Quoting Andreas Kling
📰 Simon Willison's Blog
Learn why a project stopped accepting public pull requests and how to evaluate code contributions in a similar context
Action Steps
- Evaluate your project's security requirements
- Assess the potential risks of public pull requests
- Consider implementing alternative contribution methods
- Develop a clear policy for code contributions
- Communicate the policy to your community
Who Needs to Know This
Developers and project maintainers can benefit from understanding the reasoning behind this decision to improve their own project's security and contribution policies
Key Insight
💡 The assumption that substantial patches imply good faith no longer holds, and project maintainers must prioritize security and accountability
Share This
🚫 No more public pull requests? Learn why and how to adapt your project's contribution policy
Key Takeaways
Learn why a project stopped accepting public pull requests and how to evaluate code contributions in a similar context
Full Article
We will no longer accept public pull requests. [...] A substantial patch used to imply substantial effort, and that effort was a reasonable proxy for good faith. That assumption no longer holds. [...] Whether code was typed by hand is beside the point. What matters is who is responsible for it once it enters the browser. Ladybird is becoming a browser for real users. The people introducing changes to
DeepCamp AI