Gaëtan Gilbert (Sep 08 2021 at 13:37): Gaëtan Gilbert (Sep 08 2021 at 13:37):There was an attempt to put ip logger links on the wiki
I removed the offending commits
You can still see it at https://github.com/coq/coq/wiki/Home/ed3fd6a6f231f7b1c960f105f909f432475bdb71 (the "Installation of Coq on Windows" link) until github garbage collects
Théo Zimmermann (Sep 08 2021 at 13:47):I've reported the abuse to GitHub. We can also block the user if it happens again.
Théo Zimmermann (Oct 18 2021 at 08:31):This is the second time that this happens (again by a new GitHub account). I've removed the offending commit like you did last time.
Michael Soegtrop (Oct 18 2021 at 08:55):Maybe we can have a CI script which checks all external links vs an "allow list".
Théo Zimmermann (Oct 18 2021 at 08:57):Seems too heavy to me. We already closely monitor changes to the wiki thanks to our GitHub notification feed here in Zulip and I've reported both incidents to GitHub support so hopefully they can put some additional spam filters in place.
Michael Soegtrop (Oct 18 2021 at 09:00):I guess it would be harder for GitHub to come up with an "allow list". They probably would have to do it "deny list" based.
Théo Zimmermann (Oct 18 2021 at 09:03):Yes, though in this case, it's spam that's pretty easy to detect: in both cases, it was users that just joined and didn't do any actual contribution, editing the wiki of a project with which they never interacted, to replace an existing link by a hidden link to a linkify.me short URL...
Théo Zimmermann (Oct 18 2021 at 09:04):Before coming up with our own solutions, let's see if this really becomes a significant problem that GitHub itself cannot handle.
Théo Zimmermann (Oct 20 2021 at 10:24):The same user has tried again inserting this link, so I've blocked them from the Coq organization and reverted their changes.
Last updated: Apr 18 2024 at 22:02 UTC