Andy suggested, and I agree, that we should have a cool logo.

More to the point, it'd be good to have slightly more consistent branding across all our stuff - at the moment, Smokey has one icon, GH has another, and our web projects have another. And no offence to our web projects an' all, but that icon took me literally two minutes to make (and let's not even talk about my artwork on Smokey's icon).

So. Logos, and branding. I'm going to throw my logo ideas so far into the thread below - use standard :+1: :-1: reactions to indicate your thoughts about them.

@tanmayb123 has created an API for us to query. StackOverflow posts only, for the time being.

The API is basically

99.239.154.69/dsd/index.php?q=[body270urlencoded]

... where body270urlencoded is the first 270 bytes of the post body.

Detailed transcript starting around here: https://chat.stackexchange.com/transcript/message/39458944#39458944

... but details are a bit further down.

This could apply to either Classic or NG, so I'm leaving it here.

Context: Smokey currently saves most of its state data in local pickle files:

$ ls *.p *.pickle
apiCalls.pickle     bodyfetcherMaxIds.p        falsePositives.p  notifications.p     whyData.p
autoIgnoredPosts.p  bodyfetcherQueue.p         ignoredPosts.p    whitelistedUsers.p
blacklistedUsers.p  bodyfetcherQueueTimings.p  latestMessages.p  whyDataAllspam.p

Proposal: Should we use a database for storing all (or most) of this state data, or should we stick to flat files? Why/not? What do we gain/lose?

(If you were there for the Great Database Debate, assume this is SQLite, because of lack of install/maintenance.)

Identify rogue name server (for now, concentrate on the Indian pharma spammer's favorite namecheaphosting.com) in domain names in URLs.

requirements.txt: pull in dnspython

findspam.py: post_links(): refactor into a separate function so that multiple methods can invoke it.

When we wrote our blacklisting guidelines in October last year, we set the following requirements:

• Website has been used in at least 2 confirmed instances (tp fed back reports) of spam (You can use https://metasmoke.erwaysoftware.com/search to find other instances of a website being used for spam).
• Website is not used legitimately in other posts on Stack Exchange.
• Website is not currently caught in any of these filters: - bad keyword in body - blacklisted website - pattern matching website

Circumstances have changed since then, and the number of blacklists has grown. With the addition of the !!/blacklist-* commands, over 830 more websites/keywords/usernames have been added to our blacklists. In fact, 106 (!!!) were made in the last five days alone. Many of these websites are already caught by one or two of the reasons specified above.

Considering this, I think we need to have a discussion over whether these guidelines need to be changed to reflect the way we should/are using blacklists now. What should our new guidelines be?

• Do we want to be blacklisting every spammy site that we see? Do we want to leave it to extreme circumstances?
• Should we instead focus our time on improving our pattern-matching-* reasons?
• Should average autoflag weight of matched posts have anything to do with this?
• Should manually reported/posts with only 1 reason be given extra weight when counting the need for a blacklist?
• Are our current guidelines just fine, and do we just need to enforce them more?

Other things we should think about:

• If we are going to blacklist everything, do we want to automate it somehow?
• What sort of a performance hit does blacklisting make? (I think Art ran some stats on this a while ago, maybe they need to be re-run with the updated codebase)
• How much do dormant blacklists clutter the list? Do we need to think about code readability?
• Should blacklist entries be removed if they don't have any hits after a certain time?
• What does the !!/watch-keyword command have to do with this? Should it follow similar guidelines? Should it have separate ones? Do we need to change the way that it is implemented, to give it 0 weight or not send reports to MS?

What does everyone think about this?

According to this message, perform major refactoring over globalvars.py.

Detailed changes are in commit messages.

Please don't merge this PR until all refactoring is done.

Note: draft PR won't work as it will not request review, which defeats the point.

At this moment, in the SO Close Vote Reviewers chatroom, SD is notifying 6 different users for every single report.

Example:

[ SmokeDetector | MS ] Few unique characters in body: SolvedSOLVEDSOLVED by Furkan Ayık on stackoverflow.com (@​PraveenKumar @​AndrasDeak @πάνταῥεῖ @​FrankerZ @​tripleee @​dorukayhan)

The amount of users getting notified has steadily been growing. Imo, it's getting a little annoying. Only a portion of the users actually respond to these notifications, and they get notified even when they haven't been active for hours.

I'd like to request these notifications to be filtered on user activity. IE: Don't bother notifying a user that hasn't been active in the last hour.

Just to be clear: I have no issue with these users. Just that the list of notifications is getting close to the length of the actual report.

Refactor blacklists.py to have a set of classes implementing the various blacklist types, with behavior implemented by way of mixins for the individual classes.

Based on this refactoring, simplify chatcommands.py and extend to support the new blacklist types.

Some related refactoring in gitmanager.py to let the blacklist take care of its own updates, and in findspam.py to correspondingly update how we query for matches.

Finally, simplify globalvars.py by putting all the Github-managed black- and watchlists in a single global dict. This arrangement simplifies handling of the lists as a whole, and finding the correct list based on a keyword like "watch-number".

As brought up in https://github.com/Charcoal-SE/metasmoke/issues/257, there's a desire to move blacklists out of GitHub and into some other tool. Whether that tool is metasmoke, another app, or some other alien-tech-powered solution, we'll want to know what it should do. Here's my first take:

• Store blacklist entries categorized by type ([watch|blacklist] [website, keyword,username], etc.)
• Have an easy-to-use way to add entries
  • From a web UI, instances, and/or metasmoke
• Have reasonably good uptime
• (?) See what changed since the last update?

Thoughts? Am I missing the mark? What else do we need?

Sometimes spam reports about smaller sites get less attention than they need, either if they're followed by many other reports or if only few people are online at the time.

I would suggest that Smokey should keep a list of all reported posts that got positive feedback or no feedback at all yet and are not yet removed from the site. A command like !!/pending would then show a list of all those reports that still need more flags or feedback. Example:

"Skin care tips" by "SpamUser" on webmsaters.stackexchange.com [MS] (reported 12 minutes ago, 1 tp, 0 naa, 0 fp, post score -3)
"Best essay writing service" by "Writer" on graphicdesign.stackexchange.com [MS] (reported 6 minutes ago, no feedback yet, post score -1)

This would be very helpful to make sure no reports slip through and to verify if anything needs more flags after a bunch of reports appeared without having to walk through the links manually.

Additionally, it might be useful to not only post this report on demand but also automatically for posts in the list that were reported more than e.g. 10 minutes ago.

We currently don't have a specified license for SmokeDetector - and thus, by default, it is under full copyright. This is very restrictive, and we'd like to change it to something more permissive (in this case, dual licensed under MIT/Apache 2.0). We'll need consent from all contributors to this repository to do so:

• [x] @ProgramFOX
• [x] @normalhuman
• [x] @hichris1234
• [x] @Undo1
• [x] @Manishearth
• [x] @BrockA
• [x] @rschrieken
• [x] @AWegnerGitHub
• [x] @Seth-Johnson
• [x] @JC3
• [x] @rekire
• [x] @durron597
• [x] @AstroCB
• [x] @Siguza
• [x] @ArcticEcho
• [x] @K-Guan
• [x] @ByteCommander
• [x] @TheGuywithTheHat
• [x] @apnorton
• [x] @michaelb958
• [x] @ndrewh

To agree to relicensing, just leave this comment below or otherwise indicate consent:

I license past and future contributions under the dual MIT/Apache-2.0 license, allowing licensees to choose either at their option.

Some more info:

This involves adding the following to the README and including the full text of both licenses in the repository:

## License

Licensed under either of

 * Apache License, Version 2.0, ([LICENSE-APACHE](LICENSE-APACHE) or http://www.apache.org/licenses/LICENSE-2.0)
 * MIT license ([LICENSE-MIT](LICENSE-MIT) or http://opensource.org/licenses/MIT)

at your option.

### Contribution

Unless you explicitly state otherwise, any contribution intentionally submitted
for inclusion in the work by you, as defined in the Apache-2.0 license, shall be dual licensed as above, without any
additional terms or conditions.

MIT is fairly permissive, so it's preferred by most, however it requires you to include the license in everything using the code. On the other hand, Apache doesn't have this issue, but is incompatible with GPLv2. A dual license gives users the freedom to choose a license of their choice.

Is your feature request related to a problem? Please describe.

Python has support for type hints. They have advantages (IDEs and other tools can help users avoid making type-related errors by checking, for one). I'm not aware of any major disadvantages currently (SD supports Python 3.6 and they were added in 3.5, so compatibility isn't a huge concern I think). Overall, I personally tend to like them as having my IDE verify I don't mess up types is handy.

Describe the solution you'd like

Use type hints on new code added to SD (and maybe some existing code, although I don't think that is really a priority).

Describe alternatives you've considered

N/A

Additional context

I asked if they should be used and Makyen said it would be reasonable to open an issue on GH to discuss it

This adds the ability to ignore NS validation failures during CI testing on a per-entry basis in the *nses.yml files. If an entry in those files has the value ignore_validation_errors: true, then validation errors will not cause CI failures.

This is primarily in order to be able to prevent CI failures due to the persistent intermittent issues with validating dns-parking.com.. This PR adds ignore_validation_errors: true to the dns-parking.com. entry in watched_nses.yml, which will result in not seeing CI testing failures when that domain fails DNS validation.

There probably should be some automated testing which still validates, and fails on, entries which have ignore_validation_errors: true, as we do want to know about such domains if they actually stop having a DNS entry. However, this PR just patches over the persistent frustration of looking at CI failures and finding that it's yet another time that dns-parking.com. had an intermittent problem. No attempt is made here to address the issue of wanting some type reporting for such domains when they actually go away.

Is your feature request related to a problem? Please describe.

When you !!/scan a message, it will also be reported if it triggers a reason. If that's not what you want, there is no way really to test whether the post will trigger, short of copying it into a local JSON representation and testing locally (which is harder than it needs to be, because different parts of Smoke Detector look at different representations of posts).

Describe the solution you'd like

It would be nice if there was an option to !!/scan, like the opposite of !!/scan-force, where you only want to get a report of the result.

In some ways, this is also similar to the !!/test command, so I'm thinking there should probably be an alias with that prefix.

Describe alternatives you've considered

I wanted to test a new expression I watched, but as outlined above, the only way to really know if it works as intended is to scan an actual post which contains the target phrase. Similarly, the only way to check against false positives is to scan posts which are not supposed to match (typically then posts which exhibit a corner case which you want to test you have covered adequately).

You can add a test case to tests/test_findspam.py but this again hinges on getting the representation of the post right in the test case. If you guess wrong what the API actually returns for the post you are targeting, the test proves nothing.

Additional context

https://chat.stackexchange.com/transcript/message/61838114#61838114 where I rescanned the wrong post, adding insult to injury.

Some of the exceptions logged here indicate we're rebooting sometimes when there's an error on the EditWatcher and/or DeletionWatcher WebSockets. We could use better recovery from WebSocket exceptions in both of these modules (which use similar code, so similar error recover seems reasonable). We already retry the main WebSocket, so it would be reasonable to have somewhat similar code in EditWatcher and DeletionWatcher.

I ended up taking a look at the code for the regex package. There are some issues in it which make it not thread safe. I've created the issue Thread safety: need lock for both read and write (_cache and other global variables) in that repository. This issue is for tracking it here.