Rich Felker on Nostr: Heads-up FOSS maintainers! There is a person sending bulk patches/PRs to FOSS ...
Heads-up FOSS maintainers!
There is a person sending bulk patches/PRs to FOSS projects for supposed issues "Found by RASU JSC" (not sure if that's a static analysis tool itself, or some org).
The patches I've received are all very, VERY wrong formulatic changes, maybe even LLM-generated, doing things as stupid as replacing sprintf(s, fmt, ...) with snprintf(s, sizeof s, fmt, ...) where s has pointer type.
If you've accepted any such patches, review carefully & possibly revert!
There is a person sending bulk patches/PRs to FOSS projects for supposed issues "Found by RASU JSC" (not sure if that's a static analysis tool itself, or some org).
The patches I've received are all very, VERY wrong formulatic changes, maybe even LLM-generated, doing things as stupid as replacing sprintf(s, fmt, ...) with snprintf(s, sizeof s, fmt, ...) where s has pointer type.
If you've accepted any such patches, review carefully & possibly revert!