mirror of
https://github.com/toxic-repos/toxic-repos
synced 2024-11-08 10:30:12 +03:00
Список вредоносных и политизированных репозиториев
https://toxic-repos.ru
.github | ||
data | ||
scripts | ||
.gitattributes | ||
.gitignore | ||
CHANGELOG.md | ||
CODE_OF_CONDUCT.md | ||
HOW-TO-ADD.md | ||
HOW-TO-REPORT.md | ||
LICENSE | ||
README.md |
toxic-repos
Now you can send information to be added to the list via telegram bot! DarkSider BOT
Also join our telegram chat. There, information about "toxic repositories" appears even faster!
We are against discrediting open source software
What is this?
Recently, cases of adding code of varying degrees of danger to popular Open Source projects have become more frequent. This can pose a threat to people, and also undermines the credibility of the Open Source community and Open Source as such.
🔗 Web site | 💬 Telegram channel | 💬 Telegram chat | 💬 Telegram BOT
Statistics
Records in the database: more than 800
Additionally
Recommendations
- Code isolation in containers, including intermediate code on developers' machines.
- Fork all libraries (if possible) and containers to yourself.
- Mirroring package repositories.
- Inclusion in CI of at least search by keywords, UTF characters with the image of the Ukrainian flag and comparison of the list of files with the whitelist.
- Research on code analysis tools.
- Sending a report according to instructions
Have an idea for improvement?
- You can write to our Telegram chat
- You can write to us at info@toxic-repos.ru
- Submit your pull request.