The Trust & Safety team are the guardians of the anti-abuse world, who develop the tools and manage the workflows to mitigate abusive activity on GitLab.com.
Making the internet safer by reducing malicious activity originating from GitLab.com.
The Trust & Safety team investigates and mitigates the malicious use of GitLab.com and it’s associated features and tools with the goal of making the internet a safer place. In order to achieve this we must ensure that we are good internet citizens.
Code of Conduct Violations are handled by the Community Advocates in the Community Relations Team. For more information on reporting these violations please see the GitLab Community Code of Conduct page.
The following people are permanent members of the Trust & Safety Team
|Roger Ostrander||Security Engineer, Trust & Safety|
|Shawn Sichak||Security Engineer, Trust & Safety|
|Westley van den Berg||Security Analyst, Trust & Safety|
|Charl de Wit||Security Manager, Trust & Safety|
GitLab team members can tag (
@gitlab-com/gl-security/security-operations/trust-and-safety) us on any issue they require our input on, or create an issue in our Operations Issue tracker. If it's a time sensitive issue, please reach out on Slack in the
#abuse channel or by using
For any abuse prevention feature requests and suggestions for Gitlab.com, CE and EE, please create a Feature proposal Issue from the provided templates in the GitLab Project and add the ~"Abuse Prevention" label. Feel free to us for additional input
@gitlab-com/gl-security/security-operations/trust-and-safety or if you have any questions.
If you are running your own GitLab instance and are looking for some pro-tips on dealing with abuse, please see our Trust & Safety DIY page.
For Open Source Program Partners, Premium and Ultimate customers, you can reach us at
firstname.lastname@example.org if you would like to discuss, and potentially improve, your current spam prevention and mitigation strategies. Please include any relevant information as to the abuse issue you are currently experiencing to help us provide the most relevant information.
Trust & Safety Mitigation Data (GitLab internal)
Total accounts mitigated per week
Automatic vs Manual
Average Time to Mitigation
Accounts mitigated per category
Cost of Abuse (GitLab internal)
1. Malware: Defined as software that is designed and distributed with the intention of causing damage to a computer, server, client, or computer network.
README.mdfile; for example, links to supporting materials such as a blog post describing the project.
git-lfsis available for use for binary files on GitLab.com.
2. Commercial Spam: An account that's been created for the purpose of advertising a product or service.
3. Malicious Spam: An account that’s been created for the purpose of distribution of fraudulent, illegal, pirated or deceptive content.
4. CI Abuse: Making use of CI Runners for any other purpose than what it is intended for. Examples include, but are not limited to:
5. Prohibited Content: Distributing harmful or offensive content that is defamatory, obscene, abusive, an invasion of privacy (Personally Identifiable Information/PII) or harassing.
6. GitLab Pages: Pages Abuse: Include, but are not limited to:
You can report abuse on GitLab.com via the
Report Abuse button while logged in.
* Please ensure to include any relevant details pertaining to your report in the text field.
Alternatively you can eMail abuse report to
For DMCA Notices please email
The Trust & Safety team are responsible for processing Digital Millennium Copyright Act (DMCA) notices. All DMCA requests need to be vetted by Legal first before we proceed with the take down of the reported content.
Confirm that the DMCA notice meets the legal requirements in order to proceed.
For more detailed information regarding how we process DMCA related notices, please see: DMCA Removal Workflow
Be good internet citizens.