-
Notifications
You must be signed in to change notification settings - Fork 143
124 lines (115 loc) · 4.37 KB
/
spam-detection.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
name: Suspicious Comment Detection
on:
issue_comment:
types: [created]
pull_request_review_comment:
types: [created]
jobs:
check_comment:
runs-on: ubuntu-latest
steps:
- name: Check for suspicious patterns
uses: actions/github-script@v6
with:
github-token: ${{ secrets.GITHUB_TOKEN }}
script: |
try {
const comment = context.payload.comment;
const body = comment.body.toLowerCase();
const author = comment.user.login;
// Suspicious patterns
const suspiciousPatterns = [
'support team',
'customer service',
'telegram',
'whatsapp',
'contact us',
'click here',
'support group',
't.me/',
'wa.me/',
'support chat',
'live chat',
'support ticket',
'ticket id',
'live support',
'support line',
'support agent',
'support network',
'dedicated support',
'personalized assistance',
'opened for you',
'kindly talk to',
'we apologize',
'live chat with an agent',
'chat button',
'dapp portal',
'decentralized dapp',
'access the portal',
'report your request',
'start a conversation',
'click the chat',
'for assistance',
'reach out to',
'through the chat',
'portal',
'help center',
'ticket',
'this will be review',
'bringing this to our notice',
'initiate a chat',
'regards',
'hello @',
'thanks for bringing',
];
// Add pattern weight scoring
const patternWeights = {
'ticket id': 2,
'support team': 2,
'live support': 2,
'help center': 2,
// Regular patterns have weight of 1
};
// Calculate spam score
let spamScore = 0;
const foundPatterns = suspiciousPatterns.filter(pattern => {
if (body.includes(pattern)) {
spamScore += patternWeights[pattern] || 1;
return true;
}
return false;
});
// Check for external links (excluding common legitimate domains)
const hasExternalLinks = body.includes('http') || body.includes('www');
const hasGithubLinks = body.includes('github.com');
const suspiciousLinks = hasExternalLinks && !hasGithubLinks;
// Trigger on either multiple patterns or high spam score
if (foundPatterns.length > 2 || spamScore >= 3) {
try {
// Create a warning comment
await github.rest.issues.createComment({
owner: context.repo.owner,
repo: context.repo.repo,
issue_number: context.payload.issue ? context.payload.issue.number : context.payload.pull_request.number,
body: warningMessage
});
} catch (e) {
console.log('Failed to create comment:', e);
}
try {
// Add 'potential-scam' label
await github.rest.issues.addLabels({
owner: context.repo.owner,
repo: context.repo.repo,
issue_number: context.payload.issue ? context.payload.issue.number : context.payload.pull_request.number,
labels: ['potential-scam']
});
} catch (e) {
console.log('Failed to add label:', e);
}
}
} catch (e) {
console.log('Workflow error:', e);
// Still mark as failure but with more context
core.setFailed(`Workflow failed: ${e.message}`);
}