Zos_Kia

I think the studio is taking the right lesson, but it doesn’t necessarily apply to the tech industry.

Software is good when it is average (standard, unsurprising), while entertainment is good when it is out of distribution. By definition, you can’t statistically sample good art and get good art at the output.

If some weirdo manages to make an adaptation of Mother Horse Eyes I’ll be the happiest man on earth

Turns out right now I’m a contractor for an app that is essentially a marketing / gtm AI harness. I can confirm Lemmy is far, far from their radars. Reddit is ubiquitous but the whole fediverse is lost to them.

(I mean for marketing. You’re right though, AI labs are probably scraping Lemmy it’s pretty cheap and has some training value)

It must be nice to have technical opinions that don’t need to be grounded in facts. Why would you check your assumptions when you can just vibe.

I mean the ones in the latest release of rsync, tf does nginx have to do with anything ?

Which of the CVEs in question are you referring to?

What about the 6 critical security bugs he fixed in that release. Didn’t rsync need those “contributions”?

Maybe you’re right

oh man while i do love being correct, deep down i hope you’re the one who’s right and i’m overreacting

If you’re making a broader point don’t single me out

Yes that is a communication lapse on my end, i try to make issues personal to emphasize them but it’s not always relevant. I don’t think it should detract from the broader point, sorry if it does.

My sensation is that we’re doing fine for now

I think the data shows that we’re far from fine and already resource-constrained on most critical projects. It’s not that people stop caring about open source, it is still fundamental to the way the web works. It’s just that they don’t feel personally compelled to pitch in because they think we’re doing fine now. The wikipedia analogy works well here : it is still fundamental to the way people get information, but it’s chronically understaffed and may already be in a death spiral.

I do contribute time and donate money to open source project so… miss?

You’re missing the point. Sure you do, that’s a nice anecdote, but the data shows most people don’t. You are part of a shrinking cohort that is already insufficient to maintain what we need in the long run.

If we can’t get enough resources to support even the most basic infrastructure then the experiment will end

And then what ? Only large corporations can finance their own in-house tools and they gain even greater advantage against the rest of society ? What a great outcome…

Your point of view is not crazy but i think it suffers from too much optimism in the face of bleak data.

Also, having critical software depend on one guy is not safe. We should avoid that. If critical software depends on one guy it should be phased out.

I’m sorry to say 90% of the internet’s load bearing infrastructure is in this situation. It’s just how the story goes, everybody wants to build low-stakes toy projects, nobody wants to do high-effort low-reward infrastructure work.

“Writing something new using modern tools” is all fun and sparkles, but then you run into the same issues as rsync except without the experience. Then you get attention from attackers, you get security issues, which you have to patch with defensive code which is not appealing to read and zero fun to write. Before you know it your project is “decades of Rust/Zig/Lisp” which nobody wants to touch and you’re back at square one. All you’ve accomplished is give the attackers a few years of low hanging fruit and easy exploits.

There’s a reason why we get a million shiny toys a year but solutions like rsync stay entrenched for decades.

I think what you’re missing is that the number of people doing step 4 has been going downhill steadily since the 2000s. People start open source projects yes, which for 99% of them don’t bring in any users and barely get maintained over the long run, but the pool of people willing to contribute to large established projects is so small it is becoming problematic.

Even Wikipedia is having its own editor crisis, where most of the power editors are greying out and barely anyone is stepping up to replace them.

And this is happening exactly because most people, like you, think that the free infrastructure around us is a fait accompli which doesn’t require us to personally get involved in their maintenance, and that we can even afford to scare away those that do contribute.

ain’t that a spicy squirrel…

I think you misread my comment. I’m depressed that people are harassing open source devs, not that open source devs use LLMs.

I don’t give a shit whether a maintainer like Tridge uses AI, because i trust them to review the AI’s code like they’ve reviewed human contributions since forever.

Oh man I’m like super agreeing with you. Also I’m in a place that actually has universal healthcare, so it’s not like it’s unworkable

I most certainly won’t lol

No disagreement here but I’m not sure that’s on the menu right now

Sorry for bringing terminally online slang to the table haha

In my head yeah it’s the pill that teaches you a bleak and depressing truth but shows you no way out of it. I may be misusing the term.

This whole debacle is making me extremely black pilled about open software in general. Just like cheap computing has died in recent years, I suspect non corporate free software is about to meet the same end to the acclaim of people who think they’re doing a good thing for the world.

But where will the maintainers for these alternatives come from, when barely anybody has stepped up in the 30 years of rsync’s existence? Your comment implies that tridge didn’t call for help before, which is far from the truth.

This is thankless maintenance on critical software, not some *-arr toy project for hobbyist self-hosters.