From ab03186d81bd9bf28b626045382601619229e371 Mon Sep 17 00:00:00 2001 From: per1234 Date: Fri, 10 Jan 2025 16:39:52 -0800 Subject: [PATCH 01/11] Add comment re: Git ref to checkout step of "Manage PRs" workflow Since it is intuitive and commonly used, the default behavior of the actions/checkout GitHub Actions action when a workflow is triggered the "pull_request" or "push" events is well understood by any workflow maintainer. However, the default behavior of the action when the workflow is triggered by a "pull_request_target" or "issue_comment" event (as is the case for the "Manage PRs" workflow) is not obvious and less well known since these events are more rarely used. It is important for the maintainer to understand which Git ref will be checked out by the actions/checkout action steps in the "Manage PRs" workflow. Adding an explanatory comment will help to ensure they have this understanding. --- .github/workflows/manage-prs.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/manage-prs.yml b/.github/workflows/manage-prs.yml index 9282bb924..773e1c40d 100644 --- a/.github/workflows/manage-prs.yml +++ b/.github/workflows/manage-prs.yml @@ -133,6 +133,8 @@ jobs: indexer-logs-urls: ${{ steps.parse-request.outputs.indexer-logs-urls }} steps: + # Checkout the tip of the default branch (this is the action's default ref input value when workflow is triggered + # by an issue_comment or pull_request_target event). - name: Checkout local repository uses: actions/checkout@v4 From b2347865d6691d5b53ecf207fa7af7b85beaff15 Mon Sep 17 00:00:00 2001 From: per1234 Date: Sun, 12 Jan 2025 01:40:10 -0800 Subject: [PATCH 02/11] Update library-registry-submission-parser tool The "Manage PRs" GitHub Actions workflow uses a command line tool named "library-registry-submission-parser" to parse the pull requests submitted to this repository. A new version of "library-registry-submission-parser" has been released, and so the version specified in the workflow for use is hereby updated. Two additional mandatory flags have been added to the command line interface of library-registry-submission-parser, so these flags are added to the invocation, and an access control configuration file added to the repository as required for use with the new `--accesslist` flag. To start, the access control configuration file is left empty, giving all users default access privileges as before. The workflow will be adjusted to take advantage of the newly added access control capabilities of library-registry-submission-parser in a separate commit. --- .github/workflows/assets/accesslist.yml | 4 ++++ .github/workflows/manage-prs.yml | 4 +++- 2 files changed, 7 insertions(+), 1 deletion(-) create mode 100644 .github/workflows/assets/accesslist.yml diff --git a/.github/workflows/assets/accesslist.yml b/.github/workflows/assets/accesslist.yml new file mode 100644 index 000000000..89d259843 --- /dev/null +++ b/.github/workflows/assets/accesslist.yml @@ -0,0 +1,4 @@ +# Access control for the Arduino Library Manager registry. +# This file is used by https://github.com/arduino/library-registry-submission-parser, via the "Manage PRs" workflow. + +[] diff --git a/.github/workflows/manage-prs.yml b/.github/workflows/manage-prs.yml index 773e1c40d..d15331a58 100644 --- a/.github/workflows/manage-prs.yml +++ b/.github/workflows/manage-prs.yml @@ -1,7 +1,7 @@ name: Manage PRs env: - SUBMISSION_PARSER_VERSION: 1.1.1 # See: https://github.com/arduino/library-manager-submission-parser/releases + SUBMISSION_PARSER_VERSION: 2.0.0 # See: https://github.com/arduino/library-manager-submission-parser/releases MAINTAINERS: | # GitHub user names to request reviews from in cases where PRs can't be managed automatically. - per1234 @@ -162,9 +162,11 @@ jobs: chmod u+x "${{ steps.download-parser.outputs.file-path }}" REQUEST="$( \ "${{ steps.download-parser.outputs.file-path }}" \ + --accesslist=".github/workflows/assets/accesslist.yml" \ --diffpath="${{ needs.diff.outputs.path }}/${{ needs.diff.outputs.filename }}" \ --repopath="${{ github.workspace }}" \ --listname="repositories.txt" \ + --submitter="${{ github.actor }}" \ )" # Due to limitations of the GitHub Actions workflow system, dedicated outputs must be created for use in # certain workflow fields. From 9b5ff785978a729197a4a22ac88229652e280a20 Mon Sep 17 00:00:00 2001 From: per1234 Date: Sun, 12 Jan 2025 01:46:19 -0800 Subject: [PATCH 03/11] Add Library Registry access control system Background ---------- The Arduino Library Manager Registry repository receives thousands of pull requests from a large number of community contributors. The great majority of these contributors behave in a responsible manner. Unfortunately this repository is regularly the subject of irresponsible behavior. The small number of people who behave irresponsibly consume a significant amount of the finite maintenance resources available for maintenance of Arduino's repositories. Communication is always the first measure taken in these cases. This is done automatically by the "Manage PRs" workflow, and then by the registry maintainer when it becomes clear that the user has disregarded the comments from the bot. Unfortunately it is regularly the case that the user simply disregards all communication and continues their pattern of irresponsible behavior unchecked. Alternatives ------------ GitHub provides tools for dealing with harmful behavior: - Report user - Block user Reporting a user is the appropriate measure in cases of malicious behavior, and the account is usually banned from the site relatively quickly after a legitimate report is made. However, the irresponsible behavior in the registry repository is not overtly malicious and so reporting the user in these cases would not be appropriate or effective. At first glance, the block feature seems ideal. However, it can only be done at an organization-wide level, and by an organization administrator. The repository maintainer is not an organization administrator, so this makes the feature inconvenient to use. There is no sign of these users interacting with other repositories in the `arduino` organization, and so there is no benefit to blocking them at organization scope. In addition, in order to make it more difficult to circumvent the access restriction, we need the ability to block requests for libraries owned by an entity who has established a pattern of irresponsible behavior, regardless of which user submits the request. So the tools provided by GitHub are not suitable and a bespoke system must be implemented. Access Levels ------------- Allow: the user may submit requests for any library, even if registry privileges have been revoked for the owner of the library's repository. This access level will only be granted to registry maintainers, in order to allow them to make exceptions for specific libraries owned by an entity whose privileges have been revoked. Default: the user may submit requests for any library, unless registry privileges have been revoked for the owner of the library's repository. Deny: the user may not submit requests. Requests from users with "default" access level for any library repository owned by the entity (user or organization) are denied. In cases where a request is declined due to revocation of Library Manager Registry privileges, the "Manage PRs" workflow will automatically make an explanatory comment, including a link that provides more details about the cause of the revocation. It will also close the PR in the case where it is not possible for the requester to resolve the problem: * The requester's Library Manager Registry privileges have been revoked **-OR-** * The owners of all library repositories which are the subject of the request have lost Library Manager Registry privileges. --- .github/CONTRIBUTING.md | 29 +++++++++ .github/workflows/manage-prs.yml | 108 ++++++++++++++++++++++++++++++- FAQ.md | 2 + README.md | 10 +++ 4 files changed, 146 insertions(+), 3 deletions(-) create mode 100644 .github/CONTRIBUTING.md diff --git a/.github/CONTRIBUTING.md b/.github/CONTRIBUTING.md new file mode 100644 index 000000000..28cc386c2 --- /dev/null +++ b/.github/CONTRIBUTING.md @@ -0,0 +1,29 @@ +# Contributor Guide + +Thanks for your interest in contributing to the **Arduino Library Manager Registry**! + +## Support and Discussion + +If you would like to request assistance or discuss the **Library Manager Registry**, please make a topic on **Arduino Forum**: + +https://forum.arduino.cc/c/17 + +## Registration and Maintenance + +--- + +⚠ If you behave irresponsibly in your interactions with this repository, your Library Manager Registry privileges will be revoked. + +Carefully read and follow the instructions in any comments the bot and human maintainers make on your pull requests. If you are having trouble following the instructions, add a comment that provides a detailed description of the problem you are having and a human maintainer will provide assistance. + +Although we have set up automation for the most basic tasks, this repository is maintained by humans. So behave in a manner appropriate for interacting with humans, including clearly communicating what you are hoping to accomplish. + +--- + +If you would like to submit a library, or request registry maintenance for a library already in the registry, please follow the instructions provided in the documentation: + +[**Click here to see the documentation**](../README.md#table-of-contents) + +Make sure to read the relevant sections of the FAQ: + +[**Click here to see the FAQ**](../FAQ.md#table-of-contents) diff --git a/.github/workflows/manage-prs.yml b/.github/workflows/manage-prs.yml index d15331a58..2ad77f039 100644 --- a/.github/workflows/manage-prs.yml +++ b/.github/workflows/manage-prs.yml @@ -125,6 +125,7 @@ jobs: runs-on: ubuntu-latest outputs: + conclusion: ${{ steps.parse-request.outputs.conclusion }} type: ${{ steps.parse-request.outputs.type }} error: ${{ steps.parse-request.outputs.error }} arduinoLintLibraryManagerSetting: ${{ steps.parse-request.outputs.arduinoLintLibraryManagerSetting }} @@ -170,6 +171,7 @@ jobs: )" # Due to limitations of the GitHub Actions workflow system, dedicated outputs must be created for use in # certain workflow fields. + echo "::set-output name=conclusion::$(echo "$REQUEST" | jq -r -c '.conclusion')" echo "::set-output name=type::$(echo "$REQUEST" | jq -r -c '.type')" echo "::set-output name=error::$(echo "$REQUEST" | jq -r -c '.error')" echo "::set-output name=arduinoLintLibraryManagerSetting::$(echo "$REQUEST" | jq -r -c '.arduinoLintLibraryManagerSetting')" @@ -195,10 +197,13 @@ jobs: labels: | - "topic: ${{ needs.parse.outputs.type }}" + # Handle problem found by the parser that can potentially be resolved by requester. parse-fail: needs: - parse - if: needs.parse.outputs.error != '' + if: > + needs.parse.outputs.conclusion != 'declined' && + needs.parse.outputs.error != '' runs-on: ubuntu-latest steps: @@ -223,6 +228,56 @@ jobs: More information: https://github.com/${{ github.repository }}/blob/main/README.md#if-the-problem-is-with-the-pull-request + # Requester's registry privileges have been revoked. + decline-request: + needs: + - parse + if: > + needs.parse.outputs.conclusion == 'declined' && + needs.parse.outputs.error != '' + runs-on: ubuntu-latest + steps: + - name: Comment reason for declining request + uses: octokit/request-action@v2.x + if: needs.parse.outputs.error != '' + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + with: + route: POST /repos/{owner}/{repo}/issues/{issue_number}/comments + owner: ${{ github.repository_owner }} + repo: ${{ github.event.repository.name }} + issue_number: ${{ github.event.pull_request.number }}${{ github.event.issue.number }} + body: | + | + Hi @${{ github.actor }} + Your request has been declined: + + ${{ env.ERROR_MESSAGE_PREFIX }}${{ needs.parse.outputs.error }} + + - name: Close PR + uses: octokit/request-action@v2.x + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + with: + route: PATCH /repos/{owner}/{repo}/pulls/{pull_number} + owner: ${{ github.repository_owner }} + repo: ${{ github.event.repository.name }} + pull_number: ${{ github.event.pull_request.number }}${{ github.event.issue.number }} + state: closed + + - name: Add conclusion label to PR + uses: octokit/request-action@v2.x + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + with: + # See: https://docs.github.com/rest/issues/labels#add-labels-to-an-issue + route: POST /repos/{owner}/{repo}/issues/{issue_number}/labels + owner: ${{ github.repository_owner }} + repo: ${{ github.event.repository.name }} + issue_number: ${{ github.event.pull_request.number }}${{ github.event.issue.number }} + labels: | + - "conclusion: ${{ needs.parse.outputs.conclusion }}" + check-submissions: name: Check ${{ matrix.submission.submissionURL }} needs: @@ -230,6 +285,7 @@ jobs: if: > needs.parse.outputs.type == 'submission' || needs.parse.outputs.type == 'modification' + runs-on: ubuntu-latest strategy: fail-fast: false @@ -279,6 +335,15 @@ jobs: if: matrix.submission.error != '' run: echo "PASS=false" >> "$GITHUB_ENV" + # Parser checks are relevant in the case where request is declined due to registry access having been revoked for + # the library repository owners. However, the rest of the checks are irrelevant and may result in confusing + # comments from the bot, so should be skipped. + - name: Skip the rest of the checks if request is declined + if: > + needs.parse.outputs.conclusion == 'declined' && + env.PASS == 'true' + run: echo "PASS=false" >> "$GITHUB_ENV" + - name: Install Arduino Lint if: env.PASS == 'true' run: | @@ -422,12 +487,15 @@ jobs: run: | test -d "${{ env.CHECK_SUBMISSIONS_FAIL_FLAG_ARTIFACT_PATH }}" + # Handle problem found by the submission checks that can potentially be resolved by requester. check-submissions-fail: needs: + - parse - check-submissions-result - if: needs.check-submissions-result.outputs.pass == 'false' + if: > + needs.parse.outputs.conclusion != 'declined' && + needs.check-submissions-result.outputs.pass == 'false' runs-on: ubuntu-latest - steps: - name: Comment instructions to fix errors detected during submission checks uses: octokit/request-action@v2.x @@ -453,6 +521,37 @@ jobs: More information: https://github.com/${{ github.repository }}/blob/main/README.md#if-the-problem-is-with-the-pull-request + decline-submissions: + needs: + - parse + - check-submissions + if: needs.parse.outputs.conclusion == 'declined' + runs-on: ubuntu-latest + steps: + - name: Close PR + uses: octokit/request-action@v2.x + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + with: + route: PATCH /repos/{owner}/{repo}/pulls/{pull_number} + owner: ${{ github.repository_owner }} + repo: ${{ github.event.repository.name }} + pull_number: ${{ github.event.pull_request.number }}${{ github.event.issue.number }} + state: closed + + - name: Add conclusion label to PR + uses: octokit/request-action@v2.x + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + with: + # See: https://docs.github.com/rest/issues/labels#add-labels-to-an-issue + route: POST /repos/{owner}/{repo}/issues/{issue_number}/labels + owner: ${{ github.repository_owner }} + repo: ${{ github.event.repository.name }} + issue_number: ${{ github.event.pull_request.number }}${{ github.event.issue.number }} + labels: | + - "conclusion: ${{ needs.parse.outputs.conclusion }}" + merge: needs: - diff @@ -605,6 +704,7 @@ jobs: - parse # These request types can't be automatically approved. if: > + needs.parse.outputs.conclusion != 'declined' && needs.parse.outputs.type != 'submission' && needs.parse.outputs.type != 'invalid' runs-on: ubuntu-latest @@ -631,8 +731,10 @@ jobs: needs: # Run after all other jobs - parse-fail + - decline-request - merge-fail - check-submissions-fail + - decline-submissions - label - not-submission # Run if any job failed. The workflow is configured so that jobs only fail when there is an unexpected error. diff --git a/FAQ.md b/FAQ.md index 01fd34f4f..eba406117 100644 --- a/FAQ.md +++ b/FAQ.md @@ -72,6 +72,8 @@ Follow the instructions [here](README.md#adding-a-library-to-library-manager). ### What are the requirements for a library to be added to Library Manager? +- [ ] The library must be something of potential value to the Arduino community. +- [ ] The submitter must behave in a responsible manner in their interactions with the Library Manager Registry. - [ ] The library must be fully compliant with the [Arduino Library Specification](https://arduino.github.io/arduino-cli/latest/library-specification). - [ ] The library must have [a library.properties file](https://arduino.github.io/arduino-cli/latest/library-specification/#library-metadata), in compliance with the Arduino Library 1.5 format. - [ ] The library.properties file must be located in the root of the repository. diff --git a/README.md b/README.md index c25b8e1cc..b0d325c61 100644 --- a/README.md +++ b/README.md @@ -33,6 +33,16 @@ See the instructions below for detailed instructions on how to do this via the G ### Instructions +--- + +⚠ If you behave irresponsibly in your interactions with this repository, your Library Manager Registry privileges will be revoked. + +Carefully read and follow the instructions in any comments the bot and human maintainers make on your pull requests. If you are having trouble following the instructions, add a comment that provides a detailed description of the problem you are having and a human maintainer will provide assistance. + +Although we have set up automation for the most basic tasks, this repository is maintained by humans. So behave in a manner appropriate for interacting with humans, including clearly communicating what you are hoping to accomplish. + +--- + 1. You may want to first take a look at [the requirements for admission into the Arduino Library Manager index](FAQ.md#submission-requirements). Each submission will be checked for compliance before being accepted. From 9914dd642e6b4e35e2685c5fdbc570899875595e Mon Sep 17 00:00:00 2001 From: per1234 Date: Mon, 13 Jan 2025 02:24:50 -0800 Subject: [PATCH 04/11] Grant full registry access privileges to repository maintainer This access level will allow the maintainer to make exceptions for specific libraries owned by an entity whose privileges have been revoked. --- .github/workflows/assets/accesslist.yml | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/.github/workflows/assets/accesslist.yml b/.github/workflows/assets/accesslist.yml index 89d259843..8fe1fcd63 100644 --- a/.github/workflows/assets/accesslist.yml +++ b/.github/workflows/assets/accesslist.yml @@ -1,4 +1,8 @@ # Access control for the Arduino Library Manager registry. # This file is used by https://github.com/arduino/library-registry-submission-parser, via the "Manage PRs" workflow. -[] +# Allowlist +- host: github.com + name: per1234 + access: allow + reference: From cb4595592821c55d4ce3e9d0d27ad109fe135909 Mon Sep 17 00:00:00 2001 From: per1234 Date: Mon, 13 Jan 2025 02:26:38 -0800 Subject: [PATCH 05/11] Revoke registry privileges for `github.com/7Semi` This user has established a pattern of irresponsible behavior in the Arduino Library Manager Registry repository. They continued this behavior even after the bot and human maintainer made significant efforts to guide them to responsible use. --- .github/workflows/assets/accesslist.yml | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/.github/workflows/assets/accesslist.yml b/.github/workflows/assets/accesslist.yml index 8fe1fcd63..ef8ee9504 100644 --- a/.github/workflows/assets/accesslist.yml +++ b/.github/workflows/assets/accesslist.yml @@ -6,3 +6,9 @@ name: per1234 access: allow reference: + +# Denylist +- host: github.com + name: 7Semi + access: deny + reference: https://github.com/arduino/library-registry/pull/5734#pullrequestreview-2548818476 From 70342db31d05498d6f404e9e8b40b3dbc91f005d Mon Sep 17 00:00:00 2001 From: per1234 Date: Mon, 13 Jan 2025 02:28:23 -0800 Subject: [PATCH 06/11] Revoke registry privileges for `github.com/YoavPaz` This user has established a pattern of irresponsible behavior in the Arduino Library Manager Registry repository. They continued this behavior even after the bot and human maintainer made significant efforts to guide them to responsible use. --- .github/workflows/assets/accesslist.yml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/.github/workflows/assets/accesslist.yml b/.github/workflows/assets/accesslist.yml index ef8ee9504..6bd665e91 100644 --- a/.github/workflows/assets/accesslist.yml +++ b/.github/workflows/assets/accesslist.yml @@ -12,3 +12,7 @@ name: 7Semi access: deny reference: https://github.com/arduino/library-registry/pull/5734#pullrequestreview-2548818476 +- host: github.com + name: YoavPaz + access: deny + reference: https://github.com/arduino/library-registry/pull/5741#issuecomment-2589016403 From c8e240c7cd76d097b5b50bdc94bf0144ae8163ee Mon Sep 17 00:00:00 2001 From: per1234 Date: Mon, 13 Jan 2025 19:30:59 -0800 Subject: [PATCH 07/11] Revoke registry privileges for `github.com/ajangrahmat` and `github.com/kelasrobot` `github.com/ajangrahmat` has established a pattern of irresponsible behavior in the Arduino Library Manager Registry repository, related to the libraries of the associated organization `github.com/kelasrobot`. They continued this behavior even after the bot and human maintainer made significant efforts to guide them to responsible use. --- .github/workflows/assets/accesslist.yml | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/.github/workflows/assets/accesslist.yml b/.github/workflows/assets/accesslist.yml index 6bd665e91..4058d95f6 100644 --- a/.github/workflows/assets/accesslist.yml +++ b/.github/workflows/assets/accesslist.yml @@ -12,6 +12,14 @@ name: 7Semi access: deny reference: https://github.com/arduino/library-registry/pull/5734#pullrequestreview-2548818476 +- host: github.com + name: ajangrahmat + access: deny + reference: https://github.com/arduino/library-registry/pull/5706#issuecomment-2588923290 +- host: github.com + name: kelasrobot + access: deny + reference: https://github.com/arduino/library-registry/pull/5706#issuecomment-2588923290 - host: github.com name: YoavPaz access: deny From af662b38aed357173c5aa3bfee62fcee4c1c14ed Mon Sep 17 00:00:00 2001 From: per1234 Date: Mon, 13 Jan 2025 21:35:30 -0800 Subject: [PATCH 08/11] Revoke registry privileges for `github.com/DefHam140` This user has established a pattern of irresponsible behavior in the Arduino Library Manager Registry repository. They continued this behavior even after the bot and human maintainer made significant efforts to guide them to responsible use. --- .github/workflows/assets/accesslist.yml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/.github/workflows/assets/accesslist.yml b/.github/workflows/assets/accesslist.yml index 4058d95f6..2d32acfa9 100644 --- a/.github/workflows/assets/accesslist.yml +++ b/.github/workflows/assets/accesslist.yml @@ -16,6 +16,10 @@ name: ajangrahmat access: deny reference: https://github.com/arduino/library-registry/pull/5706#issuecomment-2588923290 +- host: github.com + name: DefHam140 + access: deny + reference: https://github.com/arduino/library-registry/pull/5265#issuecomment-2589039572 - host: github.com name: kelasrobot access: deny From f8cff3f9fdfee4df1735f02ba9de072d9f1b7c73 Mon Sep 17 00:00:00 2001 From: per1234 Date: Mon, 13 Jan 2025 21:48:00 -0800 Subject: [PATCH 09/11] Revoke registry privileges for `github.com/Subodh-roy2` This user has established a pattern of irresponsible behavior in the Arduino Library Manager Registry repository. They continued this behavior even after the bot and human maintainer made significant efforts to guide them to responsible use. --- .github/workflows/assets/accesslist.yml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/.github/workflows/assets/accesslist.yml b/.github/workflows/assets/accesslist.yml index 2d32acfa9..5acd6c7f1 100644 --- a/.github/workflows/assets/accesslist.yml +++ b/.github/workflows/assets/accesslist.yml @@ -24,6 +24,10 @@ name: kelasrobot access: deny reference: https://github.com/arduino/library-registry/pull/5706#issuecomment-2588923290 +- host: github.com + name: Subodh-roy2 + access: deny + reference: https://github.com/arduino/library-registry/pull/4422#issuecomment-2589051618 - host: github.com name: YoavPaz access: deny From e5c8dac0aaa96103e884d87be29d5b2e04ef9a8a Mon Sep 17 00:00:00 2001 From: per1234 Date: Mon, 13 Jan 2025 22:34:17 -0800 Subject: [PATCH 10/11] Revoke registry privileges for `github.com/brincode` This user has established a pattern of irresponsible behavior in the Arduino Library Manager Registry repository. They continued this behavior even after the bot and human maintainer made significant efforts to guide them to responsible use. --- .github/workflows/assets/accesslist.yml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/.github/workflows/assets/accesslist.yml b/.github/workflows/assets/accesslist.yml index 5acd6c7f1..85ca72bb3 100644 --- a/.github/workflows/assets/accesslist.yml +++ b/.github/workflows/assets/accesslist.yml @@ -16,6 +16,10 @@ name: ajangrahmat access: deny reference: https://github.com/arduino/library-registry/pull/5706#issuecomment-2588923290 +- host: github.com + name: brincode + access: deny + reference: https://github.com/arduino/library-registry/pull/4460#issuecomment-2589062464 - host: github.com name: DefHam140 access: deny From ff7789868dba0e6ba6b86f258d7859b3b71daa06 Mon Sep 17 00:00:00 2001 From: per1234 Date: Mon, 13 Jan 2025 22:34:31 -0800 Subject: [PATCH 11/11] Revoke registry privileges for `github.com/ErlTechnologies` and `github.com/vpbharath` These users (both accounts are the same entity) has established a pattern of irresponsible behavior in the Arduino Library Manager Registry repository. They continued this behavior even after the bot and human maintainer made significant efforts to guide them to responsible use. --- .github/workflows/assets/accesslist.yml | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/.github/workflows/assets/accesslist.yml b/.github/workflows/assets/accesslist.yml index 85ca72bb3..6c012cf3f 100644 --- a/.github/workflows/assets/accesslist.yml +++ b/.github/workflows/assets/accesslist.yml @@ -24,6 +24,10 @@ name: DefHam140 access: deny reference: https://github.com/arduino/library-registry/pull/5265#issuecomment-2589039572 +- host: github.com + name: ErlTechnologies + access: deny + reference: https://github.com/arduino/library-registry/pull/4873#issuecomment-2589138298 - host: github.com name: kelasrobot access: deny @@ -32,6 +36,10 @@ name: Subodh-roy2 access: deny reference: https://github.com/arduino/library-registry/pull/4422#issuecomment-2589051618 +- host: github.com + name: vpbharath + access: deny + reference: https://github.com/arduino/library-registry/pull/4873#issuecomment-2589138298 - host: github.com name: YoavPaz access: deny