Somebody at GitLab thought it was a bright idea to add telemetry to their cloud AND self-hosted enterprise versions. Needless to say, it's not about to go over well.
I currently use GitLab where I work; we chose it because our data is sensitive and a cloud service was not an option. This telemetry means that I won't be updating until this blows over. Frankly, whoever thought this was a good idea is a moron that doesn't seem to understand that users like my company chose GitLab because we didn't want this shit.
This was also a great comment by Candice Ciresi, the Director of Global Risk and Compliance, 3 months ago:
> Sorry, I am coming in late to the game here.
> Saying we want the UID for easy ID and deletion is one thing. If we actually intend to track and do something, then that is another issue. This former benefits the user, the latter benefits us. Because we stand to get a benefit, users should opt-in. We will also need to amp up our privacy policy. There needs to be full disclosure in what we gather, why we gather and with whom we share.
>I don’t understand. This should not be an opt in or an opt out. It is a condition of using our product. There is an acceptance of terms and the use of this data should be included in that.
It doesn't seem to me like he is calling shots on critical architecture. He asserted an opinion on something that would affect the revenue stream, which as CFO, is exactly his job.
Reading through the MR comments, it seems to me like that's the case with everyone. The CFO is pursuing profitable options, the legal & compliance teams are making sure everything stays in compliance, the engineers are building what is asked of them, the data analysts and product managers are asking for the data they need to get insights on product enhancement...
The big issue seems to be that everyone is so narrowly focused on just their job function that they are missing the forest for the trees. I also noticed a distinct lack of anyone from any type of customer advocacy teams (does GitLab have anything like that? Account managers, evangelists, developer relations, etc?) that probably would have been able to put forth actual data about if customers would be for/against this change.
> It doesn't seem to me like he is calling shots on critical architecture. He asserted an opinion on something that would affect the revenue stream, which as CFO, is exactly his job.
> Reading through the MR comments, it seems to me like that's the case with everyone. The CFO is pursuing profitable options, the legal & compliance teams are making sure everything stays in compliance, the engineers are building what is asked of them, the data analysts and product managers are asking for the data they need to get insights on product enhancement...
Ideally everyone should be would also be thinking about whether the feature is ethical, even if it's not "exactly their job", because there generally isn't anyone whose job is specifically to decide that.
If you want to talk to your spouse about the possibility of taking the kids to get ice cream or whether the dog has had a treat today you have to speak in code that the short mammals can't understand, otherwise you've all but promised it to them and have to deal with the consequences.
The problem is that for salespeople and business devs, the consequences of putting a bad idea in front of impressionable ears are too abstract and so they never learn. So they put an idea in front of a customer or the board about how they can make a shitload of money and the imaginary check has been cashed even before they've stopped for air.
Without some tough love these problems will be with us forever. Oh, you're going to have to walk back something you said? You'll be embarrased? Too fucking bad. Maybe next time you'll think before you promise someone $500k of work for $250k minus your bonus. Twist in the wind like you deserve.
So someone has sold an idea of making millions and once the engineers or just plain human beings get ahold of it that looks like $200k and a giant pain in everyone's ass. And everyone jumps straight from denial to bargaining with a little detour to anger to yell at the messengers for breaking your shiny dream... that you are not and were never entitled to.
One of GitLab's core values is transparency, including making all of their internal communications public via public merge requests. It's kinda cool, but on the other hand, I've previously spent some time reading their MRs about security policy that made me wary about using GitLab at all.
Fortunately they've updated the announcement and are holding back on the telemetry updates. But yeah, DNT is not an acceptable option for privacy. `In order to service the needs of GitLab.com and GitLab Self-Managed users who do not want to be tracked, both GitLab.com and GitLab Self-Managed will honor the Do Not Track (DNT) mechanism in web browsers` Hopefully the update includes a promise to enable deployments without telemetry code.
Just to point out if you care about privacy it's not recommended to turn on this feature becase close to none services support it and it's awesome fingerprinting feature for your browser as well.
There is no way for Safari users to opt-out from this because Apple has decided to ditch "Do Not Track" because of privacy concerns.
I keep it enabled for sites that do respect it, like firefox.com and friends. By removing support from Safari, Apple took this choice away from their users, but I suppose that's not something surprising.
The problem with Gitlab is that in the current state it is a dead product walking. Its existence is entirely based on VC FOMO. It has no enterprise growth to justify company valuation. And it won't have real enterprise growth either.
Github had to be acquired my MSFT because it had no path for real enterprise growth if it could not lean on an organization that already sold a pile of services and products in similar or complimentary space. MSFT was the only strategic buyer of Git hosting company. MSFT is the only circus that could use that monkey to fill the gap in its product line up. Of course it picked Github rather than Gitlab. Which is why Github would be incredibly successful, which in turn means that Gitlab in its current state won't be. Hence they would have to massively change the product to justify valuations. It would be interesting to watch.
SourceHut is in the exact position Gitlab was before VC FOMO. It can provide decent service that people and companies will pay for but they would never get a billion dollar value. As long as it works for them, it will work out just fine. I wish them well.
Gitlab is the _only_ choice when your company prefers on-prem (which is the overwhelming majority of >10k employee companies) -- I work at a company with more than 15k employees and we hold an enterprise (plus) license for 8k seats.
We are definitely not alone, companies like EA/IBM/Goldman Sachs have _large_ internal deployments of gitlab.
They certainly have developer mindshare in large companies, but github is the facebook of sourcecode repositories, it will always be more popular outside (or in smaller, less self-hosty orgs).
> Gitlab is the _only_ choice when your company prefers on-prem
Is that literal or figurative? GitHub Enterprise is on premises. I used it at my last company which was on an air gapped network. It looks like it has been around since 2011.
There are countless other self-managed variations in size and feature combinations of git hosting, ticket tracking, and other things it offers.
Figurative. Obviously it’s possible to host git on your own servers. But github enterprise on prem is a comparatively weak offering. Githubs bread is made from people using their SaaS offerings and it shows. (I’ve used many different self hosted options for version control. Although to be fair my current company uses perforce for the overwhelming majority of its version control)
Nonsense. Github Enterprise at my last job (used there since 2012) was so much more refined and reliable than Gitlab EE is at my job now, which has much worse UI and no good flow at all. All Github clones (like Gogs, Gitea) lean on the Github UI for a reason, ignoring Gitlab. It's a mess.
Since Microsoft's acquisition, even github.com is progressing refinement at a higher pace than gitlab.com ever did, and I'll be thrilled when I get my company to switch to Github again. Pricewise, Github EE is much better value for the dollar than Gitlab EE; most features that Github doesn't have are rather half-assed than wholesomely done in Gitlab.
We use GitLab. We rejected GitHub Enterprise because it’s a closed system: we could not use it to host public open source repositories like we can with GitLab. GitHub’s sales pitch was funny, all about “inner source”, applying open source development processes to closed corporate software as if it would be a step forward, whereas we were way past that point already so it would have actually been a step backwards for us.
Gitlab is a single product company with no sales force behind it. It already sold to all the customers that it could easily sell to. In order to sell to the rest they would need to have staffed regional offices to do really really really long term sales cycles. It is an unsolvable problem in a current state.
Microsoft is a hundred if not thousand product company with gigantic sales force and sales channels that are beyond the level of imagination of companies who say "remote only" is their differentiator. Github Enterprise exists. I know it because we used it. Github will be sold as a part of the rest of the Microsoft product portfolio, which is how they would end up in those coveted enterprises.
It is just silly. HN is becoming more and more a platform where discussions are gamed by the companies that are being discussed.
What's the point of having them when Gitlab employees downvote anything that does not say "Gitlab gooood!", Google employees downvote anything that is not positive about Google and Facebook employees downvote non-positives about facebook.
I currently use GitLab where I work; we chose it because our data is sensitive and a cloud service was not an option. This telemetry means that I won't be updating until this blows over. Frankly, whoever thought this was a good idea is a moron that doesn't seem to understand that users like my company chose GitLab because we didn't want this shit.