new code pushed to main branch?

[illume]

It looks like a big commit was just pushed to the main branch without a PR.

Seems it's a bunch of commits together from a fork somewhere?

[jaitaiwan]

What do you mean by big commit? It's 3 files. Or bunch of commits it's a single commit? Maintainers will often push directly to the branch ourselves where required. You see the same thing on many other gorilla repos. Eventually there will be a release which will include this change and whatever others we merge or push.

[illume]

I wondered about a commit pushed to main by a new contributor is all. I wrongly assumed code review would be done via PR because I saw an OpenSSF best practices badge.

cc @coreydaley

[coreydaley]

Only because I was tagged by @illume I will weigh in.
All contributed code SHOULD be a pull request so that it can be reviewed by the community, unless it fixes an embargoed CVE. I am not up-to-date on the circumstances surrounding this commit.

Since this user (@patrickod) is also a first time contributor it does seem a bit weird and suspicious. Maybe that user can weigh in on the circumstances surrounding this contribution?