top | item 46975965

(no title)

moebrowne | 18 days ago

This kind of thing can be mitigated by not publishing a page/download for every single branch, commit and diff in a repo.

Make only the HEAD of each branch available. Anyone who wants more detail has to clone it and view it with their favourite git client.

For example https://mitxela.com/projects/web-git-sum (https://git.mitxela.com/)

discuss

PaulDavisThe1st|18 days ago

Alternatively, from the nginx config file for git.ardour.org:

   location ~ commit/* {
        return 404;
    }

unknown|18 days ago

[deleted]

Imustaskforhelp|18 days ago

I got another interesting idea from this and another comment but what if we combine this with ssh git clients/websites with the normal ability.

maybe something like https://ssheasy.com/ or similar could also be used? or maybe even a gotty/xterm instance which could automatically ssh/get a tui like interface.

I feel as if this would for all scrapers be enough?

bandie91|18 days ago

i'm working on something similar: instead of web-based ssh client, it's a web-based git client UI - you can "checkout" repos, browse commits, tree, read individual files, etc. with no server-side code at all; git objects are fetched and parsed on client-side. first target is the dumb-http git protocol, so people can host git repos on static websites, and visitors don´t need to clone by a local git client to peek in.

https://bandie91.github.io/dumb-http-git-browser-js-app/ui.h...

HumanOstrich|18 days ago

[deleted]

yellowapple|17 days ago

I suspect bog-standard per-IP rate limiting would also mitigate this, no?

moebrowne|16 days ago

People report that the requests come from many thousands of IPs