I'm just curious. I've noticed when one of my projects gets into a mature and stable state and somewhat known, then almost immediately I start to receive more and more requests to f*ck it up. For example, today I received a mail asking to replace a very well tested, known-to-work-correctly-even-with-invalid-inputs code with something that has an obvious buffer overflow. Should I had apply the patch without checking, and my project would now face a serious stack corruption issue...
I know, my projects aren't nearly as popular and important as the Linux kernel, but I cannot help feeling it's like a miniature Minnesota scandal all over again and again and again (and again)...
Does anybody have the same experience? Have you ever notice spikes in the amount of malicious requests after your FOSS project gets somewhat popular?
(Just for the records, it's not always a security flaw. For example, once I got some requests, persistently demanding to rename one of my project to something that would strongly resemble a trademarked name... of course I've responded kindly and politely, but I was thinking, "Dude, why on earth would I want to provide a way for you to sue me on court??? Are you really this stupid?")
Cheers,
bzt