I really don't want to see captchas on the AUR (Google doesn't need to more info), nor do I think playing whack-a-mole with disposable email providers is a good idea.
What I think we really need is an internal limit on flagging packages. It could be tied to the age of the account and/or hourly rate. As for unflagging, if you have been affected by this troll then post your username and I will mass-unflag your packages. (If any other TU wants this superpower, email me). Maxime Gauduin wrote: >On Wed, 2013-03-06 at 01:16 -0500, Allen Li wrote: >> On Tue, Mar 05, 2013 at 11:30:05PM -0500, Limao Luo wrote: >> >On 03/05/2013 11:21 PM, William Giokas wrote: >> >>Captchas, man. Captchas. I know it will very very slightly inconvenience >> >>some people that have to flag a few packages out of date at a time, but >> >>really, it would only save us from crap like this. >> >> >> >Yeah, they mentioned that in the aur-dev conversation, among other >> >ideas like IP blocking (which actually sounds good, except more than >> >one person can have an IP, so I don't know how much that would work, >> >unless there is some timeout period or something for the block) and >> >repeatedly doubling intervals after successive flags that time out >> >after an hour (which, while annoying, doesn't seem like an enough of >> >a deterrent, but I could be wrong). >> > >> >Well, not much to do except wait it out, I guess. I just can't >> >remember which packages I have to update now. >> >> Instead of captchas for flagging packages, do we have captchas for >> creating new accounts already? That seems more sensible. Also, perhaps >> blocking new accounts using disposable emails, at least temporarily? >> >> Allen Li > >I'd prefer requesting a non-disposable mail address instead of adding >captchas. Then again, you can also create disposable gmail accounts... > >-- >Maxime
