We are building Cherry, a tool designd to solve the "spam crisis" currently hitting open-source maintainers.
With the rise of LLMs and agents, the volume of low-quality, automated PRs is making it impossible to find the good contributions.
How we want Cherry to work: - Connects to your repo: We monitor incoming PRs. - Whitelists the good bots: Dependabot, Linear agent etc., get a pass. - Verifies the humans: We intercept new/unknown contributors and ask them to verify their intent and understanding of the code before the PR alerts the maintainers. - Silences the rest: Low-effort scripts and drive-by spam get filtered out.
We are trying to walk the line between stopping spam and remaining open to new developers. It’s a hard problem.
We’d love to hear your thoughts on how to solve this without discouraging legitimate junior developers. What kind of heuristics do you currently use manually that we could automate?