So rsync rewriting all the tests puts the entire project in play. Now the entire protective surface has been sloshed through a layer of probability, so the loop must accelerate. Followup PRs add more carveouts with lengthy LLM justifications that sound perfectly plausible but amount to an erosion of the protective surface. We go from cumulative improvement to a random walk.
This is like a human cell goofing up its p53 genes and deciding that being cancer is good actually.
for the people saying things like “I’m a PhD from xyz uni and I’m telling your LLMs are just stochastic tools that make everything up and the world will fall apart if you use them”, I’m here to tell you that you are out of date. The world of software engineering has changed dramatically in the last few months.
which is sold-in-dumpster-alley quality copium, and also that version 3.5 is going to “raise the bar enormously with regards to rsync security”, so I guess we’re looking at a notably vibe coded security model for rsync going forward?
it’s amazing how once the LLM cooks these guys they all start spewing the same crap
version 3.5 is going to “raise the bar enormously with regards to rsync security”
did rsync previously have a particularly flawed security model? it sounds like it had a couple of CVEs that this asshole decided to slop out fixes for, alongside breaking a bunch of parts of rsync. maybe somebody showed him mythos (which is fucking terrible at finding vulnerabilities when it’s not backed by a bunch of invisible labor doing the actual work or just finding bugs that originated by letting Claude or some other LLM loose on the codebase) and that pushed him over the edge?
FWIW, Rsync dev has written this blog post from his point of view: https://medium.com/@tridge60/rsync-and-outrage-d9849599e5a0
Wew, that is a rich text…
o no
Barely skimmed it, but it says stuff like
which is sold-in-dumpster-alley quality copium, and also that version 3.5 is going to “raise the bar enormously with regards to rsync security”, so I guess we’re looking at a notably vibe coded security model for rsync going forward?
it’s amazing how once the LLM cooks these guys they all start spewing the same crap
did rsync previously have a particularly flawed security model? it sounds like it had a couple of CVEs that this asshole decided to slop out fixes for, alongside breaking a bunch of parts of rsync. maybe somebody showed him mythos (which is fucking terrible at finding vulnerabilities when it’s not backed by a bunch of invisible labor doing the actual work or just finding bugs that originated by letting Claude or some other LLM loose on the codebase) and that pushed him over the edge?