If your IP (and possible your browser) looks “suspicious” or has been used by other users before, you need to add additional information for registration on gitlab.com, which includes your mobile phone number and possibly credit card information. Since it is not possible to contribute or even report issues on open source projects without doing so, I do not think any open source project should use this service until they change that.

Screenshot: https://i.ibb.co/XsfcfHf/gitlab.png

  • vivi@lemmy.mlOP
    link
    fedilink
    arrow-up
    9
    arrow-down
    1
    ·
    il y a 10 mois

    Even Github does not require any personal information, so there are certainly other ways.

    • NuXCOM_90Percent@lemmy.zip
      link
      fedilink
      arrow-up
      7
      arrow-down
      3
      ·
      il y a 10 mois

      And Github is Microsoft who need those capabilities for basically every other website they sell.

      Whereas gitlab is REALLY good software with… a website nobody ever really asked for but that still needs to exist to sell people that software.

      This comes up with a lot of services. I think everyone lost their god damned minds when overwatch added phone verification?

      Like, I don’t like it. But I have friends who ahve had to deal with harassment campaigns against their products (or persons) and the like and get why you would do what, on the surface, is a pretty trivial ask as a way to remove sock puppets.

        • NuXCOM_90Percent@lemmy.zip
          link
          fedilink
          arrow-up
          1
          ·
          il y a 10 mois

          It is still a monetary investment which is a major deterrent to bad faith accounts. This is why so many live games have a “you need to spend 1 dollar to get into the good queue” model. Shit like Escape from Tarkov where people buy accounts en masse are very much the exception.

          But also? The issue is, like with mots things, lower income users. A lot of the cheaper/more affordable “pay as you go” phone plans won’t support the SMS authentication services that these models depend on. Which is why I referenced Overwatch 2 since that was actually a really “good” example of the reasons this is not a good model.

          • uis@lemmy.world
            link
            fedilink
            arrow-up
            1
            ·
            il y a 10 mois

            TF2. Even in official competetive mm with phone verification and spending money there are lots of bots.

            won’t support the SMS authentication services that these models depend on.

            Is it even legal?

            • NuXCOM_90Percent@lemmy.zip
              link
              fedilink
              arrow-up
              1
              ·
              il y a 10 mois

              There is no one solution that handles everything (or else everyone would just do that). It is always about a mixture of multiple methods.

              Is it even legal?

              This is the internet. Someone will always claim it is illegal in “Europe”. Nobody will care enough to verify one way or the other. And, regardless of whether it is or is not, companies don’t care because most of those regulations are very toothless either due to bureaucratic inertia or just not giving a fuck.

              The fact of the matter is that this is a very common model used by a range of services and it is not going to get challenged any time soon.

              • uis@lemmy.world
                link
                fedilink
                arrow-up
                1
                ·
                il y a 10 mois

                Can’t say about entire Europe, especially about Kazahstan which has small part sticking out in Europe, but I’m pretry sure EU is not toothless.