Remember that the GDPR only applies to personal data. That is defined rather broadly, but it still might not apply to all the information you've mentioned.
In the EU IP alone could be considered PII, it would seem logical that hostnames are too, but I never saw it spelled out. The counters are sent in combination with these identifiers. The summary above is compiled from GitLabs own sources. Most probably don't care but some might.
that statement is wrong.
first of all IP Addresses are only PII if you store them to identify users, means that if you are user table has an ip_address field, it is, however...
if you store all ip's accessing your service in a database to find malicious logins it isn't.
so basically the statement is, it depends.
the connection of user to ip makes it PII.
I think we agree context is important. However GitLab is collecting IPs in combination with hostnames, not to mention the rest of the traffic that could easily be used to fingerprint users.
