Hacker News new | past | comments | ask | show | jobs | submit login

Any soc2 auditor (or other security auditor) that will sign off on self-hosted gitlab, but not self-hosted git should have their accreditation pulled!

Git's attack surface and trusted computing base are a subset of gitlab's. Even if gitlab security were perfect, it would still be no better than git.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: