[prev in list] [next in list] [prev in thread] [next in thread] 

List:       kde-devel
Subject:    Re: Automated usage of Gitlab
From:       Nicolás_Alvarez <nicolas.alvarez () gmail ! com>
Date:       2022-07-04 22:40:18
Message-ID: F94331B3-654F-4D28-AE23-C12B1E349C8B () gmail ! com
[Download RAW message or body]


> El 4 jul. 2022, a la(s) 18:46, Thomas Friedrichsmeier \
> <thomas.friedrichsmeier@kdemail.net> escribió: 
> On Sun, 3 Jul 2022 22:45:37 +1200
> Ben Cooksley <bcooksley@kde.org> wrote:
> > Recent analysis of the logs of our Giltab instance has revealed
> > numerous instances of files being directly retrieved from Gitlab
> > (using the /raw/ API). Much to my incredible sadness, this has
> > included accesses being made by KDE Applications themselves.
> > 
> > As a reminder, automated access to the "raw files" API of Gitlab is
> > strictly prohibited and not permitted under any circumstances. The
> > only use of it which is allowed is within .gitlab-ci.yml files to
> > import job definitions from sysadmin/ci-utilities.
> 
> [...]
> 
> To make sure I understand you, correctly: All this applies to the /raw/
> API, only? For instance, on the RKWard download page, we link to the
> release Changelog, for convenience, as a "/-/blob/". Is that ok, or
> something to avoid, too?

/raw/ vs /blob/ isn't the real problem (actually /raw/ might use less server \
resources).

Whichever the URL, a website linking to a file on Invent is probably okay, not too \
different than a "contribute here" link pointing at the repo itself. Embedding an \
image by putting a /raw/ Invent URL in an <img> (causing a request on every page \
load) is not okay.

An app linking to a file on Invent so the user clicks to open in a browser is \
probably okay (though you may want a more future-proof URL). Automatically \
downloading the file when the app opens is not okay.

And in general, websites are less of a problem because we can fix it quickly. \
Requests coming from desktop apps are a bigger problem because changes can take a \
long time to reach all our users.

--
Nicolas=


[prev in list] [next in list] [prev in thread] [next in thread]