@[email protected] to [email protected] • 3 months agoGitHub Is Not Open Source, A Rantlisted.toexternal-linkmessage-square93fedilinkarrow-up1168arrow-down145
arrow-up1123arrow-down1external-linkGitHub Is Not Open Source, A Rantlisted.to@[email protected] to [email protected] • 3 months agomessage-square93fedilink
minus-square@[email protected]linkfedilinkEnglish2•3 months agoThat’s not a pull request, but a merge request. Besides the point though. What I’m getting at is: isn’t that asking for trouble? Somebody could while true ; do head /dev/urandom -c 100MB > file.txt git add file.txt git commit -m "new commit" git push done and fill up your hard drive. Also, depending on the protocol, they could try fuzzing it. Or, pipe /dev/urandom into nc and blast your git port. And of course, the first problem is discoverability. Who’s going to find your random, unfederated, git service? It just doesn’t sound like a convincing solution, IMO. Anti Commercial-AI license
minus-square@lurchlink1•3 months agono, it’s not specific to merge requests. theres a tool called git-shell that prevents abuse
That’s not a pull request, but a merge request. Besides the point though. What I’m getting at is: isn’t that asking for trouble? Somebody could
while true ; do head /dev/urandom -c 100MB > file.txt git add file.txt git commit -m "new commit" git push doneand fill up your hard drive. Also, depending on the protocol, they could try fuzzing it. Or, pipe
/dev/urandomintoncand blast your git port.And of course, the first problem is discoverability. Who’s going to find your random, unfederated, git service?
It just doesn’t sound like a convincing solution, IMO.
Anti Commercial-AI license
no, it’s not specific to merge requests. theres a tool called git-shell that prevents abuse