Gitlab now requires phone number/credit card verification

Looks like gitlab now requires account verification for new accounts in addition to email. Either phone number or credit card.

This applies both to accounts created with a working email or by logging in using your github account. You can’t even verify your email until you go through step 1.

I don’t know when this started, but at least for the last month or two judging from these posts in the forums.

Fun fact: I don’t even want to host on gitlab, I just wanted to report bugs in some projects. So I’m locked out.

bamboo,

I’d assume this will be a non issue once they implement ActivityPub. They can enable whatever account restrictions on their gitlab instance, but if I don’t want to provide this information to report a bug, then I can use another instance or self host my own, without the account restrictions.

ipkpjersi,

You really think they will add a full ActivityPub implementation? I highly doubt it.

JackbyDev,

For discussions probably. Not for repos.

bamboo,

From the Summary in the link:

The end goal of this proposal is to build interoperability features into GitLab so that it’s possible on one instance of GitLab to open a merge request to a project hosted on an other instance, merging all willing instances in a global network

AppearanceBoring9229,

That’s great news!

Sneptaur,
@Sneptaur@pawb.social avatar

I don’t even really see this as an issue now personally. I guess it’s the principle of the thing.

blindbunny,

I was asking like less then a month ago what’s wrong with gitlab when Firefox switched to GitHub, now I know.

vox, (edited )
@vox@sopuli.xyz avatar
  1. firefox were using self-hosted mercurial + git with sync
  2. they just dropped mercurial, they’re still not on github
    only misc. libraries and the android frontend are on github, and firefox/mozilla has never used gitlab
Veraxus,
@Veraxus@kbin.social avatar

I really, really like Gitlab... but this is a MAJOR problem and spectacularly short-sighted.

wintermute,

Glad I switched to Forgejo some time ago, never looked back : )

nakal,
@nakal@kbin.social avatar

It looks like Gitea. Is it a fork?

poVoq,
@poVoq@slrpnk.net avatar

Softfork. Basically the version that runs on Codeberg.org

PropaGandalf, (edited )

And soon with ActivityPub integration? Pls?

poVoq,
@poVoq@slrpnk.net avatar

Work in progress, but it’s taking longer than I expected.

intrepid,

The forgefed spec itself is a work-in-progress. Not yet ready for a proper implementation.

Clbull,

Well they can just GitOut

buzz,
@buzz@lemmy.world avatar

Better to train Microsoft ai?

QuazarOmega,

How about training HI on Codeberg? ;)

cupcakezealot,
@cupcakezealot@lemmy.blahaj.zone avatar

sorry but deleting the account is absolutely ridiculous.

mark it inactive but just deleting someone’s entire git history because they didn’t put in a phone number or credit card is so dumb.

i don’t even need a phone number or credit card for my github account.

Wilzax,

Good thing it’s only deleting your account if it’s a new account that you didn’t finish the registration process for

MooseBoys,

deleting someone’s entire git history

Based on the image text this is for new accounts only. My account has neither phone nor credit card and I’ve not been asked to re-verify. Maybe they’re having problems with bots at the moment.

intrepid,

Maybe they’re having problems with bots at the moment.

I have to go through the ridiculous cloudfare verification page now. How do they have a bot issue?

LiveLM,

Probably people trying to mine Crypto on the CI runners again

Fisch,
@Fisch@lemmy.ml avatar

I think this is for new accounts only, if you already have an account, your E-Mail will already be verified

kevincox,
@kevincox@lemmy.ml avatar

This really sucks for bug reporting. I don’t mind this at all for hosting as that cost notable resources (especially their free CI tier) and they can set their own terms, but I want people to be able to report bugs without any trouble. (Although if spam is an issue maybe projects could opt-in to requiring this verification to report bugs).

A work-around is maybe the service desk feature allowing reporting bugs via email but this has issues for proper collaboration:

  1. The reporter’s email is shared.
  2. The issue is private by default.
  3. Can’t collaborate on an existing issue.

Maybe I’ll just go back to mailing lists… Or GitHub has gotten better recently. But GitLab’s CI is so much better.

TauZero,

I want people to be able to report bugs without any trouble.

Thank you for being aware! I’ve experienced this on github.com. I’ve tried to submit issues several times to open source projects, complete with proposed code to solve a bug, but github shadowbans my account 6 hours after creating it (because I use a VPN? a third-party email provider? do not provide a phone number? who knows). I can see the issue and pull request when logged in, but they only see a 404 on their project page even if I give them a direct link. I ended up sending them a screenshot of the issue page just to convince them this was even possible. Sad to hear gitlab does it even worse now by making phone mandatory.

Bipta,

Kbin uses Gitlab so it's too bad.

ernest, (edited )
@ernest@kbin.social avatar

Not really. The official repository (with issue management) is located on Codeberg. GitHub serves as a mirror in case of any issues with the primary service.

https://codeberg.org/Kbin/kbin-core

roguetrick,

Well what would you know about it, ernest.

nix,
@nix@merv.news avatar

Hopefully the move to codeberg.org

Infiltrated_ad8271,
@Infiltrated_ad8271@kbin.social avatar

Time to delete my account, before it is considered "suspicious" and I can't even log in without verification.

GrappleHat,
@GrappleHat@lemmy.ml avatar

Why GitLab!?

tarneo,
@tarneo@lemmy.ml avatar

Because it’s a decent competitor to the GitHub monopoly. It also has a few unique features when compared to it. Just guessing why OP uses it though (many people do)

GrappleHat,
@GrappleHat@lemmy.ml avatar

Sorry, I meant “GitLab, why’d you do that!?”

(I’m a GitLab user myself)

tarneo,
@tarneo@lemmy.ml avatar

Oh right

DroneRights,

Oh, well then you forgot your comma

adamnejm, (edited )
@adamnejm@programming.dev avatar

Just tried this out using a typical temporary email address (temp-mail.org) and a VPN (AirVPN).
I was only asked to confirm my e-mail address within 3 days, never for a phone address or any banking details.

Judging by the first post you’ve linked to, it’s only necessary for paid accounts or free trials.
The person in the second post is trying to register via GitHub / Google, well… sucks for them.

rrobin,

I’ve tried a few times in the past 2 weeks. Using a good email account and also with github, no luck though. Maybe its doing some “smart” heuristics to trigger it.

I just retried now, using that temp mail (but no vpn) and got the exact same phone verification. Maybe my IP address is evil :D

authed,

fuck them

buzz,
@buzz@lemmy.world avatar

But what are they supposed to do - they dont have Microsoft resources and can’t exchange your data for ai training

peyotecosmico, (edited )

Time to start using GitDirectory named V.01 shared over FTP.

It’s a joke, don’t use FTP, it’s not secure.

intrepid,

Is there any reference for this? I can’t find anything relevant. Just curious.

peyotecosmico,

Of FTP not being secure? Check the links in the comments below

FTP it’s not encrypted

intrepid,

No. I mean gitdirectory over FTP.

peyotecosmico,

There’s no GitDirectory, it’s the way we used to share files back then, a shared directory over FTP

intrepid,

I’m aware of FTP. It’s still around in certain circles. But for a moment I thought that there was some sort of integration between ftp and git. I guess not.

lazynooblet,
@lazynooblet@lazysoci.al avatar

Why isn’t FTP secure

MrRazamataz,
@MrRazamataz@lemmy.razbot.xyz avatar

because it hasn’t got an S in it

Klaymore,
@Klaymore@sh.itjust.works avatar

It’s unencrypted, your ISP / Starbucks wifi can read all the files you send. Use SFTP instead.

Atemu,
@Atemu@lemmy.ml avatar

Not just read but modify even.

ErwinLottemann,

or FTPS

registrert,
@registrert@lemmy.sambands.net avatar

deleted_by_author

    •
    ErwinLottemann,

    SFTP is a ‘part’ of SSH, FTPS is FTP but encrypted.

    registrert,
    @registrert@lemmy.sambands.net avatar

    deleted_by_author

    •
    JackbyDev,

    Yeah, I think you need to go out of your way to try to use ftps. When people say ftp they generally mean SFTP.

    tabularasa,

    Yes, SFTP > FTP-S.

    xcjs,
    @xcjs@programming.dev avatar

    Especially when it comes to gateway configuration.

    vox, (edited )
    @vox@sopuli.xyz avatar

    isn’t the official gitlab instance primarily a paid platform? cc verification makes sense then.

    Pantherina,

    I know this sucks. But I imagine this is because of previous abuse by bots or something. Could be simply evil though.

    overshot,
    @overshot@jlai.lu avatar

    Gitea for life

    PropaGandalf,

    forgejo for life!

  • All
  • Subscribed
  • Moderated
  • Favorites
  • privacy@lemmy.ml
  • localhost
  • All magazines
    •
    Loading…
    Loading the web debug toolbar…
    Attempt #