Next

Problem statement

The Internal project visibility can be misleading to users, especially on a public shared service like GitLab.com. Internal seems to convey some type of security, but on GitLab.com means anyone can access it, because sign ups are open.

Proposed solution

Disable the Internal visibility setting on GitLab.com by restricting this visibility setting in the admin panel.

Tested behavior

When enabled on an existing instance:

• New projects, groups, and snippets cannot be created with an Internal visibility setting. This option is greyed out:

• Existing projects, groups, and snippets with a visibility setting of Internal remain Internal. The visibility on these objects can only be modified to Public or Private.

• Attempting to create via the API fails with "message": {"visibility_level": ["internal has been restricted by your GitLab administrator"].

• Admins can create projects, groups, and snippets with any visibility level, including Internal, via the UI or API.