> seems like something GitHub would have the information to implement.

But not the motivation. GitHub incentives this type of behaviour, they push you to use their LLMs.

GitHub is under Microsoft’s AI division.

https://www.geekwire.com/2025/github-will-join-microsofts-co...

I think one of the last thing I'd like on the web is for Microsoft to start keeping a "social score" for developers who participate in FOSS.

I understand where it's coming from, and I too think the current situation sucks, but making Microsoft responsible for something like that is bound to create bad times for everyone involved.

I’d hate to see GitHub assigning reputation to users.

Why no go the other direction and make it hard to identify a user, so people do not do it for fame. Open source worked before people were using it as self advertisement.

Might even be good for Microsoft - they would be the only one knowing who is who.

This already exists on the previous platform curl was using (HackerOne), it does not prevent the slop.

At my previous employer, I had access to the company’s bug bounty submissions and I can assure you no matter what you try to do, people will submit slop anyway. This is why many companies will pay for “triage services” that do some screening to try to ensure that the exploit actually works.

Unfortunately this means that the first reply to many credible reports are from people who aren’t familiar with the service, meaning that reports often take a long time to be triaged for no reason other than the fact that the reporter assumed that the person reviewing the report would actually understand the product. It’s hard to write good, concise reports if you can’t assume this fact.

Honestly, I don’t know what can be done to fix all of this. It’s a bad situation for everyone involved, and only getting worse.

Yeah this seems like a good idea. Plenty of games have "you have to have this much reputation to play in ranked games" sort of things.

I guess people would complain if it was tied to Github.