[scrollaway]

Someone's going to have to explain to me how Gitlab is doing something shady with this stuff.

Unless I'm misreading all this, it all looks like very standard telemetry, the same kind Github is doing.

[gbear605]

Part of the issue is that proprietary software would be running from a company that advertises itself as being oriented around free software.

In addition, it would apply to the enterprise deployments, which is bad because enterprises can’t allow telemetry for regulatory and security reasons.

[scrollaway]

> Part of the issue is that proprietary software would be running from a company that advertises itself as being oriented around free software.

They're also running on Google's cloud, which is mostly proprietary software. And I can tell you right now they use the most-definitely-closed-source Salesforce for a lot of stuff.

Do you think there's actually a significant amount of people who care about the license type of the internal tools of the companies they use?

[gbear605]

None of that is frontend though, which is an important distinction.

[scrollaway]

Can you explain to me why that's a distinction?

If anything we're talking about frontend JS code that can be blocked by most adblockers/tracker blockers and thus will never touch your data, rather than the uncircumventable "your data is hosted on Google servers".

And the latter does raise alarm bells for a tiny minority, but why would frontend be worse in that aspect?

[gbear605]

With frontend code, it’s code running on your machine that you can’t personally audit written by a company you don’t personally trust. For some situations (enterprises) and people (FOSS enthusiasts, paranoiacs), that’s not at all okay.

[JohnFen]

I'm not claiming that Gitlab is doing anything shady with the data, I'm making a general comment about the notion of "transparency" as a panacea.

I do object to what Gitlab proposed, though, because I object to all telemetry that I don't specifically opt in to.