Ask HN: Are other OS maintainers being spammed with Security Vulnerabilities?

3 points by majora2007 ↗ HN
I'm being hit with small, nitpick security vulnerabilities, like being able to IDOR profile images for other users on a self-hosted software.

Then the submitters are spamming me to release a vulnerability, despite me messaging stating the next release will trigger the release (there are no release dates for my product, but usually every 3 months).

It's becoming overwhelming. What practices are other maintainers putting in place?

3 comments

[ 2.9 ms ] story [ 18.9 ms ] thread
Is it possible to let AI analyze your messages and only show you the ones which don't contain certain keywords like "i will release vulnerability".
Yes. It is across most categories of software and services.
I don't have any big open source projects, but why not just ignore them?