AlexFeb 19, 2025
Nicholas C. Zakas

When you have a popular open source project, you will periodically get suspicious-looking PRs that seem like tests to see how easy it is to land a malicious change.

Here's the latest:
https://github.com/eslint/eslint/pull/19433

Update index.md by ghala471 · Pull Request #19433 · eslint/eslint

Prerequisites checklist I have read the contributing guidelines. What is the purpose of this pull request? (put an "X" next to an item) [ ] Documentation update [ ] Bug fix (template)...

GitHub
Feb 19, 2025 at 12:21amWeb
Show threadBart LouwersFeb 19, 2025
@nzakas LGTM!
Show threadOlivier ForgetFeb 19, 2025
@nzakas What kind of project would merge this? Do some projects have automatic merge?
Show threadNicholas C. ZakasFeb 19, 2025
@teleclimber yup.
Show threadDanFeb 19, 2025

@nzakas Any thoughts on this?

https://github.com/the-nix-way/nix-flake-examples/pull/1

This individual has a bunch of PRs that are basically the same thing, some subset of these browser IDEs. From a quick look these website don't seem like red flags. But I found him when he made a similar PR on a long abandoned project of mine that I think was never popular anyway. So it's unusual.

Suspect, or just energetic and well meaning?

Show threadNicholas C. ZakasFeb 19, 2025

@ill_logic my read is that it’s more someone who’s trying to up their GitHub stats than anything malicious.

I probably wouldn’t merge the PR because it doesn’t actually seem useful regardless.