A mechanism to report obviously malicious users is needed #7081
alexpyattaev
started this conversation in
General
Replies: 1 comment 2 replies
-
|
unfortunately, this is currently not forbidden by the crates.io policies, unless anyone can prove that these crates were published in some form of automated way. we are trying to update our policies with rust-lang/rfcs#3463 to explicitly disallow such behavior. feel free to chime in over there. |
Beta Was this translation helpful? Give feedback.
2 replies
-
|
Well, if not automated, the person doing was sure very persistent! I mean, there is over 400 of them... |
Beta Was this translation helpful? Give feedback.
This comment was marked as off-topic.
This comment was marked as off-topic.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
Recently stumbled upon this user:
https://crates.io/users/r3v2d0g?page=8&sort=downloads
The guy has 407 crates published, with pretty much all of them having no content of any sort. While none of this is strictly malicious activity as such, claiming 407 crate names and using at best 3 of them is, IMHO, quite excessive, and would make publishing new crates with sensible names harder and harder over time. It would be nice if there existed a mechanism to "report" users for borderline behavior such that damage they cause can be mitigated.
Beta Was this translation helpful? Give feedback.
All reactions