🛠️ Hacktoberfest 2025 — 17 Pull Requests in One Day, for the Love of Clean Code 😅🤖🧠

#hacktoberfest #cicd #npm #javascript

Hacktoberfest: Contribution Chronicles

Experience report from Boly38 on an intense open source contribution day: 17 PRs focused on security, CI/CD, and code sustainability.

🛠️ Hacktoberfest 2025 — 17 Pull Requests in One Day, for the Love of Clean Code

Published by @boly38 — October 5, 2025

🌍 Introduction

Every October, Hacktoberfest inspires thousands of developers to give back to open source.

This year, I decided to dedicate an entire day to improving the quality and security of the projects I maintain or contribute to.

The result?

👉 17 Pull Requests opened or under review across 5 repositories, all focused on maintenance, modernization, and automation.

🔒 The Day’s Goal: Make Code Safer and More Sustainable

Instead of adding new features, my focus was to:

fix npm security alerts (audit fix),
repair and clean up CI workflows,
migrate to modern tools (pnpm, Node 18),
and automate releases using gh (GitHub CLI).

These aren’t flashy changes, but they make projects stronger and more reliable for every contributor.

⚙️ The Contributions in Detail

🧩 `creharmony/node-etsy-client`

🧾 Update README — updated workflow name (#72)
🧪 Fix audit & tests — updated dependencies (#71)
🚀 gh release + improved contribution doc (#70)
🧱 Migrated Node 16 → 18 (#68)

🧩 `boly38/drobadi`

🔁 npm → pnpm + ESLint fixes (#67)
🧭 Immutable release + gh create release doc (#66)
🧪 Bump chai@latest (#64)
🩹 Audit fix: multiple dependencies (#63, #61, #57)

🧩 `DatavenueLiveObjects/Start-here-nodeJS`

🧱 Audit fix + log4js/mqtt updates (#35)
⚙️ Re-established audit job (#31)
🚀 Added release workflow (#29)

🧩 `boly38/action-umami-report`

🧩 Fix audit on main push (#103)
🧩 Add vulnerability scan to PRs (#101)

🧩 `boly38/botEnSky`

🌐 Make app Nixpacks/Coolify compatible (#152)
⚙️ Switch npm → pnpm (#151)
🚀 Immutable release + GitHub CLI integration (#149)

📊 Technical Summary

Category	Count	%
Security / audits	7	~41%
CI/CD / workflows	5	~29%
Automation & release	3	~18%
Performance / migration	2	~12%

🧮 17 PRs across 5 repositories, with 16 validated for Hacktoberfest.

💬 Key Takeaways

Open source isn’t only about new features — it’s also about keeping code healthy.
Automating workflows frees up time for innovation.
Every audit fix is a small, invisible but essential win.

And above all: contribution doesn’t have to be flashy to be valuable.

🪴 Bonus: Hacktoberfest, Holopin & Treenation

As always, Hacktoberfest rewards contributors with Holopin badges and a Treenation tree 🌳 for every 6th accepted PR.

A small symbolic gesture that makes every commit a little greener 💚.

❤️ Conclusion

One day, 17 PRs, and a huge sense of satisfaction:

seeing the builds green again, audits clean, and dependencies up to date.

If you want to join in, there’s still time this October!

➡️ hacktoberfest.com

👤 About Me

I’m Boly38, an open-source developer passionate about code reliability, CI/CD workflows, and the Node.js ecosystem.

⚙️ github.com/boly38

💬 Come say hi on BlueSky