Annually by Digital Ocean, the Hacktoberfest event unwittingly to a significant , due to which various projects developing on GitHub, with a wave of small or useless pull requests. Changes in similar requests , usually to replace individual characters in Readme files, or to add .
The reason for the spam attack was YouTube blog CodeWithHarry, which has about 700 subscribers, demonstrates how to get a Digital Ocean T-shirt with minimal effort by submitting a pull request to any open project on GitHub with a minor edit. In response to accusations of organizing an attack on the community, the author of the YouTube channel explained that he published a video to teach users how to send pull requests and wanted to draw users' attention to the event.
At the same time, the example given in the video showed useless changes that were quickly replicated. A GitHub search for a sample "improve docs" note that repeats the example in the video revealed , and the search for the phrase "amazing project" - .
As a result of the incident, the maintainers were forced to clean up spam and parse trivia instead of developing. For example, Grails developers more than 50 similar requests.
The Hacktoberfest event takes place in early October and aims to encourage user participation in the development of open source software. To receive the T-shirt, you are invited to develop an improvement or fix for any open project and submit a pull request with the hashtag "#hacktoberfest". Since the change requirements were not explicitly defined, technically even minor edits, such as grammatical corrections, could be received on the T-shirt.
In response to spam complaints, Digital Ocean changes to the rules of the event - interested projects must now explicitly declare their consent to participate in Hacktoberfest. Submissions to repositories that don't add the "hacktoberfest" tag will not be counted. To exclude the participation of spammers in the event, it is recommended to mark their requests with "invalid" or "spam" tags.
To protect against flooding with pull requests, GitHub in the moderation interface, options that allow you to temporarily restrict the sending of content only to users who have previously participated in the development or accessed the repository. To eliminate the consequences of the flood, a utility for automating the maintenance of repositories is mentioned , in the latest version of which support for automatically closing pull requests submitted by new users with the "hacktoberfest" tag.
Source: opennet.ru