From zero contributions to 34 merged PRs. How a bug-logging platform changed the way I think about code, community, and what it means to be a developer.
The Night I Almost Didn't Click "Fork"
It was late January 2026. I'd been reading about Google Summer of Code for weeks, scrolling through org lists, bookmarking repositories I'd never open again. I was doing what most students do — preparing to contribute without ever actually contributing.
Then I found OWASP BLT. My first contribution was a small one - My first real contribution wasn't the security dashboard. It was something much smaller.
PR #5644 — Add spam detection utility for bug report views.
I remember the feeling when I opened that pull request, i was quite nervous And tbh it was my first pr on github . I'd set up the Docker environment (which, on Windows 11, is its own adventure — port conflicts, CRLF line endings, Django version mismatches between local pip and Docker). I'd found a genuine gap: bug report views had no spam filtering.
so after 2 months of contributing my progress was -
- 34 pull requests merged
- 63 tests written (for the security dashboard alone)
- 10 security vulnerabilities fixed
- 7 N+1 query optimizations
- 6 new database models
- 12 files changed in the largest PR
- 13 CodeRabbit review rounds addressed
"Security Is a Mindset, Not a Checklist" . also "The Best Bug Fixes Are the Ones Nobody Asked For" this is what i learnt from contributing to OWASP-BLT .
A Thank You
I want to thank DonnieBLT specifically. His reviews were tough, his standards were high, and his vision for the project pushed me far beyond what I thought I could do. When he asked me to rebuild the security dashboard from scratch with an org-scoped architecture, it felt overwhelming. But it was the right call, and the result was something I'm genuinely proud of.
Good mentors don't make things easy. They make you better.
And to the OWASP BLT community — every contributor, reviewer, and maintainer who keeps this project alive — thank you. You gave a student with zero open-source experience a chance to contribute something real.
If you're a student thinking about open source — just start. Find a project that matters to you, read the code until it makes sense, and fix something small. The first PR is the hardest. Everything after that is momentum.
BLT- https://github.com/OWASP-BLT
MENTOR- https://github.com/DonnieBLT
Follow my journey: github.com/yashhzd.
){kind=link}
Top comments (1)
When Yash first joined the project, we were honestly surprised by how many contributions he made right away. I think it was close to 50 PRs opened within about 10 minutes or so, which was pretty incredible to see. 🚀
What stood out even more was the quality. Most of those PRs were already high-quality from the start, and the few that needed adjustments were quickly resolved after a revision or two. It was impressive to watch that level of productivity paired with thoughtful implementation.
It was also really exciting to see how effectively AI tools were being used in the process. Yash showed how AI can help contributors make a meaningful impact on an open-source project in a very short amount of time when it's used responsibly and with care.
Overall, it was great to see that level of enthusiasm and momentum from a new contributor. Contributions like that really energize a project and the community around it. 👏