After getting a ‘request to join Snowdrift group’ from a spam user on git.snowdrift.coop, I decided to check out what other users we have. Turns out there are 259 users with no projects (so they haven’t even forked Snowdrift), and at first glance they seem to all be spam.
This makes me wish even more that the project was just hosted on gitlab.com. Thoughts?
Send confirmation email on signup (obvious win, maybe the only change needed)
Restricted visibility levels: “If the public level is restricted, user profiles are only visible to logged in users.”
The first is obvious, I’ve already turned it on. I’m not sure what the ramifications of the second are, but I’m going to turn it on, as well. We can adjust if necessary.
Thanks, I so thought that I had that first setting on already!
I actually already manually had deleted several users with names focused on “SEO” as obvious spam. I agree it’s near-certain that all the users with zero activity and no forking are all spam.
On one hand, spam users who do nothing can just be ignored, doesn’t really cost us anything. But I vote we just delete them all.
Ah okay. Well, I guess it means that anyone who makes forks in order to contribute there will only be visible to logged-in users unless we mark their forks public. Probably no big deal since likely all changes in forks will just turn into merge-requests to the public repos…
[Incidentally, if we find there are reasons to have a range of fully-public forks and various repos outside the main group, that might lean toward the gitlab.com suggestion… but I don’t predict this will happen]