More than 200 accounts created for massive spam purposes have been created on the Orekit forge in 48 hours. 30 of them have been created in the last two hours! These accounts publish a lot of spam on the forge (notably via hundreds of issues created on projects) and many of the links are phishing.
In order to limit spam, the creation of accounts directly on the forge has already been blocked for 4 years. Only OAuth authentication through the Github.com, Gitlab.com and Bitbucket.org platforms was allowed. But all accounts created in the last 48 hours have come from Github.com. So I’ve just temporarily suspended this identity provider, which is pretty much the same as blocking the creation of new accounts on the forge.
I’ll let the storm calm down and the spammers get bored, then I’ll reactivate account creation in a while.
This measure and the situation it leads to are unsatisfactory, but it’s the only way I’ve found to stem the tide and give myself time to clean up our accounts database.