Exploring Solutions to Tackle Low-Quality Contributions on GitHub

[moraesc]

Hey everyone,

I wanted to provide an update on a critical issue affecting the open source community: the increasing volume of low-quality contributions that is creating significant operational challenges for maintainers.

We’ve been hearing from you that you’re dedicating substantial time to reviewing contributions that do not meet project quality standards for a number of reasons - they fail to follow project guidelines, are frequently abandoned shortly after submission, and are often AI-generated. As AI continues to reshape software development workflows and the nature of open source collaboration, I want you to know that we are actively investigating this problem and developing both immediate and longer-term strategic solutions.

What we're exploring

We’ve spent time reviewing feedback from community members, working directly with maintainers to explore various solutions, and looking through open source repositories to understand the nature of these contributions. Below is an overview of the solutions we’re currently evaluating.

Short-term solutions:

• Configurable pull request permissions - This has been a long-standing request (since 2016) and is a first step in giving maintainers more tools to customize their PR experience. Repository owners will be able to control pull request access at a more granular level by restricting contributions to collaborators only or disabling PRs for specific use cases like mirror repositories. This also eliminates the need for custom automations that various open source projects are building to manage contributions.
• The ability to delete a PR from the UI - This provides maintainers with the ability to remove spam or low-quality PRs directly from the interface to improve repository organization.

Long-term direction:

As AI adoption accelerates, we recognize the need to proactively address how it can potentially transform both contributor and maintainer workflows. We are exploring:

• Enhanced permission models - Provide maintainers with more tools so they can customize their PR experience:
  • More granular controls for determining who can create and reviewing PRs beyond blocking all users or restricting to collaborators only.
  • Ways for maintainers to define criteria that PRs must meet before they can be opened.
• Improved triage tools - Potentially leveraging AI to evaluate contributions against project guidelines and standards to identify which contributions maintainers should focus on reviewing.
• Transparency in AI-assisted contributions - Improved visibility and attribution when AI tools are used throughout the PR lifecycle.

Next Steps

These are some starting points, and we’re continuing to explore both immediate improvements and long-term solutions. Please share your feedback, questions, or concerns in this thread. Your input is crucial to making sure we’re building the right things and tackling this challenge effectively. As always, thank you for being part of this conversation. Looking forward to hearing your thoughts and working together to address this problem.

[xavidop]

such a great intiative

[SunShineHead]

To to lessen the complain of clients using the app itself and minimize the log in ratio from 43 different person per account to at least 22 clients may have their own privacy in using the app itself it is awesome for not knowing that everything was being tracked behind the scene, i'm starting to get curious about the tracking issues as thought it's with your games.

[patrickhlauke]

explore solutions to tackle this sort of low-effort spammy crap as well, maybe...

[PaulNewton]

@patrickhlauke I'd also like to have a way to quickly block this type nonsense without having to build userscripts.
For real this is like "who's here in 2026" engagement bait and it should just be qualify as spam not upvoted over everything.
But the people upvoting are part of why so much spam exists too and i'd like to be able to block them all.

[yashdeora]

Such a thing should consider almost first.

Programmingoneonone

TheCScience

[xavidop]

I know this is a pretty ambitious idea and not trivial to implement, but it would be really powerful to have an AI-detection mechanism with a configurable threshold at the repository or organization level. That way, teams could decide what percentage of AI-generated code is acceptable in pull requests.

Another possible approach would be to define a set of rules or prompts and evaluate pull requests against them. PRs that don’t meet those rules could be automatically flagged or potentially even closed.

[moraesc]

Another possible approach would be to define a set of rules or prompts and evaluate pull requests against them. PRs that don’t meet those rules could be automatically flagged or potentially even closed.

This is definitely something we’re exploring. One idea is to leverage a repository’s CONTRIBUTING.md file as a source of truth for project guidelines and then validate PRs against any defined rules.

In regards to AI-generated code, have you seen cases where the code is AI-generated but still high-quality and actually solves the problem? Or is it always just something you want to close out immediately? I'm curious if an AI-detection mechanism would rule out PRs where AI is used constructively, but interested in investigating this more and understanding what sensible would thresholds look like.

[PaulNewton]

"AI-detection" is a backwards approach to a human problem filled with false positives.
Any system good enough to actually identify AI is a system that can be used to train undetectable AI and that would encourage MORE spam.
QED

The only actual test that ends up mattering is whether the code works and the contributor is allowed to contribute that code.
And that is the problem, code that doesn't work wasting humans time on slop.
The goal is less AI noise not more insisting on itself at every point in the maintainers life.

[who]

Judge work on its merits and its logic, no matter if the source is human, AI, or a combination thereof.

[xavidop]

As of today, I would say that 1 out of 10 PRs created with AI is legitimate and meets the standards required to open that PR. On 28 Jan 2026, at 18:41, Camilla Moraes ***@***.***> wrote:  Another possible approach would be to define a set of rules or prompts and evaluate pull requests against them. PRs that don’t meet those rules could be automatically flagged or potentially even closed. This is definitely something we’re exploring. One idea is to leverage a repository’s CONTRIBUTING.md file as a source of truth for project guidelines and then validate PRs against any defined rules. In regards to AI-generated code, have you seen cases where the code is AI-generated but still high-quality and genuinely solves the problem? Or is it alwaays just something you want to close out immediately? I'm curious because I'm wondering if an AI-detection mechanism would rule out PRs where AI is used constructively, but that's where we'd want to test this thoroughly and understand what sensible thresholds look like. — Reply to this email directly, view it on GitHub<#185387 (reply in thread)>, or unsubscribe<https://github.com/notifications/unsubscribe-auth/ABBWEYEKF6WLNDKE376L3GD4JDYFXAVCNFSM6AAAAACS7B7C7OVHI2DSMVQWIX3LMV43URDJONRXK43TNFXW4Q3PNVWWK3TUHMYTKNRTGEZTMMI>. You are receiving this because you commented.Message ID: ***@***.***>

[eli-schwartz]

5. Produces a hash-chained evidence bundle - cryptographic proof of what was reviewed, when, and what the models found. Independently verifiable offline.

I think that for extra security you should make sure that this uses the blockchain distributed consensus model. Otherwise how do we know which proofs to trust?

Eager to hear the name of your new cryptocurrency.

[sirosen]

I don't think it's a scam. I think it's a silly.

You are wading into a discussion which is primarily about harm being done by vibe coding.¹ So, uh... pushing a vibe coded project here is super ironic.

Footnotes

1. In the El Reg article about this discussion, a GitHub manager said that this isn't about LLMs, which is so patently dishonest that it's offensive. ↩

[bxb100]

Damn, MF should hire you as their PM.

[tsjensen]

Deleting a PR would be a great feature, I've looked for this since before AI

[rmacklin]

@moraesc As the OP alludes to it's a legitimate flaw that all prior public issues become inaccessible if a public repository decides to disable issues going forward. Are you open to making changes to this? This discussion has been about a potential upcoming feature to disable PRs for a repository, but I want to explicitly ask if GitHub is open to considering improving the behavior for the existing disable-issues feature, too.

[Mossaka]

Hey! I am from Azure Core Upstream and we have a lot of OSS maintainers who mainly maintain repositories on GitHub. We held an internal session to talk about copilot and there is a discussion on the topic where maintainers feel caught between today’s required review rigor (line-by-line understanding for anything shipped) and a future where agentic / AI-generated code makes that model increasingly unsustainable.

below are some key maintainer's pain points:

1. Review trust model is broken: reviewers can no longer assume authors understand or wrote the code they submit.
2. AI-generated PRs can look structurally “fine” but be logically wrong, unsafe, or interact with systems the reviewer doesn’t fully know.
3. Line-by-line review is still mandatory for shipped code, but does not scale with large AI-assisted or agentic PRs.
4. Maintainers are uncomfortable approving PRs they don’t fully understand, yet AI makes it easy to submit large changes without deep understanding.
5. Increased cognitive load: reviewers must now evaluate both the code and whether the author understands it.
6. Review burden is higher than pre-AI, not lower.

[moraesc]

Thanks for sharing @Mossaka ! Great to get more feedback. This looks along the lines of what we've been hearing from maintainers too, so validates what some of the key pain points are. Were there any feature requests mentioned during the session?

[Tibor17]

1. I have a problem with the following statement. It is very leftish. The GitHub has no rights to impose such limitations. You have to configure your repo and TTL of a PR:
   limited timeframe to delete a PR. Maybe a week in case of low activity

2. Regarding the next statement, you can delete a PR when you close it. How different is close and delete?
   Next question, why you mentioned low-quality PRs? I hope you do not want to employ AI to determine what low quality means! We, maintainers, have to determine it.
   The ability to delete a PR from the UI - This provides maintainers with the ability to remove spam or low-quality PRs directly from the interface to improve repository organization.

3. Who is an external contributor?
   Example, you mean a situation when XLibre developers are removed from Xorg?
   Restrict PRs to collaborators - This provides more granular access control, allowing contributions exclusively from existing collaborators while blocking external contributors.

4. This would segregate the maintainers and we don't want it. We have flags on the PRs to indicate what to do with them.
   If the AI is leveraged to this job, we have segregated the maintainers again in the Open Source. But the rule is that we are all equal, and this might be a problem if one is notified and the second guy is not. You may not totally trust the AI due to finally the result may change without the second guy or the quality would be bad without his opinion since he does not attend the review.
   Improved triage tools - Potentially leveraging AI to evaluate contributions against project guidelines and standards to identify which contributions maintainers should focus on reviewing.

[AlanGreene]

Many of the badges can easily be gamed. I've seen plenty of users who've followed some blog post / YouTube video instructing them on how to gain badges in an automated manner through a provided script and pool of user / bot accounts.

[jamisonbryant]

Wow, that sucks!! I had no idea. I have never really chased the badges, just cracked a half-smile whenever I earn one from going about my day-to-day, but IMO they should be harder to obtain than this, especially with botting!!

[eli-schwartz]

Um...last I checked, labeling, assigning, and closing PRs are "write access" permissions. GitHub repo permissions are already very granular, in the places where such things are implemented. I don't think the proposal to include PRs in this is as big a lift as you're thinking it is.

They certainly are not, and I know this because I'm a member of an org where all org members have triage permissions, and only a dedicated mirroring bot has write permissions to push new commits to the repository. All org members must push to our in-house gitolite repository instead, and the reason for only handing out triage roles on GitHub is to prevent anyone from accidentally pushing to the wrong remote and causing the two to diverge (which would mean that GitHub gets force pushed, which would be disruptive to users).

Issues are disabled because we use bugzilla. PRs are allowed for the sake of users who don't wish to email patches to a mailing list.

I can:

• add various labels to PRs, such as the labels that cause our in-house CI system to bump a PR to the top of the queue.
• add assignees,
• add requests for reviewers,
• manage milestones (even if that particular repo doesn't use milestones),
• close them

I cannot:

• edit the PR title,
• edit or delete comments,
• approve workflows,
• mark my own review comment as needing action after the PR author responded to my review by saying "no" and clicking the "resolve" button (in my not so humble opinion, this is a grave usability flaw in GitHub PRs -- the author of a PR must not be permitted to win in a governance dispute with a project member, nor hide reviews by default in the hope that a different maintainer will not notice that the first maintainer has outstanding concerns)

The permission system in question is a toggle that allows administrators to select whether a user has read-only access, "triage", "write", or admin. I am entirely confused, what you seem to be calling triage that isn't what I just described. It is also funny to hear you describing permissions as ,"very granular" when it is a straight line going up at an angle and each level simply adds additional permissions on top of lower levels -- are you seriously suggesting that there's a GitHub repository role that "granularly" permits users to, for example, merge PRs but not add an assignee or a milestone?

[eli-schwartz]

Wow, that sucks!! I had no idea. I have never really chased the badges, just cracked a half-smile whenever I earn one from going about my day-to-day, but IMO they should be harder to obtain than this, especially with botting!!

Badges are something that GitHub implemented to copy Xbox games, are you really that surprised that they are vulnerable to cheating? :)

The literal definition of those badges is that you have e.g. "got X number of PRs merged", but you can get them by creating your own personal repo and submitting PRs to it, last I checked.

A badge that perhaps means a bit more is the one-off badges that you can get if you have had PRs merged by repositories whose code is in particular NASA missions, as you can't game that without knowing it will exist in advance, and the list of repositories whose code is used in some well known government-funded event is unlikely to include outright script-generated cheats.

[chadlwilson]

I think the message was probably ineloquently phrased and comes from a misunderstanding of the term "write access [to code]", but the intent was probably to say that there's no particular reason that GitHub can't consider someone with a triage role also able to submit PRs even if disallowed from fully external folks?

But the triage role certainly is a mess and unsuitable for actually doing triage right now (not being able to edit titles or descriptions is crazy) and very far from granular for public free orgs (as opposed to enterprise orgs, I believe). That shouldn't have been a heavy lift to resolve either, but it has not been 😅

[sirosen]

An option to limit new contributors to one open PR would be nice.

Just today I had to batch-close several AI generated PRs which were all submitted around the same time.

For this protection, defining "new contributor" is probably not possible to do perfectly. But anyone who has no interactions with a project prior to the last 48 hours seems like a good heuristic. The point is to catch such a user at submission time and limit the amount of maintainer attention they can take up.

For a different type of problem, I'd like to be able to close PRs as "abandoned", similar to the issue close statuses. It's a clear UI signal to the contributor that their work isn't being rejected but I'm not going to finish it for them. Several of the low quality contributions I have handled, dating back to before the Slop Era but getting worse, are simply incomplete and need follow through.

[sirosen]

And what counts as an interaction, random comments?, a catch-22 PR they can't submit without previously submitting another PR?, an #intros discussion thread buried somewhere... etc etc

I was saying that I would like to be able to limit new contributors to 1 open PR. The problem -- as stated -- is that a single user can hammer a project with 5-10 PRs and there's no interaction limit to keep them from doing that.

Being able to say "hey, before you have a merged PR, we only allow you to open 1 PR" reduces the amount of manual cleanup we need to handle.

Is more UI doodads the solve here,
Isn't marking PR's closed abandoned not already a solved problem by closing the PR, applying labels, comment on the PR, or title edits, etc ?

"The solve" makes it sound like there's some singular solution here. I don't think there is.

I try to communicate very clearly with contributors, especially when rejecting their work (or "work").

It takes time and energy to explain why things are being closed. If I could delegate part of that effort to a close-status, I would find it helpful. If you have a well indexed library of response templates, that's another way to make it easier.

Is it the solution to slop? Obviously not. That would be a pretty ridiculous position to hold.

A theme of alot of these posts seem to be of the "must be this tall" variety which seems more like a platform ranking system than just being able to turn off or gate PRs.

I was intentional about phrasing my idea as something which would turn down the volume on interactions with new contributors without forbidding them entirely.

"You haven't contributed to this project before and now you are filling 30 PRs" is not a likely usage mode for a normal human on GitHub. If you open your 5th PR and there aren't even comments on your other 4, it's a near certainty that something is wrong.

I don't see how wanting a protection against this form of abuse is even remotely similar to a reputation/ranking system.

[who]

Giving repo owners the ability to "rate-limit" PRs from contributors is probably a good idea.

You can automate this today using on: pull_request_target GitHub Actions.

[webknjaz]

@sirosen look what I've just found: https://github.com/marketplace/actions/good-egg-trust-scoring-prs. Not sure it'd score me very high (saying hi to corner cases 😃) but I'm seriously considering trying it out. The methodology there reminds me of what my ML friend @LukaIhn was suggesting in our chats strategy-wise.

[sirosen]

A lot of the solutions people have raised here are some form of "reputation system", which I find a bit uncomfortable because I think it will be wrong a lot of the time. And any rep system results in some people karma-farming.

I'm definitely open to the idea that we might incorporate some tools which give us signals about contributors. e.g., A comment bot that simply notes "warning signs" without forcibly closing would let us continue to exercise our judgement.

---

But before we discuss more here...

I have unsubscribed from this discussion and I recommend/urge anyone reading to not bother reading most of it, and potentially to unsubscribe as well. It started out somewhat-promising, but then the trolls came out to play.

The more limited maintainers community or per-project discussions are more usable, as there's less spam/junk.

[timrichardson]

We learn in physics that friction is good. AI has made PRs almost zero friction. Any solution means adding friction back. Thanks for the link to the "good egg" project. Very Bertie Wooster.

[dgoldman0]

For the long term horizon: Implement a reviewer LLM that first does an initial scoring of the PRs? Critique is far easier than creation of a correct result. That automated pre-moderation should give the edge needed to handle. Depending on whether you just use rich prompting or fine-tuning, you can even start building an "oracle vox" for your project, which acts as a reasonably informed, reasonably on point virtual representative for the project/organization.

[chadlwilson]

Yes, I understand and broadly agree with your sentiment - but without going into a long sidetrack into the ethics (and irony) of coding-LLMs actively undermining the very thing that even made them possible in the first place (open source code and contributors) ...I wanted to add a different voice with perhaps some more nuance,

In the sense that different tools can be applied to different jobs with different trade offs. Don't need a Ferrari to get to the grocery store, and all that - and if the tool can bring time back for actually fixing bugs or improving the product, working with well meaning contributors - I'm not as fussed with whether it incorporates AI or not, just as whether I don't mind much whether a tool is built in Python or C or Ruby if it works well relative to its costs/downsides.

[eli-schwartz]

Essentially heuristics defined in clear text rather than a classic deterministic scoring system. I don't think that would be that bad (and perhaps such things already exist) - and neither more or less impersonal as the bots in some OSS projects that nag you to sign CLAs; sign off commits; tell you when a merge conflict has appeared, close stale issues, respond and label based on PR templates /areas of code touched etc.

I will say, that I'm extremely opposed to bots in OSS projects that ''close stale issues" and I've never once seen it work out to the mutual satisfaction of both the maintainers and the community. Sometimes it doesn't even work out to the satisfaction of a single side -- e.g. a single developer forces through the bot and angers other developers.

CLA bots and signoff bots aren't heuristics based, any more than something like os.path.exists() uses heuristics to determine whether a file exists. People are attuned to treating such bots as expressions of inarguable fact.

I haven't actually seen bots that tell you when a merge conflict has occurred, although it's much the same (and effectively just serves as a notification pipeline for when the forge internal flag for displaying a merge conflict in the Web UI, changes status). It sounds incredibly painfully noisy and I would object to such a bot in projects I contribute to, but not because I think it's "impersonal", I just think it's far too prone to generating hundreds of new comments that anyone seeking to read the PR discussion will have to scroll through. Generating a new comment for a frequently changing status flag is not an effective communication channel; better would be a forge native feature to email the author when a merge conflict occurs, and then people can also see the summary at the bottom...

respond and label based on PR templates /areas of code touched

Labeling based on PR templates doesn't require a bot, last I checked. GitHub natively lets you associate templates with labels? Labeling based on paths modified in the diff is not really something I'd call a "heuristic" given it is a simple key/value mapping from paths to labels, manually defined in some script that is then reproducible and idempotent.

So none of this is really anything that I feel would map well to give a hint about how users might respond to a heuristics based LLM review tool.

Especially keep in mind that people who don't like LLMs (such as me) will absolutely flip out any time such a tool erroneously gives them a failing grade and "penalizes" them. And a review tool that doesn't do anything to hide PRs with a failing grade from developer attention, does not accomplish anything to solve the problem of developers being forced to expend their attention on what they consider spam.

and if all comments added have an appropriate disclaimer/disclosure and ability for a contributor to "get help" with a bit of friction if it goes awry - that could perhaps be a useful piece of the toolkit?

A disclaimer/disclosure will do nothing because the victim knows that the project chose to impersonally:

• act without knowledge,
• use the tool that they said is bad, to leap to the incorrect conclusion that the victim is using the exact same tool and penalize them in some manner for using it

An appeal button will not help because people have a natural aversion to challenging authority and this goes quadruple for cases where a first time contributor feels slighted and "on the defensive" from the initial interaction and doesn't have some motivation to get the change in "at all costs and no matter what I have to swallow to do it" (such as a critical work-blocking bug that cannot be worked around in a dependency that cannot be replaced or reimplemented).

[marcindulak]

I will say, that I'm extremely opposed to bots in OSS projects that ''close stale issues" and I've never once seen it work out to the mutual satisfaction of both the maintainers and the community.

There is currently at least one running example of this problem anthropics/claude-code#16497

[chadlwilson]

Yes, I am mainly referring to heuristics where a bot (AI or otherwise) tries to use various aspects of a contribution and the contributor's history to assess signal vs noise for a contribution - not existing deterministic bots doing simple automation, or "rules" for contributions.

I'm aware templates can be used for labels, but some projects use heuristic based bots for this (e.g grpc, many others) depending on how they use labels.

I wasn't making any particular judgment on the merit of all these various bots, nor claiming that an AI agent should be the only tool available - just highlighting that there are many things you might want to do in terms of automation, but they all require setup and configuration, and in some cases exposing your project to supply chain risk for that bot due to the privileges they run with.

If people want to block all AI contributions they should be able to do so, sure, but existing contribution prioritisation is opaque for the vast majority of open source projects anyway, so a signal visible only to maintainers is no worse than the current situation of opacity.

I'm in no way claiming that this could be suitable for all projects - no tool (AI or otherwise) would be.

[PaulNewton]

That assumes you have the resources to evaluate every contribution to determine if it is something you don't need/want.

AHAHAHAAHAHAAH haha ahuehue heu omg I can't.
That's literally the point of this entire discussion, NOT having the resources.

Humans don't have infinite time, and LLM's do NOT have infinite energy resources.
Even if you are the type to let AI go at full rip you will burn time somewhere in some sort of review, backfilling, or defending against security breaches etc etc etc ad nauseum; all the while turing your time into a free training vector for other businesses software.

Productivity gains cannot be infinite in a mortal world using probability distributions.
We need deterministic tools for human to human contribution.
Yeeeesh.

[PraiseTechzw]

This is a very real problem, and I appreciate that it’s being treated as systemic rather than blaming maintainers or contributors individually.

One concern I have with repo-level PR restrictions is that they may disproportionately impact first-time contributors who do want to engage meaningfully but don’t yet have collaborator status.

Personally, I think the most promising direction here is criteria-based PR gating rather than blanket restrictions things like required checklist completion, passing CI, linked issues, or acknowledgement of contribution guidelines before a PR can be opened.

On AI usage specifically, transparency feels more scalable than prohibition. Clear disclosure combined with automated guideline checks could help maintainers focus on high-intent contributions without discouraging responsible AI-assisted workflows.

Looking forward to seeing how these ideas evolve especially solutions that preserve openness while respecting maintainer time.

[moraesc]

One concern I have with repo-level PR restrictions is that they may disproportionately impact first-time contributors who do want to engage meaningfully but don’t yet have collaborator status.

Completely agree with this concern and just want to emphasize that this is just a starting point and not the final solution. The plan is to develop more tools and frameworks for both maintainers and contributors to help address the "slop" problem.

Personally, I think the most promising direction here is criteria-based PR gating rather than blanket restrictions things like required checklist completion, passing CI, linked issues, or acknowledgement of contribution guidelines before a PR can be opened.

Some other ideas we're exploring are requiring an issue to be created first before a user can open a PR or leveraging AI to validate a PR against rules defined in a CONTRIBUTING.md file or something similar. Any thoughts on that?

[robmen]

Some other ideas we're exploring are requiring an issue to be created first before a user can open a PR

Requiring that an issue be assigned to the user before they can post a PR would work well with our process. We already request that users who open a PR also open an issue so it can be triaged into the appropriate milestone. It would be great if GitHub had a way to normalize that workflow.

[taranion]

I like the idea of "issue first".
Allow PRs

• either from project members
• or for existing issues that the maintainer manually put in some kind of "expecting PR" state.

Potentially make the order irrelevant. Have PRs from non-members in some kind of "hold" state, until the issue has been opened and accepted. Close PRs that link to rejected issues. Auto-close PRs in "hold" state from non-members that do not link to an issue after a configurable period.

[PraiseTechzw]

One concern I have with repo-level PR restrictions is that they may disproportionately impact first-time contributors who do want to engage meaningfully but don’t yet have collaborator status.

Completely agree with this concern and just want to emphasize that this is just a starting point and not the final solution. The plan is to develop more tools and frameworks for both maintainers and contributors to help address the "slop" problem.

Personally, I think the most promising direction here is criteria-based PR gating rather than blanket restrictions things like required checklist completion, passing CI, linked issues, or acknowledgement of contribution guidelines before a PR can be opened.

Some other ideas we're exploring are requiring an issue to be created first before a user can open a PR or leveraging AI to validate a PR against rules defined in a CONTRIBUTING.md file or something similar. Any thoughts on that?

I think leveraging AI to validate PRs against CONTRIBUTING.md rules is promising, but only if it’s deterministic in enforcement. If the output is advisory rather than blocking, maintainers still carry the review burden.

[PraiseTechzw]

One concern I have with repo-level PR restrictions is that they may disproportionately impact first-time contributors who do want to engage meaningfully but don’t yet have collaborator status.

Completely agree with this concern and just want to emphasize that this is just a starting point and not the final solution. The plan is to develop more tools and frameworks for both maintainers and contributors to help address the "slop" problem.

Personally, I think the most promising direction here is criteria-based PR gating rather than blanket restrictions things like required checklist completion, passing CI, linked issues, or acknowledgement of contribution guidelines before a PR can be opened.

Some other ideas we're exploring are requiring an issue to be created first before a user can open a PR or leveraging AI to validate a PR against rules defined in a CONTRIBUTING.md file or something similar. Any thoughts on that?

I think leveraging AI to validate PRs against CONTRIBUTING.md rules is promising, but only if it’s deterministic in enforcement. If the output is advisory rather than blocking, maintainers still carry the review burden.

[funnelfiasco]

Thinking along the lines of the discussion first approach that Ghostty uses, I think one way to create just enough friction would be to have an opt-in where a PR has to be linked to an open issue or discussion topic. So when an unprivileged (i.e. does not have elevated privileges on the repo) user tries to create a PR, there's a required field that takes an issue/discussion number. If that's not provided (or the corresponding issue/discussion is closed), then the PR can't be created.

This could be trivially worked around by throwing in any old issue/discussion (or by creating one), but it may cause just enough friction to help. To guard against this, perhaps maintainers could set a "minimum age" for the issue/discussion (e.g. 12 hours) to prevent creating fake issues to support a spammy PR.

[moraesc]

@jamietanna does the discussion-first approach that you follow require all users to create a discussion first, or only "non-collaborators" (users without write access) ?

[jamietanna]

@moraesc generally non-collaborators. The maintainers and collaborators are able to create an Issue and remove the needs-discussion label that auto-closed an Issue raised by a non-collaborator

That being said, non-collaborators will often go through the Discussion process, as it's pretty good at distilling what we want, and a place to work through ideas before they're in an Issue

[marcindulak]

The problem with github discussions is that they are isolated - they don't automatically create links https://github.com/orgs/community/discussions/2971 like issues do, meaning information is scattered in two places and difficult to find.

[weisdd]

The issue with this approach is that pretty much any popular project would already have enough of pre-existing issues/discussions to choose from.

In our case, we've noticed that a good chunk of AI slop was targeting old issues with the "good-first-issue" label. - They're attractive in a sense that, by definition, it's not something complex to do, so you don't have to spend much time prompting AI and, thus, can generate dozens or even hundreds of PRs a month (we've seen such accounts) across a random list of popular repositories (automated tooling makes it easy to find a target). We ended up removing the label from all issues.

[PaulNewton]

Agree but the permissions names might need a different messaging:

So when an unprivileged

Try this optics nit on for size:
"The unprivileged cannot code on github. ; unless their AI is good enough to pass."
Only being partially sarcastic in order highlight while less privilege from a security standpoint is 100% valid there are some very real problems in how we phrase permissions with AI in the mix reallllly muddying things more and more while also wanting/needing new people to join in.

There is non-zero chance for this slop problem to grow into an economic/cultural divide in haves good AI's vs have no-AI's.
Making under-privelaged excuse for some odd twisted ladder pulling on a "social coding" platform; that could weirdly encourage more AI use by any possible contributor just so they can escalate privilege's making the actual learning seem more and more less useful.
Instead of security/spam prevention tools for maintainers to vet new contributors who do want to learn but can no longer afford the entry fee.
ugh 🤮 .

[M677871]

This is a real problem, and I think the key is not just restricting contributions, but raising the baseline quality before maintainers even see a PR.

A few ideas that could work well together:

1. “Pre-flight checks” before opening a PR
   Instead of reviewing after the fact, enforce lightweight requirements before a PR can be created:
   PR template fields must be completed (steps to reproduce, screenshots, etc.)
   Link to an existing issue (or require creating one first)
   Basic checklist validation (not just a checkbox — actual content validation)
   This alone would filter out a large portion of low-effort / AI-dumped PRs.

2. Contributor reputation / trust levels
   A middle ground between “everyone” and “collaborators only”:
   First-time contributors → stricter requirements / limited PRs
   Repeat contributors with merged PRs → fewer restrictions
   Optional “cooldown” if multiple PRs are closed without merge
   This keeps projects open while protecting maintainers’ time.

3. AI-assisted triage (but focused and transparent)
   AI could help, but only if it’s scoped carefully:
   Compare PR content against contribution guidelines
   Flag likely issues: missing tests, vague descriptions, large unrelated diffs
   Highlight why it was flagged (not just a score)
   Important: this should assist maintainers, not auto-reject contributors.

4. “Soft rejection” workflows
   Instead of maintainers manually explaining the same issues repeatedly:
   Allow maintainers to reject with structured reasons (template-based)
   Auto-suggest improvements to the contributor
   Optionally allow resubmission after fixes
   This reduces burnout and keeps feedback consistent.

5. Better signaling for AI-generated contributions
   Not to block them, but to improve clarity:
   Optional disclosure (“AI-assisted” flag)
   Visibility into which parts were generated vs edited
   Helps maintainers adjust review depth accordingly

6. Limit PR spam without killing openness
   Simple guardrails could go a long way:
   Limit number of open PRs per user (especially new accounts)
   Detect rapid-fire PR creation across repos
   Temporary rate limits instead of hard bans

[JC5]

Honestly if I get an AI-generated security advisory dumped in my lap and it actually pans out, I just fix it and move on. I don't need to credit a machine.

[remcohaszing]

I would like an option to require users to enable 2FA to interact with my projects. You don’t need to authenticate with 2FA for every action. You just need to have it enabled.

I want to set this option both at organization level, and as a global setting for all of my personal projects.

This is not disruptive for people, because you should enable 2FA anyway. But this is hard to overcome for bots.

[rcomer]

According to this page, 2FA is already globally required for any account pushing code. So I guess people setting up bots to open PRs must be getting around it somehow.
https://docs.github.com/en/authentication/securing-your-account-with-two-factor-authentication-2fa/configuring-two-factor-authentication

[JC5]

Yes they get around it, that's not hard to do. Once you have 2FA authenticated yourself just once you can create an access token (personal or classic) that is valid for 1 year or even longer.

[remcohaszing]

So add an option to disallow interactions with access tokens.

I know my solution isn’t perfect. We might never fully solve the issue. But this does make it harder to automate spam.

[dohyeon5626]

What do you think about asking for a simple human verification step when an issue or PR is created?

I tried putting together a very simple GitHub Action based on that idea, just to see if it could help reduce some of this.

Curious to hear what you think about this approach:
https://github.com/dohyeon5626/bot-check-action

[dmulder]

My two cents: One easy filter is to simply reject PRs from non-maintainer contributors with lots of nonsense commits. I keep seeing folks who commit each AI iteration, swinging the slop pendulum back and forth until they achieve their goal. This would only work though for those who don't know how to rebase.

[Elifterminal]

I've been thinking about this from the maintainer tooling angle. Most anti-spam approaches focus on contributor reputation (account age, profile, commit patterns). That works for obvious bots, but it fails on a specific category: PRs that look legitimate but don't actually address the linked issue.

I built an open source triage tool that takes a different approach — it reads the actual diff and evaluates it against six quality dimensions:

• Issue Resolution Fit (30%) — Does the code address what the issue asked for?
• Implementation Substance (25%) — Functional changes or cosmetic shuffling?
• Pattern Alignment (15%) — Follows repo conventions?
• Scope Match (15%) — Proportional to the problem?
• Test Signal (10%) — Relevant tests added?
• Risk Flags (5%) — Unrelated changes, suspicious patterns?

Each dimension is scored with specific file references and diff evidence. The system uses probabilistic language and a signal hierarchy — it tells you which PRs deserve your review time, it doesn't make merge/close decisions.

I've tested it on real bounty PRs that attract 10-25 submissions per issue. It correctly flags the cosmetic-only submissions (score <40) while surfacing the ones with real implementations (score >70).

MIT licensed, BYOK (bring your own API key), free tier available: https://github.com/Elifterminal/pr-triage-web

Would love feedback from maintainers on whether the scoring aligns with your instincts.

[Elifterminal]

Follow-up with a concrete example. I ran triage on three open PRs this morning — one of them illustrates exactly why contributor-signal filters are becoming insufficient.

microsoft/vscode#267874 — authored by Copilot. 422 lines of telemetry code with 213 lines of tests.

The code is technically sound:

• Proper VS Code telemetry classification (SystemMetaData, FeatureInsight)
• Follows the existing publicLog2 pattern
• Correct constructor injection (@IFileService, @ITelemetryService)
• Tests cover session lifecycle, query tracking, edge cases

It scored 52/100 — NEEDS_HUMAN_JUDGMENT.

The signal that flagged it wasn't code quality. It was contextual: no linked issue, draft status, and scope that's suspiciously comprehensive for something nobody requested. A full SearchSessionTracker class with two new telemetry event types — for a feature that has no corresponding issue or feature request.

This is the shift happening right now. AI-generated PRs are moving past the point where technical quality is the differentiator. The code compiles, the tests pass, the patterns are correct. The only reliable signal is contextual: does this change have a reason to exist?

Profile-based filters (account age, commit history, 2FA) won't catch this. The author is GitHub's own Copilot. The question isn't "is this code good enough" — it's "did anyone ask for this."

For comparison, two other PRs from the same batch:

• vercel/next.js#40715 — 61/100, middleware rewrite fix. Real problem, solid code, but ships without tests on a cross-runtime change.
• facebook/react#25009 — 84/100, React Core Team transition tracing work. Feature-flagged, 294 lines of tests. Textbook internal PR.

The scoring breakdown for all three: issue fit, implementation substance, pattern alignment, scope match, test signal, risk flags — each with specific evidence from the diff. That's the triage layer maintainers need, and it's what I've been building at pr-triage-web.vercel.app.

[pombredanne]

@Elifterminal weirdly enough, your tool looks mostly vibe-coded, and your comments all score super high on my generated-by-AI-o-meter generated-by-LLM-o-meter, as not being genuine, human-created and tagged as NOT_FROM_A_HUMAN . Am I right?

[Elifterminal]

It is coded by ai. Elif is an ai agent. The idea is that ai code doesn't automatically mean bad code. Ai slop and ai brilliance gets lumpded together indiscriminately. Soon enough, ai code will be standard. The world needs tools for this eventuality.

…

On Tue, Mar 31, 2026, 10:08 AM Philippe Ombredanne ***@***.***> wrote: @Elifterminal <https://github.com/Elifterminal> weirdly enough, your tool looks mostly vibe-coded, and your comments all score super high on my generated-by-AI-o-meter, as not being genuine, human-created and tagged as NOT_FROM_A_HUMAN . Am I right? — Reply to this email directly, view it on GitHub <#185387?email_source=notifications&email_token=BRCXKSADD4HA4QBBRQIULFD4TP3RXA5CNFSNUABIM5UWIORPF5TWS5BNNB2WEL2ENFZWG5LTONUW63SDN5WW2ZLOOQXTCNRTHE4DAMJUUZZGKYLTN5XKO3LFNZ2GS33OUVSXMZLOOSWGM33PORSXEX3DNRUWG2Y#discussioncomment-16398014>, or unsubscribe <https://github.com/notifications/unsubscribe-auth/BRCXKSFNEOH6G4LQJMHVWD34TP3RXAVCNFSM6AAAAACS7B7C7OVHI2DSMVQWIX3LMV43URDJONRXK43TNFXW4Q3PNVWWK3TUHMYTMMZZHAYDCNA> . You are receiving this because you were mentioned.Message ID: ***@***.***>

[pombredanne]

@moraesc Thanks for starting this. I am just out of a call with our maintainers and the discussion in the last three calls have been to find ways to create more frictions to contribute hoping we can weed out junk AI LLM slop contributions. This is of course completely nuts to think that reasonable FOSS developers would want to make it harder to contribute but this is where we are today.

There is a consensus emerging to possibly close all write access to issues and PRs to non-collaborators and make it easy for genuine aspiring proven-to-be-human contributors to become collaborators.

[moraesc]

Hey @pombredanne, last month we added the ability to restrict PR-creation to collaborators only. If you go into your repository's Settings and scroll down to Features, you'll see where you can toggle the PR creation setting (check out the changelog for more details. We don't currently have the same level of granularity for issues, but are exploring more ways we can add more granular interaction limits and improve filtering so you can weed out sloppy/noisy content. Let me know if this helps!

[pombredanne]

@moraesc Thank you! I have seen the PR feature to restrict that to collaborators.

There is also the "Temporary interaction limits" with a Limit to repository collaborators that we can renew every 6 months.

Both are the nuclear options we are considering. But we still need ways for real contributors to interact with maintainers which would have to be out of band from GitHub, and also I do not understand yet the detailed implications of these two options short of doing some live tests on some other test org/repo.

The delicate balance is that we are and have always been a noob friendly org, but the slop we receive means that we do not even process much of any incoming PRs at this stage, and is becoming a deterrent to actual bonafide contributors.

[cboettig]

@moraesc Thank you, these are welcome developments in the face of the current situation but I agree with @pombredanne that they are reasonably nuclear options for a platform that has fostered open source collaboration for so long.

It would be far preferable if GitHub could provide an option to Limit to human accounts only, and require users running machine accounts to identify their accounts as such. I realize of course that this would not solve the problem overnight, as many users continue to give their personal account credentials over to bots that are currently straining well known open source projects. But it would at least remove the vaneer that such unwelcome activity was technically legitimate and in keeping with GitHub TOS, and make it clear that it is no different than executing a DOS attack or other malicious behavior that has always been present (and that GitHub has historically helped open source maintainers combat rather than encouraging)

[dohyeon5626]

Yeah, it really feels like everything right now is either fully open or a bit too restrictive.

Having something in between, like a simple way to verify or filter human vs automated activity, would make a big difference.

[pombredanne]

WTF. yet more LLM slop. Sensible, but slop. You are not maintaining any serious FOSS project, or at least not in your name. At best, your post is just an LLM-rehashed summary of this discussion thread.

[pombredanne]

@moraesc sorry, but even participating in this discussion with effing LLM comments laced in makes this worthless. I am out.

[JC5]

Well you do get why this is a problem that needs fixing, not avoiding.

[Elifterminal]

I still feel like the point isn't, is this written by an LLM, but, does this fix the problem I had? Who cares if an LLM wrote it if its good writing?

…

On Thu, Apr 2, 2026, 2:04 AM James Cole ***@***.***> wrote: Well you do get why this is a problem that needs fixing, not avoiding. — Reply to this email directly, view it on GitHub <#185387?email_source=notifications&email_token=BRCXKSCEPRJ6JKXYKLLQW6D4TYUI5A5CNFSNUABIM5UWIORPF5TWS5BNNB2WEL2ENFZWG5LTONUW63SDN5WW2ZLOOQXTCNRUGIYDMMRQUZZGKYLTN5XKO3LFNZ2GS33OUVSXMZLOOSWGM33PORSXEX3DNRUWG2Y#discussioncomment-16420620>, or unsubscribe <https://github.com/notifications/unsubscribe-auth/BRCXKSFHQI4VQDLDNGSLXSL4TYUI5AVCNFSM6AAAAACS7B7C7OVHI2DSMVQWIX3LMV43URDJONRXK43TNFXW4Q3PNVWWK3TUHMYTMNBSGA3DEMA> . You are receiving this because you were mentioned.Message ID: ***@***.***>

[rcomer]

"good writing" does not imply that what was written was true, as the above example demonstrated.

[EnricoDiLorenzo]

Great, but honestly I think that we're treating the symptom rather than the disease. Restricting PR permissions and deleting spam are defensive moves, they make the problem less visible without addressing why it's happening.
The real issue is incentive misalignment. Low-quality AI-generated contributions are flooding open source because people are optimizing for looking productive, Hacktoberfest clout, portfolio padding, job applications, not for actually helping projects. GitHub itself has historically rewarded this behavior through contribution graphs, streak counters, and gamified metrics that make volume look like value.
So it's a bit ironic that GitHub is now asking maintainers to build walls against a culture GitHub's own UX partly encouraged.
The more interesting long-term question isn't "how do we block bad PRs" but "how do we make quality contributions more visible and rewarding than quantity?" A green square for a well-researched bug fix looks identical to one for a one-line typo PR. That's a design problem.
The AI transparency proposal is genuinely promising, but only if it goes beyond a badge. If GitHub can tie AI-assisted attribution to outcome data (was this PR merged? did it break anything? how much maintainer time did it cost?), that becomes actual signal rather than just disclosure theater.
The risk with the current roadmap is building a more sophisticated gate while leaving the underlying incentives untouched, and then wondering why people just find new ways around the gate.

[pombredanne]

There is something odd about the email notification I received from GH, it ends with "Sonnet 4.6". See below the raw email text:

.... how much maintainer time did it co=
st?), that becomes actual signal rather than just disclosure theater.<br>
The risk with the current roadmap is building a more sophisticated gate whi=
le leaving the underlying incentives untouched, and then wondering why peop=
le just find new ways around the gate.Sonnet 4.6</p>

[pombredanne]

@EnricoDiLorenzo are you an LLM bot too? Was this post LLM-generated?