Skip to content

whitelist: add spotr.tv and dapp.spotr.tv #1819

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
cnpierrepapi wants to merge 1 commit into
base: master
Choose a base branch
from
Open

whitelist: add spotr.tv and dapp.spotr.tv #1819

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 3 additions & 1 deletion whitelist.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -30,4 +30,6 @@
- url: "*.tistory.com"
- url: "*.surge.sh"
- url: revoke.cash
- url: nftplus.io
- url: nftplus.io
- url: spotr.tv
- url: dapp.spotr.tv
Comment on lines +34 to +35
Copy link
Copy Markdown

@coderabbitai coderabbitai Bot May 18, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🟠 Major | 🏗️ Heavy lift

🧩 Analysis chain

🏁 Script executed:

#!/bin/bash
# Description: Verify SPOTR domains and project authenticity

echo "=== Checking domain accessibility ==="
for domain in "spotr.tv" "dapp.spotr.tv"; do
  echo "Checking https://${domain}..."
  status=$(curl -s -o /dev/null -w "%{http_code}" -L "https://${domain}" --max-time 10)
  if [ "$status" -eq 200 ] || [ "$status" -eq 301 ] || [ "$status" -eq 302 ]; then
    echo "${domain} is accessible (HTTP ${status})"
  else
    echo "${domain} returned HTTP ${status} or failed"
  fi
done

echo ""
echo "=== Checking GitHub repository ==="
gh repo view cnpierrepapi/spotr-mvp --json name,description,createdAt,isPrivate,owner,url,stargazerCount || echo "✗ Repository not found or not accessible"

echo ""
echo "=== Checking Solana program existence ==="
echo "Note: Verifying program 4i5etYNKfu7zfYxCtWxPjxaD6KNmgvrr22CZqLTWv16u on Solana mainnet..."
curl -s -X POST -H "Content-Type: application/json" -d '{
  "jsonrpc": "2.0",
  "id": 1,
  "method": "getAccountInfo",
  "params": [
    "4i5etYNKfu7zfYxCtWxPjxaD6KNmgvrr22CZqLTWv16u",
    {"encoding": "base64"}
  ]
}' https://api.mainnet-beta.solana.com | jq -r '.result // "✗ Program not found"' | head -5

Repository: phantom/blocklist

Length of output: 639

🏁 Script executed:

#!/bin/bash

echo "=== Verifying GitHub user and searching for alternatives ==="
# Check if user exists
curl -s "https://api.github.com/users/cnpierrepapi" | jq -r '.login // "User not found"'

echo ""
echo "=== Searching for SPOTR project on GitHub ==="
# Search for spotr-mvp repo
curl -s "https://api.github.com/search/repositories?q=spotr-mvp" | jq -r '.items[0:3] | .[] | "\(.full_name): \(.description) - \(.html_url)"'

echo ""
echo "=== Complete Solana program info ==="
# Get full account info for the program
curl -s -X POST -H "Content-Type: application/json" -d '{
  "jsonrpc": "2.0",
  "id": 1,
  "method": "getAccountInfo",
  "params": [
    "4i5etYNKfu7zfYxCtWxPjxaD6KNmgvrr22CZqLTWv16u",
    {"encoding": "base64"}
  ]
}' https://api.mainnet-beta.solana.com | jq '.' | head -20

Repository: phantom/blocklist

Length of output: 650

Correct the GitHub repository link — the cited repository does not exist.

Domain accessibility is confirmed (both spotr.tv and dapp.spotr.tv return HTTP 200), and the Solana program 4i5etYNKfu7zfYxCtWxPjxaD6KNmgvrr22CZqLTWv16u is deployed on mainnet. However, the PR cites https://github.com/cnpierrepapi/spotr-mvp as source code verification, but this repository does not exist on GitHub. The GitHub user cnpierrepapi exists, but the spotr-mvp repository is not found.

Whitelisting domains is security-critical and requires verifying the underlying source code for red flags. Please provide the correct GitHub repository link so the code can be reviewed before approval.

🤖 Prompt for AI Agents 
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@whitelist.yaml` around lines 34 - 35, The whitelist entry for domains
spotr.tv and dapp.spotr.tv references a non-existent GitHub repo
(https://github.com/cnpierrepapi/spotr-mvp); update the whitelist.yaml to
replace that URL with the correct repository URL (or add a new source_repo
field) that actually hosts the Spotr source code, and include a verifiable
reference (commit hash, tag or release) for the Solana program id
4i5etYNKfu7zfYxCtWxPjxaD6KNmgvrr22CZqLTWv16u so reviewers can inspect the code;
ensure the entry for the domains (spotr.tv, dapp.spotr.tv) and the Solana
program id remain unchanged but point to the corrected GitHub link.

Loading