Post B039iFslVt8MSmCMng by GroupNebula563@mastodon.social
(DIR) More posts by GroupNebula563@mastodon.social
(DIR) Post #B0392419EhSRVE07fs by catsalad@infosec.exchange
0 likes, 0 repeats
RE: https://infosec.exchange/@mttaggart/115516415501584126Hey @keepassxc. Care to explain the AI usage in your code?
(DIR) Post #B03928BviYSWRp4n2G by keepassxc@fosstodon.org
0 likes, 0 repeats
@catsalad sure, happy to discuss. We use generative ai to help us code simple things and improve our pull request reviews. No code is ever merged to the develop branch (ie, in production) without a human reviewing and often times cleaning/quality improving the code. This applies to third party submissions and AI submissions equally. Generative AI has already been helpful to help us find and prevent bugs and security issues during several pull request reviews.
(DIR) Post #B039iFslVt8MSmCMng by GroupNebula563@mastodon.social
0 likes, 0 repeats
@keepassxc @catsalad are you aware that you’re decimating the small web, independent artists, and coders everywhere (not to mention the government, environment, I could go on) by using these “tools”
(DIR) Post #B039iXF0yQ24IhjsLA by vegetablegremlin@jorts.horse
0 likes, 0 repeats
@keepassxc @catsalad generative AI in code pipelines is an absolutely gargantuan security hole, my god
(DIR) Post #B03ABmxhbS1zSJafCa by outfrost@mastodon.social
0 likes, 0 repeats
@keepassxc i'm glad you're sooo sure that your "happy unpaid intern" never introduces subtle security bugs of its owni'm sooo glad you're burning literal gigawatt-hours of energy "coding simple things and improving pull request reviews" (dubious)if you called for contributors, i may well have invested some time into understanding the codebase to code said simple things and catch security issues with a conscious brain, but if you'd rather eat slop, then i won't be at your table @catsalad
(DIR) Post #B03ADb50keQTBPs58y by keepassxc@fosstodon.org
0 likes, 0 repeats
@GroupNebula563 @catsalad Uhhh, we are definitely part of that community.
(DIR) Post #B03AHitVdhKuZsSVl2 by GroupNebula563@mastodon.social
0 likes, 0 repeats
@keepassxc @catsalad so why are you using the tools then?
(DIR) Post #B03AVj6zcxs9J3RXHc by keepassxc@fosstodon.org
0 likes, 0 repeats
@outfrost @catsalad You are welcome to contribute, we have over 600 issues you can pull from.
(DIR) Post #B03Amr3VLW6UrlykHw by GroupNebula563@mastodon.social
0 likes, 0 repeats
@keepassxc also, your reply does not effectively answer @catsalad’s question at all
(DIR) Post #B03AmroIXXXBCts7E0 by GroupNebula563@mastodon.social
0 likes, 0 repeats
@keepassxc @catsalad “ai does stuff better than humans” is not a valid argument because it doesn’t. there are studies from prestigious universities that back me up on this. unless, of course, the humans working on your software are working poorly because they are being mistreated. or if you don’t want to pay people.
(DIR) Post #B03AmsmuuA1WEuEWi8 by keepassxc@fosstodon.org
0 likes, 0 repeats
@GroupNebula563 @catsalad We never said it can do things better. But it can do certain things well enough to be useful. I know the studies, in fact, my research group and I have published in the field.
(DIR) Post #B03BOSIJr5zf4jpzVI by outfrost@mastodon.social
0 likes, 0 repeats
@keepassxc you're literally using the tools of the enemybut sure, destroy open source from within, that's great@GroupNebula563
(DIR) Post #B03BVXjS2LXhy0uMF6 by outfrost@mastodon.social
0 likes, 0 repeats
@keepassxc i would be deeply uncomfortable doing so, if you haven't noticed
(DIR) Post #B03BjQcTHIYBxhGROq by keepassxc@fosstodon.org
0 likes, 0 repeats
@catsalad No worries!
(DIR) Post #B03HGFNqZbCYRQtO2S by paul_ipv6@infosec.exchange
0 likes, 0 repeats
@keepassxc thanks for details. please keep being transparent about how you're using it and how it's working/going.i am currently a very happy keepassxc user and would hate to have to go back to the commercial alternatives, which don't like self-hosting any more.