[thrownawayalre]

Innocent mistake.

The kid is barely 18. The emotion and stress resulting from mistakenly sending a notification to 400,000 is likely overwhelming. Now his real name is going to stay at the center of the internet for a while thanks to being 1st on HN. I would definitely not have coped well with that much internet attention at his age. Some Github replies are more immature than the initial action and I hope he does not receive any threat.

I hope the Epic developers reach out to him nicely with constructive feedback and maybe a thanks for his well-meaning PR.

[quadrifoliate]

> The kid is barely 18. The emotion and stress resulting from mistakenly sending a notification to 400,000 is likely overwhelming.

Huh? I don't think it's "the kid"'s fault that some random organization is using GitHub orgs as a proxy to get people to sign their Terms of Service. If the org or group is on GitHub, it's only a matter of time before someone is going to mention it.

The emotion and stress should be on the org admins who thought that asking every user who signs their ToS to a group called `developers` would be a good idea.

[michaelmior]

I don't think the parent commenter was arguing that the creator of the PR is to blame. But even they're not to blame, it's probably not a pleasant experience.

[pigbearpig]

I disagree, the PR is some pointless wordsmithing and then to comment "Verify the pull request and merge asap" is a bit ridiculous. Also, no one is going to care in a day.

[rcfox]

> Also, no one is going to care in a day.

You should ask Sumit Bhatia about that. ;)

[bottled_poe]

Is there a word for a statement which inadvertently supports the opposing position in a debate?

[xbar]

No. You have earned the right to coin it.

[aliswe]

Freudian burn? idk, but yes very good observation

[rocketbop]

If I ever knew who that was, I have long forgotten.

[kQq9oHeAz6wLLS]

Who?

[inb4_cancelled]

What did the guy do?

[dmix]

> An email requesting system access went out to all employees . It triggered a reply to all frenzy that resulted in my blackberry pinging constantly for over an hour with people replying-to-all asking to be removed from the distribution list. Even Mike Lazaridis replied to all asking this to be stopped. Then as different parts of the globe started work, they would reply to all. Classic evening. I think system admins eventually shut down the frenzy at server level. Some of the replies were hilarious though. I think I still have some screenshots somewhere.

https://www.reddit.com/r/uwaterloo/comments/qstmls/sumit_bha...

[sureglymop]

He submitted a PR which adds an image to the Readme file (if i see that correctly). The PR notified 400k users...

[SturgeonsLaw]

Never heard of him

[user_7832]

> Verify the pull request and merge asap" is a bit ridiculous

I see you're not familiar with Indian-English. What he said sounds quite "reasonable" (if not a bit unnecessarily, but understandably urgent) to someone like me (am Indian).

[bigDinosaur]

How is it understandably urgent? It seems like the least urgent merge request I've ever seen.

[user_7832]

Downvoting folks aren't understanding the context.

Understandable is in the Indian context. Generally a lot of things in India are slow/delayed so it's pretty common for people to want everything "fast" (which is probably "regular speed" in the US etc). I agree the content is hardly urgent, but for an Indian everything is urgent.

[temac]

It is not reasonable at all for "non-Indian" English -- still that would perhaps be a reasonable explanation, just he should learn it is not reasonable.

[edwcross]

The patch itself is indeed worse than useless, it's the kind of rephrasing just to say "I did something", but which actually makes it worse (adds useless words and English mistakes). If the "kid" is ready to send this kind of useless "contribution" (which takes some deliberate effort), they surely are ready for being reprimanded (or, more likely, they will be actually proud of it).

[vesinisa]

Either way, it's pointless to "reprimand" the perpetrator. This could have just as well been a deliberate spam attack eg. someone using the @-mention to promote their scam-coin or penis enlargement product (and some people in the thread seem to have already used the opportunity to promote their band etc.) Telling a spammer they are doing an evil thing is obviously useless as they are well aware of it. This should be viewed and handled as a security / access control failing on Epic's part - that this was ever possible was a mistake and only a question of timing when someone would stumble upon the vulnerability. Whether their purposes for exploiting it are nefarious, sincere or even accidental is irrelevant.

[edwcross]

On the one hand, I agree that paying attention to the spammer is bad; on the other, I do believe there might be some use in publicly stating that such PRs will never be merged and are frowned upon; hopefully other people reading (many of them likely beginner programmers) will get the message. But there's likely a better way to do the "teaching" without drawing any attention to the perpetrator.

[kevincox]

Reprimanding for the useless PR and rude tone makes sense.

But tagging half a million people was clearly an accident that should be better protected against.

[brundolf]

Some have speculated based on the changes that it was not a well-meaning PR, that it was just an attempt to game the system (similar to what hordes of people do on Hacktoberfest). Of course it's hard to know

[dan-robertson]

Does it actually matter? Like even if the PR is bad / the request to merge was demanding, I don’t think that justifies the response, which I guess was roughly the expected response to a the PR times 400k (plus network effects). I’m not convinced that the people responding can use the same excuse for their immaturity but maybe they should not be expected to be mature given the trivial requirements for becoming members of that org.

[thrownawayalre]

Speculating or repeating speculations on why he did this is not moving the ball forward at this point. It has been a harmless event so far. Github is now aware of an issue that would have come up eventually anyway and they can add future warnings when notifying >10,000 people, Epic can update the structure/permissions of their Github org, and the kid can keep his passion for tech intact. Win-win-win.

[verve_rat]

But also, this is a random comment thread on an unrelated site, no one here needs to "move the ball forward". Let people speculate, it makes no fucking difference.

[flohofwoe]

> The kid is barely 18. The emotion and stress resulting from mistakenly sending...

Look at the actual contents of the PR. This wasn't an attempt to contribute anything remotely meaningful. It's not quite vandalism yet either, but only because it didn't do any harm.

[ffhhj]

Seems like he is trying to increase his reputation with minimal effort, see all the badges collected in his profile. It's the usual social network effect, and the same reason HN doesn't have notifications or actually relevant karma. Microsoft wanted a new social network, there they have their community of naive gamblers.

[Kiro]

It was not a "well-meaning PR". It was pure spam and he's no innocent kid.

[wiseowise]

> The emotion and stress resulting from mistakenly sending a notification to 400,000 is likely overwhelming.

Bold of you to assume that he can even comprehend this.

[drakonka]

Why wouldn't he? He's apologized profusely on Twitter: https://twitter.com/Rohithaditya/status/1533305205697130497