68 comments

[ 1.7 ms ] story [ 104 ms ] thread
Are there any changes this year that will make it less aggressively spammy?
They have a "Measures to reduce spam" section outlining that : https://hacktoberfest.com/participation/#spam

Also seems that projects must now opt-in by labelling themselves with "hacktoberfest-accepted”.

The label for projects is "hacktoberfest".

"hacktoberfest-accepted" is a label for pull requests you want to mark as accepted but don't want to merge yet (a pull request has to be merged OR approved OR have this label to count).

Changes were enacted in 2020 to make the program less spammy. Hacktoberfest is now opt-in and repeated spammers are permanently banned. The amount of spam PRs dramatically dropped after this change was implemented.
I'm excited to be spammed with 1 character changes to README.md for a T-shirt.
I'm excited to be spammed with 1 character changes to README.md.

(fixed typo, improved readability. free hoodie when?)

Why would you opt-in if you don't want this?
It wasn't opt-in the last two years, where repos where flooded like nothing and the organizers didn't seem to care much and you as the repo owner had to flag spammy stuff.

That leaves a bad taste.

No mention that I can see in the landing page about the fiasco that the last 2 Hacktoberfest were (didn't they even have to cancel the one last year mid-way?). I feel like this has gone from one of the most beloved events in the Open Source community, to one of the most dreaded.

Edit: found it, there's mention of it in the Participating subpage, in a couple of subsections (including "SPAM"). However, it still doesn't look too promising, since it seems to put the burden of flagging it as SPAM on the maintainers:

> "PR/MRs that are labeled with a label containing the word “spam” by maintainers will not be counted. [...] PR/MRs that our system detects as spammy will also not be counted."

I dunno man, the whole thing seemed overblown to me. They quickly reacted by correcting the participation rules to avoid problems. The whole thing is opt-in now.
When you are hurting the community you are pretending to help[1], and refuse to listen to them[2], then it's definitely a bad thing. Remember that most popular OSS devs are already walking a fine line, adding an extra burden to them is Not Nice™ IMHO.

[1] https://blog.domenic.me/hacktoberfest/

[2] https://twitter.com/domenic/status/1311355857465225218

But this time it's opt-in, so that does change things, right?
> and refuse to listen to them

Are you suggesting they should be opt-out instead of opt-in?

They made changes in reaction to the feedback.

Do you mean that unless they "stop this annual tradition" as requested by this one tweet, they are "refusing to listen to the community"?

The year that this blew up the DigitalOcean team (I was on this team) met with nearly 100 open source maintainers over the course of weeks to ask their opinions on Hacktoberfest and how we could make it better. We opened up these roundtables to anyone who would attend, and had great attendance from major projects such a Kubernetes, CPython, Gentoo, and others. We took all of this feedback and immediately changed the program. Many maintainers in the community have lauded us for these changes both publicly and in private.

We did listen to the community and we made the program better.

If you’re a participant, only PRs against repos that opt-in to Hacktoberfest will be counted. So that solves the spam problem immediately.
The change they made last year, which remains in effect, is that repos have to opt in. It probably should have been that way all along.
What is the requisite amount of time to keep bringing up the past? In 2020 a problem was identified, the team acted on it, and has since improved the program.

How long should they have to continue to apologize for an honest mistake while trying to do good?

(comment deleted)
From yesterdays' email:

"This year, we’re encouraging low- and non-code contributions so more people can do their part for open source regardless of their technical experience."

But at least:

"Hacktoberfest is all about meaningful contributions to open-source projects, therefore, contributors with 2+ spammy PR/MRs will be immediately disqualified"

And projects opt in with the "hacktoberfest" tag to qualify for low-[quality] contributions.

I'm very excited about the no-code contributions this year. The entire world benefits from open-source, why should the only people who get to help make it better and shine a light on it be people who code? There is _way_ more to a project than the code.
Hacktoberfest is about contributing to open source yet the community is on Discord...? I guess IRC and Matrix aren't viable mediums to strategise README.md contributions?

I genuinely cannot reconcile the irony here, _maybe_ "because it's easy" which would fit in line with spamming README.md edits for participation.

Well, the whole thing happens in closed source platform, so not really celebrating FOSS in the first place.
The sad reality, if you want to open a doorway for new and young blood, you have to go where they are. Tons of college kids in their CS degree are on Discord today and have no clue what IRC is and maybe only have heard of Matrix in passing. It sucks, I'd much rather use IRC, but you have to meet people where they are. Hacktober is supposed to be about exposing people to FOSS and encouraging them to contribute. Its not about enforcing ideological purity tests built on FOSS.
(comment deleted)
(comment deleted)
(comment deleted)
Everyone starts somewhere though.

What alternatives would you suggest to introducing beginner developers to open source?

For many, getting the smallest update on a big project (although annoying to maintainers) is a huge and very motivating accomplishment.

Maybe pair off beginners with maintainers (volunteers) so beginners get more personal guidance and projects don't get overwhelmed with garbage.
Ooh! That’s a great idea. I think some sort of model to encourage helping of others carries weight.
I didn't notice the repos must opt-in. That seems like an improvement but I get what you're saying. Hopefully successful beginners will move on to contributing to other projects more freely, though.
I would have no problem merging even an additional sentence of documentation, but too often it’s a one letter change or something similarly useless.

A bad faith effort like that does nothing for the project OR contributor.

I wonder if it will ever make sense for GitHub to have like an auto PR free-for-all wiki.md file that people could run wild with.
> What alternatives would you suggest to introducing beginner developers to open source?

Alternatives to what? Hacktoberfest doesn't actually introduce beginner developers to open source at all. It only acts like a carrot on a stick by offering a T-Shirt for your contributions, anything else is exactly the same regardless of whether Hacktoberfest is there or not. So I guess no alternative needs to be suggested for what you asked for, as Hacktoberfest is pretty much all about providing external motivation. Generally, all contributions that are welcome during Hacktoberfest would be welcome without it as well, so as long as you want to contribute you can, Hacktoberfest being there or not.

Surprised people aren’t just mass rejecting requests for the week. Ie just disable it outright
All this spam for a tshirt. Do we really need it?
:wave: Hi, some of y'all may remember me from previous years -- I work on the engineering (and social/support to some extent) of Hacktoberfest.

As a few commenters have noted, Hacktoberfest has had spam problems in the past, mostly due to folks chasing a free t-shirt without thinking about what they're actually doing to achieve that. I'm super sorry about that, it's not what we want this program to be.

In response to the massive spam wave we saw in 2020 with the program, we made some substantial changes to the rules for Hacktoberfest (during the 2020 event, and since) to help reduce the level of spam:

- Hacktoberfest is opt-in for maintainers. They need to add the "hacktoberfest" topic to their repos.

- Contributors are only rewarded for PR/MRs that maintainers accept. Merging, overall approving review, or the "hacktoberfest-accepted" label count.

- Contributors that have two or more PR/MRs identified as spam (either via our automated logic, or maintainers labeling a PR/MR as "spam") will be disqualified permanently.

As always, we're open to feedback on what more folks think could be done to avoid spam with the program, while still keeping it accessible to new folks that want to contribute to open source. hacktoberfest at digitalocean dot com is the place to send that feedback <3

Since most of the comments here have a negative sentiment I just want to say as both a participant and an open source maintainer: I love what you're doing! I am excited to contribute to awesome projects and add another t-shirt to my collection plus can't wait to see contributions from others to my projects!
> Since most of the comments here have a negative sentiment

Only the ones that are working off years-old information.

Exactly. I find it amazing how many people are willing to keep bashing something that they haven't taken the time to look into in the past two years.
First impressions are important. We rely on them to filter out a lot of information and reduce options when making decisions. For example, a bad first impression will result in no second-round interview, no first or second date, a lost sales opportunity. I don't think it's unfair to extend that to events such as this. Especially because it's still ultimately a tool to promote Digitalocean services.

If it were up to me, I think I'd modify the site title and social media card data to properly reflect that they've made changes to reduce the negative impact of their promotion on the public. "Hacktoberfest 2022: Lessons Learned Edition" or something slightly tongue-in-cheek and self-effacing. The way it is presented now makes it look like it'll be more of the same.

> First impressions are important.

Hacktoberfest had been around for several years by the time the spam suddenly became an issue in 2020.

> Hacktoberfest 2022: Lessons Learned Edition

They basically did do this, except that it was 2020 and 2021. How long does the penance have to last?

Just had to say, very attractive website!
Congratulations Matt (and @Logan_Liffick, @xamthorz). What a huge improvement over last year's design and site. Good luck with the program, may your service states be predictable and efficient. I'll be participating this year for the first time as a maintainer rather than as shadow hand :D
These sound like very positive changes! Would you consider going through past years and pre-emptively disqualifying people for their previous spam PRs as well? And is it obvious on the website to someone when they're disqualified? Or do they just not get a reward?
We don't have easily accessible data on previous years' contributions (we'd have to scrape GitHub again for it all), and I'm not sure disqualifying folks based on historical contributions would be overly fair as they didn't agree to that back then.

Disqualification was rule last year though, and those that were disqualified last year will still be disqualified this year. I'm not sure if there was any obvious messaging last year when someone was disqualified, other than not getting a reward, but this year will definitely show dedicated messaging for those users (working on this profile state as I write this).

Not sure where all the negativity is coming from. Its now opt-in.

As someone who did it early in my career, I found it really enjoyable. I did win a t-shirt. BUT I also gained a new found appreciation for OSS which I dont think I would have otherwise had an opportunity to find. My work gave us the time to contribute to OSS that month.

Now, Im regularly giving back to numerous repos as I was educated via the program and have much more confidence to contribute and propose changes.

And I still proudly wear the shirt every week ;)

I did not win a t-shirt, but Hacktober fest led to me making my first approved OSS PR fairly deep into my career, and my OSS involvement has only increased since then. So I am quite excited about the latest edition and hope to at least win a T-shirt, but generally increase my OSS involvement this October and beyond.
I see a lot of complaints about "README changes" again and I just want to add a few thoughts there.

If you have some sort of triage process (either as an individual or as a team) then closing or merging even a dozen of these "README changes" should not be a huge time sink. I understand you are annoyed, but also, just deal with it. It literally takes less time to hit Close or Merge than to write long postings here or on Twitter claiming that this is destroying open source. It isn't. I am going further and will say that toxic reactions to contributors (even if they are "annoying" or "spam") are destroying open source culture.

In the past at $LASTJOB I always made sure we participated in Hacktoberfest for our mobile products. From my perspective it has always been a success. We have always had spam submissions (which are easily triaged away) but those have also always offset by great contributions. Many people submitted their first meaningful code change through Hacktoberfest, which as a result made the lives of millions of users better.

That. Is. Fantastic.

This did not happen by just putting a #hacktoberfest tag on a repo. Instead we planned, prepared and organized. We accepted the fact that there would be some spam to deal with. We found old good first-bug issues and filed new ones. And most importantly we approached this not from a "free work!" perspective, but simply as a way to get people involved in open source. Because we care about open source and people. Not even with the expectation that they stick around.

Hacktoberfest is not about you, it is about giving others an opportunity to contribute.

"but also, just deal with it" - great attitude

Of course anybody can attempt to contribute to any public repo at any time. Of course it isn't even unethical for Hacktoberfest to be opt-out.

But to ask/expect maintainers to set up a triage process on their repos, many of which are not supported by a professional team but by single individuals, is quite unreasonable.

(comment deleted)
I have never participated in Hacktoberfest as a maintainer, but we are thinking of doing so this year as our software has become more mature and we have acquired more users.

If anyone else has participated as a maintainer, do you have any tips to make it easier for people to contribute to a project?

We have multiple repos - should we focus contributions on a single repo? (We are a small team - 9 people.)

Our documentation sucks right now, but I am working on it very actively and hope to at least somewhat remedy the situation in the coming 10 days.

If you were a Hacktoberfest maintainer or contributor in the past, your advice would be appreciated.

You should check out SendGrid's case study on how they managed Hacktoberfest. It has a lot of good information there. https://sendgrid.com/wp-content/uploads/pdf/SendGrid-Hacktob...

A great way to get the most out of Hacktoberfest for your repo is to identify where you need help before and create issues in those repositories with the label "hacktoberfest" or "good first issue" or any other tag to signify the task is a good entry point into your project. A lot of first time contributors check out websites like https://goodfirstissues.com/ to find issues to work on.

Other than that be vocal about your participation. Write a blog post, post on twitter, participate in the Hacktoberfest Discord, attend local Hacktoberfest events in your area, or even how your own Hacktoberfest event!

Be sure to review the maintainer best practices on the website https://hacktoberfest.com/participation/#maintainers

Happy Hacktoberfest and best of luck!

I put the #hacktoberfest tag on this: https://github.com/m3047/rkvdns_examples

If a noob can get Redis installed, the RKVDNS agent configured, and make a successful DNS query against it I'll be happy to give them a "thumbs up" in their quest for a t-shirt.

OTOH a serious hack would be delightful.

I tried to join the Discord server but they wanted to text a phone. Who is "they / we" anyway, and exactly what active measures are being taken to protect that phone number from disclosure? (I already have a Discord account / identity.)

> Who is "they / we" anyway

Discord. See: https://support.discord.com/hc/en-us/articles/216679607

Ok. So from this I think we can infer that Hacktoberfest thinks it's entitled to the highest level of user verification Discord offers. Doesn't answer my original question, but it tends to reinforce my general assessment of Hacktoberfest.
This is for everyone and anyone who is interested in opensource. DOESN'T MATTER IF YOU ARE NEW OR OLD. This year, it's going to be awesome. Join in, and let's do hacking.