[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Updated review of GitLab

From: Ian Kelling
Subject: Re: Updated review of GitLab
Date: Tue, 29 Oct 2019 12:01:57 -0400
User-agent: mu4e 1.1.0; emacs 27.0.50

Tristan, thanks for bringing this up. They announced that they canceled
those plans, but if they reinstate them, then I agree.

Tristan Miller <address@hidden> writes:

> Dear all,
> A few days ago I received the message below from GitLab.  To summarize,
> their managed source hosting service at will be serving
> proprietary JavaScript code that may be used to report "telemetry" to a
> third-party service.
> I imagine that GitLab will continue to work when this proprietary
> JavaScript code is blocked (though I haven't tested this myself).  So
> probably GitLab still meets Criterion C0.  However, the fact that
> visitors will be tracked and reported to other organizations means that
> GitLab now fails Criterion B1.  So Criterion B1 should now be
> mentioned in GitLab's list of "Things that prevent GitLab from moving
> up to the next grade, B".
> Regards,
> Tristan
> Begin forwarded message:
> Date: Wed, 23 Oct 2019 20:45:43 +0000
> From: The GitLab Team <address@hidden>
> To: <address@hidden>
> Subject: Important Updates to our Terms of Service and Telemetry
> Services
> Dear Tristan Miller,
> We have launched important updates to our Terms of Service surrounding
> our use of telemetry services. Starting with GitLab 12.4, existing
> customers who use our proprietary products (that is, and the
> Enterprise Edition of our self-managed offerings) may notice additional
> Javascript snippets that will interact with GitLab and/or third-party
> SaaS telemetry service (such as Pendo).
> For users:  as we roll out this update you will be prompted
> to accept our new Terms of Service. Until the new Terms are accepted
> access to the web interface and API will be blocked. So, for users who
> have integrations with our API this will cause a brief pause in service
> via our API until the terms have been accepted by signing in to the web
> interface.
> For Self-managed users: GitLab Core will continue to be free software
> with no changes. If you want to install your own instance of GitLab
> without the proprietary software being introduced as a result of this
> change, GitLab Community Edition (CE) remains a great option. It is
> licensed under the MIT license
> ( and will contain no
> proprietary software. Many open source software projects use GitLab CE
> for their SCM and CI needs. Again, there will be no changes to GitLab
> CE.
> Key Updates:
> - (GitLab’s SaaS offering)and GitLab's proprietary
>   Self-Managed packages (Starter, Premium, and Ultimate) will now
>   include additional Javascript snippets (both open source and
>   proprietary) that will interact with both GitLab and possibly
>   third-party SaaS telemetry services (we will be using
>   Pendo(
> - We will disclose all such usage in our privacy policy, as well as
>   what we are using the data for. We will also ensure that any
>   third-party telemetry service we use will have data protection
>   standards at least as strong as GitLab and we will aim for SOC2
>   compliance. Pendo is SOC2 compliant.
> If you have any questions please contact us at address@hidden
> Thank you,
> GitLab Team
> ==============================================
> You are receiving this email because you have an active repository on

reply via email to

[Prev in Thread] Current Thread [Next in Thread]