alt Hacker NewsTo be fair, the .xpi is just a .zip file, and the JS isn't minimized.
I vibe-converted it to a userscript[1], but it doesn't work for me in qutebrowser because it depends on profile data fetched from `https://hn-trustspark.com/alltrust.json`, which seems to be periodically updated by the author, and qutebrowser has limited userscript support. :(
It could probably be worked around by fetching the data externally, but I don't want to depend on hn-trustspark.com. It would be great if the profile updating tool could be published as well.
Anyway, hope it helps someone else :)
FWIW, after a quick review of the script, it looks safe to me. As long as you trust that the served profile data is correct, and don't mind leaking your IP to it.
Great idea and kudos to the author! We need more tools like this to help us deal with spam, and not just on HN, but everywhere.
[1]: https://gist.github.com/imiric/a5d1cd187e91eb0b725c4661250e5...
Replies
It's a good idea, provided nothing sketchy goes on either now or in a future update ... I'm playing about with it but will likely unload it soon enough.
One issue: New accounts with Zero submissions get a full green stack for "Submission Trust" (0 submissions in 0 days).
That comes across as three flat red lines and a singl tall green stack - not sure if that's the right message.
Submissions is an odd one ... those people that submit a story seen on the tech blogs once a day get bucketed together with habitual spammers of poor quality posts.
Thanks! Nice, you found the alltrust.json file ha. Yes, a bg job running on an rpi leverages HN APIs and builds the alltrust file by the minute, for all "active" accounts. Technically fetching that data is all you'd need to make your own script/plugin.
It's centralized for a few reasons though, first being that client-side API requests would be discourteous to the APIs (flood/ddos), and a whole new level of error handling would be required. Shared IPs, like those in a tech company building, would easily and quickly reach the API limits. So that's the reasoning, if you're curious.