> I'm asking this because I recently opened a PR to fix a vulnerability in an OSS project (RCE via pickle deserialization in Python). A day later, I got a fully LLM-generated comment claiming my approach was wrong and that I should rewrite it differently and telling the maintainers he could contribute "if the project is open to a more surgical refactoring." > > It's astonishing how often these encounters have been happening lately. > > I'd love to hear from contributors or maintainers whether this happens to them and how they deal with it.

Well, from the other side of the table, as somebody who helps maintain open source projects complicated by bounties. I've had automated PRs and replies from LLMs claiming to be people. I refuse to work with people or people with AIs that are unwilling to take the time to understand the challenges from a human perspective expressed in person to person discourse. People need to develop interpersonal relationships. I think what you're seeing is a response to what other maintainers are experiencing or, more than likely, the problem is as stated above, just from a different point of view. A human-first approach doesn't exclude AI-augmented solutions for technical problems. The reason code exists is to close a gap in human experience in software.