WingNews logo WingNews
top | item 36512294

(no title)

MattIPv4 | 2 years ago

Why is GitHub the one under fire here? Users on GitHub are using GitHub Actions to build CI pipelines that build stuff, and happen to be pulling from GMP. That's not GitHub's problem that users are using their product in a legitimate manner, it seems to me it is GMP's problem that they can't handle traffic for artifacts from CI systems? It is noted the requests are identical, so would a modicum of caching in front of their origin not make this problem go away completely?

discuss

order

chungy|2 years ago

CI systems shouldn't have the ability to make network requests at all, honestly.

sam_lowry_|2 years ago

If all CI systems of the world went down, it would have cooled Earth by 0.001°C.

TrickyRick|2 years ago

How would you suggest they install dependencies then?

myhf|2 years ago

Why should this host (and presumably every similar host) take on the burden of this extra complexity?

Would a modicum of caching in GitHub Actions libraries not make this problem go away for all hosts in this category?

MattIPv4|2 years ago

That's fair, I would agree that caching at either end would fix this. It just strikes me as odd that GitHub, the middle-man that's just providing CI runners, is the one under fire.

tremon|2 years ago

For the same reason that ISPs tend to come under fire when their customers are using MTAs to deliver large volumes of e-mails to non-consenting recipients.

Are you saying it's not an ISP's problem that spammers are using their product in a legitimate manner, but instead it's up to the recipients to build their own spam fighting resources? Yes, that turned out wonderfully.

belltaco|2 years ago

Is it the phone companies' fault that people make death threats over the phone? Do we say 'Phone company makes death threats' when that happens like the title is saying about GitHub?

thepostman0|2 years ago

If it must go to internet, a MITM SSL proxy cache out of GH would help.

The problem is within GH's network, a 90s ISP would have blocked spammy users, GH should at least operate like an ISP if random stuff can execute and reach the 'net.