feat: add spam penalty threshold for leaderboard ranking

amitb0ra · amitb0ra · commit 65fe204042bc · 2026-03-27T03:47:57.000Z
- Add configurable spamPenaltyThreshold to demote spam-heavy contributors
- Add POST /setSpamPenaltyThreshold admin endpoint (UI-driven per reviewer feedback)
- Expose spamPenaltyThreshold in GET /config response
- Pass threshold to API.getRanks() in /rank and /contributor endpoints
- Apply penalty sort in frontend (fetch config before data)
- Add spamPenaltyThreshold to config-example.json
diff --git a/src/index.js b/src/index.js
@@ -4,6 +4,8 @@ import axios from 'axios'
 import moment from 'moment'
 import { io } from 'socket.io-client'
 
+let spamPenaltyThreshold = 0
+
 function refreshTable(newData) {
     const table = document.querySelector('table')
     const data = newData
@@ -24,6 +26,15 @@ function refreshTable(newData) {
     totalEm.innerText = 'Total: ' + totalNumbers
 
     contributors = contributors.sort((a, b) => {
+        if (spamPenaltyThreshold > 0) {
+            const aPenalized = a.openPRsNumber >= spamPenaltyThreshold || a.issuesNumber >= spamPenaltyThreshold
+            const bPenalized = b.openPRsNumber >= spamPenaltyThreshold || b.issuesNumber >= spamPenaltyThreshold
+            const aTopTier = !aPenalized && a.mergedPRsNumber > 0
+            const bTopTier = !bPenalized && b.mergedPRsNumber > 0
+            if (aTopTier && !bTopTier) return -1
+            if (!aTopTier && bTopTier) return 1
+        }
+
         var pref1, pref2, pref3 // preference is specified here
         const queryString = window.location.search
         const urlParams = new URLSearchParams(queryString)
@@ -145,18 +156,18 @@ function refreshTable(newData) {
     allContributionsInfoRef.innerText = allMergedPRs + ' Merged PRs, ' + allOpenPRs + ' Open PRs, and ' + allIssues + ' Issues.'
 }
 
-axios.get('/api/data')
-    .then(res => {
-        refreshTable(res.data)
-    })
-
 axios.get('/api/config')
     .then(res => {
         const { organization, organizationGithubUrl, organizationHomepage } = res.data
+        spamPenaltyThreshold = res.data.spamPenaltyThreshold || 0
         const footer = document.querySelector('.footer .text-muted')
         footer.innerHTML = `
         <a href="${organizationHomepage}" target="_blank" rel="noopener noreferrer">${organizationHomepage}</a> |
         <a href="${organizationGithubUrl}" target="_blank" rel="noopener noreferrer">Github(${organization})</a>`.trim()
+        return axios.get('/api/data')
+    })
+    .then(res => {
+        refreshTable(res.data)
     })
 
 axios.get('/api/log')
diff --git a/src/server/app.js b/src/server/app.js
@@ -93,6 +93,7 @@ const server = http
                     organization: organization,
                     organizationHomepage: organizationHomepage,
                     organizationGithubUrl: organizationGithubUrl,
+                    spamPenaltyThreshold: parseInt(jsonfile.readFileSync(configPath).spamPenaltyThreshold) || 0,
                 })
             )
             break
@@ -238,6 +239,27 @@ const server = http
                 }
             })
             break
+        case '/setSpamPenaltyThreshold':
+            if (req.method === 'GET') {
+                res.end('Permission denied\n')
+                return
+            }
+
+            Util.post(req, (params) => {
+                const { token, spamPenaltyThreshold } = params
+
+                if (token !== adminPassword) {
+                    res.end(JSON.stringify({ message: 'Authentication failed' }))
+                } else {
+                    const Config = jsonfile.readFileSync(configPath)
+                    Config.spamPenaltyThreshold = parseInt(spamPenaltyThreshold) || 0
+                    jsonfile.writeFileSync(configPath, Config, { spaces: 2 })
+                    jsonfile.writeFileSync(configBackupPath, Config, { spaces: 2 })
+
+                    res.end(JSON.stringify({ message: 'Success' }))
+                }
+            })
+            break
         case '/remove':
             if (req.method === 'GET') {
                 res.end('Permission denied\n')
@@ -350,10 +372,11 @@ const server = http
             jsonfile.readFile(dataPath, async (err, obj) => {
                 if (err) console.log('[ERROR]' + err)
                 const query = url.parse(req.url, true).query
+                const Config = jsonfile.readFileSync(configPath)
 
                 // Gets list of contributors sorted by parameter if provided
                 // else defaults to sorting by mergedprs
-                const contributors = await API.getRanks(obj, query.parameter)
+                const contributors = await API.getRanks(obj, query.parameter, Config.spamPenaltyThreshold)
 
                 // Responds with rank of username
                 if (query.username) {
@@ -400,7 +423,8 @@ const server = http
                 } else if (query.rank) {
                     // Gets list of contributors sorted by parameter if provided
                     // else defaults to sorting by mergedprs
-                    const contributors = await API.getRanks(obj, query.parameter)
+                    const Config = jsonfile.readFileSync(configPath)
+                    const contributors = await API.getRanks(obj, query.parameter, Config.spamPenaltyThreshold)
                     res.end(JSON.stringify(obj[contributors[query.rank - 1]]))
                 } else {
                     res.end(JSON.stringify(obj))
diff --git a/src/server/config-example.json b/src/server/config-example.json
@@ -134,6 +134,7 @@
     "abdelazeem777\t"
   ],
   "startDate": "1970-01-15",
+  "spamPenaltyThreshold": 10,
   "includedRepositories": [
     "Rocket.Chat",
     "Opensource-Contribution-Leaderboard",
diff --git a/src/server/util/API.js b/src/server/util/API.js
@@ -186,7 +186,7 @@ async function getStats(data) {
     }
 }
 
-async function getRanks(data, parameter = 'mergedprs') {
+async function getRanks(data, parameter = 'mergedprs', spamPenaltyThreshold = 0) {
     var pref1, pref2, pref3 // preference is specified here
     switch (
         parameter //assigns according to parameter-sort (default 'mergedprs')
@@ -209,8 +209,19 @@ async function getRanks(data, parameter = 'mergedprs') {
         break
     }
 
+    const threshold = parseInt(spamPenaltyThreshold) || 0
+
     const contributors = Object.keys(data)
     return contributors.sort((a, b) => {
+        if (threshold > 0) {
+            const aPenalized = data[a].openPRsNumber >= threshold || data[a].issuesNumber >= threshold
+            const bPenalized = data[b].openPRsNumber >= threshold || data[b].issuesNumber >= threshold
+            const aTopTier = !aPenalized && data[a].mergedPRsNumber > 0
+            const bTopTier = !bPenalized && data[b].mergedPRsNumber > 0
+            if (aTopTier && !bTopTier) return -1
+            if (!aTopTier && bTopTier) return 1
+        }
+
         if (data[a][pref1] < data[b][pref1]) {
             return 1
         }
