What is Reddit's opinion of
GitLab?
From 3.5 billion Reddit comments
➔ GitLab website
By popularity on Reddit, this Service is:
100 reviews of this app found across Reddit:
Context: http://www.businessinsider.com/gitlab-outage-due-to-human-error-2017-2
Official blog post: https://about.gitlab.com/2017/02/01/gitlab-dot-com-database-incident/
> ...a GitLab system administrator tried to fix a slowdown on the site by clearing out the backup database and restarting the copying process. Unfortunately, the admin accidentally typed the command to delete the primary database instead, according to a blog entry.
>And by the time he noticed and scrambled to stop the deletion "of around 300 GB only about 4.5 GB is left," the blog explains.
>Making matters worse, they couldn't just restore: "Out of 5 backup/replication techniques deployed none are working reliably or set up in the first place" the blog said. "We ended up restoring a 6 hours old backup." Which means that any data created in that six-hour window may be lost forever, Anglade says.
>The good news, says Anglade, is that the database that was affected didn't actually contain anyone's code, just stuff like comments and bug reports. Furthermore, Anglade says that the many customers who installed GitLab's software on their own servers weren't affected, since that doesn't connect up to GitLab.com. And paying customers weren't affected at all, the company said, which minimize the financial impact.
Emphasis is mine.
Sounds like it's a lot worse for their public image than for their customers, if no actual code was lost.
- Try using the project as intended (do they have a README?): is it a library? CLI tool? Web app? Good ol' app?
- Build the project and read the build code
- Run the test suite
- Run the tests with a debugger
- Break the tests
- Find the class/module/component where the magic happens and break that then run the tests again
- Find an ugly or smelly method/class and refactor it
- Look at last few Pull Requests(PRs) and see where and how the changes were made
- Look at currently open PRs
edit: PR = Pull Request
and here's even more on PRs
That should get you started
As a developer, I would like to thank GamerGate for supporting a return of rationality to the tech industry. We were nowhere without this movement. Think about it, GitHub is backing down due to protests that were reinforced on the back of GamerGate.
I've been here for a while and I've been in the tech industry for a long while. It's no joke, we did this. Bravo people.
edit
I would still not support GitHub. I don't trust them one bit. This is a victory for us, but they're still run by the enemy. Self host your own GitLab or Gogs repos.
Switched to GitLab about 9 months ago, it's great. It has it's moments where it can be a little slow, but so far nothing major. It's in my opinion the best alternative to GitHub and excels in other areas.
Their target for an IPO is 2020, at 100M revenue (https://about.gitlab.com/company/strategy/). I'd guess the next couple of years, they're going to continue to grow and spend like mad.
This is where things get interesting. They're now at a point where it becomes a massive task for any one person to remember who is working where. If they grow to 2-3x the size, there will now be a constant stream of people leaving and joining different teams. Not to mention groups that include "everyone" can be a firehose of information.
Once they IPO, they'll have to pay very close attention to open communication. You can run afoul of SEC rules very rapidly if you're just shooting strategy publicly, off the hip.
I hope they succeed, because I've preferred working remotely myself.
Reminder to go for the throat on this one. If you haven't already, cancel your GH subscription and self-host with GitLab or Gogs.
As referenced in this article, GitHub backed down on their CoC because people were pulling their paid accounts. Do not let up. Our society needs to put a stop to this.
GitHub investors are watching. They're not going to let a bunch of SJWs ruin their investment. Let them know how you feel:
GitLab already has a migrator in place if you're wanting to move.
>At its current state, GitHub importer can import:
>
>the repository description (GitLab 7.7+)
>
>the Git repository data (GitLab 7.7+)
>
>the issues (GitLab 7.7+)
>
>the pull requests (GitLab 8.4+)
>
>the wiki pages (GitLab 8.4+)
>
>the milestones (GitLab 8.7+)
>
>the labels (GitLab 8.7+)
>
>the release note descriptions (GitLab 8.12+)
>
>the pull request review comments (GitLab 10.2+)
>
>the regular issue and pull request comments
>
>References to pull requests and issues are preserved (GitLab 8.7+)
>
>Repository public access is retained. If a repository is private in GitHub it will be created as private in GitLab as well
I'm curious what would happen because I'd imagine GitLab would have at least as difficult a time managing the project as GitHub. In fact I don't think they even have 5 servers they can spare for a project like this. A post from last year mentions they have only two.
From https://about.gitlab.com/developer-survey/2018/#section-demographics. I can sort of understand (eh not really) the UK, Iceland, and Ireland being missing being islands, but where the heck did Norway and Uruguay go?
They have a salary calculator if anyone is curious https://about.gitlab.com/2018/03/23/gitlabs-global-compensation-calculator-the-next-iteration/ It's low if you live in a major city but reasonable everywhere else
Nah, they ~~moved~~ are in the process of moving to gcloud now https://about.gitlab.com/2018/04/05/gke-gitlab-integration/
> We’re already in the process of migrating GitLab.com to Google Cloud Platform. For us, the primary reason to migrate was because it has the most mature Kubernetes platform.
Had they stayed with Azure, the irony would had been so good though
Questions:
> and is non-commercial
What do they consider "non-commercial"? Can you still get donations (so long as they are NOT required for any features whatsoever)? If you get donations, must they be accounted as non-profit like Krita+Godot do via the Software Freedom Conservatory?
TL;DR: would an open-source+fully gratis project be ineligible if it was a 1-man patreon setup?
> should not have... paid contributors
Does this mean that no project members can be paid, or is 'contributor' used specifically to disallow things like bug/feature bounties?
Or it this a funky way of saying people who pay to contribute, rather than being paid to contribute?
EDIT: And why not standard/premium for gratis (but-not-open-source) projects?
Core seems to have some really basic restrictions (see this. Core has no: Related issues, Issue Weights, Multiple assignees for issues, Squash and merge, etc)
>Gitlab doesn't have very sensitive data ( I am assuming it would be mostly code)
Umm, if you're a company that sells software products (i.e. the sort of company that needs a source code repository, not a manufacturing company or something), then the code is probably the most sensitive thing you own because the code becomes your product, i.e. the thing that makes you the money.
So from a security point of view, you (as a company) might want to retain complete control over the repositories to make sure your code is never exposed for someone to get a competitive advantage over you. It means bad actors can't pick it apart for vulnerabilities. And also from a reliability point of view due to incidents like https://about.gitlab.com/blog/2017/02/10/postmortem-of-database-outage-of-january-31/. To my knowledge it has only happened one time, but that's still very bad.
My question would be "if they're the same price, why would any company NOT self-host" - my experience is usually that self-hosted products cost more and therefore the argument is more balanced. In this case the price is a win, and self-hosting is a win (yes it's effort, but my experience running Gitlab CE suggests that it's not that difficult)
>"To the GitLab.com users whose data we lost and to the people affected by the outage: we're sorry. I apologize personally, as GitLab's CEO, and on behalf of everyone at GitLab."
Sorry, I just can't get past GitLab losing production data.
Interesting given Gitlab's recent "Masterplan" post - https://about.gitlab.com/direction/#scope
I love the competition between these two. Gitlab is wonderful for my personal projects but Github obviously has the community aspect to it.
Excited for the Github projects, no longer need 3rd party plugins for it thankfully.
>Crypto miners are not really a problem, as you can trivially fight them off if you still got technical staff.
Gitlab doesn't seem to think it's trivial, as they're now requiring users to provide credit cards in order to use shared runners for this exact reason.
I guess it's time to transition to specific hosted instances of gitlab.
Anyone else find it ironic that Linus just made someone a couple of billion dollars via Microsoft?
Every company will fuck up. How they respond to the fuckup tells you more about a company than the fact that a fuckup happened.
And GitLab responded with exceeding transparency and grace.
You were lucky to recover it! Did you hear about the poor sap at Gitlab who accidentally nuked the Production database, and every single layer of backup and recovery failed?
https://about.gitlab.com/2017/02/10/postmortem-of-database-outage-of-january-31/
This response of GitLab being on Azure has been debunked numerous times during these conversations.
Here is the link saying they are currently hosted on Google from Venturebeat and from GitLab themselves here.
Hope this helps. They are still in the process of migrating.
>GitLab.
So that nobody reads this comment as more snarky than it actually is, everybody please note that Gitlab CI actually supports running as a CI for github.
​
It's not the road map announcement that makes people think that GitLab is putting pressure on GitHub to innovate, though.
AFAIK, things with GitHub really came to a head with "Dear GitHub," open letter to GitHub that got a lot of traction back in January and February.
GitLab fired back pretty quickly with a response (even before GitHub responded to the letter), pointing out that GitLab had solutions for (or was actively addressing) a lot of the complaints that were brought up in the letter. That response is what put GitLab on the radar for a lot of people. (Myself included: prior to that letter I thought it was a way to roll your own git server, not an alternative to GitHub.com)
So, yeah, 7 or 8 months later is probably a reasonable development time for a lot of these features; so it seems like a fair supposition that these features were developed in response to that open letter and GitLab's response.
this really needs to be emphasized. backups can give a false sense of security. need to have a process in place to restore the data. GitLab learned this the hard way recently.
I give a lot of credit to Gitlab for their transparency and this is another example. They also publish an open salary calculator. I hope they recover quickly and make the necessary resiliency improvements - we've all been there.
Chapter 3, Article 17, Item 1a states that the data controller/holder must erase PII if "the personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed."
Basically, the PII contained in open source commit logs is necessary indefinitely for the sake of logging contributions and changes to the code, and cannot be easily removed due to how git works. Therefore, that particular information is exempt from the "right to be forgotten" provision of the GDPR. Both GitHub and GitLab specifically mention this in their updated privacy policies.
To give them extra credit, GitLab when pushing politics is actually more explicitly sympathetic to software freedom versus GitHub: https://about.gitlab.com/2015/05/20/gitlab-gitorious-free-software/
Despite things I and others will still complain about (the whole dual-license thing mainly), GitLab folks have been actively working with those concerned about software freedom, privacy etc. — they even plan to move GitLab.com to self-hosted Piwik so they aren't reporting to Google Analytics and more…
Sure, some of us wish GitLab were entirely free/libre/open and AGPL, but they are listening, and they aren't doing the subtle political undermining of GPL that GitHub is doing.
> https://about.gitlab.com/handbook/total-rewards/compensation/compensation-calculator/calculator/
Unlimited PTO is a joke unless you can actually take serious amounts of time. In my experience you never see places with unlimited PTO let anyone take 5 weeks off in a year.
In my opinion, this is unnecessary and a waste of everyone's time. People managers are the ones who should make sure their team is engaged and elevate any issues that come up to HR to address proactively as needed. If you're wanting to make sure people are connected, spend that time setting up opportunities for connection like classes, games, etc so whoever wants to attend can. IMHO the problem isn't that you don't have topics to discuss, it's that this isn't a necessary meeting for anyone to be in. I suggest you do some reading of Gitlab's guide to remote work: https://about.gitlab.com/company/culture/all-remote/guide/
I guess you weren't around to see the news GitLab was pushing starting few days ago:
https://twitter.com/gitlab
https://about.gitlab.com/2018/06/05/gitlab-ultimate-and-gold-free-for-education-and-open-source/
Notice all the tweets and retweets about GitHub, Microsoft and GitLab's "massive spike" of migrations. They're also pushing the #movingtogitlab hash tag.
Now, whether this is "nasty" I'll reserve judgment. It's certainly disingenuous, but it's what companies hungry for business do. Atlassian's BitBucket did that same, and in general companies do that... when they sense weakness in their "enemy" they attack.
But bottom line: it did absolutely happen and they're still trying to keep it going.
Out of curiosity, which premium features are you interested in? I looked at the feature comparison table and couldn't see anything I would consider essential for non-enterprise use, especially for the scope of school projects. After all, GNOME and (part of) Debian use the basic version and they seem to find it good enough for their needs.
But I suppose it's true that if GitLab wants to get students hooked on the premium features they should try to make sure it's easily obtainable by students.
This is actually not true.
Ultimate refers to the self-hosted version of Gitlab. This is what Gitlab.com uses. Gold refers to the paid version of Gitlab.com, which is not self-hosted. Open source projects do not get gold by default. Gold is an account-wide upgrade.
Hence why I prefaced with not the lightest weight.
Argo is resource heavy if you also need to run a k8s cluster just to get CI. Hell Jenkins on a single small VM would be a lightweight option.
Light weight weight could mean a git server running with a commit hook that runs a bash scripts that rebuilds and runs a daemon on push
Even lighter still would be sftp to straight to /var/www under Apache, assuming you're running a wsgi compatible application stack
I still maintain that gitlabs benefits far outweigh any of these 'lightweight' options. Look at the installation options on their page, https://about.gitlab.com/install/#ubuntu. Step 1 have a server. Step 2 install a package. Step 3 login. Sounds like a no brainier to me
Its a great time, if you haven't considered it before. Our CI/CD tools are fantastic and since we are open source - you suggest or fix things you don't like :).
Iran and Syria is not GH's choice, it's an U.S. embargo forced on any company that wants to do business in the U.S.. E.g. GitLab has the same issues, they just phrase it less explicitly in their terms of service – and seem to have been surprised when their move to GCP cut off access from Iran.
Open source is useful because software cannot be embargoed effectively, but services certainly can be. The only solution is to self-host everything?
Eliran from GitLab explains it: https://lists.debian.org/debian-devel/2016/06/msg00227.html. They will be happy to "discuss" patch acceptance.
Clearly stated in the policy:
> What features are EE only
> [...]we ask ourselves, is this feature more relevant for organizations that have more than 100 potential users? If the answer is yes the feature is likely to be exclusive to EE.
Here is an article about the decision: https://lwn.net/Articles/724986/
It's part of the over all plan to get GitLab.com ready for production workloads. As the article says:
> Migrating to GCP is the next step in our plan to make GitLab.com ready for your mission-critical workloads.
For more details on that you can see our Q3 OKRs (still in draft). As we're "public first" to live our transparency value you can see what is included in "Make GitLab.com ready for mission-critical customer workloads" here:
Yes, me too. I like GitLab. Here some reasons why off the top of my head:
- It has free and nicely integrated CI.
- It has free hosted GitLab pages that can be generated by anything via the CI, not limited to Jekyll but also e.g. code coverage reports.
- They release a new version every month and work really hard to improve and add new features.
- It has a useful interface. Their mobile site is 100% usable other than GitHub's last I checked.
- I also use it in companies because they have the self hosted version, so I only have to know one system.
- Their company culture seems very transparent and dedicated to open source. GitLab itself is open source (well the community version at least, but it includes all important features) and many of the companies discussions and "internal" documents are publicly available.
Edit: Formatting.
Edit2: And free private repos. I forgot that one.
Edit3: Also you guys should totally check out BitBucket too, I just can't really say anything about it, since I haven't used it in quite some time.
The builtin CI service is really handy imo.
This has nothing to do with the quality of the product they offer, but I really appreciate the (seemingly) open culture in the company. They open sourced their employee handbook which gives you insight into what they think is important.
^^^imnotashill
As for server you can use your old PC or buy some ARM server on Aliexpress for >$100
Gitlab is not 100% open source they had 3 versions. Only the community version has the source available. As it looks.
https://about.gitlab.com/downloads/
https://about.gitlab.com/better-than-github/#gitlab-enterprise
I think Gitlab handled this whole situation in an extremely clever way. Making migration easier, starting the #movingtogitlab campaign and now this. This is how you do marketing.
>So in other words, out of five backup/replication techniques deployed none are working reliably or set up in the first place. We ended up restoring a six-hour-old backup.
You can't make this shit up. The incident report is hilarious, even if you don't understand everything (hell if I do).
Tosin en tiedä toimiiko tässä tapauksessa, koska kyse on käyttäjäkunnasta, joka on teknisesti tarpeeksi osaavaa ja motivoitunutta vaihtamaan toiseen palveluun (kuten Gitlab). Ja Git itsessään on vapaata softaa, joten Githubin vaihto Gitlabiin ei käytännössä tarkoita muuta kuin repon vaihtoa (jos joku ei tiedä mitä tarkoittaa: vähän sama kuin vaihtaisi Google Driven Dropboxiin, eli vaihtuu pelkästään sijainti missä tiedostot säilytetään).
Meh, not entirely. I went into a winded rant a few days back about how it's really the same thing in a way. If you are leaving Github out of a distaste for Microsoft, only to migrate to a service that is hosted on Azure, you are kinda being a hypocrite. That's just about as effective as boycotting a "country" but still purchasing products from their main exporter.
I am a strong believer that when something is free, it is because you are the product. In this case Microsoft will be absorbing your usage data to better their Github offering. I'm sure GitLab sells data like all the rest, and now Microsoft probably just has a built-in key to it, at least the metadata. If you look at their privacy policy, it's vague enough that they can sell your data to whoever they want.
So yea...in this day and age, there is a grey enough line in these things that it can totally be called hypocritical.
You can easily setup an own server hosting your own git repositories - I think the only thing the people want when they ask for it to be hosted on Github is a public repo where they can make pull requests, fork etc.
Of course you get a free wiki & simple ticket system, but you can setup these too on your own server.
I like http://gitlist.org/ for viewing my repositories as it runs with php and is stable on a raspberrypi. If you want more functionality and have a server that can run it I'd totally recommend https://about.gitlab.com/
You can see the UI here: https://about.gitlab.com/images/11_10/container_registry_cleanup.png
Images in Docker can have multiple tags, and you can remove individual tags. Only when an image is untagged (all tags removed) it will be deleted. That's the behavior I would expect from GitLab as well: Removing a tag will remove that tag, and the image will only be removed if there are no further tags. But this is not the case. If you remove a tag, then ALL tags of the image will be removed and the image is deleted.
The features that are only available in their closed-source version include some very decidedly not-only-for-enterprise features, namely:
Kerberos authentication. Because only enterprises need actual security, apparently.
Two-factor authentication with LDAP. LDAP authentication is in the community edition, and two-factor authentication is in the community edition, but the intersection of the two is…not. Wut?
Git annex and hooks.
This bothers me probably more than it should…
Unlimited private repos with no limit on the number of contributors.
They also have a page showing how they are better than GitHub.
GutHub has the community which is a huge plus for them, but for small or personal projects that you don't want public, then GitLab is awesome.
Also, they have a community edition, which you can host on your network for free.
That's a very org/team specific thing. At GitLab all meetings are optional by default. With my team, I'm specifying in the Outlook event who is required and who is optional.
Well you can't really install a Github Server (unless you are willing to pay horrendous sums for Github Enterprise) but you can install Gitlab, which is basivally and open source clone of Github.
The advantage is, that you can use tools like issues, wiki, etc, which you'd have to pay when using atlassian tools (jira, confluence).
They're insanely open about their goals; there are sources far better than this random site, like this one (if you trust "gitlab.com", not sure if they're a trustworthy source on information about gitlab but): https://about.gitlab.com/handbook/being-a-public-company/
> We're doing everything we can to [not be acquired] - Sid Sijbrandij (2019)
> We continue to believe that being a public company is an integral part of realizing our mission. ... In order to maintain the flexibility discussed in this section, we have chosen to remove the dates previously targeted for these goals. [Previously, this read November 2020, but Pandemic and such]
There has been legitimate recent developments: https://www.cnbc.com/2021/01/15/gitlab-ceo-eyes-public-market-after-secondary-valued-it-at-6-billion-.html
Formula is detailed here: https://about.gitlab.com/handbook/people-operations/global-compensation/#compensation-calculator
To use the actual calculator, looks like you have to visit a job position page. For example, here's the backend engineer (you have to scroll to the bottom): https://about.gitlab.com/job-families/engineering/backend-engineer/
Here's a good read on some costly mistakes: https://about.gitlab.com/2017/03/17/how-is-team-member-1-doing/
> At GitLab we think that the people making the most mistakes frequently correlate with the people doing the most work. I certainly make a lot of mistakes every day. It is important not to double down on them but to acknowledge them and learn from it.
> We make mistakes. What's different from person to person, organization to organization, is how to deal with them. What we value most at GitLab is:
> - Transparency: "Don't be afraid to admit you made a mistake or were wrong. When something went wrong it is a great opportunity to say 'What’s the kaizen moment here?' and find a better way without hurt feelings." - Collaboration: "Say sorry if you made a mistake apologize. Saying sorry is not a sign of weakness but one of strength. The people that do the most will likely make the most mistakes." - Behaviour: - Be truthful and honest. - Be dependable, reliable, fair, and respectful. - Be committed, creative, inspiring, and passionate.
> It may not have the complete same featureset, but if it means it's one less tool that I have to use and I can centralize all of my work in a single one, it's a win.
If you really want one less tool(s), then you really should check out GitLab: https://about.gitlab.com/2016/09/14/gitlab-live-event-recap/
No, they bought Github. GitLab is fully open source. Github is not.
They also say this:
>It's important to note that these improvements can't be attributed to the migration alone – we explore some other contributing factors in our October update.
So yeah, you're probably right that it's not really the reason at all.
They are in the "process of migrating to Google Cloud Platform" according to this article but that could be a very long process. Do you have any specific information regarding where they're hosted?
I downloaded a list of the Azure Public IP ranges and compared the IP address for GitLab.com and it does appear to be on Azure. Image.
There was a data loss outage in January, but I don't believe it affected actual repos - just issue tracking, comments, etc: Postmortem of database outage of January 31
That remains to be seen. Its much easier to schedule some one on one time over video/webex/zoom and provide newbies some help and get them up to speed. I doubt people overhear that much and learn a whole lot by just being in an office.
I've been remote for nearly 7 years and go to the office occasionally. In office interactions where we all debug together were rare and when everyone went remote we just all hopped on a webex and started working together through the problem. Heck, we could record our sessions and review them later too so it was extra helpful.
I think culture can change a bit to support more random remote-work interactions. I know remote-only companies like to schedule random 1-on-1s among random employees to introduce people to new people which often doesn't get done in an office. See Gitlab: https://about.gitlab.com/company/culture/all-remote/guide/
And they bring up an excellent point in that article, rather than training one-on-one - being remote pushes people to document more which is usually easier for newbies and everyone to follow and helps break down silos.
A lot of these promos are useful and have no strings attached, but the intention of the free private repos for students is to essentially lock you into Github so you will pay for their private repositories ($7/mo) for the rest of your career as a developer.
Gitlab is a better alternative if you are looking for free private repo hosting without strings attached.
I'm not Sir_Lith but I think this is the biggest question for Vue at the moment. If you are happy with React there aren't really many concrete reasons to pick up Vue. Vue offers better out-of-the-box performance than React (and sometimes Vue even beats hand-optimized React code) but how many people are actually hitting React's performance ceiling? I'm curious how React Fiber will affect this, if at all.
To get to your point, I don't see any major, key selling points of Vue over React. There are a ton of small things that I think Vue does better than React, but small improvements aren't going to motivate companies to port their codebases nor developers to abandon (potentially) years worth of experience.
That said, a common theme from companies discussing why they chose Vue over React is simplicity (1, 2). However, I don't see this becoming the norm especially if there is a large talent pool of developers with React experience.
tl;dr good is the enemy of great ;)
One is an accident and the other one a deliberate move from management.
But gitlab is likely going in the same direction as github in terms of forced diversity:
https://about.gitlab.com/handbook/hiring/#equal-employment-opportunity
> ... doesn't believe in having version control ... not comfortable using CLI ...
Flee!
If for some weird reason you still want to stay, be aware of the initial operational and cognitive overhead. You will probably have to constantly motivate them to use it properly until one of them screws up and Git will save the day.
Concerning the tools: setup Gogs or GitLab, both are fairly easy to install. Then choose a Git GUI.
With GitLab you will also have the possibility to introduce code review which improves code quality and helps finding bugs before they go live.
Ok so maybe that needs more explanation. HomeAssistant uses a lot of YML files for its configuration. And sometimes I mess up formatting yml and HASS does not start. So to fix this, I store all the configs for HASS in GITLAB git repo and I run a GitLab Runner on my local Synology NAS. So now all changes I make are version controlled and after every commit, a GitLab CI job runs that validates the YML and if all good it pushes to my local Homeassistant instance and restarts.
If you need more info, a good tutorial is given here- https://about.gitlab.com/2018/08/02/using-the-gitlab-ci-slash-cd-for-smart-home-configuration-management/
For why I run it on Synology and not RPI is only cause I prefer to have my docker containers in one place.
I'm involved in the hiring process for GitLab's DB specialist position (https://about.gitlab.com/jobs/specialist/database/) so I'll share my point of view/thoughts.
I personally don't care too much if an applicant has any side projects (and if so if they are popular). Many people don't have the time or energy (e.g. good luck when you have a partner, 2 kids, a dog, and a job) for it, or their employer may simply not allow them any side projects. If they do have side projects that's great, if they're popular that's even better. However, it's by no means a requirement. Instead I use it to get a better understanding of an applicant's experience level if the rest of the interviewing process did not reveal enough.
Having said that, if somebody does happen to work on a side project related to the position (e.g. in case of the DB position that might be something like having contributed to PostgreSQL) I do tend to get much more excited about the candidate.
So tl;dr: it's nice, but definitely should not be required.
When one of the good guys discovers a security vulnerability, he usually informs the developers of the software. In the best case, they provide an update promptly and publish a corresponding notice (for example https://about.gitlab.com/releases/2021/04/14/security-release-gitlab-13-10-3-released/).
From then on, it is up to the operator of the respective installation to act. Because I host some things myself, I have subscribed to various mailing lists, RSS feeds, etc. to be informed about precisely such cases.
They pay $70-85k, depending on how good you are.
"I'm so special that Microsoft will personally remove my code so I'm putting my code on the B L O C K C H A I N"
Not everything needs blockchain.
Just go use GitLab or something, or if you don't trust letting those dirty corporations controlling your data then run your own Git server with a web interface using one of several alternatives.
Or the Omnibus package. I've been using it self-hosted (about ~40 users, ~200 projects) for more than three years with barely a single problem. CI is super-easy, pipelines are great, too.
What about gitlab.com? They integrate gitlab-ci even in their free service. Or you can host gitlab(-ci) yourself if the free service of gitlab.com is not enough for you ..
You won't get a 100k USD Salary in the UK - you'll get that only in the Silicon valley.
UK(and Europe in general) salaries are closer to 60k GBP (pre tax)
A good COL adjusted salary reference would be the Gitlab compensation calculator - https://about.gitlab.com/handbook/total-rewards/compensation/compensation-calculator/calculator/
It's not all of sudden. :)
Project like Debian and GNOME who are deeply rooted in the Free Software movement always tried to avoid any dependency on non-free software.
GitHub does not make their sources available under an Open Source license, so it has never been an option for GNOME and Debian (there are official GNOME mirrors on GitHub, but the canonical repository is under gnome.org).
GitLab is available under an Open Source license and recently moved away from their CLA, so both GNOME and Debian can use their self-hosted instance.
It's U.S. law. Gitlab has the same restrictions for their hosted instance:
> The Website is available only to individuals who are at least 13 years old.
https://about.gitlab.com/company/culture/all-remote/meetings/#live-doc-meetings
Document meetings live with a Google Doc. Notate questions, action items, agreed outcomes. Everyone in the meeting should have access (and there's edit history available). No more confusion.
https://about.gitlab.com/handbook/people-operations/global-compensation/
>If we start paying everyone the highest wage our compensation costs would increase greatly, we can hire fewer people, and we would get less results.
thanks for your correction! I tried to find the limitations to CI as a free user and the linked bug was all that i could find for some reason. I have since found info here: https://about.gitlab.com/2017/04/11/introducing-subscriptions-on-gitlab-dot-com/. It appears to be 2000 CI Pipeline Minutes, and i think that's per user but its not clear. I have added your corrections to the post. thanks!
And you're right, your not abusing the service if GitLab imposes their own limits. The spirit of that part of the post is to be a good citizen, also to inform any reader that there is a option to not automatically kick off builds. thanks!
So what happened is that: due to high load GitLab’s secondary db started lagging behind the primary db. This would cause issues as the two dbs are supposed to be clones of each other. The only way to fix this was to manually copy over the primary database’s contents to the secondary db using a command called pg_basebackup. This didn’t work for various reasons & they tried to fix it.
In attempt to restart the process which keeps the secondary database in sync with the primary database, an engineer started to delete the contents of the secondary db. Turns out that s/he actually started wiping the primary db instead. They realised after 1-2 seconds. Then they had to restore the db from a backup which was 6 hours old. So the last 6 hours of data sent to the servers were gone!
In depth write up by gitlab: https://about.gitlab.com/2017/02/10/postmortem-of-database-outage-of-january-31/
It actually isn't hard to get a private wiki running. We (2-3 guys making games) run Gitlab on our own server and it has a wiki included in which we write some stuff.
Gitlab also comes with an issue board where we track bugs and our next steps.
They used to have a compensation calculator on the developer job post. Either they took it down, or it doesn't work on mobile.
This compensation calculator, which even if the calculator is not there, appears still to be used based on their handbook that they publish, lead me and several of my friends in my city and a few others to believe that we could not afford to work for Gitlab, even if it is a cool company. I've been very impressed by their public approach to just about everything. I really liked the interview with the founder that was on Request for Commits. I don't think compensation calculators are a good thing because they don't take into account enough individual excellence.
Do you have access to a dedicated server / vps? If you have, I would consider setting up a Gitlab instance. Since it's your own private "Github", it doesn't have any limitations. I store all my code / assets on my Gitlab (some of which exceed the limit of 100MB by about 10 times).
If you want to work on Dropbox, why not set-up a git repository with dropbox? There are several articles on the web explaining how to set this up (for example this).
In fact, it wouldn't have even mattered if it was in the repo if he had used a private repo. I know everyone has a hard-on for github, but you can easily run your own git repo if you can't justify the cost of paying github. There's even a free github clone called gitlab that allows you to run a private repo on your own server.
Larger more "remote aware" companies factoring living expense into the pay equation. For example Gitlab uses their "HQ" as the base pay salary for employees and then runs that salary through a basic calculator that spits out the pay adjusted for living expenses.
So say for example that the pay in "Big City" is $150,000 and the company using many sources determines that the pay rate in "Little City" is 0.89 of what is payed in big city. The companies actual pay out to the employee would be $133,500.
You can see this in practice at https://about.gitlab.com/handbook/total-rewards/compensation/compensation-calculator/calculator/
I moved back from the US to Singapore twice, once in 2013 and once in 2016. I also just helped one Indonesian friend move from New York to Singapore last month.
You can expect a total compensation cut between 30% and 50% depending on what you're getting now but since your Singapore taxes should be lower than 10%, you should get most your pay cut back thanks to lower taxes. Life is cheaper than in New York or San Francisco and you'll definitely be able to save some money.
About the pay and the company perks, you can check out the job portal that my wife and I built for software engineers in Singapore: https://careerwiz.sg. We spent over 100 hours gathering data about salary ranges and perks of the largest tech companies in Singapore.
If you don't mind working from home, one interesting option is GitLab. One of my local friends joined them and they do offer similar salaries in Singapore than in the US: https://about.gitlab.com/handbook/people-group/global-compensation/calculator/.
I hope this helps.
Use Gitlab container registries. While you're there, use their free CI minutes, private repositories, Gitlab Pages integration, Kanban-style issue tracking boards, and all the other features.
Gitlab is dope.
[EDIT] - Oh I also forgot -- there is the whole AutoDeploy pipeline which is heavily aligned with Kubernetes to try out. Things like per-branch environments (which is generally only implemented at companies with good software engineering shops).
They are using their own product, Geo: https://about.gitlab.com/2018/06/25/moving-to-gcp/#how-were-preparing-for-the-migration.
Basic Git repos are free, some of the more advanced CI/CD features, project tracking, etc, cost money. Plus if you're on the free version and something goes wrong, you're pretty much on your own. Companies will pay good money for support and SLAs, especially when downtime means their developers aren't able to work and go on Reddit.
On second thought, our Enterprise GitHub is functioning perfectly right now and I'm still on Reddit.....
https://about.gitlab.com/pricing/#gitlab-com for an idea of what you can pay for with GitLab.
Let me take two of your arguments away then ;)
> Then I like how you can reference projects or comments from unrelated gits
https://docs.gitlab.com/ee/user/markdown.html#special-gitlab-references
> and I love GitHub Pages
GitLab Pages can not only host but also build your website. And GitLab also provides a simple online editor and a WebIDE, so you don't need to do anything locally anylonger.
Well to me this looks like a case where the process was just bad (looks like the regular process for approving shield studied wasn't followed). And even if it was one guy's mistake, it's fine for the company to look into how they could have prevented it, because in the end they're still collectively responsible. A great example of handling a single employee's fuckup is this by gitlab.
>We decided to use Arch Linux as the operating system for our server. Our main reasons for choosing Arch Linux were its active community, good documentation, highly up-to-date repositories with current versions of important software, good support for disk encryption, and finally, the fact that Arch Linux has a rolling update scheme instead of a release-based one. This last point is especially important to us, since we do not want to go through the pain of upgrading our operating system from one version to the next every other year — which usually causes lots of trouble. Furthermore, release-based distributions tend to have outdated software in their repositories. Instead, we prefer to keep our system always up to date and enjoy the latest version of any software any time.
https://about.gitlab.com/2017/08/07/how-startups-build-it-infrastructure/
It does not sound very smart to me, but that's their explanation
Cool! It was definitely taken down this morning, though. Here's their explanation.
Still, it's frustrating that the DMCA enables abuses like this in ways that have nothing to do with copyright. Gitlabs response notwithstanding, this is exactly what happened with his GitHub account.
edit: clarifying, added the link
OK, but are you paying for a private repo? Here's gitlab's prices for private repos - https://about.gitlab.com/gitlab-com/
(Hint - free with no support / enterprise BS).
Bitbucket free for small teams - https://bitbucket.org/plans
Fuck knows what else there is out there.
Git is a commodity. It's like paying for a domain name. As long as they're not too likely to go dead with a copy of your data, who cares?
Git with a nice issue tracker? Also a commodity.
Git with a great social community? Fine, GitHub has a bit of an edge, if they keep the trust of the community. But even then, why pay for private repos - there's no community if it's private.
There's this which gives a list of features GitLab has that GitHub doesn't. This same list is appropriate for contrasting against Bitbucket.
GitLab is also properly open-source, unlike GitHub and Bitbucket.
> GitLab has 100,000 users
I don't think that's accurate. GitLab claims to have more than 100k self hosted installations. That is, more than 100k organizations use GitLab internally.
GitLab has "30 million estimated registered users."
Programmer who works remotely here. If your companies software operations are A->B->C->D and perfectly laid out and obvious at the beginning of each quarter then you can just have an army of developers not in the bay area and do great. In reality, most startups (even at larger sizes) change directions really quickly in which case managing a team that is remote all the time is really difficult.
In reality, only a couple of new companies have been able to achieve predictability. I say new, because old companies aren't even trying (Salesforce and Oracle is all about BIS for example).
Gitlab is pretty much the only Unicorn I know that's been able to achieve this [1]
I doubt I could improve on GitLab's documentation much: https://about.gitlab.com/features/github/
This is what I'd used to implement this workflow before. Does it help?
One project I'm working on is currently powered by some home-brew solution (think a GitHub hook, a remote machine, a Docker image and some scripts for building, running tests and APK deployment).
I'm also using GitLab CI/CD for a personal project and it has been a blast - very easy to get started, supports Docker images and in general quite customizable. As a bonus, most of the configs reside in just one file.