Not sure what you’re suggesting. Here… are you suggesting random write access to a port on a device you host? Anybody can push a branch to your selfhosted repo?
Or are you talking about self-hosted forgejo, gitlab, etc.?
Inserted with a keystroke running this script on linux with X11
#!/usr/bin/env nix-shell#!nix-shell -i bash --packages xautomation xclipsleep 0.2
(echo'::: spoiler Anti Commercial AI thingy
[CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/)
Inserted with a keystroke running this script on linux with X11
```bash'cat"$0"echo'```
:::') | xclip -selection clipboard
xte "keydown Control_L""key V""keyup Control_L"
Not sure what you’re suggesting. Here… are you suggesting random write access to a port on a device you host? Anybody can push a branch to your selfhosted repo?
Or are you talking about self-hosted forgejo, gitlab, etc.?
Anti Commercial AI thingy
CC BY-NC-SA 4.0
Inserted with a keystroke running this script on linux with X11
#!/usr/bin/env nix-shell #!nix-shell -i bash --packages xautomation xclip sleep 0.2 (echo '::: spoiler Anti Commercial AI thingy [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/) Inserted with a keystroke running this script on linux with X11 ```bash' cat "$0" echo '``` :::') | xclip -selection clipboard xte "keydown Control_L" "key V" "keyup Control_L"
Yes, if you want to accept pull requests from anyone, you can set up a jailed git server with public access, for example.
That’s not a pull request, but a merge request. Besides the point though. What I’m getting at is: isn’t that asking for trouble? Somebody could
while true ; do head /dev/urandom -c 100MB > file.txt git add file.txt git commit -m "new commit" git push done
and fill up your hard drive. Also, depending on the protocol, they could try fuzzing it. Or, pipe
/dev/urandom
intonc
and blast your git port.And of course, the first problem is discoverability. Who’s going to find your random, unfederated, git service?
It just doesn’t sound like a convincing solution, IMO.
Anti Commercial-AI license
no, it’s not specific to merge requests. theres a tool called git-shell that prevents abuse