This is the guy who accidentally forced the creation of git, by reverse engineering the BitKeeper protocol and getting all the Linux kernel developers' licenses revoked. Chaotic Good energy.
this post was submitted on 03 Jun 2026
221 points (96.6% liked)
Programming
27160 readers
585 users here now
Welcome to the main community in programming.dev! Feel free to post anything relating to programming here!
Cross posting is strongly encouraged in the instance. If you feel your post or another person's post makes sense in another community cross post into it.
Hope you enjoy the instance!
Rules
Rules
- Follow the programming.dev instance rules
- Keep content related to programming in some way
- If you're posting long videos try to add in some form of tldr for those who don't want to watch videos
Wormhole
Follow the wormhole through a path of communities !webdev@programming.dev
founded 3 years ago
MODERATORS
So i dug up a bit about Andrew Tridgell:
- The reverse engineering details: https://lwn.net/Articles/132938/
- License offering and revocation: https://github.com/CuriousCurmudgeon/history_of_vcs/blob/master/06_bitkeeper.md
Hooray! It's good to see another retired dev with 40 years exp respond more eloquently than I ever can to the flood of anti-AI rage. What gets me most about the rage is the absolutism - the flat assumption that anyone who uses AI is either stupid or evil. Period. There's almost no genuine engagement on the topic, mostly just angry shouting. But you see that a lot online - some people think social media is Fight Club.
If you read through the comments here you'll see a ton of nuanced comments, I think undercutting your claim. At the same time, this is also an interesting issue because you're trying to play the centrist role. But on this issue there is no centrist role, and actually you've just played the pro AI role while pretending you didn't do that.
Because think about what happened. The developer used AI and it introduced bugs and that was bad for people. These are the facts. So the people are saying hey can you stop using AI and the developer is shrugging their shoulders.
What's the middle ground that you're looking for here? Recognizing that it's possible to use AI harmlessly? But that's not what happened. If it had been harmless used then no one would have brought up the issues in the first place.
The developer used AI and it introduced bugs and that was bad for people.
Was it the AI that introduced bugs, or them, while working with AI there or in other parts?
Would the bugs not have occurred if they made the changes without AI?
Would they have made any changes without AI? Would we be better off without changes for security robustness?
You make it sound like a direct correlation. Having read their response, that seems like an assumption without reasonable foundation.
Changes always have a risk of introducing bugs.
I'm no friend of using AI without the necessariy expertise, but from their response, they seem to have taken a very thorough, reasonable approach, and they seem to have the expertise to do so.
When I rant about polarization of AI discussions I'm talking about on social media generally, not this one remarkably civil thread. But even your use of the term "roles" is doing it - you're assigning black hats and white hats to the participants instead of focusing on what they're saying.
Speaking of which, where do you get the idea that the author introduced bugs by using AI? He says that in his work to improve rsync by beefing up test suites, integration testing etc he used AI to do grunt work, and thoroughly reviewed every bit of it. He explains this very clearly, and I don't see the part where his use of AI created more bugs.
I am pro-AI - I'm interested in its development and looking forward to it getting better. What we have right now can be very useful, but it's kind of like 1980s 8-bit graphics video games. It hallucinates too often and is unconscionably resource-heavy. I'm very much against its overdeployment and misuse. Companies are charging into implementing AI like middle school boys who just figured out how to find free porn. They see it as yet another magic wand to reduce headcount - which is their endless quest. But blaming AI itself for this is like blaming a saw for wasting lumber or for not being a better saw. Blame shitty carpenters who use it wrong.
I think there is more nuance or spectrum than good or bad. Vibe is one extreme, but along the dial from traditional to pure vibe are degrees of involvement. I'd characterize the degrees something like:
- No AI, just elbow grease
- AI as just auto complete on steroids
- AI generating more complete change sets, but still from focused, more surgical specs, and still a human review on everything
- "Spec-driven development" where, as I see it, you're engineering a multi-agent-role workflow to intersect different contexts and iterating to try to converge on carefully designed specs
In 3 of those 4, the human is fundamentally the one owning the output, and AI is an accelerator and potentially an influence, kind of like pair programming. And even the SDD workflow can be a human-in-the-loop approach, although the more agents produce autonomously, the harder it might be for a human to be effective at reviewing the output.
So I'll agree that "use it or don't" is a binary, but I'd just add that there's still a spectrum of how it's used.
Seems like he’s been pushed into using LLMs as a way to cope with the deluge of LLM-generated security reports
It's not just LLM generated security reports, but vulnerabilities discovered by AI. Your wording implies they were just reports, and of less validity. Lazy LLM reports are not what he is trying to cope with, since there is nothing to do but close those reports. He is talking about real, verified, vulnerabilities that weren't discovered until AI tools. Not because humans couldn't find them, but none ever did. When it comes to finding, it really doesn't matter if it's found by human or AI, since that doesn't change its existence or severity.
And the side that noone else talks about, threat actors are highly likely to be using ai to find these potential vulnerability. So you you are not doing the same you are immediately at a disadvantage
load more comments
(5 replies)
I used AI tools to do the grunt work because they are good at that.
This is something people complaining should remember. AI is good at some parts of the work of a software engineer: the grunt work.
As a software engineer, the grunt work is reasoning about my code, something a statistical model can't do.
People pointing at new breakages are trying to say "No it isn't and here's the proof".
load more comments
(5 replies)
load more comments
(1 replies)
Repost of my reply elsewhere:
This guy is already retired, he wants to spend his days sailing and here we are bitching about rsync not being good enough while we all use if for free
Most of us won't be able to help code, fine.
But most of us could help with translations
Many of us could help with documentation
Some of us could contribute regularly with small financial donations
Some of us might have enough knowledge and expertise and experience to help code
Others could come up with other tasks that could be done.
The point is: rsync need more resources. Either we get him more resources or we STFU about the retired dev using AI. We can't have it both ways.
I think it's unreasonable to complain that the guy is not working enough for free.
I think it's reasonable to alert people that rsync is not being properly maintained anymore and to seek alternatives.
I would prefer the maintainer to announce publicly that he can't maintain the project anymore and is looking for help/someone to take over instead of breaking the project silently.
But where will the maintainers for these alternatives come from, when barely anybody has stepped up in the 30 years of rsync's existence? Your comment implies that tridge didn't call for help before, which is far from the truth.
This is thankless maintenance on critical software, not some *-arr toy project for hobbyist self-hosters.
load more comments
(22 replies)
load more comments
(5 replies)
load more comments
(22 replies)
view more: next ›