search

leona / helix-gpt

Code assistant language server for Helix with support for Copilot/OpenAI/Codeium/Ollama
MIT License
284 stars 19 forks source link

[BUG] triggering github's abuse systems #63

Open lun-4 opened 1 week ago

lun-4 commented 1 week ago

helix-editor version 24.3

helix-gpt version 0.31

Describe the bug turns out github just emailed me!

Hello @lun-4,

On behalf of the GitHub Security team, I want to first extend our gratitude for your continued use of GitHub and for being a valued member of the GitHub community.

Recent activity on your account caught the attention of our abuse-detection systems. This activity included use of Copilot that was indicative of scripted interactions or of an otherwise deliberately unusual or strenuous nature. While we have not yet restricted Copilot access for your account, further anomalous activity could result in a temporary suspension of your Copilot access.

While I’m unable to share specifics on rate limits, we prohibit all use of our servers for any form of excessive automated bulk activity, as well as any activity that places undue burden on our servers through automated means. Please refer to our Acceptable Use Policies on this topic: https://docs.github.com/site-policy/acceptable-use-policies/github-acceptable-use-policies#4-spam-and-inauthentic-activity-on-github.

Please also refer to our Terms for Additional Products and Features for GitHub Copilot for specific terms: https://docs.github.com/site-policy/github-terms/github-terms-for-additional-products-and-features#github-copilot.

Sincerely, GitHub Security

I do not use other editors than helix, in turn, there is no extension other than helix-gpt that could be triggering github's abuse systems for copilot. I am not automating helix in any way, but it's possible they ran some detection on the headers that helix-gpt uses to look like vscode. it doesn't look like the copilot vscode extension is under any kind of permissive license that would allow for reverse engineering, so I don't think an official GH ticket would give any results (it might even backfire and take the repo down, but that's the worst case), I am open to ideas though.

my current opinion is if GH is going to play cat-and-mouse, then we should act accordingly as the mouse. we should move towards continuously updating fingerprints such that we look more and more like vscode, that is a major maintenance request that I do not think I would be able to take on, myself. but it is a way. (of course, not even talking about possibly having to move the repo somewhere else, killing the social factor of having this plugin known, entirely. maybe a migration to codeberg could work, which is another major maintenance request, and is one I would put a lot of thought before actually going on with a random's requests).

oschwald commented 1 week ago

I received a similar message. They actually suspended my Copilot access because of it. I also only used Copilot with this helix-gpt. I ended up just canceling my Copilot subscription as the GitHub support was threatening the termination of my GitHub account if the "abuse" continued.