"GitLab Runners do not offer secure isolation between projects that they do builds for. You are TRUSTING all GitLab users who can push code to project A, B or C to run shell scripts on the machine hosting runner X."
Seems like a very strong reason to use one's own paid DigitalOcean instances for runners instead of using the free shared runners, at least for commercial projects. I was wondering if anyone from GitLab could expand further on this?
It is possible that this issue is fixed with the new ones?