diff --git a/forge_comparison.md b/forge_comparison.md
index e7ceb00..fe444c3 100644
--- a/forge_comparison.md
+++ b/forge_comparison.md
@@ -32,6 +32,7 @@ The following forges have no significant ethical issues:
 [gitee.com](https://gitee.com)|✅|OSCHINA|n|n|n|n|based in China; registration over Tor with throwaway email works; no automatic mirror (unlike Gitea); some areas written in simplified chinese|
 [code.netlandish.com](https://code.netlandish.com)|❌|Sourcehut|n|n|n|n|Access restricted to staff of the company working on the hosted projects|
 [sr.ht](https://sr.ht)|✅|Sourcehut|n|n|n|n|javascript-free; supports patches sent by email; offers an [IRC bouncer](https://sourcehut.org/blog/2021-11-29-announcing-the-chat.sr.ht-public-beta/); recognizes the harm of Cloudflare and takes an [ethical stance against it](https://srht.site/limitations)|
+[0xacab.org/](https://0xacab.org/)([onion](http://wmj5kiic7b6kjplpbvwadnht2nh2qnkbnqtcv3dyvpqtz7ssbssftxid.onion:44203/))|✅|gitlab|n|n|n|n||
 
 ## Graylist
 
diff --git a/github.md b/github.md
index 3d09d07..1b78bbc 100644
--- a/github.md
+++ b/github.md
@@ -5,6 +5,7 @@
  [2]: https://user-images.githubusercontent.com/21023035/61580062-10fd6300-aafd-11e9-8bf2-64faddf63760.png
  [3]: https://github.com/Eloston/ungoogled-chromium/issues/795#issuecomment-687991721
  [4]: https://www.bleepingcomputer.com/news/security/microsofts-github-account-allegedly-hacked-500gb-stolen
+ [4-cache]: http://web.archive.org/web/20221108044516/www.bleepingcomputer.com/news/security/microsofts-github-account-hacked-private-repositories-stolen/
  [5]: https://www.zdnet.com/article/hackers-stole-github-and-gitlab-oauth-tokens-from-git-analytics-firm-waydev
  [6]: https://msrc.microsoft.com/create-report
  [7]: https://www.bbc.com/news/technology-50232902
@@ -12,10 +13,10 @@
  [9]: https://corporate.exxonmobil.com/news/newsroom/news-releases/2019/0222_exxonmobil-to-increase-permian-profitability-through-digital-partnership-with-microsoft
 [10]: https://news.microsoft.com/2019/09/17/schlumberger-chevron-and-microsoft-announce-collaboration-to-accelerate-digital-transformation
 [11]: https://www.scientificamerican.com/article/exxon-knew-about-climate-change-almost-40-years-ago
-[12]: http://web.archivecrfip2lpi.onion/web/publicintegrity.org/federal-politics/republican-lawmakers-posh-hideaway-bankrolled-by-secret-corporate-cash
+[12]: http://web.archive.org/web/publicintegrity.org/federal-politics/republican-lawmakers-posh-hideaway-bankrolled-by-secret-corporate-cash
 [13]: http://techrights.org/wiki/index.php/Microsoft_and_the_NSA
 [14]: http://cal-access.sos.ca.gov/Campaign/Committees/Detail.aspx?id=1401518&view=late1&session=2017
-[15]: http://web.archivecrfip2lpi.onion/web/20200318144031/www.theverge.com/2018/6/15/17468292/amazon-microsoft-uber-california-consumer-privacy-act
+[15]: http://web.archive.org/web/20200318144031/www.theverge.com/2018/6/15/17468292/amazon-microsoft-uber-california-consumer-privacy-act
 [16]: https://web.archive.org/web/20200722105800/tokenpost.com/Central-Bank-of-Sweden-is-testing-digital-currency-5197
 [17]: https://github.com/privacytools/privacytools.io/issues/374#issuecomment-460077544
 [18]: https://www.cnet.com/news/amazon-google-and-microsoft-sued-over-photos-in-facial-recognition-database
@@ -50,6 +51,7 @@
 [47]: http://crimeflare.eu.org/
 [48]: images/github_ban.png
 [49]: https://www.iccl.ie/digital-data/iccl-report-on-the-scale-of-real-time-bidding-data-broadcasts-in-the-u-s-and-europe/
+[50]: https://github.com/wireapp/kalium#github-packages-authentication
 
 # Direct practical problems with using Microsoft Github
 
@@ -57,7 +59,9 @@
    **withheld** when the bug tracker is inside a restrictive or
    politically controversial walled-garden like MS Github or
    gitlab.com. This ultimately hinders the quality of software in the
-   commons. 
+   commons.
+1. Github restricts access to some FOSS code by [requiring][50] a
+   “GitHub Personal Access Token” to download software.
 1. Github is Tor-hostile [according to Tor project][1].  GH has
    started forcing Tor users through an extra email verification step
    that effectively discourages bug reports:
@@ -72,7 +76,7 @@
    the user's reputation from the standpoint of a commercial job.
    Burner accounts protect users so they can work on multiple
    projects, and Microsoft bans that protection.
-1. MS failed to secure Github, which was [breached to the tune of 500gb of private projects][4].
+1. MS failed to secure Github, which was [breached to the tune of 500gb of private projects][4-cache].
    Then security was breached again in July 2020 when OAuth tokens were
    [stolen][5] from both Github and Gitlab.com.
    Security incompetence is further showcased by an MS-imposed requirement
diff --git a/gitlab-dot-com.md b/gitlab-dot-com.md
index 52bf390..5bcbac5 100644
--- a/gitlab-dot-com.md
+++ b/gitlab-dot-com.md
@@ -62,7 +62,8 @@ These are the ethical problems with that specific instance:
    freedoms.  Yet gitlab.com's walled garden is so restricted that Tor
    users are not even permitted to clone a project:
 
-![](https://infosec.exchange/system/media_attachments/files/105/764/904/002/819/754/original/38832d4b9ffc75fa.png)
+[//]: # (old url→ https://infosec.exchange/system/media_attachments/files/105/764/904/002/819/754/original/38832d4b9ffc75fa.png)
+![](https://media.infosec.exchange/infosecmedia/media_attachments/files/105/764/904/002/819/754/original/38832d4b9ffc75fa.png)
 
 consequently [FSF criteria C3][fsfCriteria] is unmet.
 
@@ -234,8 +235,8 @@ of CAPTCHAs:
 [glbug]: https://web.archive.org/web/20210306172223/gitlab.com/prism-break/prism-break/-/issues/2146
 [GRConTP]: https://lists.gnu.org/archive/html/repo-criteria-discuss/2021-03/msg00000.html
 [asAmeans]: https://plato.stanford.edu/entries/persons-means
+[snowplow-cache]: https://web.archive.org/web/20220811090954/docs.gitlab.com/ee/development/snowplow
 
 [//]: # (unused links)
-[grcNonfree]: # ([recaptcha/api.js](https://www.google.com/recaptcha/api.js))
-[signalGRC]: # (https://user-images.githubusercontent.com/18015852/55681364-07713600-5926-11e9-8874-137e4faaf423.png)
-[snowplow-cache]: # (https://web.archive.org/web/20220811090954/docs.gitlab.com/ee/development/snowplow/)
+[//]: # ([grcNonfree]: [recaptcha/api.js](https://www.google.com/recaptcha/api.js))
+[//]: # ([signalGRC]: # (https://user-images.githubusercontent.com/18015852/55681364-07713600-5926-11e9-8874-137e4faaf423.png))
diff --git a/input_data/forges.sql b/input_data/forges.sql
index 5b8d3ba..8d5b9f9 100644
--- a/input_data/forges.sql
+++ b/input_data/forges.sql
@@ -100,6 +100,7 @@ insert into forgesTbl (url_clrnet, software, notes) values ('https://source.puri
 insert into forgesTbl (url_clrnet, software, openpubreg) values ('https://source.small-tech.org','gitlab_ce',0);
 insert into forgesTbl (url_clrnet, software, openpubreg, cfns, notes) values ('https://git.shivering-isles.com','gitlab_ce',0,1,'Registration is open but broken-- requires 2FA using a device that can QR-scan, and the email verification link is DoA: ![](images/shivering-isles_broken_reg.png) That stale link error triggers even when accessed immediately.');
 insert into forgesTbl (url_clrnet, software, cfns, dead) values ('https://git.stuxhost.com','gitlab_ce',1,1);
+insert into forgesTbl (url_clrnet, url_onion, software) values ('https://0xacab.org/','http://wmj5kiic7b6kjplpbvwadnht2nh2qnkbnqtcv3dyvpqtz7ssbssftxid.onion:44203/','gitlab');
 
 update forgesTbl set forced_nfsw = null where software = 'gitlab_ee';
 update forgesTbl set forced_nfsw = 1 where hrecaptcha = 'unavoidable';