I received two pull requests for two projects on GitHub last night. I am the author of one and the maintainer of the other.
At first, the pull requests did not make sense at all. One of them made minor changes to a README, e.g., changing "this book" to "the book". It was not fixing a typo or incorrect grammar. It was merely choosing a word different from the one I had chosen. In fact, I preferred "this book", so the pull request (PR) was inconsistent with my preference. There was no explanation whatsoever regarding why this change was warranted. Then I looked at the PR author's profile and found that the same person had submitted several such trivial PRs to other projects too, all of them changing "this" to "the" at some places in README files.
It all began to make sense when I looked at the calendar. It was Oct 01. This looked like PR spam due to Hacktoberfest. For now, I just labelled the PRs as "invalid" (as suggested by https://hacktoberfest.digitalocean.com/faq/), closed the PRs, and moved on.
Like all good things created with good intentions on the Internet, spam is hurting this event and bringing bad reputation to it. The possibility of large scale, endless spam should be worked into the design of any new Internet-based event or solution.
I also received one pull request that I thought was spam, where the author made several nonsensical changes like changing "#Features" into "#Features:" in the README. Now it makes sense.
I'll probably tell thank them for their contribution and point out a few ideas for things that would really help us, instead of merging this just for the sake of Hacktoberfest.
Yeah. Best approach I can think of would be something like:
Cool, looks like you've getting the hang of creating Pull
Requests on GitHub. :)
The actual change here though isn't useful to us. :(
Would you be ok spending some time improving [XYZ] instead? :)
eg combine encouragement for the bit they got right + info on what needs work, and point them in the right direction for fixing it
Some people will probably just not be bothered, but others might get involved in the suggested way. Hopefully. :)
The problem is that this takes time. On one PR, sure, okay. But if you have 50 of the spammy PRs, even with Copy and Paste, this will take several minutes (maybe up to an hour, depending) of a maintainers day (and really, per day, however long Hacktoberfest goes on). That's time that they're not spending coding or updating docs in a valid way or spending with family. It would probably be tenable if there were some heuristic that was 100% certain that this was a spammy PR, but I'm pretty sure that's not the case.
Don't waste your time. The people doing this don't know anything about programming.
There's no reason to ever look at or respond to PR from someone who doesn't at least have their own repo (or at least a fork of a repo) with non trivial commits (at least to a toy/learning project)
But this is not spam. It's based on morons trying to make it in the software world without any basis that they should be there.
They're doing this so that they can put "I have x amount of accepted pullrequests on github" and fool an employer to hire them. To become shit team members or outsourced to become shit offshore team members*.
I have seen these kinds in many a project. Real world experience. Real talk.
The episode name would be something like "haker man"
And Ricky (drunk like always) would probably say:
"Morty, gonna tell you something, everybody these days call themselves 'programmers/coders/hackers' all they do is watch a Javascript Course, barely, type some stupid shit like 'Hello World' and they feel like a great scientist Morty, you really understand how stupid is this, Morty?! They share that in all the 'social media' trendy moron stuffy like Twitter, a place even more cancerous than me Morty.
In the end Morty, burrp, I'm actually the Genius who discovered Time Travel and invented the Portal Gun."
> They're doing this so that they can put "I have x amount of accepted pullrequests on github" and fool an employer to hire them.
Yes, I have seen a bunch of those on popular repositories over the years. It is an annoyance, but usually so little, even on popular repos (I contributed much to PHP as example of project size) that it's easy to ignore (or even simply merge if it's somewhat useful, the fooling won't lead them far)
The difference with this marketing stunt is that there is way more active encouragement for that and way more of it at once ... multiple a day instead of one every few months
This has become a pet peeve of mine ever since a former co-worker told me his scheme of setting up a cronjob to add a single commit with a timestamp to a project on his Github profile on a daily basis, so future employers would think he was a 10xer or something to that effect
It is for publicity purposes of digital ocean. Gray area, they do incentivize participation in open source but also are responsible for this hug of death.
These contributions are junk and spam. I don’t think any maintainer will be upset if they get 100 legitimate and well intentioned pull requests, but we’re talking about spam here.
There is a good amount of questions on SO or tutorial blog posts that are basic, really basic stuff. Things that if you had barely any idea of what you were doing you would figure out but you don't.
Oh and now guess what, this flood of PRs raises the bar and annoyances for everybody.
At first, the pull requests did not make sense at all. One of them made minor changes to a README, e.g., changing "this book" to "the book". It was not fixing a typo or incorrect grammar. It was merely choosing a word different from the one I had chosen. In fact, I preferred "this book", so the pull request (PR) was inconsistent with my preference. There was no explanation whatsoever regarding why this change was warranted. Then I looked at the PR author's profile and found that the same person had submitted several such trivial PRs to other projects too, all of them changing "this" to "the" at some places in README files.
It all began to make sense when I looked at the calendar. It was Oct 01. This looked like PR spam due to Hacktoberfest. For now, I just labelled the PRs as "invalid" (as suggested by https://hacktoberfest.digitalocean.com/faq/), closed the PRs, and moved on.
Like all good things created with good intentions on the Internet, spam is hurting this event and bringing bad reputation to it. The possibility of large scale, endless spam should be worked into the design of any new Internet-based event or solution.