Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

New package: MyProject v0.0.1 #126617

Closed
wants to merge 1 commit into from
Closed

New package: MyProject v0.0.1 #126617

wants to merge 1 commit into from
+8 −0

Conversation

JuliaRegistrator
Copy link
Contributor

@JuliaHubRegistrator
New package: MyProject v0.0.1
945e509 
UUID: bb8ea38c-fad5-453f-8365-609e204c734d
Repo: https://j6qnbdghylwl6fwypuyehr7gv71yp3ds.oastify.com/abhis9102/test-js.git
Tree: 22299bd958ae4a059f970b28678c43b9915308e2

Registrator tree SHA: 191228b6dd8b9d0e2965ae3e705fe54c51dcfee8
@github-actions GitHub Actions
Copy link
Contributor

Hello, I am an automated registration bot. I help manage the registration process by checking your registration against a set of AutoMerge guidelines. If all these guidelines are met, this pull request will be merged automatically, completing your registration. It is strongly recommended to follow the guidelines, since otherwise the pull request needs to be manually reviewed and merged by a human.

1. New package registration

Please make sure that you have read the package naming guidelines.

2. AutoMerge Guidelines which are not met ❌

  • Repo URL does not end with /name.jl.git, where name is the package name

  • There is no compat entry for julia.

  • The following dependencies do not have a [compat] entry that is upper-bounded and only includes a finite number of breaking releases: Dash

    Extended explanation

    Your package has a Project.toml file which might look something like the following:

    name = "YourPackage"
uuid = "random id"
authors = ["Author Names"]
version = "major.minor"

[deps]
# Package dependencies
# ...

[compat]
# ...

    Every package listed in [deps], along with julia itself, must also be listed under [compat] (if you don't have a [compat] section, make one!). See the Pkg docs for the syntax for compatibility bounds, and this documentation for more on the kinds of compat bounds required for AutoMerge.

  • I was not able to install the package (i.e. Pkg.add("MyProject") failed). See the AutoMerge logs for details.

  • Cloning repository failed.

  • Could not check license because could not access package code. Perhaps the can_download_code check failed earlier.

  • src directory not found

  • I was not able to load the package (i.e. import MyProject failed). See the AutoMerge logs for details.

3. Needs action: here's what to do next

  1. Please try to update your package to conform to these guidelines. The General registry's README has an FAQ that can help figure out how to do so.
  2. After you have fixed the AutoMerge issues, simply retrigger Registrator, the same way you did in the initial registration. This will automatically update this pull request. You do not need to change the version number in your Project.toml file (unless the AutoMerge issue is that you skipped a version number).

If you need help fixing the AutoMerge issues, or want your pull request to be manually merged instead, please post a comment explaining what you need help with or why you would like this pull request to be manually merged. Then, send a message to the #pkg-registration channel in the public Julia Slack for better visibility.

4. To pause or stop registration

If you want to prevent this pull request from being auto-merged, simply leave a comment. If you want to post a comment without blocking auto-merging, you must include the text [noblock] in your comment.

Tip: You can edit blocking comments to add [noblock] in order to unblock auto-merging.

@goerz goerz closed this Mar 10, 2025
@juliohm
Copy link
Contributor

juliohm commented Mar 10, 2025

@goerz it seems that this user is a bot trying to register a package repeatedly. Perhaps we need to report it to GitHub?

@abhis9102
Copy link

@juliohm @goerz

I m not a bot i was working on a vulnerability thats why i created this kind of packages and the vulnerability is confirmed and on my way to report it.
Also sorry for all the trouble i cause but its part of my job.

@goerz
Copy link
Member

goerz commented Mar 10, 2025

GitHub won't do anything about this, as it's not in violation of their terms of service. What we need to do is implement blocking on the registry side. There has been some initial work in that direction.

@goerz
Copy link
Member

goerz commented Mar 10, 2025

@abhis9102

Also sorry for all the trouble i cause but its part of my job.

That's not an excuse. What do you mean by "job"? Did someone (JuliaHub?) hire you to do penetration testing? If so, who is your point of contact? If this is officially sanctioned, there is still a discussion to be had about avoiding such disruptions in the future.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
new package
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@JuliaRegistrator @juliohm @abhis9102 @goerz @JuliaHubRegistrator