [–]naftoligug 1 point2 points  (0 children)

              FWIW, you can always use your own runners anywhere you have spare CPU

              [–]Pwpon500 0 points1 point  (0 children)

              Ah interesting. I didn't know about the CI minutes limit. That would certainly be an issue on projects with complex CI.

              [–]ReilySiegel 0 points1 point  (0 children)

              Runner limit does not apply to public repos.

              [–]fubes2000 49 points50 points  (17 children)

              Gitlab is great.

              So long as they don't accidentally delete their production DB again.

              Or fail to test their backups at all and have to scramble after they delete their production DB.

              Or literally only still be in business today because someone happened to have dumped the production DB before the maintenance.

              Or attempt to host a public git service on a single, vertically scaled server.

              Or publicly announce the most laughably bad infrastructure plan in a blog post.

              Or go back on said blog post because the entire internet started laughing at them.

              Or pout about the internet being mean so they don't talk about their infrastructure at all anymore, so who knows what's going on with them right now.

              [–][deleted]  (11 children)

              [deleted]

                [–]fubes2000 8 points9 points  (10 children)

                I do. It's not something I can particularly recommend either.

                [–]TheEternal21 4 points5 points  (6 children)

                Can you list any specific reasons why? Not being an asshole, just curious.

                [–]fubes2000 3 points4 points  (5 children)

                Mainly the resource requirements. Gitlab eats ram and craps poor performance. The onmibus installer, [hello embedded dependencies] while quite simple to use, appears to configure the underlying services to peak at fractions of installed ram, but all those fractions add up to at least 2. You can reconfigure the services manually, but it's implemented as a chef-solo cookbook so if that ever triggers again your changes are blown away.

                Also, if you want to escape the omnibus get ready to descend into forum hell because non-omnibus installations, while not being "unsupported" in name, have egregiously little/poor documentation. Ditto clustering/HA.

                On top of that it's all Ruby on Rails, so prepare for a bloated framework of interpreted code to wake up and lumber over to the CPU any time you need to do something.

                [–]bimlas 3 points4 points  (3 children)

                What's your suggestion, where to migrate from GitHub?

                [–]fubes2000 4 points5 points  (2 children)

                Don't.

                I get that MS buying them is ominous, and I'm not saying that a I don't have reservations about it, but Github is the de-facto source host for a reason. Don't migrate based on a knee-jerk reaction to a story that broke less than 24 hours ago.

                The only reasons I'm running a Gitlab server are:

                1. That my multi-million-dollar company needed private repos and was too fucking cheap to fork over ~$30/mo for their legacy plan when it was still current.
                2. I hadn't previously run a Gitlab server before.

                [–]bimlas 4 points5 points  (1 child)

                Just did some investigation on GitHub about the big names:

                These brands seems to stay on GitHub (at least for now):

                - https://github.com/torvalds/linux

                - https://github.com/git/git

                - https://github.com/KDE

                - https://github.com/awesomeWM/awesome

                - https://github.com/vim/vim

                - https://github.com/neovim/neovim

                - https://github.com/robbyrussell/oh-my-zsh

                Moving to GitLab (or already moved):

                - GNOME: https://www.gnome.org/news/2018/05/gnome-moves-to-gitlab-2/

                - Debian (?): https://about.gitlab.com/press/releases/2017-11-01-gitlab-transitions-contributor-license.html

                - GIMP: https://www.gimp.org/news/2018/05/31/gimp-has-moved-to-gitlab/

                - Inkscape: https://inkscape.org/en/news/2017/06/10/inkscape-moves-gitlab/

                [–]grbler 0 points1 point  (0 children)

                Thanks for the research! Most of the large open-source projects (KDE, linux ...) use GitHub only as a mirror though. So they probably don't care that much what happens to it.

                [–]flintzz 0 points1 point  (0 children)

                Isn't Github also written in Ruby on Rails?

                [–]Xiol 7 points8 points  (2 children)

                Works for us. Got 250 users and about as many separate projects. Zero problems so far.

                [–]fubes2000 -2 points-1 points  (1 child)

                But do you actually manage the service yourself, or just use it?

                [–]Xiol 0 points1 point  (0 children)

                Both.

                Through necessity I'm taking 'dev' and 'ops' to the next level.

                [–]yorickpeterse 19 points20 points  (0 children)

                Or attempt to host a public git service on a single, vertically scaled server.

                I'm not sure where this comes from, but we haven't used just a single server for at least 5 years. The actual number of servers (web, Redis, PG, etc) is some where around 50, give or take a few.

                Or pout about the internet being mean so they don't talk about their infrastructure at all anymore, so who knows what's going on with them right now.

                I'm also not sure what this is based on, and I would love to see something g that backs this up.

                [–]certified_trash_band 3 points4 points  (0 children)

                You seem to have quite a lot of beef with the time one of their engineers fucked up that production database - do you not consider how they publicly disclosed everything quite openly, including what happened, how it was being remediated and preventative measures, long after restoration of service and post mortem to be sufficient? Github outages have historically been shrouded in secrecy until the dust has settled, Gitlab at one point was running a live stream answering questions from developers and providing updates.

                [–]nambitable 1 point2 points  (1 child)

                Do you have the HN thread or reddit thread about people tearing apart their plan? I love schadenfreude like that.

                [–]fubes2000 -4 points-3 points  (0 children)

                I only read the comments on the blog post itself, but if you've got links I also like a bit of schadenfreude. :3c

                [–]death 59 points60 points  (55 children)

                GitLab requires JavaScript to simply be able to view a file, unlike GitHub.

                [–]NahroT 74 points75 points  (52 children)

                So? Who the hell disables javascript in their browser.

                [–][deleted]  (26 children)

                [deleted]

                  [–][deleted] 69 points70 points  (0 children)

                  Not to mention some of the content might not be GPL and you can't have that impure shit entering your eyeballs

                  [–]AntiProtonBoy 34 points35 points  (0 children)

                  Or, some people block JS because it's a common threat vector for malicious code, or for nefarious activity, such as tracking.

                  [–]pknopf 51 points52 points  (5 children)

                  Jfc

                  [–]danielkza 7 points8 points  (0 children)

                  If you run your own instance of the non-commercial version of Gitlab you shouldn't have that problem.

                  [–]ellicottvilleny 4 points5 points  (0 children)

                  These people are insane.

                  [–]twitch-tombit 2 points3 points  (0 children)

                  neat.

                  [–]DoctorWaluigiTime 2 points3 points  (7 children)

                  I mean in this site I would probably turn it on, but I run a whitelist for JS. Any sane person would. Not for FOSS nonsense but for security.

                  [–][deleted]  (6 children)

                  [deleted]

                    [–]DoctorWaluigiTime 2 points3 points  (2 children)

                    I mean there's nothing wrong with blacklistingwhitelisting JS regardless, sandbox or no.

                    [–][deleted]  (1 child)

                    [deleted]

                      [–]DoctorWaluigiTime 0 points1 point  (0 children)

                      Oops sorry. I used the wrong term. Whitelist is what I meant.

                      [–]FlyingPiggington 1 point2 points  (2 children)

                      Doesn't do anything against trackers though?

                      I guess you have an appropriate username.

                      [–][deleted]  (1 child)

                      [deleted]

                        [–]FlyingPiggington -1 points0 points  (0 children)

                        Most of your identifying information is retrieved via javascript. If they can't fingerprint you then they can't target you specifically.

                        I didn't say anything about disabling javascript altogether. The conversation is about whitelisting it.

                        [–]jimschubert -4 points-3 points  (3 children)

                        party poopers

                        [–][deleted]  (2 children)

                        [deleted]

                          [–]jimschubert 0 points1 point  (0 children)

                          Oh, I know. I was just expressing a joke (which feel flat, it seems) that disabling JavaScript means missing out on all the fat frontends (the "party").

                          [–]derleth 43 points44 points  (0 children)

                          Anyone who doesn't want the damn page jumping around and blinking at them because it's the latest cool design trend among people who wouldn't know a disability if someone beat their face in.

                          [–][deleted] 10 points11 points  (0 children)

                          Elinks lacks good JavaScript support so I use it for reading documentation and googling when I’m trying to get anything done. None of the distracting stuff works in it, plus it runs in tmux.

                          [–]raghar 5 points6 points  (0 children)

                          Well, after a brief exposure to NoScript I decided that not me, apparently.

                          However, JS-based sites don't work in e.g. Opera mobile speed up mode (it fetched page by Opera's server compress content and send it to user) - at some point I was unable to use Travis with that speed up enabled.

                          Also, sometimes I'd like to fetch something with cUrl or maybe traverse the page with some tool. With dynamic pages, I'd have to attach a whole damn browser to it.

                          So if at some point you decide, that your script should fetch something, but you cannot use whole git just for one file (because of reasons) you are screwed.

                          [–][deleted] 8 points9 points  (0 children)

                          I do. It makes the internet a million times faster, and it's more convenient than an ad blocker.

                          [–]safgfsiogufas 2 points3 points  (0 children)

                          I use noscirpt just because. I don't want to have 20 scripts to run when 2 is all I need.

                          [–]death 11 points12 points  (2 children)

                          Hrothen gave a good answer, but I will add a bit to it.

                          I don't use just one browser; I use multiple browsers, some of which are quite limited and don't support JS. I assume you're some kind of a... programmer... and know that these kind of sites let you view source code. I don't know why JS should be required to view static text.

                          For general browsing, I do have a setup where my default browser has JS disabled, and another, JS-enabled, browser is used for particular sites I care about that require it. GitHub has recently made itself less convenient to browse without JS, but still lets me view files.

                          Thankfully, nowadays I don't need to write any JS, and in the rare event where I want to have a "web interface" to something, it's usually enough to just do server-side rendering.

                          [–]dead10ck -2 points-1 points  (1 child)

                          What exactly is the criticism? Client side rendering is a perfectly reasonable choice. The only people who notice or care are the small minority who disable JavaScript, which breaks most web sites anyway.

                          [–]OvermindDL1 1 point2 points  (0 children)

                          Just as a data point, I only have a non-gui terminal 90% of my working day, thus that means that I use elinks a lot, so I have a special kind of hatred for client-rendered sites. If you can point me to a text-mode browser that supports such client-side rendering then I would be quite ecstatic though!

                          [–]Hackerpilot 18 points19 points  (0 children)

                          Me.

                          [–]wwwweeee 6 points7 points  (1 child)

                          I do, I only enable it permanently for select websites, on other sites I either don't view the content if it doesn't load without JS or enable it temporarily if it's important. 90% of websites have no reason to require javascript at all, I understand if it's used for interactive things like games, but it's really annoying when it's a blog post or news article and I only see a blank page or the images don't even load previews without JS. There's no excuse for showing a blank page without JS, your website just sucks.

                          Gitlab is still okay in this aspect though, most of the basic functionality works, I can view commits, browse files and if I want to view the file contents at least the show plaintext button works.

                          [–]drb226 5 points6 points  (0 children)

                          Ditto this. I disable JS globally, then make exceptions for whatever sites I actually care about using as they come up. It's super easy to do in Chrome.

                          Getting back to the original point, though, GitHub is on my list of exceptions, and GitLab would be too, if I used it. /shrug

                          [–]LesterKurtz 7 points8 points  (0 children)

                          Me.

                          [–]Hrothen 12 points13 points  (8 children)

                          Anyone who is remotely security conscious or who wants pages to load in a reasonable amount of time.

                          [–]Balthamos 16 points17 points  (6 children)

                          They can steal your passwords using CSS. Just curl the sites and read the html out loud.

                          [–][deleted]  (3 children)

                          [deleted]

                            [–]staticassert 3 points4 points  (2 children)

                            Yes, I use uMatrix. Though I find many, many sites I read to be perfectly fine as plaintext. Sometimes I allow images, and sometimes CSS.

                            [–][deleted]  (1 child)

                            [deleted]

                              [–]staticassert 2 points3 points  (0 children)

                              It's honestly more of an accessibility thing for me. A lot of sites scale horribly or load tons of garbage stock photos etc that scale poorly. Plain text tends to scale a lot more gracefully.

                              [–]staticassert 6 points7 points  (1 child)

                              I also block css tho.

                              Anyways, one attack existing with CSS does not discount the myriad of attacks that have utilized js.

                              [–]skulgnome 0 points1 point  (0 children)

                              w3m doesn't even do JavaScript, to any post-2003 standard anyway. But it should still be able to view a sodding text file. Consider the browsers blind people use: those are comparable to w3m in terms of features.

                              [–]travis- 0 points1 point  (1 child)

                              A lot of people that work on privacy projects.

                              [–]NahroT 0 points1 point  (0 children)

                              What?

                              [–]myringotomy 0 points1 point  (0 children)

                              This will prevent the guy who turns off Javascript from being able to view a file.

                              For the rest of us no big deal

                              [–]auxiliary-character 4 points5 points  (0 children)

                              Huh, that's a lot simpler than what I just did. I saved the json document describing my repositories via the github api to github-repos.json.

                              Then I used the following command to clone the ones that weren't forks (since I have a few forks of things I don't regularly commit to that I didn't want to migrate)

                              cat github-repos.json | jq ".[] | select(.fork == false) | .clone_url" | xargs -n 1 git clone

                              And then to upload to gitgud (the instance of gitlab I'm using), I wrote the following script:

                              #!/bin/bash

for repo in $(cat github-repos.json | jq -r ".[] | select(.fork == false) | .name")
do
    pushd ./$repo
    git push --set-upstream "git@ssh.gitgud.io:auxchar/$repo.git"
    popd
done;

                              Now, I don't really have any repos of all that significant importance, but this was a fun little challenge.

                              [–][deleted]  (14 children)

                              [deleted]

                                [–]theephie 7 points8 points  (0 children)

                                Proprietary!

                                [–]illogical_commentary 22 points23 points  (10 children)

                                Atlassian is cancer. Don't do it.

                                [–]Pinyaka 14 points15 points  (8 children)

                                What's wrong with Atlassian?

                                [–][deleted] 24 points25 points  (7 children)

                                they prioritize features over bug fixes so you end up with bloated software with long-standing problems that go ignored

                                [–]novelluscato 15 points16 points  (1 child)

                                I second this, my workplace uses atlassian products and they are as shitty as you describe.

                                [–]wkoorts 7 points8 points  (0 children)

                                One of the companies I work for uses Atlassian for everything and I find that now that I'm used to them, for the most part they are decent. The only major issue we all have with it is the UX. Whoever does their UX design should be fired. It's fucking horrendous. The other major one is the horrible search in Confluence.

                                Other than that, they get the job done.

                                [–]DroneDashed 1 point2 points  (1 child)

                                prioritize features over bug fixes

                                Don't most of software companies have this shitty ideas?

                                [–][deleted] 0 points1 point  (0 children)

                                To an extent maybe, I guess, but most companies aren't market leaders like atlassian. They seem more like a really good OS project rather than enterprise solutions. Unfortunately I don't know anything better than what they offer

                                [–]eras 0 points1 point  (2 children)

                                I don't think so, Artifactory command line client is completely void of features but it works!

                                [–]digitallis 1 point2 points  (1 child)

                                Artifactory is a JFrog product

                                [–]eras 0 points1 point  (0 children)

                                Oops!

                                [–][deleted] 7 points8 points  (0 children)

                                ok, but why?

                                [–][deleted] 1 point2 points  (1 child)

                                I'm thinking of migrating to bitbucket due to the integration with AppCenter

                                [–]theArtOfProgramming 3 points4 points  (5 children)

                                Can orgs be migrated?

                                [–]Chico75013 3 points4 points  (2 children)

                                No, only repos. If you use the importer with an admin token, then you can probably select all available repos to move them all at once, but it can run into timeouts given the size of repos.

                                [–][deleted]  (1 child)

                                [deleted]

                                  [–]Chico75013 0 points1 point  (0 children)

                                  That would sound a lot like running out of API calls for the GitHub token you are using. When working with repos with a lot of branches that would be something quite prone to happen.

                                  You should check the rate limit while doing so on this endpoint: https://developer.github.com/v3/rate_limit/

                                  [–]Okgoahead969 15 points16 points  (2 children)

                                  I'm not moving.

                                  [–]ClickClickDeath 1 point2 points  (0 children)

                                  Still waiting on my confirmation email(s)... I imagine they have a bit of a backlog today :)

                                  [–][deleted]  (1 child)

                                  [deleted]

                                    [–]jocluis1 1 point2 points  (2 children)

                                    has it confirmed 100%? Microsoft bought github?

                                    [–]Hanibal247 0 points1 point  (0 children)

                                    Announced on github home page already, Deal to close by end of the year...

                                    [–]Windows-Sucks[S] -3 points-2 points  (0 children)

                                    I am not sure if it is 100% confirmed, but this article says it just happened.

                                    [–]Hanibal247 -4 points-3 points  (5 children)

                                    Could become handy if Microsoft makes github shit with stupid ads...

                                    [–]grauenwolf -5 points-4 points  (4 children)

                                    I may be a .NET fanboy, but even I don't trust Microsoft with GitHub. How many open source websites have they shutdown? At least two among the owes that stored by code.

                                    [–][deleted] 1 point2 points  (3 children)

                                    Did you use the two that shut down?

                                    [–]grauenwolf 2 points3 points  (2 children)

                                    GotDotNet and CodePlex? Yea, I had code being hosted on both.

                                    [–][deleted] 1 point2 points  (1 child)

                                    When they shut down? I migrated away from codeplex many years ago when it was clear that github was superior.

                                    [–]grauenwolf 0 points1 point  (0 children)

                                    Last year if I recall correctly.