I have trouble believing gitlab would just ignore a DMCA takedown request? This is what people believe? This is something gitlab has said?
Actually, I guess I'm not sure of the consequences to a company of ignoring DMCA takedown requests (whether or not they are US companies; but Gitlab is now btw), but I assume they are not good, or why do companies bother complying? Rather than assume, I should look into it.
The webhost had a different situation: neither code nor binaries were hosted with them. Although DMCA specifically doesn't apply to a German hoster of course, and uberspace is run by the kinds of people that'd probably try and take this to court instead of just rolling over.
I don't follow, a few days ago I downloaded the tarball of the code and 'binary' (it's a Python script) from their website. Both seemed to be hosted there.
This is a little meta, but you can use the the -I / --head argument to tell curl to download headers only. This will ignore the rest of the response and means you can eliminate all of those other flags. E.g.:
$ curl -I https://youtube-dl.org/downloads/latest/youtube-dl-2020.11.12.tar.gz
HTTP/1.1 302 Found
Date: Mon, 16 Nov 2020 19:10:37 GMT
Server: Apache/2.2.15 (CentOS)
Location: https://youtube-dl.org/downloads/2020.11.12/youtube-dl-2020.11.12.tar.gz
Connection: close
Content-Type: text/html; charset=iso-8859-1
It turns out that, often enough to be worth worrying about, servers do not return the same headers in response to a HEAD request as a GET request, so I always send a GET request when debugging strange behavior.
Same, but interestingly enough today when I click the link my browser Palemoon’s popup dialog (asking whether to open in an extractor app or just download) says the file is from https://gitlab.com.
Others in this sub-thread have identified that the downloadable releases are actually currently hosted on gitlab.com.
Gitlab has their internal workflow for handling DMCA takedown's public (as with most/all of their internal policies, which is cool!). https://about.gitlab.com/handbook/engineering/security/opera... It may be that they go a little bit slower with more chance for the alleged infringer to respond (with a counter-notice or voluntary takedown) than others.
But in the end, any major US company (or company doing business with the US) is probably going to comply with the DMCA, which says that if you get a takedown notice that is formatted correctly, you take down. Then there's a process with user filing a counter-notice, then the original filer having a chance to respond to THAT, etc., that you can see in the gitlab workflow, but most of that is just how DMCA works. "If there was a valid counter-notice and no response has been received from the plaintiff within 10 days of the counter-notice being forwarded" then the content might go back up.
> Actually, I guess I'm not sure of the consequences to a company of ignoring DMCA takedown requests (whether or not they are US companies; but Gitlab is now btw), but I assume they are not good, or why do companies bother complying? Rather than assume, I should look into it.
The request is essentially a precursor to a lawsuit, so the consequences are a potential lawsuit and all of the legal fees that go along with it.
Actually, I guess I'm not sure of the consequences to a company of ignoring DMCA takedown requests (whether or not they are US companies; but Gitlab is now btw), but I assume they are not good, or why do companies bother complying? Rather than assume, I should look into it.
But yes, redundancy for sure.