mirror of
https://github.com/toxic-repos/toxic-repos
synced 2024-10-18 17:50:19 +03:00
39 lines
1.7 KiB
Markdown
39 lines
1.7 KiB
Markdown
# toxic-repos
|
|
|
|
### We are against discrediting open source software
|
|
|
|
## What is this?
|
|
|
|
Recently, cases of adding code of varying degrees of danger to popular Open Source projects have become more frequent.
|
|
This can pose a threat to people, and also undermines the credibility of the Open Source community and Open Source as such.
|
|
|
|
[:link: Web site](https://toxic-repos.ru/?utm_source=github&utm_medium=repository&utm_campaign=md) | [:speech_balloon: Telegram chat](https://t.me/toxic_repos) | [:email: E-mail](info@toxic-repos.ru) | [:bird: Twitter](https://twitter.com/ZStravnik)
|
|
|
|
## Statistics
|
|
|
|
Records in the database: 358
|
|
> At the moment, the most up-to-date list is on our website. The list in this repository is updated with a slight delay.
|
|
|
|
[CHANGELOG](CHANGELOG.md)
|
|
|
|
## Additionally
|
|
|
|
[CSV](data/csv/toxic-repos.csv) | [JSON](data/json/toxic-repos.json) | [SQLite](data/sqlite/toxic-repos.sqlite3)
|
|
|
|
## Recommendations
|
|
|
|
- Assembly isolation in containers, including for intermediate assemblies on developers' machines.
|
|
- Forks all libraries (if possible) and containers to yourself.
|
|
- Mirroring package repositories.
|
|
- Inclusion in CI of at least search by keywords, UTF characters with the image of the Ukrainian flag and comparison of the list of files with the whitelist.
|
|
- Research on code analysis tools.
|
|
- Sending a report according to [instructions](HOW-TO-REPORT.md)
|
|
|
|
## Have an idea for improvement?
|
|
|
|
- You can write to our [Telegram chat](https://t.me/toxic_repos)
|
|
- You can write to us at info@toxic-repos.ru
|
|
- Submit your pull reguest;
|
|
- Create [issue](https://github.com/stravnik/toxic-repos/issues/new);
|
|
- Start [discussion](https://github.com/stravnik/toxic-repos/discussions/new).
|