@bagder finally everyone is reviewing my code!
@bagder
Even worse, it looks like that account had only opened 4 days ago. Sorry you go through all that regularly.
@andreagrandi @bagder absolutely, at least make it an option
@bagder LLM’s - making the population stupider each iteration!
@bagder so does some college have "raise a bug report" as a student task on their CS syllabus or what?
@bagder what is the motivation here? Is this a sockpuppet account someone is trying to build up credibility for by faking a bunch of legitimate-looking activity? I think that's the case (looks like this account was just created and has opened issues in other repos). But what's the endgame?
@pvn we're a magnet for this stuff, but I don't know more than you about why these people act like this
@davidr yeah I think this could be the early, clumsy attempts of a supply chain attack. The method will be refined.
@bagder
Is it just taking the name of the function and then saying hypothetically a function like this could have this issue... without actually checking the real code?
@smallsees yeah, something like that. Entirely useless.
@bagder @smallsees my guess is it’s either malicious and meant to waste the maintainers time or just spraying trying to get one thing right so it can look like a contributor to credible projects and then use that reputation maliciously later.
@bagder
the linked "vulnerability" of a buffer overflow in JAVASCRIPT CODE was just the icing on the cake, like this wouldn't even be a buffer overflow in C because you're not using the hash to index anything, but in JS???