After days of dealing with
Nicolas Boichat with his AI/LLM detection bot
And then over the past day reporting on dozens of AUR packages having similar Russian messages containing offensive language.
The latest
At least the AI/LLM bots are proving helpful here in proactively picking up on some of the AUR abuses until the fundamental situation can be better handled.
1,500+ packages in the Arch Linux AUR containing malware, the latest headache in the Arch Linux User Repository is Russian spam and offensive messages.Nicolas Boichat with his AI/LLM detection bot
detectedsome questionable messages appearing in AUR content. Russian messages were being added post-install to the bashrc / zshrc / Fish configuration, etc containing offensive messaging. Those commits happened on the 14th, after the recent malware fiasco.And then over the past day reporting on dozens of AUR packages having similar Russian messages containing offensive language.
The latest
updateon that thread indicates more than 70 AUR packages having this Russian spam / offensive messaging. Among those various Python packages, Ruby packages, Llama.cpp, and others.At least the AI/LLM bots are proving helpful here in proactively picking up on some of the AUR abuses until the fundamental situation can be better handled.