←back to thread

The fate of "small" open source

(nolanlawson.com)
295 points todsacerdoti | 4 comments | 16 Nov 25 19:21 UTC | HN request time: 0s | source
Show context
BrenBarn ◴[16 Nov 25 21:02 UTC] No.45948369[source]
> Sure, you could use blob-util, but then you’d be taking on an extra dependency, with unknown performance, maintenance, and supply-chain risks.

Use of an AI to write your code is also a form of dependency. When the LLM spits out code and you just dump it in your project with limited vetting, that's not really that different from vendoring a dependency. It has a different set of risks, but it still has risks.

replies(4): >>45948517 #>>45948587 #>>45948702 #>>45949430 #
1. ronbenton ◴[16 Nov 25 21:22 UTC] No.45948517[source]
> and you just dump it in your project with limited vetting

Well yes there’s your problem. But people have been doing this with random snippets found on the internet for a while now. The truth is that irresponsibles developers will produce irresponsible code, with or without LLMs

replies(1): >>45948811 #
2. fullofideas ◴[16 Nov 25 21:59 UTC] No.45948811[source]
> The truth is that irresponsibles developers will produce irresponsible code, with or without LLMs True. But the difference is the scale and ease of doing with code generators. With a few clicks you can add hundreds of lines of code which supposedly does the right thing. While in the past, you would get code snippets for a particular aspect of the problem that you are trying to solve. You still had to figure out how to add it to your code base and somehow make it “work”
replies(1): >>45948973 #
3. ninalanyon ◴[16 Nov 25 22:19 UTC] No.45948973[source]
Surely in any responsible development environment those hundreds of lines of code still have to be reviewed.

Or don't people do code review any more? I suppose one could outsource the code review to an AI, preferably not the one that wrote it though. But if you do that surely you will end up building systems that no one understands at all.

replies(1): >>45949249 #
4. fullofideas ◴[16 Nov 25 23:01 UTC] No.45949249{3}[source]
Agree. Any reasonable team should have code reviews in place, but an irresponsible coder would push the responsibility of code quality and correctness to code reviewers. They were doing it earlier too, but the scale and scope was much smaller.