Automated usage of Gitlab
Thomas Friedrichsmeier
thomas.friedrichsmeier at kdemail.net
Mon Jul 4 22:46:15 BST 2022
On Sun, 3 Jul 2022 22:45:37 +1200
Ben Cooksley <bcooksley at kde.org> wrote:
> Recent analysis of the logs of our Giltab instance has revealed
> numerous instances of files being directly retrieved from Gitlab
> (using the /raw/ API). Much to my incredible sadness, this has
> included accesses being made by KDE Applications themselves.
>
> As a reminder, automated access to the "raw files" API of Gitlab is
> strictly prohibited and not permitted under any circumstances. The
> only use of it which is allowed is within .gitlab-ci.yml files to
> import job definitions from sysadmin/ci-utilities.
[...]
To make sure I understand you, correctly: All this applies to the /raw/
API, only? For instance, on the RKWard download page, we link to the
release Changelog, for convenience, as a "/-/blob/". Is that ok, or
something to avoid, too?
Regards
Thomas
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <http://mail.kde.org/pipermail/kde-devel/attachments/20220704/e79bb24d/attachment.sig>
More information about the kde-devel
mailing list