Stop using gitlab.com for projects - Credit card info required for new registrations
If your IP (and possible your browser) looks "suspicious" or has been used by other users before, you need to add additional information for registration on gitlab.com, which includes your mobile phone number and possibly credit card information.
Since it is not possible to contribute or even report issues on open source projects without doing so, I do not think any open source project should use this service until they change that.
I remember when gitlab.com was the most accessible alternative to GitHub out there, but it seems they're only interested in internal enterprise usage now. Their main page was already completely unreadable to someone not versed in enterprise tech marketing lingo, and now this.
Thankfully Gitea and Forgejo have gotten better in the meantime, with Codeberg as a flagship instance of the latter.
GitLab used to be awesome when it was the place to go after MS bought out GitHub. They had premium access for all public projects under a FOSS license and top-tier CI. Then as time went on, they began pulling support for various functions in a very Microsoftian EEE sort of way. First requiring credit cards fir new users to access the CI, then taking away the CI almost entirely except for a practically useless monthly allotment, then taking away the premium access for public FOSS licensed projects. If I were migrating today I would not have chosen GitLab, but it is where I settled after leaving GitHub and my projects have grown to depend on GitLab CI even if I'm now forced to run my own runners due to the extreme nerfs they've done to the hosted CI. I mirrored OpenRGB to Codeberg, but since the CI pipelines depend on GitLab I don't see Codeberg becoming the main hub anytime soon unless they can execute GL CI configs. Sad to see how far GitLab has fallen though, it is unrecognizable from what it used to be as far as support for FOSS prohects goes, especially given how GitLab itself started as a FOSS project.
Maybe it's just me, but I never liked GitLab in the first place. The UI is just awful to me. Searching through issues, before posting a new one, is just a pita.
I created a GitLab account long before they implemented this, but never used it. Went to post an issue related to self-hosted GitLab on their issue tracker, and it told me my account was banned. I wrote an email to support and they essentially said "an automated system identified your account as a bot and banned you during an account clean up some years ago to cut back on malicious users". I informed them that this was not at all reasonable, as I've never even posted anything on any GitLab account, and that I would be advising my organization to never pay for any GitLab product or service unless legal writes up the contract terms, because I have no faith in them as a vendor.
Seriously, fuck GitLab. And if anyone from that org wants to discuss this with me, they can pipe their email to /dev/null
As a gitlab user myself, I prefer gitlab over anything else because of their CI/CD. The free compute units run instantly now, no more queues orwaiting. A couple years ago, my pipelines would timeout after 3 hours.
Discourse, Git* and more really need federated search.
It is already hard getting Contributors for projects, even more if you are on some random selfhosted server that nobody finds and everyone needs to create a new account for.
Like others, I had an account before this was implemented. I have a couple projects on there, also mirrored to self hosted gitea. Have had people refuse/unable to contribute to the gitlab project due to the kyc requirement, so I'm thinking I will migrate to codeberg soon.
No worries, gitlab is a trash Ruby on rails app anyway 😹
JK I do love gitlab, sad to see the corporate takeover. What features dont you get with the foss version? Can't figure it out amongst the marketing cruft. Seems like it would be relatively easy to build another hosted gitlab provider.
So why does gulab need to kyc anyway? And if it's a legal requirement, won't GitHub do the same?
To add a few more details:
After trying several times with different IPs and different browsers, I was able to register by providing only a mobile phone number once.
Since that still requires personal information, this is still a very questionable process. (not to mention it took me a day to not be asked for a cred card)
Policies like that are almost entirely about minimizing fraud and harassment. It really sucks for people who don't have mobile phones that support authentication texts or whatever (since, even as you pointed out, the requirement is mostly a phone number) but it also drastically cuts down on fake/harassment accounts.
Tried to register with gitlab three times some months back to file a bug against qemu. It rejected my registration silently every time (as in, it appeared to take it but never sent a confirmation email, not even one that got mistaken for spam). I gave up on filing the bug.