Add Join Wave Short-Circuit Protection #280
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
ShadowJonathan
force-pushed
the
join-short-circuit
branch
from
d3cb15f
to
4634ac2
Compare
Gnuxie
reviewed
May 4, 2022
|
Will we have to manually activate this protection in all rooms? Or will it be added automatically once the bot is updated? |
|
If this PR gets merged, and a new release includes this, you will have to enable it using However, you can deploy this early by checking out the PR branch, and building the docker image (if you are using that) yourself. I recommend asking about this in the mjolnir room, though. |
|
given this makes no existing tests fail and a protection like this is time-critical, i think i'm going to merge this shortly |
Gnuxie
approved these changes
May 6, 2022
Closed
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This partially addresses #267
This adds
JoinWaveShortCircuit, a protection which will set the room to invite-only as soon as X amount of users (default 50) join the room in the last X minutes (default 60).The protection works with a Bucket, starting the bucket at first join, and only counting users if its been X minutes since the last bucket start.
(The reasoning for this particular approach is likely sensitive (in relation to other protections), so please reach out if you'd like to hear it.)
It has two settings;
maxPer, which determines how many users will have to join in the last X minutes before it will trigger the protection.timescaleMinutes, the timescale in X minutes, this determines on what time scale the bot will look at joins.This adds a status command to the protection, with optional subcommands
withExpiredandwithStart, to debug buckets and/or give more information.Rationale
This is auto-moderation for a particular problem; Join-spam waves often come when a moderation can be inactive, busy, or otherwise unable to immediately respond. It often fills a room with hundreds of users within a few minutes. This protection is meant to "short-circuit" the wave, and keep it relatively contained for moderators to assess and clean up afterwards.
Usage
Use
!mjolnir enable JoinWaveShortCircuitto enable this protection for all your protected rooms.Then, run
!mjolnir verifyto make sure the bot has join_rules permissions in all relevant rooms. (Note: due to technical reasons, the bot will currently not check this on startup, #290 tracks this problem)Tweak with
!mjolnir config set JoinWaveShortCircuit.maxPer 50andJoinWaveShortCircuit.timescaleMinutes 60to your preference.