ChanServ changed the topic of #freedesktop to: https://www.freedesktop.org infrastructure and online services || for questions about freedesktop.org projects, please see each project's contact || for discussions about specifications, please use https://gitlab.freedesktop.org/xdg or xdg@lists.freedesktop.org
agd5f has quit [Read error: Connection reset by peer]
ybogdano has joined #freedesktop
alpernebbi has quit [Ping timeout: 480 seconds]
alpernebbi has joined #freedesktop
ybogdano has quit [Ping timeout: 480 seconds]
alanc has quit [Remote host closed the connection]
alanc has joined #freedesktop
danvet has joined #freedesktop
Major_Biscuit has joined #freedesktop
rgallaispou has joined #freedesktop
agd5f has joined #freedesktop
mvlad has joined #freedesktop
ximion has quit []
___nick___ has joined #freedesktop
MrCooper has quit [Remote host closed the connection]
MrCooper has joined #freedesktop
eroux has quit [Read error: No route to host]
eroux has joined #freedesktop
AbleBacon has quit [Read error: Connection reset by peer]
agd5f has quit [Ping timeout: 480 seconds]
mvlad has quit [Remote host closed the connection]
mvlad has joined #freedesktop
agd5f has joined #freedesktop
agd5f has quit [Remote host closed the connection]
agd5f has joined #freedesktop
Porkepix has quit []
Porkepix has joined #freedesktop
Porkepix has quit [Killed (NickServ (Too many failed password attempts.))]
Porkepix has joined #freedesktop
<Porkepix> Hi! I've got a little question regarding freedesktop's gitlab. I wanted to signup to follow some issues and report some others, and as usual for a couple of reasons I prefer a direct signup rather than relying on third-party OAuth. However, I can't use the normal signup considering it forces the use of Google's reCAPTCHA. This is problematic for people trying to avoid it, and
<Porkepix> also requires user's consent as requested by the GDPR. Is there something planed to handle such cases?
Major_Biscuit has quit []
rektide has quit [Remote host closed the connection]
rgallaispou has quit [Read error: Connection reset by peer]
rgallaispou has joined #freedesktop
ofourdan has quit [Ping timeout: 480 seconds]
ofourdan has joined #freedesktop
ybogdano has joined #freedesktop
ybogdano has quit [Ping timeout: 480 seconds]
ybogdano has joined #freedesktop
<eric_engestrom> Porkepix: third-party auths are exactly the solution to that problem :)
aleasto has left #freedesktop [Konversation terminated!]
<Porkepix> eric_engestrom: Excepted I tend to avoid them. I don't like the idea to depends on such third parties to participate in FLOSS. On top of that, most of them either have the same issue either are a no-go.
<eric_engestrom> well, until all spammers in the world decide to stop, we can't _not_ protect ourselves 🤷
<eric_engestrom> I understand the solutions are not liked by everyone, but they're are necessary
<eric_engestrom> if you know of another solution, you should suggest it to gitlab and/or propose an implementation; we don't carry custom patches so if you want something else you need to get upstream gitlab to support it
<Porkepix> eric_engestrom: And they're not efficient. I run a gitlab for an organization, and also had the occasion to talk with the admins of some of other FLOSS projects (VLC, gajim), they suffered from the same spammers abusing the public snippets (I wish this feature could be disabled…), whether recaptcha was enabled or not, because it was manual spammers
<eric_engestrom> (also, I mentioned spammers but depending on whether you care more about wasting contributor's time or money, those cryptocurrency psychopaths might be a bigger issue since they try to burn our financial resources (and literally burn the planet), whereas spammers "only" waste everyone's time)
<Porkepix> eric_engestrom: The issue is opened at gitlab for years, and it doesn't looks like they're doing any move regarding this. And aside from personal preferences, captcha services that do not only protect but also gather data, such as recaptcha, are falling under consentement needs regarding GDPR, it was confirmed a couple of months ago by a national data protection authority
ximion has joined #freedesktop
<Porkepix> eric_engestrom: When you talk about cryptocurrencies, is it because CI is kinda on open use and they abuse it to mine their crap?
<eric_engestrom> I/we know all that, but like I said until either all these attackers stop, or another protection is invented, there's nothing we can do
<eric_engestrom> yeah, exactly
<eric_engestrom> (about the CI)
<Porkepix> So, no ways to contribute for people caring about their privacy…
<emersion> yeah, i'm unhappy with the captcha as well
<eric_engestrom> like everything else, it's all about trade-offs: either you allow anything and you get attacked and you die (as a project/organisation), or you put restrictions and some legit people get turned away as well
<Porkepix> Got the same issue with Gnome. The admins had to create an account manually for me. And even like that I'm constantly being anoyed by the anti-spam thing triggered by whoever knows what (like a link to their own wiki) forbidding me to post (I block recaptcha) or blocking edits and so on.
<Porkepix> On that side, this is a big regression compared to bugzilla
<eric_engestrom> personally I don't like (re-)captcha as well, but... * /me repeats how it's necessary *
<Porkepix> eric_engestrom: Well, not rezlly and alternatives exists, but on that side it completely depends on the good-will of gitlab to provide alternatives. Currently it's aonly possible to toggle off recaptcha and that's all. Also, aside from the cryptocurrencies guys (I didn't encounter the problem), they also don't want to allow disabling features. Many people asked for it because the
<Porkepix> gitlab I'm admin on, as well as VLC, gajim and many others were abused on the public snippets feature, because these snippets are indexed by search engines; 99% of the abuses were there and their usage was pretty much only abuse, so people would have been happy to disable this.
<Porkepix> really*
<eric_engestrom> IIRC we talked about this a while back and came to the same conclusion: disabling snippets wouldn't be much of a loss and would help a lot with the spam
<Porkepix> Yup, I would have done it if we could
* eric_engestrom has to go now
<eric_engestrom> have a good weekend everyone 👋
<Porkepix> Have a nice weekend. I hope there will soon have a solution; I'll try to ask people on IRC if the issue can be reported by other means and I guess bookmark issues
miracolix has joined #freedesktop
___nick___ has quit []
___nick___ has joined #freedesktop
___nick___ has quit []
___nick___ has joined #freedesktop
AbleBacon has joined #freedesktop
ybogdano has quit [Ping timeout: 480 seconds]
___nick___ has quit [Ping timeout: 480 seconds]
agd5f has quit [Read error: Connection reset by peer]
agd5f has joined #freedesktop
danvet has quit [Ping timeout: 480 seconds]
mvlad has quit [Remote host closed the connection]