this post was submitted on 02 Mar 2024
240 points (98.0% liked)

Technology

59534 readers
3199 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 1 year ago
MODERATORS
 

GitHub is under automated attack by millions of cloned repositories filled with malicious code.::Thanks to a combination of sophisticated methodology and social engineering, this particular attack seems to be very difficult to stop.

you are viewing a single comment's thread
view the rest of the comments
[–] abhibeckert@lemmy.world 5 points 8 months ago

Gitlab is open source. You can download it and host it yourself. A decentralized developer community is resilient against this sort of attack for the very reason GitHub is so vulnerable: size.

Um, what? Sorry but if someone is going to send, say, ten million malicious contributions (or heck, even just one), I don't particularly want to deal with that on my self hosted server. I'd rather someone else deal with it.

Git was always designed with decentralized development and collaboration in mind. Its creator, Linus Torvalds, prefers not to bother with servers like GitHub at all. Git can even be used entirely over email (Linus’s preference)!

The Linux project created Git to solve problems they had. Pretty much no other project in the world has the same set of problems - it's a highly unusual open source project with tens of millions in market value. Other projects have very different needs.