I'm building a project where my service would plug with the (unstrusted) JS code of users.
I first thought it would be easy to sandbox and have something decent running, but after making some research on sandboxing, I realize how hard it is, and the many ways bad actors can exploit a service running untrusted code.
Kudos to GitHub and GitLab for taking the challenge of providing a RCE service with a free plan.
Poor analogy. CI is about automating what a developer does remotely, so yes CI IS automated code execution in a remote environment, as a service. But Hacker news is "spam as a service" – huh?? They don't even compare.
Secondly, parent comment said public by default is bad. Parent didn't say "all public was bad". So there is no necessity to make it into a disagreement.
I first thought it would be easy to sandbox and have something decent running, but after making some research on sandboxing, I realize how hard it is, and the many ways bad actors can exploit a service running untrusted code.
Kudos to GitHub and GitLab for taking the challenge of providing a RCE service with a free plan.