GitLab Anti-spam Toolkit --DEPRECIATED--

GitLab Anti-spam Toolkit --DEPRECIATED--

Python based toolkit for managing and reporting spam on

Name Last Update
gitlab_antispam Loading commit data...
logs Loading commit data...
tests Loading commit data...
tools Loading commit data...
.bumpversion.cfg Loading commit data...
.gitignore Loading commit data...
.gitlab-ci.yml Loading commit data...
LICENSE Loading commit data... Loading commit data... Loading commit data...
blacklist_links.txt Loading commit data...
blacklist_resolved.txt Loading commit data...
blacklist_snippet_links.txt Loading commit data...
blacklist_snippet_words.txt Loading commit data...
blacklist_words.txt Loading commit data...
crontab.example Loading commit data...
requirements.txt Loading commit data...
setup.cfg Loading commit data... Loading commit data...
spam_users.txt Loading commit data... Loading commit data...

GitLab Anti-Spam Toolkit - build status



Install Dependancies - Ubuntu 16.01 (Tested)

sudo apt-get update
apt-get install -y python2.7-dev virtualenv build-essential libssl-dev libffi-dev
curl | python


git clone
cd gitlab-anti-spam-toolkit
pipsi install .
# See Setup the config section
gitlab-antispam --help


git pull
pipsi upgrade .


pipsi uninstall gitlab-antispam


  • An example configuration is distributed with the package.
  • gitlab-antispam will look for the config.gitlab-antispam.yml in the users home directory.

Setup the config (using config.example.yml):

mv ~/.local/venvs/gitlab-antispam/lib/python2.7/site-packages/gitlab_antispam/config.example.yml ~/.gitlab-antispam.yml

See config.example.yml


Search and report spam

Searches the projects api endpoint for public projects and checks the first issue for spam.

A v1.2.0 update launches a number of subprocesses ("search_workers") to scan projects

gitlab-antispam find

Get abuse reports

Retrieves abuse reports (https://{gitlabhost}/admin/abuse_reports) from the remote GitLab host and stores them in a local embedded redis database.

gitlab-antispam reports get

Remove users via abuse report

Removes a user and abuse report - User permanently removed

gitlab-antispam kill


email       Kill single user by email address
id          Kill single user by abuse report id
domain      Kill user(s) by email domain
ip          Kill user(s) by ip (both current and sign in)
ip-current  Kill user(s) by current ip
ip-sign     Kill user(s) by sign in ip

Example usage:

Remove all reported users with the email domain

gitlab-antispam kill domain

Remove all reported users with either a current or sign in ip of

gitlab-antispam kill ip

List locally stored abuse reports

List all locally stored abuse reports in a table. Including common IP and email domain stats.

Users are listed with a "status" field:

  • failed = An attempt to remove the user (via abuse report) failed
  • removed = Abuse report/user has been removed
  • new = No action has been taken on this abuse report
gitlab-antispam reports list


-s, --show-stats INTEGER  Top number of report stats to show

Example output:

Username   Email                Sign IP    Current IP  Name           Status     Abuse ID
test_user    test           failed     3

1 abuse report(s) in total

Common stats - Top 5

===== Unique Email Domains ===== 1

===== Unique IPs  ===== 1 1

===== Common Names =====
test: 1

Export locally stored abuse reports to CSV

Export all local abuse reports to CSV file.

gitlab-antispam reports export

Options - Default file: abuse_report_export.csv

-f, --file_name TEXT  File for report export

Clear all locally stored abuse reports

Removes all abuse reports from the database

gitlab-antispam reports clear

Blacklist updates

Updates to the blacklist are welcome - blacklist