Spam in packagist

[luispabon]

I've noticed there's a great deal of spam packages in Packagist:

http://repo.packagist.org/p/provider-latest$66a9a9ffd3e27c7e50b9538bd769360d9e83f4d4ba469314e3a271dd99eed547.json

Is there any way these can be cleaned up and anti-spam measures put up?

[stof]

Well, there are already some blacklist in place to detect spam packages.

[alcohol]

I think we should also consider applying https://support.google.com/webmasters/answer/96569?hl=en to all external links. While this will also impact legitimate links, I am not sure it is as important as discouraging these spamming practices.

[Lctrs]

I noticed that some are using the words # code!stream as their description. It can be worth it to add that to the blacklist.

Full list :

• https://packagist.org/packages/w-a-t-c-h/the-white-crow-2018-stream-hd-720px
• https://packagist.org/packages/avengers-endgame/2019-stream-720p
• https://packagist.org/packages/us-stream/full-uncut-2019
• https://packagist.org/packages/stream-hq/captain-marvel-pelicula-completa-uncut-2019
• https://packagist.org/packages/ver-hd/captain-marvel-2019-pelicula-completa-audio-latino
• https://packagist.org/packages/10800px/captain-marvel-pelicula-completa-uncut-2019

[Lctrs]

As suggested by @kalessil on Twitter, a report button could also help.

[DamienLegay]

Some spam packages are in French or Spanish, too. Avengers:Endgame, GoT, Pikachu detective, spam is in there. Also, "iphonex giveaway", instagram verification hacks, "yakuza-kiwami-2" hacks,...

[AllenJB]

More spam:

• https://packagist.org/packages/reddit-rugby/crusaders-vs-rebels-live-streaming-tv

This issue is similar / related to #971 and #106

[GameCharmer]

Here's another one: https://packagist.org/packages/install-minecraft-earth-beta/minecraft-earth-beta-download-early-access