*Hello
This is my first post and i am a bit new here, apologies if this post is in the wrong place
Me and my team have a gitlab instance where we store our code, 6 days ago we updated from 16.3.1 to 16.3.4
It went smooth as usual, but yesterday i noticed that every project had its modified date changed to the same time “Sep 25, 2023 9:07am GMT+0200”
This is a bit frightening as we cannot ignore the possibility of a cyberattack
Does anyone see a way that gitlab would have modified every project or a way to see what exactly changed on the project ?
Any hint or help would be greatly appreciated
I’m willing to supply any useful information
Regards, Alexandre
Upgrading Gitlab doesn’t do this. At least my instance has been updated through all 16.3.x versions and is currently running 16.4.0 and the projects haven’t been updated on it. I still have projects that haven’t been touched/updates with dates of 6 - 9 months ago. So something outside of the update has done this.
Check all your logs under /var/log/gitlab filtering for each of those projects to see what might have caused it.
Hello,
Thanks for the advice ! We already looked at the logs but there are so many services and so many files, we tried filtering by date but not by project name or id.
I downloaded every logfile, filtered for the day when the modification happed and looked for something useful, i chose one project and searched by it’s name or by it’s id but found nothing indicating a modification on the project.
