pull down to refresh
Oh so is worse than I thought, some AI bots are even making PRs to original code and if the maintainer is not paying attention, end up in something worse. LOL
idk I have the feeling that we are living in a slop world...
some AI bots are even making PRs to original code
Yeah. This happens all the time now. MSGH wanted this (the last GitHub CEO was literally appointed to do this "transition".) And FOSS maintainers are dealing with the problem of getting incredibly bad pull requests.
idk I have the feeling that we are living in a slop world...
I recently had a conversation with a friend that maintains a small open source C library for his job (and does not nearly maintain code quality standards I'd personally be comfortable with) and he asked me my opinion on a PR that he felt was off. I pointed him to a Claude Code pattern and he was amazed that he'd been bullshitted by the author for weeks. I also pointed him to the wording in some of the public conversation being highly suspect of AI generated conversation. His world... sucks right now. Especially because he and the author of the slop PR work for the same company, lol.
The current LLM architecture could be used when you're willing to read and understand every line and correct every error. I fully align with Linus on "yes it's interesting, no it's not for production".
Sometimes I ask myself: should I use this app if I know that most of it was coded by a LLM?
Not if it has critical functions.
I wouldn't use an LLM coded OS/firmware, browser, PGP implementation, Bitcoin wallet, secure messenger, credential vault... basically anything that implements cryptography or performs generic functionality. This will get harder though: using android and/or chrome, we will probably be exposed to LLM-coded parts, as Google says 70% is now AI (which is extremely worrying depending on how they measure it, as review and testing takes more time than coding.)
I have put whitenoise on my insecure phone for testing with ek the other day, despite looking at the code and knowing that it is vibecoded. But there isn't anything on that phone that matters if it's leaked, or that cannot be wiped.
However, I desperately need help with reviewing code for my secure devices, so I am thinking about further automating code review on FOSS apps. Maybe I'd employ an LLM in that to flag up things on big diffs. I'm not super happy about this, but as code gets more voluminous, I can't keep up with all the release cycles.
Yes. On my own repos, absolutely.
In this case it's me reviewing the code for the products I want to use. Think Signal or in the LN sphere, Blixt/Zeus. So I generally deal with tag..tag post-release, pre-install. I don't mind big diffs, what I really mind is 60 dependencies that you have to go through, like how Proton is structured, and then refactors happening on these.
FWIW, I sometimes run into the same issue with Bitcoin Core's refactoring policy.
IMHO the best "AI" use case is for memes (especially cats memes).
Yes, but even if they aren't it's cognitive debt from a maintainer perspective if you don't understand everything it does. The advice many of the vibe kings give you is to just accept everything and let the LLM solve everything, including bugs it coded itself.
That means you know nothing, and you'll be happy, until it nips you in the butt with a bug it gets stuck on, and then you're fucked, because now you have to go through 100k lines of slop and try to make sense of it (which is really, really hard.)
Like a ticking time bomb. I was really surprised by this. I thought these "devs" at least somewhat kept up with the AI's work. Now that I know they don't read, just like people who ask you to summarize an email and don't read it, I've completely lost respect. One more checkpoint for when I use someone's project:
- FOSS (check)
- No Vibe Code (check)
What could work though is that you take some vibe coded thing and you let an LLM code something up for you based on it. Don't publish the resulting product, because you don't want to be held liable (not even legally; reputationally) for stuff you don't understand. Just use it to your own advantage.
Agreed. It's like you coding something for your boss, then your boss puts his name on the commit and tells everyone "I made this", but what he should be saying is "I own the copyright on this". This is also why in patents, owners and inventors are separate roles. Same applies here:
LLM made it, you own it because you paid for the tokens or electricity, and set the target. "Vibe coding" != "coding".
Because lazy and didn't care about quality work too much. Which fwiw is 90% of the people that send pull requests on my repositories and I've pissed off a lot of people by holding them to actual standards on their code, before AI. Nowadays, I just prioritize pull requests by quality and the co-pilot ones are at the bottom.