The Enterprise edition features[1] are closed source, and these aren't strictly "enterprise-y" features like SAML authentication. It includes plenty of "basic" workflow features found on GitHub:
- Rebase merge requests before merge
- Use fast-forward merges when possible
- Create templates for issues and merge requests
- Display merge request status for builds on Jenkins CI
Take a look at Phabricator. It's a former Facebook project and been battle-tested at very large companies for years now. Huge open source projects like Blender, Haskell, Wikimedia and LLVM use it since it's the best open source code review tool and issue tracker. Wikimedia had a lengthy decision process and thoroughly vetted the alternatives.
It has many enterprise features including code ownership, issue templates, and a Gerrit like, sane code review workflow. You can fully integrate it with your CI tool and it even displays coverage results inline and such.
Ask me anything about it :) I'm not affiliated with it but am an experienced user.
I used Phabricator at a former employer, and it was one of the best software tools I've used. I'm always flabbergasted that it doesn't have more mindshare, especially when it's used internally at Facebook.
it's either self-hosted or at least $20/user/month. This alone makes it a bit of a hard ask for smaller companies at first, even for just kicking the tires.
It's worth noting that the first 30 days are free, and all 3 source control systems it offers have fairly painless synchronization, so there's low risk IMO.
On top of that it was really painless to install locally. I had it setup in under an hour, and that included my first time ever setting up my webserver with php, and first time configuring a mysql instance.
Phabricator is also pretty amusing in terms of UX (by default), which is helpful when dealing with things that tend to anger folks -- like spirited reviews. I've often wondered if the sense of humor is half fun, half intentional in terms of psychologically making tedious work better for all involved. Even if accidental it's a nice thought.
Based on my experience, Phabricator has some quirks but is quite solid, and the well-designed command line arc workflow would please folks who refuse to open a Web browser.
I'm evaluating GitLab at work currently - primarily for its code review features and really like it. Read a lot about Phabricator yesterday as a possible alternative, and am considering testing it.
I wonder how it compares to GitLab. Is it possible to set up protected branches, where I can say, only users X and Y are allowed to push to the master branch? Can I do a code review and then finalize it when I'm finished and does the author get notified with a summary like the new GitHub code review feature? Because currently in GitLab the author does get a notification email for every line comment I make, which is also not really the perfect way of doing it.
I already know that Phabricator squashes the changes into one commit, I think I can live with that. (because it promotes small code reviews) Does Phabricator have any problems with git rebase, where I'm refreshing a feature branch with the most recent master state? What I really like about the merge/pull request workflow of GitLab is, that multiple developers can work together on one feature branch while a merge request is open and can be used as a discussion platform for the changes - is this possible with Phabricator?
Also I'm wondering how solid the issue tracking is, and if the project workboards can compete with Trello. Can it be used by non-developers without giving them access to the code?
>Is it possible to set up protected branches, where I can say, only users X and Y are allowed to push to the master branch?
Yes. I recommend (and my employer uses) a Herald rule that admits pushes to master only if the changes are in an approved Diff (unit of code review). This way you get an enforced 2-man rule, but anyone besides the author can approve the change.
This is currently impossible with Gitlab AFAIK, and is the main reason I won't use it.
You can also configure Herald rules to add blocking reviewers to other people's Diffs based on arbitrary criteria (i.e. touches X file and it's a Tuesday). A Diff cannot be considered approved until all blocking reviewers have signed off.
Reviewers can also be groups, so you could say, for example, changes that touch Y file must be reviewed by Security, but any member of Security can sign off.
>Can I do a code review and then finalize it when I'm finished and does the author get notified with a summary like the new GitHub code review feature?
Yes, everything you do on a Diff is batched and happens all at once when you click "Submit" at the bottom. Inline comments, the free-form text box, and the action all come as one email.
> What I really like about the merge/pull request workflow of GitLab is, that multiple developers can work together on one feature branch while a merge request is open and can be used as a discussion platform for the changes - is this possible with Phabricator?
A Diff is really meant to be an individual's small, well-defined contribution. Multiple people submitting code to a one diff can get messy. This would be better modeled as many diffs.
You are allowed to land diffs against branches other than Master, however this gets messy. It is not a first-class use case. My employer does not collaborate on feature branches; instead we land half-finished features into master (and production) disabled by feature flags.
It is NOT a merge/pull-request workflow. It treats Git more like Subversion; Phabricator is a very sophisticated alternative to emailing patches around before SVN committing them (basically the equivalent of landing).
>Also I'm wondering how solid the issue tracking is, and if the project workboards can compete with Trello.
Issue tracking is totally solid, very configurable. Project workboards consist of tasks/issues, which are much more expensive to create than Trello cards: you fill out a pagelong form, pick type, severity, owning team, title, description, etc. vs just free-forming a title. However, you can drag tasks around the workboard just like Trello and it looks pretty similar.
>Can it be used by non-developers without giving them access to the code?
Yes. Permissions (and approval flows, and notification rules) are very configurable. Phabricator is well suited to a large organization with rules, but this suitability doesn't carry too much overheard.
I don't think you could collaborate on issues with customers. Nontechnical people in your company, though, totally - we do that.
> It is NOT a merge/pull-request workflow. It treats Git more like Subversion; Phabricator is a very sophisticated alternative to emailing patches around before SVN committing them (basically the equivalent of landing).
Due to popular demand, they are adding some tools to allow merge/PR workflow. That being said, it was not stable last time I checked (~6 mo. ago), and it will probably take a while, if ever, for it to be as good as what's already there for Differential (the current code-review/landing system).
That being said, their existing tools are really good, and the fact that you are not married to a single VCS is really nice. You can have some legacy SVN repositories and be fine, and use the exact same interface for code-review and landing as in your shiny new git repositories. Prefer hg to git? No problem. Have some complicated gitolite setup you don't want to bother migrating? Phabricator works fine even when not hosting the repository.
Phabricator is awesome. It felt like it was more for experienced developers or larger organizations when I was using it(in a good way). Something to consider depending on your team.
So, when reading the features page, I was considering 1 and 2 in terms of a feature that I use at GitHub religiously: squashed pull requests (that are automatically fast-forwarded) [1].
If I'm reading this correctly, this exists in GitLab as an enterprise feature, so I think my earlier comment isn't too far off. There also appears to be some community feedback suggesting this should be a CE feature [2].
We already have these features, we just opted to make them EE/.com only since we think they are more relevant for organizations that have more than 100 potential users.
GitHub (annoyingly) can't do fast-forward merges from non-squashed PRs either.
Display merge request status for builds on Jenkins CI
GitLab implements basically the same API as GitHub for updating build status of commits from external services, or do I misunderstand what feature you mean?
But in general I agree, there are some options GitLab reserved for EE that really feel like they should be part of the CE as well.
Thanks for the admiration. If there are features that people think that should belong in the open source edition we're all ears. We've done so before https://news.ycombinator.com/item?id=10931347 A feature comparison between CE and EE can be found on about.gitlab.com/features/#compare
It seems like many posting there are not aware that this repository/bug tracker is not an official channel anymore -> maybe posting an automated comment in all issues with recent activity or locking them could help avoid confusion? If you arrive via search, you don't see the notice in the main repository description.
There are 100% open source products out there, and I think it's worth distinguishing that GitLab is not one of them (as a GitLab employee adds elsewhere, it's "Open Core").
I'm not criticizing the product – they're welcome to open or not open source whatever they like. I'm just clarifying the description the parent used.
The Enterprise edition features[1] are closed source, and these aren't strictly "enterprise-y" features like SAML authentication. It includes plenty of "basic" workflow features found on GitHub:
- Rebase merge requests before merge
- Use fast-forward merges when possible
- Create templates for issues and merge requests
- Display merge request status for builds on Jenkins CI
[1] https://about.gitlab.com/features/