A tale of EchoJS
Published 2021-02-12
The story of how EchoJS had to face spamming because of refusing to implement spam protection.
What is EchoJS?
EchoJS is an open-source community for sharing links related to JavaScript, It's old and extremely basic and barely has any spam protection, making it a hot target for spammers.
How did EchoJS get spammed?
As already mentioned, EchoJS barely has any Spam protection, which implies that Spamming is really easy on EchoJS.
In this case, EchoJS does not require any email to sign up, removing even the basic necessity for a human, The only protection it has is limiting by IP Address. How effective is it?
Though it started off well by only using upvote spam to keep my post on top, I just overdid it. Do I regret it? No.
The Aftermath of Spamming
What would any sane Community do after facing Spam? Clean it up, yeah? EchoJS took 2 days to clean everything up. Amazing Moderation.
After politely reporting everything to them in a GitHub issue, They don't seem to be very supportive.
https://github.com/echojs/echojs/issues/12
Though it's debatable, open-source Communities are responsible for their vulnerability. EchoJS seems to not care, unfortunately.
Further Discussions
Is it wrong to demand features in open-source projects?
The above link summarises various things, It's a popular belief that open-source maintainers aren't liable for their projects. This needs to Change.
Did EchoJS Change?
https://github.com/echojs/echojs/issues/13
Kind of? Yeah, they declared that they are taking actions, They still need proper moderation, how they will get it, who knows?