Ask HN:有人在一个 PR 中提交了 2 万多行代码,耗尽了我的 CI 和 AI 工作流程
3 分•作者: zacian•9 个月前
大家好,
我正在维护一个开源项目,几天前有人提交了一个PR,此后,该PR增加了2万多行代码。其中有两个新账号,但他们没有提供任何联系方式,只提供了用户名。
PR: https://github.com/srbhr/Resume-Matcher/pull/497
账号:
1. https://github.com/lololop67
2. https://github.com/ririyoungG
我从PR中还发现,他们正在某处托管该项目,但没有任何数据免责声明。由于该项目是一个AI简历生成器,托管该项目的账号很容易提取私人数据,例如电话号码、电子邮件和地址,并将其用于恶意目的、诈骗等。这让我非常担忧。:(
我从未打算对该项目进行收费。我的目标是提供一个本地优先的替代方案,以取代一些在线简历生成器,而这些账号却在做完全相反的事情,他们将项目托管在:https://gojob.ing/
我尝试在PR中评论了他们正在开发的功能,但到目前为止还没有收到任何回复。
我应该怎么办?
查看原文
Hi HN,
I'm maintaining an OSS project, and someone raised a PR a few days earlier, and since then, 20K+ LoC has been added to the PR. There are two new accounts, but they lack details on how to contact them, only providing usernames.<p>PR: https://github.com/srbhr/Resume-Matcher/pull/497<p>Accounts:
1. https://github.com/lololop67
2. https://github.com/ririyoungG<p>I've also found out from the PR that they're hosting the project somewhere, without any data disclaimer. Since this project is an AI resume builder, the accounts hosting the project can easily extract private data, such as phone numbers, emails, and addresses, and use it for malicious purposes, scams, etc. And that's what I'm more worried about. :(<p>I never intended to paywall this project. My goal was to provide a local first alternative to some online resume builders, and the accounts are doing the exact opposite, and they've hosted it at: https://gojob.ing/<p>I've tried commenting on the PR about the features they're working on, but I haven't received any replies so far.<p>What am I supposed to do here?