Re: [Tails-project] Proposal: our own GitLab instance, sysa…

Nachricht löschen

Nachricht beantworten
Autor: intrigeri
Datum:  
To: Public mailing list about the Tails project, synchronizer
Betreff: Re: [Tails-project] Proposal: our own GitLab instance, sysadmin'ed by immerda.ch
Hi synchronizer,

synchronizer:
> Really, it should also be mirrored


The baseline is: at the moment we have mirrors for some of our Git
repositories, but _by far_ not all of them. Avoiding regressions in
this area is already explicitly part of our migration to GitLab
project :)

I suspect that the migration to GitLab will allow us to improve things
in this area, by mirroring all our public repos; however, committing
to this would be premature at this point.

> and managed at the optimom level of security.


I understand you care about the security of our upcoming GitLab setup.
I do to, and so do our sysadmins, mostly because of impact on our CI.
Many criteria that were proposed in previous rounds of discussions,
and many concerns that were raised, by various Tails contributors,
qualify as security matters. These concerns and criteria were specific
ones, and often measurable.

So I'm not sure what I can do with your recommendation.

Would you like to elaborate and perhaps share measurable criteria
that you think are part of the optimum level of security?

> In an onion based repo, DarkGit for example;
> http://darkgitxbwocfbkcldgonq5wr73ezls2n763ircdqfozc6rvjcgi76yd.onion/


What problem would this solution help solve?

Cheers,
--
intrigeri