This kind of thing isn't new. When I maintained a Google owned project on GitHub in the pre-LLM era someone submitted a slop PR "fixing" some tests, seemingly generated with some kind of static analysis tool. The description was clearly copy-pasted as well.
Still better than the old style reports from tools like that. They're typically commercial, and evidently came with some kind of licensing restriction that you couldn't give out their output.
So open source projects would get bug reports like "my commercial static analysis tool says there's a problem in this function, but I can't tell you what the problem is."
Yep. We also saw people run any fuzzing, scanning, etc. tool they could get their hands on and pretty much just paste the results in a bug report email, well before AI was a thing.
Completely useless 99% of the time but that didn’t stop a good number of them following up asking for money, sometimes quite aggressively.