Feature redirect instead of plain website in Open Collective API

[znarf]

This was proposed by Rick, a member of Jest.

Disclaimer: at this stage, I'm personally biased toward "Cons". We should however try to keep "Pros" and "Cons" neutral. Let me know if I can add more "Pros".

Rational

There is a "Spam" issue going on the platform, people contributing only to get a link back on the project own website and boost their SEO.

To display links on their homepage, some projects implemented a custom integration and are relying on the Open Collective API to retrieve the current financial contributors. Some example:

• Jest https://jestjs.io/ https://github.com/facebook/jest/blob/master/website/fetchSupporters.js
• mochajs https://mochajs.org/ https://github.com/mochajs/mocha/blob/master/docs/_data/supporters.js
• webpack https://webpack.js.org/ https://github.com/webpack/webpack.js.org/blob/master/src/utilities/fetch-supporters.js

To remove the SEO incentive, it's proposed to update the website and use a redirect such as http://opencollective.com/?redirect=https://clay.global/ instead of just exposing https://clay.global/.

Pros

• It seems nofollow have no impact, something else is needed
• Updating each custom integration is not practical or enough, only a global change by Open Collective on its platform will matter

Cons

• Changing the semantics of the GraphQL API is problematic. It's used in many other places and not designed for that specific use case.
• In some use cases, Collectives will still want the real link and will str.replace anyway.
• If nofollow was not enough, why a redirect would be? Some projects already have a redirect ("Readme" integration) and are still attracting spam.
• Custom integrations were created by each project on their own. They should be conscious and responsible of their link policy. Many are already not linking blindly.
• Spammers are not randomly giving on the platform, they're targeting projects individually because of their generous linking policies.
• Moderation features are coming and should optimistically fix the "Spam" issue without breaking changes in the API.

[sbinlondon]

I generally am pro this as you already know but will write down some thoughts here.

Changing the semantics of the GraphQL API is problematic. It's used in many other places and not designed for that specific use case.

Would we be able to write some logic on the backend that if it's a non-OC public access of the API we return this special string, vs. returning the actual plain website URL for ourselves on OC?

In some use cases, Collectives will still want the real link and will str.replace anyway.

That's their prerogative. As a platform it would be us discouraging and saying 'We're doing everything we can to stop you from getting this SEO thru Open Collective'

Spammers are not randomly giving on the platform, they're targeting projects individually because of their generous linking policies.

To write down my thoughts I verbalised a few weeks ago, if projects want to do these links on their own websites, that's up to them (similar to the str.replace thing you mentioned above). I think the point is that we're doing everything we can to not enable it as a platform.

Moderation features are coming and should optimistically fix the "Spam" issue without breaking changes in the API.

Optimistically agreed! I am a terminal optimist. But I think we should also realise that this has gone on maybe longer than it should have and the spammers have a foothold and a targeted plan, and we need to meet them on that level and cut it off at that level.

I also agree with you though that we should see how other moderation things we implement go, what impact they have, and collect info and feedback from Collectives regarding implementing this redirect thing. But I think we should seriously consider it or something like it.

[rickhanlonii]

Thanks for summarizing @znarf! I agree with to @sbinlondon and want to expand on one point:

If nofollow was not enough, why a redirect would be? Some projects already have a redirect ("Readme" integration) and are still attracting spam.

The nofollow is not enough for individual projects because this is a systemic issue. Backlink buyers are using Open Collective as a system to game SEO. They're reading articles that say "go to open collective and find some big projects with popular websites and donate to them". As long as there is signal that that works on some projects, then that advice is going to be out there and they're not really looking deeper to see that they're not getting the benefits they're buying.

The nofollow strategy is a nuclear option to remove all benefits from all projects. The goal is to get the backlink buyers to see that the loophole has been completely closed and move on elsewhere.

[rickhanlonii]

Related to this is that we don't have a great way to inform donators that there are no SEO benefits. I created https://github.com/opencollective/opencollective/issues/3550 as a request to help solve that problem.

[stale[bot]]

This issue has been automatically marked as stale because it has not had recent activity. We haven't had the time to address it yet, but we want to keep it open. This message is just a reminder for us to help triage issues.