57
submitted 7 months ago by Jayjader@jlai.lu to c/techtakes@awful.systems

The closer I look, the more depressed I get.

First of all, the entire thing feels off. Quoting one commenter:

So this seems to be some kind of universal package manager where most of the content is AI generated and it's all tied into some kind of reverse bug bounty thing thing that also has crypto built in for some reason? I feel like we need a new OSS license that excludes stuff like this. Imagine AI-generated curl | bash installers 🤮

The bug bounty thing in question apparently being tea.xyz. From what I can tell, the only things actually being AI-generated are descriptions and logos for packages as an experimental web frontend for the registry, not package contents nor build/distribution instructions (thank god).

Apparently pkgx (the package manager in question) is being built by the person who created brew. I leave it up to the reader's sensibilities to decide whether this is a good or bad omen for the project itself.

Now we get to the actual sneer-worthy content (in my view): the comments given by a certain user for whom it seems PKGX is the best thing since sliced bread, and that any criticism of using AI for the project's hosted content is just and who thinks we should all change our preferences and habits to accommodate this

PKGX didn't (and still doesn't) have a description and icon/logo field. However, from beginning (since when it was tea), it had a large number of packages (more than 1200 now). So, it would have been hard to write descriptions and add images to every single package. There's more than just adding packages to the pantry. PKGX Pantry is, unlike most registries, a fully-automated one. But upstreams often change their build methods, or do things that break packaging. So, some areas like a webpage for all packages get left out (it was added a lot later). Now, it needed images and descriptions. Updating descriptions and images for every single package wouldn't be that good. So, AI-based image and description generation might be the easiest and probably also the best for everyone approach. Additionally, the hardwork of developers working on this project and every Open-Source project should be appreciated.

I got whiplash from the speed at which they pivot from arguing "it would have been hard for a human to write all these descriptions" to "the hardwork of developers working on this projet [...] should be appreciated". So it's "hard" work that justifies letting people deal with spicy autocomplete in the product itself, but less hard than copying the descriptions that many of these projects make publicly available regardless??? Not to mention the packaged software probably has some descriptions that took time and effort to make, that this thing just disregards in favor of having Stochastic Polly guess what flavor of cracker it's about to feed you.

When others push back against AI-anything being so heavily involved in this package registry project, we get the next pearl of wisdom (emphasis mine):

But personally I think, a combination of both AI and human would be the best. Instead of AI directly writing, we can maybe make it do PR (for which, we'll need to add a description field). The PR can be reviewed. And if it's not correct, can also be corrected. That's just my opinion.

Surely the task of reviewing something written by an AI that can't be blindly trusted, a task that basically requires you to know what said AI is "supposed" to write in the first place to be able to trust its outpu, is bound to always be simpler and result in better work than if you sat down and wrote the thing yourself.

Icing on the cake, the displayed profile name for the above comment's author is rustdevbtw. Truly hitting as many of the "tech shitshow" bingo squares as we can! (no shade intended towards rust itself, I really like the language, I just thinking playing into cliques like this is not great).

My original post title was going to be something a bit more sensational like "Bored of dealing with actual human package maintainers? Want to get in on that AI craze? Use an LLM to generate descriptions for curl-piped-to-bash installations scraped from the web!" but in doing my due diligence I see the actual repo owner/maintainer shows up and is infinitely more reassuring with their comments, and imo shows a good level of responsibility in cleaning up the mess that spawned from this comments section on that github issue.

you are viewing a single comment's thread
view the rest of the comments
[-] gsuberland@chaos.social 9 points 7 months ago

@V0ldek @Jayjader honestly I'd have just closed that review comment with an abrupt "insulting levels of nonsense; ignore" every time.

[-] self@awful.systems 7 points 7 months ago
[-] gsuberland@chaos.social 10 points 7 months ago

@self you'd be surprised how often being 100% honest and unreserved about your opinion on processes that are complete bullshit actually works in your favour. especially if you don't filter it through some veneer of corporate waffle. in the worst case they make it clear that they're not going to fix it, so you quit and save your sanity. but I've had quite a bit of success with just saying "this is utterly miserable to deal with, why are we subjecting everyone to this?"

[-] gsuberland@chaos.social 10 points 7 months ago

@self it certainly doesn't work everywhere but for me it's a good yardstick of how good the cultural fit is. if I can't get people to talk to me like a human instead of blathering on like they're dictating a linkedin post then I'm out the door.

[-] froztbyte@awful.systems 6 points 7 months ago

Ah, hah, just saw this comment. +1 to me. Guess I need more coffee

[-] froztbyte@awful.systems 7 points 7 months ago

Depends on the dev team culture tbh

Ime US teams are far more likely in general to take feedback like that negatively (sometimes even personally). Seems to be because there’s some part of identity / self-value tied up in what was already created. The “this is miserable and we’re gonna $x” is usually addressed by setting x to “throw it out and replace it” than to “we’re going to prioritise trying to fix this”

[-] dgerard@awful.systems 13 points 7 months ago* (last edited 7 months ago)

yeah, speaking British in a US workplace may be hazardous (an accent only hacks 'merkin brains so far)

(I would mention speaking 'Strayan but even Australians know better than to use that in Australian workplaces, the adjective "cunting" is apparently not considered professional [by the people it totally applies to])

[-] froztbyte@awful.systems 10 points 7 months ago

The boot never likes hearing anything but “argggggh” or “ow that hurts”. Really weird, no-one has been able to figure it out!

[-] gsuberland@chaos.social 6 points 7 months ago

@V0ldek @Jayjader (but there's a reason I don't work at big orgs haha)

this post was submitted on 15 Apr 2024
57 points (98.3% liked)

TechTakes

1437 readers
131 users here now

Big brain tech dude got yet another clueless take over at HackerNews etc? Here's the place to vent. Orange site, VC foolishness, all welcome.

This is not debate club. Unless it’s amusing debate.

For actually-good tech, you want our NotAwfulTech community

founded 1 year ago
MODERATORS