As a potential pathway to making it safe to host public instances again, I think it would be useful to have automatic limits on what repos can be added for collection by the public (at least without logging into an account, which IMO should require admin approval).
The idea would be that any newly added repo URLs would go through a series of checks where the relevant platform (determined by this )'s API would be queried to see things like
- how big is the repo
- How many commits
- is it an org
- is it an org with too many repos or repos that are too large?
- is it a repo thats specifically banned from being loaded for being abusive
- is it a repo containing a recent and/or initial commit that we already have collection for (I.e. a fork)
As a potential pathway to making it safe to host public instances again, I think it would be useful to have automatic limits on what repos can be added for collection by the public (at least without logging into an account, which IMO should require admin approval).
The idea would be that any newly added repo URLs would go through a series of checks where the relevant platform (determined by this )'s API would be queried to see things like