@f0x if you're interested, I think @forestjohnson grew his own proof of work captcha. Not sure the state of it, but thought I'd mention.
@f0x I wonder if a secret password kinda system could work?
Like, "what is the name of the best hacker soda" or "what is the lovable shark plush?"
Wild that humans are making those accounts, though....
@starless ah yes, that could work actually!
@f0x "write me a haiku" connected with pythons syllable thing might be fun, but maybe too easy to scam
You are getting spam signup requests from real people? How do you know it's real people and not bots, if you don't mind me asking? I used to have open signup on my old gogs instance and I got hundreds of signups, but none of those users ever did anything. I think they were all bots as far as I could tell.
I was hoping to make a works-without-login version of gitea one day, and I was hoping I wouldn't have to deal with moderation at least for a while (until the gitea server gets much more popular) because the PoW Captcha (https://git.sequentialread.com/forest/pow-captcha) would filter out the bots, and right now I don't think anyone cares about my git server, let alone knows that it exists 😞
@forestjohnson @starless the majority doesn't do anything, but quite a lot of them also create profiles, repos and organizations with various spam messages
I think they're real users because my simple hidden form technique didn't stop them at all. Could also just be more sophisticated botting tho
@forestjohnson @starless code is now on https://git.pixie.town/f0x/gitea-registration-proxy, should be easy to tweak :)
biggest downside is with just a custom template you can't really get feedback in the html, hence also why a failed haiku sends you to a very bare page
@starless @forestjohnson oh yeah, I remember that!
Sadly it seems these are people manually creating spam accounts, so none of these solutions really work, short of doing approval based signups :|