I'm don't think github has a feature to require captcha's on PRs. But these PR's come from brand new accounts, so if they're bots, they've figured out how to get around the new account captcha.
But actually, I'm not sure they're bots. I see one account that create a a spam PR also created 70 of the same pull requests to other repositories. They also opened an issue in the crypto mining source code repo that looks like a human wrote it, so I think these might actually be real people. On 4/21/21 9:38 AM, Attila Horvath wrote: > does github support (re)captcha on email submit? > > On Wed, Apr 21, 2021 at 9:22 AM Steve Lawrence <slawre...@apache.org> wrote: > >> Unfortunately, I'm not sure there's anything we can do about it. >> >> GitHub doesn't give any controls over who can/can't open a PR. We can't >> even temporarily close PR's completely. >> >> We could maybe make it so GitHub actions on PRs must be manually >> triggered so the spammers cryptocurrency mining stuff would never run. >> But that's a bit of a pain, and it relies on the spammers to realize >> their stuff isn't being run anymore and take us off their list. My guess >> is we're stuck on their list forever now. >> >> These crypto mining attacks are a known issue for GitHub, hopefully >> they're working on a solution. Tough, GitHub is eventually detecting >> these are spam and closing the accounts and deleting the PRS, but not >> until after the PR is created. >> >> As to the archive issue, we could maybe ask infra to remove archives >> that are clearly spam (all of them so far say "Demo titles Add >> files...", so unique and consistent). But it doesn't solve the >> underlying issue. >> >> >> On 4/21/21 8:59 AM, Beckerle, Mike wrote: >>> We seem to be fending off maybe 10 a day github spam attacks where >> people >>> open/close pull requests. >>> >>> Is there something systematic we can do to avoid this? >>> >>> This pollutes our mailing lists. I know we can manually purge the PRs >> from >>> github, but these things will live forever in the mail archives, adding >> a bunch >>> of random emails/account names to them, and generally making them less >> useful. >>> >>> Mike Beckerle | Principal Engineer >>> >>> mbecke...@owlcyberdefense.com <mailto:bhum...@owlcyberdefense.com> >>> >>> P +1-781-330-0412 >>> >>> Connect with us! >>> >>> <https://www.linkedin.com/company/owlcyberdefense/>< >> https://twitter.com/owlcyberdefense> >>> >>> <https://owlcyberdefense.com/resources/events/> >>> >>> ** >>> >>> The information contained in this transmission is for the personal and >>> confidential use of the individual or entity to which it is addressed. >> If the >>> reader is not the intended recipient, you are hereby notified that any >> review, >>> dissemination, or copying of this communication is strictly prohibited. >> If you >>> have received this transmission in error, please notify the sender >> immediately >>> >> >> >
