For those who review new contributions in their projects, a reminder: there are rare cases where new contributors might be submitting junk:
https://fosspost.org/researchers-secretly-tried-to-add-vulnerabilities-to-linux-kernel/ Researchers from University of Minnesota wrote a paper about purposefully submitting bogus patches or even potential vulnerabilities to the Linux kernel. They got caught just this week - but I could imagine that some Apache projects are big enough to someday attract the same kind of "research". -- - Shane ComDev PMC The Apache Software Foundation --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@community.apache.org For additional commands, e-mail: dev-h...@community.apache.org
