This has to do with crypto mining? Gaaak. So their PR contains crypto mining code, and they are doing this to get the CI to run it as part of the way CI checks any PR?
Sounds like submitting a PR has to require a Capcha or 2-FA. ________________________________ From: Steve Lawrence <slawre...@apache.org> Sent: Wednesday, April 21, 2021 9:22 AM To: dev@daffodil.apache.org <dev@daffodil.apache.org> Subject: Re: all this github spam ? Unfortunately, I'm not sure there's anything we can do about it. GitHub doesn't give any controls over who can/can't open a PR. We can't even temporarily close PR's completely. We could maybe make it so GitHub actions on PRs must be manually triggered so the spammers cryptocurrency mining stuff would never run. But that's a bit of a pain, and it relies on the spammers to realize their stuff isn't being run anymore and take us off their list. My guess is we're stuck on their list forever now. These crypto mining attacks are a known issue for GitHub, hopefully they're working on a solution. Tough, GitHub is eventually detecting these are spam and closing the accounts and deleting the PRS, but not until after the PR is created. As to the archive issue, we could maybe ask infra to remove archives that are clearly spam (all of them so far say "Demo titles Add files...", so unique and consistent). But it doesn't solve the underlying issue. On 4/21/21 8:59 AM, Beckerle, Mike wrote: > We seem to be fending off maybe 10 a day github spam attacks where people > open/close pull requests. > > Is there something systematic we can do to avoid this? > > This pollutes our mailing lists. I know we can manually purge the PRs from > github, but these things will live forever in the mail archives, adding a > bunch > of random emails/account names to them, and generally making them less useful. > > Mike Beckerle | Principal Engineer > > mbecke...@owlcyberdefense.com <mailto:bhum...@owlcyberdefense.com> > > P +1-781-330-0412 > > Connect with us! > > <https://www.linkedin.com/company/owlcyberdefense/><https://twitter.com/owlcyberdefense> > > <https://owlcyberdefense.com/resources/events/> > > ** > > The information contained in this transmission is for the personal and > confidential use of the individual or entity to which it is addressed. If the > reader is not the intended recipient, you are hereby notified that any review, > dissemination, or copying of this communication is strictly prohibited. If you > have received this transmission in error, please notify the sender immediately >
