Comment by buovjaga

19 days ago

One solution is to have a screensharing call with the contributor and have them explain their patch. We have already caught a couple of scammers who were applying for a FOSS internship this way. If they have not yet submitted anything non-trivial, they could showcase personal projects in the same way.

FOSS has turned into an exercise in scammer hunting.

3 comments

buovjaga

Reply
swordsith  19 days ago

I'm not sure if I follow, are the PRs legitimate and they are just being made to buff their resume, or are PRs malicious?

  • buovjaga  19 days ago

    The patches are not malicious, but the submitters are unable to explain them. We require submitting a non-trivial patch in order for someone to be considered for a FOSS internship. As there is money involved, this attracts scammers now more than ever.

  • Fogest  19 days ago

    They are becoming AI slop more and more likely in an attempt to buff their resumes by making it look like they contribute to a bunch of open source. Basically low effort low quality submissions for silly things that just waste maintainers time.