Re: [git-users] how corporates handle git repositories?
# mrz@gmail.com / 2014-09-09 12:27:03 -0400: On Sat, Sep 6, 2014 at 5:23 AM, Roman Neuhauser neuhau...@sigpipe.cz wrote: you seem to be unaware that if you pay some money you can have private repos in github. those are accessible only to users authorized by you. Lot of companies wouldn't allow their IP on servers they don't fully control, no matter how many guarantees that they're the only ones allowed to access it. yes, and many do. it's a matter of a kind-of SWOT analysis. do you distrust third parties with access to your code? if you take it to its logical conclusion you'll find you need to design and manifacture your own hardware and software. Intel may deny backdoors in their CPUs[1], but that's no different from Github swearing they [dw]on't let others see your code, is it? [1] Cisco and others can't claim innocence anymore I'm actually surprised that companies actually do use github -- especially after cases like http://it.slashdot.org/story/14/06/18/1513252/code-spaces-hosting-shutting-down-after-attacker-deletes-all-data -- but I have to admit I know many that do and they seem to be happy. well, i had never heard of codespaces.com until their shutdown was publicized, and judging from the description of the breach they were a fly-by-night operation. github is in a different league. at least with DVCSs complete version history remains with you even if your hosting provider shuts down abruptly, so you lose established processes but no data. github lets you access all your data including issues and whatnot programmatically so you can have backups away from their infrastructure should the shit hit the fan. -- roman -- You received this message because you are subscribed to the Google Groups Git for human beings group. To unsubscribe from this group and stop receiving emails from it, send an email to git-users+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [git-users] how corporates handle git repositories?
Hi, On Tue, Sep 9, 2014 at 6:27 PM, Maurizio Vitale mrz@gmail.com wrote: On Sat, Sep 6, 2014 at 5:23 AM, Roman Neuhauser neuhau...@sigpipe.cz wrote: # madhan.dhanikacha...@gmail.com / 2014-09-04 21:26:59 -0700: I see github is a place to hold repositories so multiple people can work on a project. my question would be, I know for sure my company won't be OK with hosting our code in github or anywhere else outside of our internal servers. you seem to be unaware that if you pay some money you can have private repos in github. those are accessible only to users authorized by you. Lot of companies wouldn't allow their IP on servers they don't fully control, no matter how many guarantees that they're the only ones allowed to access it. I'm actually surprised that companies actually do use github -- especially after cases like http://it.slashdot.org/story/14/06/18/1513252/code-spaces-hosting-shutting-down-after-attacker-deletes-all-data -- but I have to admit I know many that do and they seem to be happy. I haven't used it but from what I heard GitHub Enterprise runs on the client company's servers : https://enterprise.github.com/ nico -- You received this message because you are subscribed to the Google Groups Git for human beings group. To unsubscribe from this group and stop receiving emails from it, send an email to git-users+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [git-users] how corporates handle git repositories?
On Wed, Sep 10, 2014 at 09:46:34AM +0200, Nicolas Dermine wrote: Hi, On Tue, Sep 9, 2014 at 6:27 PM, Maurizio Vitale mrz@gmail.com wrote: On Sat, Sep 6, 2014 at 5:23 AM, Roman Neuhauser neuhau...@sigpipe.cz wrote: # madhan.dhanikacha...@gmail.com / 2014-09-04 21:26:59 -0700: I see github is a place to hold repositories so multiple people can work on a project. my question would be, I know for sure my company won't be OK with hosting our code in github or anywhere else outside of our internal servers. you seem to be unaware that if you pay some money you can have private repos in github. those are accessible only to users authorized by you. Lot of companies wouldn't allow their IP on servers they don't fully control, no matter how many guarantees that they're the only ones allowed to access it. I'm actually surprised that companies actually do use github -- especially after cases like http://it.slashdot.org/story/14/06/18/1513252/code-spaces-hosting-shutting-down-after-attacker-deletes-all-data -- but I have to admit I know many that do and they seem to be happy. I haven't used it but from what I heard GitHub Enterprise runs on the client company's servers : https://enterprise.github.com/ At least I think it runs on a server at the company's site (ownership can sometimes be a tricky thing;). If that is of interest then gitlab-ce[1] warrants a look too. /M [1]: https://about.gitlab.com/gitlab-ce/ -- Magnus Therning OpenPGP: 0xAB4DFBA4 email: mag...@therning.org jabber: mag...@therning.org twitter: magthe http://therning.org/magnus Any fool can write code that a computer can understand. Good programmers write code that humans can understand. -- Martin Fowler pgpHzXKWBApXs.pgp Description: PGP signature
Re: [git-users] how corporates handle git repositories?
I just found this article, which may be of interest also. It is about how to host your own github on an Ubuntu system. http://www.howtoforge.com/how-to-run-your-own-git-server-with-gitlabhq-on-ubuntu-14.04 -- There is nothing more pleasant than traveling and meeting new people! Genghis Khan Maranatha! John McKown -- You received this message because you are subscribed to the Google Groups Git for human beings group. To unsubscribe from this group and stop receiving emails from it, send an email to git-users+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [git-users] how corporates handle git repositories?
On Wed, Sep 10, 2014 at 2:37 AM, Roman Neuhauser neuhau...@sigpipe.cz wrote: # mrz@gmail.com / 2014-09-09 12:27:03 -0400: On Sat, Sep 6, 2014 at 5:23 AM, Roman Neuhauser neuhau...@sigpipe.cz wrote: you seem to be unaware that if you pay some money you can have private repos in github. those are accessible only to users authorized by you. Lot of companies wouldn't allow their IP on servers they don't fully control, no matter how many guarantees that they're the only ones allowed to access it. yes, and many do. it's a matter of a kind-of SWOT analysis. do you distrust third parties with access to your code? if you take it to its logical conclusion you'll find you need to design and manifacture your own hardware and software. Intel may deny backdoors in their CPUs[1], but that's no different from Github swearing they [dw]on't let others see your code, is it? Well, it is different (don't get me wrong, I love that companies put things on github; I have a couple of ideas for tools that rely on that). Here's why: - an Intel chip may have backdoors, but there're a few people that can put them in. - once the chip is deployed, they must still get to it through multiple levels of firewalling, some of which are under complete control (I guess one can make the case that a CPU with a backdoor might observe that specific open source firewalls are being run and open things, but this is frankly beyond reasonable) - somebody with access to all those backdoors (basically NSA and similar agencies) need to have enough interest in targetting me specifically. If they did have interest I have no doubts they can get to the code. But they could get to the code just by sending two men in black outside the office and have a talk with a few employees. Now github (and really, I do believe github does a great job; here they stand for any repository out there in the web): - by definition they hold lot of code from multiple entities, some of which might be of interest. So they are an obvious target and anybody can try to get in. - getting in it is easier than getting in your cpu and access can be gained trough errors in large software stacks - repositories are not encrypted, so once you're in, you're in That said, I firmly believe that people will get used to the notion of having their intellectual property in the cloud, I'm just surprised that so many do it already. Anyhow, sorry for sidetracking the discussion. It is not about git anymore, so I'll shut up and see if people have things to add on how they handle repositories, which is something I'm very interested in. [1] Cisco and others can't claim innocence anymore I'm actually surprised that companies actually do use github -- especially after cases like http://it.slashdot.org/story/14/06/18/1513252/code-spaces-hosting-shutting-down-after-attacker-deletes-all-data -- but I have to admit I know many that do and they seem to be happy. well, i had never heard of codespaces.com until their shutdown was publicized, and judging from the description of the breach they were a fly-by-night operation. github is in a different league. at least with DVCSs complete version history remains with you even if your hosting provider shuts down abruptly, so you lose established processes but no data. github lets you access all your data including issues and whatnot programmatically so you can have backups away from their infrastructure should the shit hit the fan. -- roman -- You received this message because you are subscribed to the Google Groups Git for human beings group. To unsubscribe from this group and stop receiving emails from it, send an email to git-users+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout. -- You received this message because you are subscribed to the Google Groups Git for human beings group. To unsubscribe from this group and stop receiving emails from it, send an email to git-users+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [git-users] how corporates handle git repositories?
# madhan.dhanikacha...@gmail.com / 2014-09-04 21:26:59 -0700: I see github is a place to hold repositories so multiple people can work on a project. my question would be, I know for sure my company won't be OK with hosting our code in github or anywhere else outside of our internal servers. you seem to be unaware that if you pay some money you can have private repos in github. those are accessible only to users authorized by you. If this is the case and am sure other companies might have the same constraints. How are people hosting their repositories? Any tips do/dont's on how to handle repos internally? my employer has a bunch of organizations in github (github.com/$org), some have publicly accessible repos (browsable, clonable by anyone), some are private (accessible only to designated users). beside that, we have a private gitorious instance, as well as a heap of repositories in a central server exposed only with ssh. -- roman -- You received this message because you are subscribed to the Google Groups Git for human beings group. To unsubscribe from this group and stop receiving emails from it, send an email to git-users+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [git-users] how corporates handle git repositories?
On Sat, Sep 6, 2014 at 5:23 AM, Roman Neuhauser neuhau...@sigpipe.cz wrote: # madhan.dhanikacha...@gmail.com / 2014-09-04 21:26:59 -0700: I see github is a place to hold repositories so multiple people can work on a project. my question would be, I know for sure my company won't be OK with hosting our code in github or anywhere else outside of our internal servers. you seem to be unaware that if you pay some money you can have private repos in github. those are accessible only to users authorized by you. Lot of companies wouldn't allow their IP on servers they don't fully control, no matter how many guarantees that they're the only ones allowed to access it. I'm actually surprised that companies actually do use github -- especially after cases like http://it.slashdot.org/story/14/06/18/1513252/code-spaces-hosting-shutting-down-after-attacker-deletes-all-data -- but I have to admit I know many that do and they seem to be happy. If this is the case and am sure other companies might have the same constraints. How are people hosting their repositories? Any tips do/dont's on how to handle repos internally? my employer has a bunch of organizations in github (github.com/$org), some have publicly accessible repos (browsable, clonable by anyone), some are private (accessible only to designated users). beside that, we have a private gitorious instance, as well as a heap of repositories in a central server exposed only with ssh. -- roman -- You received this message because you are subscribed to the Google Groups Git for human beings group. To unsubscribe from this group and stop receiving emails from it, send an email to git-users+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout. -- You received this message because you are subscribed to the Google Groups Git for human beings group. To unsubscribe from this group and stop receiving emails from it, send an email to git-users+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [git-users] how corporates handle git repositories?
Take a look at https://about.gitlab.com/, it's a good alternative, it works great in our enviroment. 2014-09-05 1:26 GMT-03:00 madhan dhanikachalam madhan.dhanikacha...@gmail.com: I see github is a place to hold repositories so multiple people can work on a project. my question would be, I know for sure my company won't be OK with hosting our code in github or anywhere else outside of our internal servers. If this is the case and am sure other companies might have the same constraints. How are people hosting their repositories? Any tips do/dont's on how to handle repos internally? please share your thoughts. thanks. -- You received this message because you are subscribed to the Google Groups Git for human beings group. To unsubscribe from this group and stop receiving emails from it, send an email to git-users+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout. -- Nelson Efrain A. Cruz - https://plus.google.com/106845325502523605960/about Debes ser el cambio que esperas ver en el mundo -Mahatma Gandhi -- You received this message because you are subscribed to the Google Groups Git for human beings group. To unsubscribe from this group and stop receiving emails from it, send an email to git-users+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [git-users] how corporates handle git repositories?
You can easily host Git repos using an SSH server and git installed on a company machine. If you have multiple repos, you may want to look at other solutions like gitosis. If you need a whole development environment with code review and such, you might want to take a look at phabricator. On 5 Sep 2014 12:17, madhan dhanikachalam madhan.dhanikacha...@gmail.com wrote: I see github is a place to hold repositories so multiple people can work on a project. my question would be, I know for sure my company won't be OK with hosting our code in github or anywhere else outside of our internal servers. If this is the case and am sure other companies might have the same constraints. How are people hosting their repositories? Any tips do/dont's on how to handle repos internally? please share your thoughts. thanks. -- You received this message because you are subscribed to the Google Groups Git for human beings group. To unsubscribe from this group and stop receiving emails from it, send an email to git-users+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout. -- You received this message because you are subscribed to the Google Groups Git for human beings group. To unsubscribe from this group and stop receiving emails from it, send an email to git-users+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.