Looks like gitlab now requires account verification for new accounts in addition to email. Either phone number or credit card.

This applies both to accounts created with a working email or by logging in using your github account. You can’t even verify your email until you go through step 1.

I don’t know when this started, but at least for the last month or two judging from these posts in the forums.

Fun fact: I don’t even want to host on gitlab, I just wanted to report bugs in some projects. So I’m locked out.

Has this already been introduced for existing accounts? Gitlab has been moving in an unsatisfying direction for a while now and these kinds of shenanigans really make me want to move.

CC BY-NC-SA 4.0

What’s the best way to circumvent phone number verification ? My burner YouTube account, which has nothing unsavory on it, has been marked for phone number verification or else I can’t login at all.

Of course I’m not giving them my real phone number. What the best way to fake this?

There are paid services that offer phone number masking such as Firefox Relay

I tried VoIP addresses and got the message “we can’t use that number”. Is Firefox relay immune to that?

get a burner sim. pay cash.

But using the sim will identify location and IMEI. Anyway that’s quite expensive, like 10$ per account ? Ouch !

ChaoticNeutralCzech
link
fedilink
2
edit-2
1Y

Impossible in some countries, like Germany with mandatory ID validaion. Luckily, our Pirate Party leader, a telecommunications expert, blocked this proposal here.

There are no ways to beat this. They want your real number. That’s the point.

There had to way to defeat the pots system, it’s an antique, not a security system

Name
link
fedilink
26
edit-2
1Y

Just tried this out using a typical temporary email address (temp-mail.org) and a VPN (AirVPN).
I was only asked to confirm my e-mail address within 3 days, never for a phone address or any banking details.

Judging by the first post you’ve linked to, it’s only necessary for paid accounts or free trials.
The person in the second post is trying to register via GitHub / Google, well… sucks for them.

@rrobin@lemmy.world
creator
link
fedilink
71Y

I’ve tried a few times in the past 2 weeks. Using a good email account and also with github, no luck though. Maybe its doing some “smart” heuristics to trigger it.

I just retried now, using that temp mail (but no vpn) and got the exact same phone verification. Maybe my IP address is evil :D

@jajak98082@sh.itjust.works
banned
link
fedilink
-1
edit-2
1Y

removed by mod

Sourcehut. The answer is sourcehut.

You don’t even need an account to submit patches, just configure git send-email.

Fluffery
link
fedilink
11Y

Forgejo?

Some people seem to think that setting up send-email and mailing patches has too much of a learning curve and ‘barrier to entry’.

voxel
link
fedilink
16
edit-2
1Y

isn’t the official gitlab instance primarily a paid platform? cc verification makes sense then.

For alternatives, I recommend to use a community-ran Gitea instance. Project Segfault runs one.

https://about.gitea.com/

https://git.projectsegfau.lt/

Also check out Forgejo, it’s another git software. Disroot has an instance.

https://forgejo.org

https://git.disroot.org/

How many instances will one have to register on? This isn’t going to improve until forgefed is done.

explain further please?

You won’t be able to contribute to a project on any of those instances, unless you register on it. So if you are a prolific contributor, you might end up signing up on dozens of those instances.

Forgefed is a federation protocol for such instances. It’s based on ActivityPub - the same that powers Lemmy and Mastodon. You can have just one account on a single instance and still be able to contribute to projects on multiple others. It’s still in the works though. It’s expected that at least gitlab, gitea and forgejo will support it.

this is really cool, thanks for the info. federated or decentralized git is long overdue

Codeberg also uses Forgejo

Codeberg looks interesting but it would be nice to see a US based version. Anyway I think its clear gitlab is problematic

Why does it matter where it’s based?

Possibly linux
link
fedilink
-1
edit-2
1Y

Because I don’t want to use services that are across that ocean

Why does that matter? It doesn’t make a difference

I does though, with all of the sketchy laws around tech. The US isn’t great but at least I can vote here.

Honestly, the servers not being in the US is a feature these days - even for US-based customers.

Not really as you don’t have control over them whatsoever. I can’t vote in Europe

katy ✨
link
fedilink
261Y

sorry but deleting the account is absolutely ridiculous.

mark it inactive but just deleting someone’s entire git history because they didn’t put in a phone number or credit card is so dumb.

i don’t even need a phone number or credit card for my github account.

I think this is for new accounts only, if you already have an account, your E-Mail will already be verified

deleting someone’s entire git history

Based on the image text this is for new accounts only. My account has neither phone nor credit card and I’ve not been asked to re-verify. Maybe they’re having problems with bots at the moment.

Maybe they’re having problems with bots at the moment.

I have to go through the ridiculous cloudfare verification page now. How do they have a bot issue?

LiveLM
link
fedilink
31Y

Probably people trying to mine Crypto on the CI runners again

Good thing it’s only deleting your account if it’s a new account that you didn’t finish the registration process for

Time to start using GitDirectory named V.01 shared over FTP.

It’s a joke, don’t use FTP, it’s not secure.

Is there any reference for this? I can’t find anything relevant. Just curious.

Of FTP not being secure? Check the links in the comments below

FTP it’s not encrypted

No. I mean gitdirectory over FTP.

There’s no GitDirectory, it’s the way we used to share files back then, a shared directory over FTP

I’m aware of FTP. It’s still around in certain circles. But for a moment I thought that there was some sort of integration between ftp and git. I guess not.

lazynooblet
link
fedilink
71Y

Why isn’t FTP secure

because it hasn’t got an S in it

It’s unencrypted, your ISP / Starbucks wifi can read all the files you send. Use SFTP instead.

Atemu
link
fedilink
41Y

Not just read but modify even.

Stantana
link
fedilink
51Y

What’s the difference?

SFTP is a ‘part’ of SSH, FTPS is FTP but encrypted.

Stantana
link
fedilink
71Y

Thanks for the links, interesting reads. From what I gather, SFTP is the more modern and less complicated way of doing it…

JackbyDev
link
fedilink
11Y

Yeah, I think you need to go out of your way to try to use ftps. When people say ftp they generally mean SFTP.

xcjs
link
fedilink
11Y

Especially when it comes to gateway configuration.

Yes, SFTP > FTP-S.

Denatured
link
fedilink
31Y

What would you guys recommend for a service to use to verify phone numbers for platforms, on topic, such as gitlab? I know there is some sort of list of voip service providers that most of these platforms blacklist. Where do they get such lists from and how can one view such lists?

Well they can just GitOut

@buzz@lemmy.world
banned
link
fedilink
4
edit-2
9M

removed by mod

How about training HI on Codeberg? ;)

Time to delete my account, before it is considered “suspicious” and I can’t even log in without verification.

I know this sucks. But I imagine this is because of previous abuse by bots or something. Could be simply evil though.

Experienced the same issue when I tried to sign up 2-3 months. Went down a rabbit hole and then just decided to not host w/ them.

There is a workaround where you can create an account if it is on a different gitlab instance (ie: I was able to join https://git.joinfirefish.org/ w/o the CC info) but I don’t know how useful that is in the grand scheme of things.

Create a post

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

  • Posting a link to a website containing tracking isn’t great, if contents of the website are behind a paywall maybe copy them into the post
  • Don’t promote proprietary software
  • Try to keep things on topic
  • If you have a question, please try searching for previous discussions, maybe it has already been answered
  • Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
  • Be nice :)

Related communities

much thanks to @gary_host_laptop for the logo design :)

  • 0 users online
  • 57 users / day
  • 383 users / week
  • 1.5K users / month
  • 5.7K users / 6 months
  • 1 subscriber
  • 3.11K Posts
  • 77.9K Comments
  • Modlog