Y
Hacker News
new
|
ask
|
show
|
jobs
by
hsbauauvhabzb
30 days ago
Sounds good until you see their cvedetails page
3 comments
PunchyHamster
30 days ago
When you own it you can just limit it into vpn-ed company users, that significantly cuts down on the area that can be hit
link
sofixa
30 days ago
I mean, the GitHub Actions supply chain risks and attacks definitely compensate for any GitLab security vulnerabilities you can think of.
link
lazystone
30 days ago
Hide it behind VPN, so it's not accessible from outside.
link
hsbauauvhabzb
29 days ago
Now patching becomes a responsibility, unless your organisation is willing to run knowingly vulnerable software.
link