On Friday, 26 August 2016 at 23:51:50 UTC, ketmar wrote:
employees, lol.
and "its" 2 times
and "don't"
and "racist"
employees, lol.
On Friday, 26 August 2016 at 16:54:14 UTC, Jacob Carlborg wrote:
How is GitLab any different?
at least it's engine is opensourced, and it's employers doesn't
make public racists and chauvinist statements.
On 2016-08-26 17:11, Nick Sabalausky wrote:
That right there is why gitlab is better. I realize it's too late now,
but I kinda wish we had standardized on that instead of github. Unlike
gitlab, github takes all the philosophy, purpose, goals and values of
git (the very tool it's built for) and
On 08/11/2016 05:25 PM, Walter Bright wrote:
On 8/11/2016 7:34 AM, H. S. Teoh via Digitalmars-d wrote:
so no actual code would be lost.
Github dlang is our critical infrastructure, we should treat it
accordingly. I agree we wouldn't lose the code history, but would lose
just about everything
On 08/11/2016 10:56 AM, Kagamin wrote:
On Thursday, 11 August 2016 at 13:35:08 UTC, qznc wrote:
The code is pretty safe thanks to git. The comments get lost.
Irony. Is git still a DVCS? If you lose the central repo, you just lose.
The one big thing that always annoyed me about github is
On Friday, 12 August 2016 at 08:10:15 UTC, Walter Bright wrote:
Currently 11/35 have enabled 2FA
FWIW GitHub added a nice feature to track down members without
2FA more easily.
One can now filter members with `two-factor:disabled` (or select
this via the new UI Filter).
On Wednesday, 10 August 2016 at 04:20:51 UTC, Walter Bright wrote:
https://news.ycombinator.com/item?id=12259176
Apparently github users are increasingly being targeted.
BTW what about this
https://www.reddit.com/r/programming/comments/4z2nue/dear_programmer_dont_shorten_your_fingerprint/
On 8/12/16 10:53 AM, mùsdl wrote:
On Friday, 12 August 2016 at 08:10:15 UTC, Walter Bright wrote:
Currently 11/35 have enabled 2FA
Have you 5 hidden members ?
Members have the option of publicly exposing their membership.
-Steve
On Friday, 12 August 2016 at 08:10:15 UTC, Walter Bright wrote:
Currently 11/35 have enabled 2FA
Have you 5 hidden members ?
Currently 11/35 have enabled 2FA
On Thursday, 11 August 2016 at 18:44:11 UTC, ketmar wrote:
i'm not using smartphones at all, so no "apps". besides,
without sending auth request by some other channel than
internet i can't see any value in 2fa at all: how is that
different from simply using my ssh key and encrypted internet
On 8/11/2016 7:34 AM, H. S. Teoh via Digitalmars-d wrote:
so no actual code would be lost.
Github dlang is our critical infrastructure, we should treat it accordingly. I
agree we wouldn't lose the code history, but would lose just about everything
else. It would take us days, maybe weeks, to
On Thursday, 11 August 2016 at 18:50:41 UTC, H. S. Teoh wrote:
On Thu, Aug 11, 2016 at 06:36:11PM +, sldkf via
Digitalmars-d wrote:
On Thursday, 11 August 2016 at 13:35:08 UTC, qznc wrote:
> The code is pretty safe thanks to git. The comments get lost.
Somone can rewrite the entire history
On Thu, Aug 11, 2016 at 06:36:11PM +, sldkf via Digitalmars-d wrote:
> On Thursday, 11 August 2016 at 13:35:08 UTC, qznc wrote:
> > The code is pretty safe thanks to git. The comments get lost.
>
> Somone can rewrite the entire history (i.e patch the commiters mails).
> This would be a major
On Thursday, 11 August 2016 at 18:36:11 UTC, sldkf wrote:
On Thursday, 11 August 2016 at 13:35:08 UTC, qznc wrote:
The code is pretty safe thanks to git. The comments get lost.
Somone can rewrite the entire history (i.e patch the commiters
mails). This would be a major problem.
so what?
On Thursday, 11 August 2016 at 13:35:08 UTC, qznc wrote:
The code is pretty safe thanks to git. The comments get lost.
Somone can rewrite the entire history (i.e patch the commiters
mails). This would be a major problem.
On Thursday, 11 August 2016 at 18:34:30 UTC, Jesse Phillips wrote:
Don't use your phone, I don't. Use the App and/or hardware, no
need to give out personal information.
i'm not using smartphones at all, so no "apps". besides, without
sending auth request by some other channel than internet i
On Thursday, 11 August 2016 at 11:48:32 UTC, ketmar wrote:
yet in exchange for wery weak protection, one have to give his
phone number to the 3rd party, and that 3rd party is known by
security faults and overall low level of tech and security. if
i'll be asked to give my phone number to such
On Thursday, 11 August 2016 at 07:54:48 UTC, Jonathan M Davis
wrote:
I would expect the lockout issue to come from issues with your
phone. I almost got locked out by my domain registrar
previously, because I changed phone providers, and stupidly,
that meant that I couldn't get the SMS messages
On Thursday, 11 August 2016 at 13:35:08 UTC, qznc wrote:
The code is pretty safe thanks to git. The comments get lost.
Irony. Is git still a DVCS? If you lose the central repo, you
just lose.
On Thursday, 11 August 2016 at 13:35:08 UTC, qznc wrote:
The code is pretty safe thanks to git. The comments get lost.
If github doesn't restore from backup, maybe mirror github repo
into a gitlab repo?
http://docs.gitlab.com/ce/workflow/importing/import_projects_from_github.html
On Thu, Aug 11, 2016 at 12:59:11AM -0700, Walter Bright via Digitalmars-d wrote:
[...]
> There's also nothing private in the dlang repository, but a malicious
> person could just delete everything and it would be a major problem
> for us to recover from that.
[...]
Thankfully, it's not that bad
On Thursday, 11 August 2016 at 13:05:49 UTC, Steven Schveighoffer
wrote:
There's also nothing
private in the dlang repository, but a malicious person could
just
delete everything and it would be a major problem for us to
recover from
that.
Well, the code will all be on everyone's system.
On Thursday, August 11, 2016 09:05:49 Steven Schveighoffer via Digitalmars-d
wrote:
> I did not know that if you port your number to a new provider, you would
> be locked out. That's surprising, but makes sense at the same time.
It probably depends on who you're dealing with. In my case, it was
On 8/11/16 3:59 AM, Walter Bright wrote:
On 8/11/2016 12:33 AM, qznc wrote:
On Thursday, 11 August 2016 at 06:21:35 UTC, Jonathan M Davis wrote:
I just enabled it because of this thread, but in general, I'm
paranoid about
two-factor auth and don't use it for much. My domain registrar (and
thus
On Thursday, 11 August 2016 at 07:59:11 UTC, Walter Bright wrote:
There's also nothing private in the dlang repository, but a
malicious person could just delete everything and it would be a
major problem for us to recover from that.
only PRs. would be a refreshing change and autoclearing of
On Thursday, 11 August 2016 at 07:59:11 UTC, Walter Bright wrote:
Yeah, I worry about being locked out as well. There's also
nothing private in the dlang repository, but a malicious person
could just delete everything and it would be a major problem
for us to recover from that.
They do
On Thursday, 11 August 2016 at 07:54:48 UTC, Jonathan M Davis
wrote:
But I'd be even more worried about depending on an app on your
phone (like is sometimes the case with two-factor auth), since
that won't necessarily then work with another phone with the
same number, in which case, changing
On 8/11/2016 12:33 AM, qznc wrote:
On Thursday, 11 August 2016 at 06:21:35 UTC, Jonathan M Davis wrote:
I just enabled it because of this thread, but in general, I'm paranoid about
two-factor auth and don't use it for much. My domain registrar (and thus DNS)
is one of the few places that I have
On Thursday, August 11, 2016 07:33:45 qznc via Digitalmars-d wrote:
> On Thursday, 11 August 2016 at 06:21:35 UTC, Jonathan M Davis
>
> wrote:
> > I just enabled it because of this thread, but in general, I'm
> > paranoid about two-factor auth and don't use it for much. My
> > domain registrar
On Thursday, 11 August 2016 at 06:21:35 UTC, Jonathan M Davis
wrote:
I just enabled it because of this thread, but in general, I'm
paranoid about two-factor auth and don't use it for much. My
domain registrar (and thus DNS) is one of the few places that I
have it enabled. I'm just too worried
On Wednesday, August 10, 2016 18:34:56 Walter Bright via Digitalmars-d wrote:
> On 8/10/2016 4:41 PM, Seb wrote:
> > FYI: You (as org admin) can check whether everyone of the organization has
> > 2FA enabled:
> >
> > https://help.github.com/articles/ensuring-that-organization-members-have-e
> >
On 8/10/2016 4:41 PM, Seb wrote:
FYI: You (as org admin) can check whether everyone of the organization has 2FA
enabled:
https://help.github.com/articles/ensuring-that-organization-members-have-enabled-two-factor-authentication/
Thanks! OMG, looks like only about a fifth have 2FA.
On Wednesday, 10 August 2016 at 23:22:24 UTC, Walter Bright wrote:
On 8/10/2016 9:15 AM, Steven Schveighoffer wrote:
Done.
Thanks!
In any case, should be 0 impact, since all my github traffic
goes via ssh key.
Like a castle with its defenses in depth, security should
always have multiple
On 8/10/2016 9:15 AM, Steven Schveighoffer wrote:
Done.
Thanks!
In any case, should be 0 impact, since all my github traffic goes via ssh key.
Like a castle with its defenses in depth, security should always have multiple
levels to it to guard against a single point of failure.
On Wednesday, 10 August 2016 at 04:20:51 UTC, Walter Bright wrote:
https://news.ycombinator.com/item?id=12259176
Apparently github users are increasingly being targeted.
2 Factor Auth is pretty accessible now days. Definitely enable
for Gmail to if you're using that service.
I'd recommend
On 8/10/16 12:20 AM, Walter Bright wrote:
https://news.ycombinator.com/item?id=12259176
Apparently github users are increasingly being targeted.
Done. Didn't realize about this issue, of course, probably shouldn't use
a crappy password on your DNS server...
In any case, should be 0 impact,
On 8/10/2016 3:40 AM, Kagamin wrote:
They probably wanted his private code, otherwise the attack is futile.
Perhaps, but I don't want a malicious actor being able to hose the dlang
repository. Too many people depend on it to risk that sort of thing.
They probably wanted his private code, otherwise the attack is
futile.
https://news.ycombinator.com/item?id=12259176
Apparently github users are increasingly being targeted.
41 matches
Mail list logo
