alt Hacker NewsSo you slop-coded a tool, you're slop-generating reports, you know it has hallucinations ("false positives").. and you're complaining it's too much work to even verify the output?
And you're surprised OSS projects are pivoting towards "open source does not mean open contributions"?
> And you're surprised OSS projects are pivoting towards "open source does not mean open contributions"?
How do you get that from:
> the risk is that people who don't understand the projects just point scanners at OSS blindly and ruin the good work maintainers are doing... and it's so easy to kid yourself into thinking any bug report is helpful.