I was thinking that using selenium or similar would allow the bot to circumvent any block that works in a browser. Since it’s probably not doing a million PRs at once, doing that would be viable. It could even use the cookie from the selenium session to then use the api directly.
Kinda like flaresolver does for prowlarr/jackett.
In which case Anubis is only a temporary measure until the vibe coders wise up.
Defense systems also improve. Anubis can make the Proof-of-Work (PoW) more difficult or add new checks. This competition is won by whoever can keep their costs lower. When spammers have to use more resources for each pull request while normal users do not pay an extra cost, the defenders win.
I’m ignorant 😅 I don’t use either. I guess it doesn’t really defend against browser-remote-controlling bot agents.
if you mean some users giving control of their browser to an bot no it don’t because it’s still a legit user browser window
but most of bots don’t use a legit browser window (because it would be impossible to scale)
I was thinking that using selenium or similar would allow the bot to circumvent any block that works in a browser. Since it’s probably not doing a million PRs at once, doing that would be viable. It could even use the cookie from the selenium session to then use the api directly.
Kinda like flaresolver does for prowlarr/jackett.
In which case Anubis is only a temporary measure until the vibe coders wise up.
Defense systems also improve. Anubis can make the Proof-of-Work (PoW) more difficult or add new checks. This competition is won by whoever can keep their costs lower. When spammers have to use more resources for each pull request while normal users do not pay an extra cost, the defenders win.