Construct Hub Deny List
eladb opened this issue · comments
Description
To ensure the integrity of the website and prevent recurring abuse we need to have the ability to block specific packages from being ingested.
Note that it is not sufficient to not list offending package in the client side, we need to prevent the package from entering the processing pipeline.
Roles
| Role | User |
|---|---|
| Proposed by | @NetaNir (security requirement) |
| Author(s) | @eladb |
| API Bar Raiser | @RomainMuller |
| Stakeholders | @iliapolo |
See RFC Process for details
Workflow
- Tracking issue created (label:
status/proposed) - API bar raiser assigned (ping us at #aws-cdk-rfcs if needed)
- Kick off meeting
- RFC pull request submitted (label:
status/review) - Community reach out (via Slack and/or Twitter)
- API signed-off (label
api-approvedapplied to pull request) - Final comments period (label:
status/final-comments-period) - Approved and merged (label:
status/approved) - Execution plan submitted (label:
status/planning) - Plan approved and merged (label:
status/implementing) - Implementation complete (label:
status/done)
Author is responsible to progress the RFC according to this checklist, and
apply the relevant labels to this issue so that the RFC table in README gets
updated.