Opensource

6202 readers

136 users here now

A community for discussion about open source software! Ask questions, share knowledge, share news, or post interesting stuff related to it!

Credits

Icon base by Lorc under CC BY 3.0 with modifications to add a gradient

⠀

founded 2 years ago

MODERATORS

pylapp@programming.dev

Given the recent uproar about AI usage in rsync a PSA: maintainers owe you nothing (mikemcquaid.com)

submitted 3 days ago by onlinepersona@programming.dev to c/opensource@programming.dev

41 comments fedilink hide all child comments

For those outside the loop: rsync starting using AI agents to handle the influx of AI security reports to improve the test suite and fix bugs. It introduced a few CVEs and people who never contributed in any way started firing shots at the maintainer.

rsync maintainer's response to the people getting pissy about his usage of AI: medium and the related post on programming.dev

you are viewing a single comment's thread
view the rest of the comments

[–] poVoq@slrpnk.net 1 points 15 hours ago (1 children)

The "critical" bugs that I have recently seen being found by AI were all extremely unlikely to be exploitable under realistic assumptions 🤷

[–] Zos_Kia@jlai.lu 0 points 13 hours ago (1 children)

Which of the CVEs in question are you referring to?

[–] poVoq@slrpnk.net 1 points 12 hours ago (1 children)

The ones in Nginx and the Linux kernel.

[–] Zos_Kia@jlai.lu 1 points 2 hours ago (1 children)

I mean the ones in the latest release of rsync, tf does nginx have to do with anything ?

[–] poVoq@slrpnk.net 1 points 1 hour ago (1 children)

I have not looked at the CVEs in Rsync specifically, but given the deludge of "critical" security issue found by AI lately that have been mostly nothing burgers, I am near certain the same applies to those included in that Rsync patchset.

[–] Zos_Kia@jlai.lu 1 points 6 minutes ago

It must be nice to have technical opinions that don't need to be grounded in facts. Why would you check your assumptions when you can just vibe.