This is a most excellent place for technology news and articles.
I too have started to receive such PRs to review and it's soul crushing.
– I don't understand what you were thinking here, these changes make no sense to me, could you please be so kind and explain to me why you think this would be an improvement?
– I don't know, the LLM just suggested it.
I maintain a library that is used quite a bit and I had to turn off github issues because AI bots are trying to push reporting security vulns...in a library that has no dependencies. Or AI that is setup to waste time by asking pointless questions that do not pertain to the library. The library is literally two files. Technically 3 if you include the tests.
I moved my library over to codeberg recently. So much better of an experience. Its really too bad, I have 15+ years in Github but the AI bots are going to push me out.
I moved my library over to codeberg recently. So much better of an experience. Its really too bad, I have 15+ years in Github but the AI bots are going to push me out.
If AI can finally kill Github and get repos to move to open-source alternatives, maybe AI isn't that bad after all.
Hopefully forgejo will have federation released soon which will make interacting across projects easier. Although maybe that will just encourage the bots to use it, so can't win really.
I think there can be a difference. github encourages this behavior, even provides the tools for it. but if the forgejo community stands strongly against it from the beginning (users reporting true slop, moderators deleting and banning them, admins defederating from intentional slop sources), then maybe that kind will stay away from the platform
What I don't get is- these people are disingenuous or actually think theyre helping.
Helping how? The owner of the repo can submit code to your bullshit machine the exact same way. What value are you producing?
The people doing this feel like it was their doing because they control the machine basically. This craving to produce something is strong in the ones who have no skills of their own. That's why these PRs only ever come from absolutely incompetent buffoons.
Same for text gen "writers" and image gen "artists" and audio gen "musicians."
It's a shortcut to creating a product that, in their uninitiated mind, is viable.
This remains a great mystery to me. As far as I can see, all they achieve is to waste time and resources for everyone involved, including themselves, without creating anything of value to anyone. It's truly baffling.
It makes them feel good. Like they done something positive. It's utterly pathetic and I despise these people with no skills, no ability to create anything of their own.
Anecdote: there is this annual event called Hacktoberfest for promoting OSS contribution. It offers various merchandise as reward for PRs that get merged as part of the event. A few years back, someone posted a YouTube video trying to promote the event, and demonstrated how to to create a PR by going to some repository and adding some arbitrary text to the README.
What he wanted to convey: "this is the procedure for sending contributions"
What people understood: "you can win a free t-shirt by making small changes to non-code text"
The result: https://joel.net/how-one-guy-ruined-hacktoberfest2020-drama
LLMs did not create this problem. The desire to make bullshit contributions in order to be seen as contributing seems to a basic human need. At least - for some humans. Generative AI did make it so much worse, though, because it's so good at bullshitting that you have to waste time and spend mental resources in order to recognize the bullshit.
Maybe to pad their resume
At what point do you just ban the mf from making PR's?
What makes you think that I didn't?
Fair lol
Doesn't matter. 100 more just like him are coming tomorrow.
Every day from now until infinity
There are dozens more every day.
Why do they do this?
they think that github "contributions" will help them to escape unemployment
What if they don't use GitHub?
The state or computer science right now is soul crushing
because it's no longer about science.
actually I think it's fair to say over the last decade there has been an concentrated effort to destroy science and education to subjugate and subdue the populace.
I don't want to shame the user, but there was a recent discussion thread on npmplus where someone was using a compose file generated by an LLM and was confused why the hallucinated env variables weren't working.
The kicker is that npmplus literally gives you a comprehensive and complete compose file with every optional setting commented out with a brief description, so you can just copy and edit to your desire.
Which of course the LLM decided to ignore anyway and come up with its own config options lol.
On a somewhat related note, I feel like bug bounties these days have become sort of under subsidized for well developed applications. All the medium and lower findings payouts are pretty fair, but lots of the high/critical bounties seem a lot less than what I would expect, especially compared to some of the huge prize pools I've seen at some conventions (upwards of 50k USD).
I have no idea how much they fetch on the black market, but it seems weird to me that something like an RCE receives less than 10k, which could easily be utilized by some APT to net millions in a more sophisticated ransomware attack.
You don't find and report bugs because the open source project is the highest bidder.... You report to contribute to the project. Miss me with that free market mindset!
I didn't mean for FOSS projects actually, I meant the bug bounties run by silicon valley giants lol.
FOSS bug reports are done either out of love or spite lmao.
