first of all, I'm not particularly good in reading or writing ruby code but as I was installing gitlab and changing the administrator password, I noticed, that the default admin email was set to email@example.com.
I googled around a little bit and found out about http://dothostregistry.com/.
So, if the latest version of gitlab still generates an admin account with firstname.lastname@example.org, then I think this should be changed to not give anyone registering local.host the chance of exploiting gitlabs all over the world.
I found something about the email address in this file:
👍 There's a reddit conversation happening about this now
@Linkeex Good point! Shall we change it into email@example.com? http://tools.ietf.org/html/rfc2606 ".example" is recommended for use in documentation or as examples.
👍 for firstname.lastname@example.org
👍 for email@example.com. I will push fix soon!
Fixed by c86962e