After we have ownership consent, have a way for a user to block ownership requests from a particular user

[carols10cents]

Ownership consent is #924. That'll help, but a harasser could still create a whole bunch of ownership invitations that would be annoying for someone to have to go through and decline.

• We should have a way for user1 to indicate that they never want any ownership invitations from user2. cargo owner --block user2? And a way to do this through the UI?
• This should also remove any pending invitations from user2.
• If user2 tries to add user1 as an owner after they've been blocked, they should get an error message.

[sunjay]

What do you think of a prompt like the following after someone blocks another user?

Would you like you report this crate/user for abuse? [N, y]

If they confirm, a report is sent to the crates.io moderators. If they decline, we print a message letting them know how they can report manually if they need to in the future.

I think most situations where you would want to block someone are also situations where you are likely being abused and would want someone to stop them and this may help bring those situations to our attention.

[sunjay]

Also, it may be useful to keep a history of invitations so we can (in the future) automatically detect and track abuse. For example if a user is suddenly receiving many invites or if one user is suddenly sending many invites they may be doing something nefarious.