1 points brodo | 1 comments | 04 Nov 25 08:27 UTC | HN request time: 0.206s | source

I was recently looking for a QUIC library for Zig and found zquic¹. The readme tells me it's perfect, 'PRODUCTION READY! ' and ' Ultra-high performance'. It all reeks of AI, so I looked deeper into it. It depends on two libraries by the same author, one for crypto, one async runtime. So I checked out his other repos². This guy 'implemented' everything: a database, an RPC framework, a scripting language, an event loop (which is different from his async library), a compression library, I could go on. If you delve ;-) into the code, you'll see it's all non-working AI slob.

Is this only CV hacking or something more malicious I can't think of? Do we need a 'report this repo as fake' button on GitHub?

1: https://github.com/GhostKellz/zquic 2: https://github.com/GhostKellz?tab=repositories

Show context

artursp ◴[04 Nov 25 09:05 UTC] No.45808881[source]▶

>>45808692 (OP) #

This is a scary trend. I have seen quite a few repos with fully autogenerated code. Some sort of reporting would be required. On GitHub side one check that could expose such bad actors would be to monitor how much code is committed per time period (this particular guy did most of the code 2-3 months ago).

replies(1): >>45809009 #

1. denuoweb ◴[04 Nov 25 09:28 UTC] No.45809009[source]▶

>>45808881 #

You do realize that your idea of a "code committed per time period" check is not how Git works, right?

↑

Tell HN: People putting AI-generated fake projects on GitHub