juliette@pawb.social to Technology@lemmy.ml · 3 months agoGitHub Is Not Open Source, A Rantlisted.toexternal-linkmessage-square113fedilinkarrow-up1177
arrow-up1177external-linkGitHub Is Not Open Source, A Rantlisted.tojuliette@pawb.social to Technology@lemmy.ml · 3 months agomessage-square113fedilink
minus-squarelurch@sh.itjust.workslinkfedilinkarrow-up1·3 months agoYes, if you want to accept pull requests from anyone, you can set up a jailed git server with public access, for example.
minus-squareonlinepersona@programming.devlinkfedilinkEnglisharrow-up2·3 months agoThat’s not a pull request, but a merge request. Besides the point though. What I’m getting at is: isn’t that asking for trouble? Somebody could while true ; do head /dev/urandom -c 100MB > file.txt git add file.txt git commit -m "new commit" git push done and fill up your hard drive. Also, depending on the protocol, they could try fuzzing it. Or, pipe /dev/urandom into nc and blast your git port. And of course, the first problem is discoverability. Who’s going to find your random, unfederated, git service? It just doesn’t sound like a convincing solution, IMO. Anti Commercial-AI license
minus-squarelurch@sh.itjust.workslinkfedilinkarrow-up1·3 months agono, it’s not specific to merge requests. theres a tool called git-shell that prevents abuse
Yes, if you want to accept pull requests from anyone, you can set up a jailed git server with public access, for example.
That’s not a pull request, but a merge request. Besides the point though. What I’m getting at is: isn’t that asking for trouble? Somebody could
and fill up your hard drive. Also, depending on the protocol, they could try fuzzing it. Or, pipe
/dev/urandomintoncand blast your git port.And of course, the first problem is discoverability. Who’s going to find your random, unfederated, git service?
It just doesn’t sound like a convincing solution, IMO.
Anti Commercial-AI license
no, it’s not specific to merge requests. theres a tool called git-shell that prevents abuse