This shouldn't be flagged. This is a new type of spam that will have serious consequences for open source.
LLMs have made it possible to effortlessly produce plausible looking garbage at scale and open source maintainers will soon have to deal with a high volume of these PRs going forward.
Just look at how much spammers it attracted when Digital Ocean offered free T-shirts to open source contributors [1]. Now, imagine what will happen when job prospects are involved and anyone can mass produce plausible looking garbage PRs in one single click.
LLMs will accelerate maintainer burnouts in the open source world and there's no good solution for that right now.
There is actually a really simple solution to this: auto reject PRs from people you dont know.
If someone is new to the project, ask them to write an issue explaining the bug/feature and how they plan to address/implement it. Make them demonstrate a human understanding of the code first.
This is not a purely technical problem but a social one too.
Making people go through hoops will just discourage legitimate potential contributors and not stop AI slop. LLMs are good at generating legitimate sounding wall of text. Without actual code, it'll be harder to distinguish legitimate contributors from spammers.
You could ask the submitter to show a quick video recording of the new feature being used. Or if its a bugfix, show the failure scenario and then the fixed non-buggy scenario. If they can't be bothered to show a basic before/after demo of whatever they are working on, then you probably don't want to work with them and accept their code changes anyway.
People already go through hoops and live with it just fine. I don't claim to have the best solution but fundamentally its a social problem and therefore solvable. Perhaps some form of chain of trust.
This is a perfect example of a PR that makes GitHub's react client run like shit.
Click on the Files changed tab and start scrolling if you want to see for yourself. It wasn't always this way. There was a time when you could review PRs containing 500+ modified files without any jank.
The discussion here is amusing to read, but this is obviously a submission to instant-reject. No need for waste your time reading the PR, and I’m sure the maintainer won’t.
This is like spam making the front page of HN. Why?
I actually checked the PR because I was curious if a cutting-edge AI can generate 128k lines of quality code. I mean, if that's true it's great!
Here is what I noticed while reading the PR:
- The PR has surpurisingly little meat. It contains 128k lines, but most of them are AI-generated documentation (86K lines, 68%). It also contains 9K lines of AI-generated tests (7%). So the actual code is just 32K lines (25%).
- I have no deep understanding of OpenCut project, but the code seems buggy? I observe that it casually removes a few logics from the original code without any reason. So it's plausible that the PR is not only useless but harmful to merge.
So my takeaway is that a latest commercial LLM is not getting there, at least yet.
>- The PR has surprisingly little meat. It contains 128k lines, but most of them are AI-generated documentation (86K lines, 68%). It also contains 9K lines of AI-generated tests (7%). So the actual code is just 32K lines (25%).
When you hear about a huge PR or change this should be your default assumption regardless of whether AI or otherwise.
Most huge PRs are only a few thousand lines of "serious logic" code. That code then spawns a bunch of duplication of logic, stuff like adding a dozen few thousand line handling routines to convert a dozen inputs into some single thing. Those then spawn several times their own line count in docs and tests and whatnot.
Great, so now the old "add 30k lines of auto-generated selenium tests to a project and put it on your resume" has a new AI step that amplifies it to 130k lines.
It's interesting and funny and indicative of a broader problem in open-source development, reaching not only technical projects but also stuff like Wikipedia. 90% of the reason I'm here is for the discussion, not literally for the links to news -- there's much better ways to curate news directly to my phone these days.
Plus, again: it's just downright funny. It starts funny b/c he's clearly well-meaning ("I do not think this can be directly merged into the project"), and then you get to the part where there's 300+ commits (20 of which are just "Updated project files") and you just can't help but crack a little smile!
Because we need to celebrate BullShit at scale ! and celebrate the fearless data-scientists turned software engineers who aided by AI are setting PR records while we software engineers watch with envy and sarcasm.
> I do not think this can be directly merged into the project. I think it requires some manual reviewing if something (I mean some part of code) is useful for the project development.
It seems like maybe his idea was to make a bunch of code, and then see if the maintainers want to pluck anything out of it. This is, of course, not how things are done and not very helpful. Projects don’t need a bunch of AI generated brainstorming. But, I guess, at least it seems well-intentioned? Over-enthusiastic.
My guess is they wanted to share some ideas; as in: what features could be added and what would an example implementation look like. They have no interest in deeper discussions or in forking the project.
To me a large PR with a disclaimer that it should not be merged seems a decent way of doing this and better than not sharing anything at all.
But I see how this could get distracting if more people do this. I assume this is a one time thing. In future I would recommend creating some fork with a note that it is not going to be maintained.
Better if the submitter opened a feature request clearly describing the feature. As part of such a request, they could provide some screenshots and maybe a link to their AI-slop generated code for anyone curious to demo as a proof-of-concept, but without burdening any human with having to look at the slop.
No, he did not. He said it was bad thing. He presented a couple of new features for discussion, with a new electron target. He decided to split it up into individual PR's after positive feedback.
The problem is I can automatically ban tabs if I don’t like them. I Can limit the number of characters per line with a script. I cannot prevent you from sending prs with AI slop, nor can I easily detect it
Human beings make relatively predictable mistakes, to the extent that I can skim read large PRs with mental heuristics and work out whether the dev thought carefully about the problem when designing a solution, and whether they hit common pitfalls etc.
AI code generation tends to pass a bunch of those heuristics while generating code that you can only identify as nonsense by completely understanding it, which takes a lot more time and effort. It can generate sensible variable and function names, concise functions, relatively decent documentation etc while misunderstanding the problem space in subtle ways that human beings very rarely do.
No. They’re not hard to detect because they’re good, they’re “hard” to detect because understanding code takes time, and you’re putting that work on the maintainer.
I find it hard to believe that people who don’t intuit this have ever been on the receiving end. If I fill up your email inbox with LLM slop, would you consider that I’ve done you a favor because some of it’s helpful? Or would you care more about the time you’re wasting on the rest, and that it’d take longer to find the good bits than to make them yourself, and just block me?
It depends. Could you easily determine in this case that it was "AI slop"? I have used LLMs before for PRs, but not with having my brain turned off, and it got merged because it was legitimate, and I would have never sent the PR without doing my own careful review. I may be in the minority, who knows.
He's still going. Just saw a new commit using Claude to add .vscode to .gitignore and untrack the files. How much did it just cost to do something that can be done in two cli commands.
The attitude of "I will do only the fun part. I'll create some barely workable code and expect others to fix it" existed long before AI code generation. Vibe coding is really enabling it to be taken to another level.
It would've been better if the PR author actually had any fun thing they wanted to do. They didn't, hence the PR title "Try to help but need some help." This PR literally has no purpose.
I had a pull request like this on my project somewhat recently, thousands of files changed, the author seemed unsure of what exactly they added, and names suggested use of AI tools.
I think it's a cool use case for AI, for non-programmers to be able to customize open source software for themselves with AI tools (just hope it doesn't introduce a data loss bug or security vulnerability...) But obviously these tools as of today will make an absolute mess over time without a lot of guidance, and being a non-programmer makes it impossible to give it that guidance. I guess it's fine if the only user is the non-programmer and they're never gonna maintain it themselves, but sometimes they assume some of the code somewhere will somehow be useful for the project and so they open a pull request like this without realizing the insanity they're doing
This does reflect my experience with Claude Code too. It just writes TOO MUCH damn code. It's never able to understand the tiny change that would make the software actually be better without guidance, and at that point I'd rather write it myself.
On the Pro tier, it’s a fixed monthly price with fixed quota per 5 hour window.
That said, every time I’ve tried it, it’s spent ages writing code that barely works, where it keeps writing over-engineered workarounds to obvious errors. Eventually, it gives up and decides broken is good enough, and returns to the prompt. So you still have a point…
This isn't directed at you, but rather the general "A!", "No, A is no good. B!" thing that HN does. Lots of people swear by Claude Code on HN; nearly any post that could shoehorn an AI discussion has someone saying "But I just use Claude Code and it works fine!", with others saying that gemini is better if you pay, etc.
The issue is, very few actually publish the AI code. I have, at least three times on HN. I don't pay for AI - well, i put $10 on deepseek to check it out and have spent less than a penny. I mostly use local or copilot. I've never used chatgpt to write code, nor claude, gemini, grok, or meta.
So, the result is, this comes off as:
"My football team is best because A,B,C!"
"No, A & B aren't important, C,X,Y are, and my football team has those!"
"So you agree C is important?"
Anyhow, in support of my point, here's some of my AI output:
https://github.com/genewitch/aider2048clone A local 70b LLM model oneshot with Aider (a tool to write codebases with AI); oneshot means i typed a prompt and then published the output, i didn't edit or change anything or re-prompt.
and the oldest, and my favorite example so far; https://github.com/genewitch/emd
A full react app stack - including the node.js 'server.js', done in copilot.exe over the course of ~20 hours. I didn't manually edit the code except for one tiny part where the only math in the code is, and i worked it out on a piece of paper with a pencil, then coded it in myself. i couldn't explain it well enough to copilot for it to produce the code i wanted. Luckily the nuts and bolts of jscript is easy enough, it's all the const and "{}" that i don't "get".
I've linked all of these on HN before, usually in protest to someone else not linking their code and/or complaining that no one links their code.
Is it really a conspiracy theory that these companies want to charge by throughput? What exactly is out of the realm of possibility when these companies literally charge by the token...
Nobody here is clicking out of a burning curiosity to resolve the PR-submitter's identity. We can reliably predict it'll be a random account that we've never seen before and will never recognize again.
Analogy: It's like someone linked "A kitten doing somersaults." I don't care which kitten is involved, I'll click because I anticipate cuteness and amusing acrobatics. Replacing it with "Miss Mittens (a kitten) doing somersaults" is unnecessary.
Is their name particularly relevant to the headline? If anything it feels like it might be beneficial to emphasize that it's not about the who here, but instead the what.
Like anyone, it can always keep adding new code that “works”. The problem is that it’s causing other code not to work at the same time, and it doesn’t see that.
More important than code that works now is code that can be reviewed and maintained so it will continue to work in the future. AI-slop, even moderately-sized, might pass the test cases and seem to work, but it is doubtful it will continue to work in the future, particularly if a code base continues to accept more slop.
My coworker did push a 1M kloc ai-generated PR once. Over 1K files. It was a fine C++ refactoring. The reviewers had fun, and it was presented in the sprint review as proper usage of the new AI tools.
When we added pre-commit we also had those huge automatic whitespace and style refactorings once in a while over hundreds of repos. No problem at all
I mean... At the end of the day, this is easy to handle.
Reject: please break into digestible features, probably no more than 1500 lines each. Our team is responsible for hand-verifying all changes and this cannot be hand-verified practically.
If it's an isolated case and not anything more sophisticated, maybe. When people inevitably start mass-spamming open source projects to make their Github contribution graphs greener, this will be a serious problem that will accelerate maintainer burnouts.
This became a problem when free T-shirts were involved [1]. Now imagine what will happen when job prospects come into the picture.
> When people inevitably start mass-spamming open source projects to make their Github contribution graphs greener
How does GitHub handle that right now? What's to stop an individual account from just dropping line-noise PRs onto projects (i.e. random-bytestring files that couldn't possibly be correct)?
Seems like whatever the social network (and, to be clear, GitHub is a social network) uses to police trolls right now could be applied to AI-spam. This is a problem every social network has to solve eventually; surely GitHub hasn't gone this long with no solution at all?
Yes, now other online platforms have to deal with LLM spam as well. That doesn't really mean we have a solution for that.
Social media hasn't been able to keep up with spam even before LLMs became this big. With LLMs, mass-generating legitimate sounding spam became cheap and effortless.
I suspect the solution will look something like "If you make too many PRs that don't get accepted, it flags your account for manual review... Or just preemptively cuts the account's authority to propose PRs to other people's projects pending appeal." As far as I'm aware, nobody's really drowning at Meta or Reddit regarding LLMs; they've been dealing with low-quality human-generated content at volume for decades. Perhaps this is just a new challenge for GitHub specifically?
I don't think we should be dunking on someone for saying, "I have no idea what I'm doing and I need help." This isn't hubris. They didn't think that this 100k line change would be accepted. They were just asking for guidance.
This PR has no purpose whatsoever that benefits the project. No open source maintainer should have to put up being spammed with 128k line AI slop made without any concrete purpose. It's mind blowing that AI zealots are now demanding people to be supportive of such spam with an air of moral superiority. Won't somebody please think of the spammers!
If someone wants that green Github contribution graph, they should at least take the time and effort to learn software engineering. They shouldn't steal open source maintainers' time with AI slop and expect them to clean it up. It's beyond offensive. It's telling the maintainers that is what their projects are worth.
To me they look like someone earnestly asking for help, but in the wrong forum. Closing the PR would make sense to me, but I don't think there's any purpose to making this person a main character. I've spent a lot of time in online programming communities, so people asking for help in awkward ways, perhaps inappropriately or with an element of entitlement, that's just Tuesday from my perspective.
I'm not an AI zealot, as it happens. I've made a lot of comments on here critical of AI. I just don't think HN is a place to gawk at random people's faux pas of GitHub etiquette.
My bad for assuming that you were an AI zealot. But I do want to stress that this issue isn't just about a single person. It's much bigger than that.
As I mentioned in my other comments, there were an influx of spammers directed at open source projects when Digital Ocean offered free T-shirts for open source contributions. With LLMs being able to mass-produce plausible looking garbage PRs, spammers looking for job prospects will flood the open source community, burning out maintainers in the process.
This issue needs to be discussed for the survival of open source.
Thank you for the acknowledgement, that's rarer than it should be and I appreciate it.
I'm sure there's an issue with low quality PRs to open source projects, and that LLMs are making it worse, but I think the Twitter style of discourse where we identify some random person who said something ill advised and lay into them is just scapegoating. I don't think it's going to help open source maintainers deal with bad PRs or help prospective contributors understand how to make a PR (or when not to make one).
This shouldn't be flagged. This is a new type of spam that will have serious consequences for open source.
LLMs have made it possible to effortlessly produce plausible looking garbage at scale and open source maintainers will soon have to deal with a high volume of these PRs going forward.
Just look at how much spammers it attracted when Digital Ocean offered free T-shirts to open source contributors [1]. Now, imagine what will happen when job prospects are involved and anyone can mass produce plausible looking garbage PRs in one single click.
LLMs will accelerate maintainer burnouts in the open source world and there's no good solution for that right now.
[1]: https://news.ycombinator.com/item?id=24643894
There is actually a really simple solution to this: auto reject PRs from people you dont know.
If someone is new to the project, ask them to write an issue explaining the bug/feature and how they plan to address/implement it. Make them demonstrate a human understanding of the code first.
This is not a purely technical problem but a social one too.
Making people go through hoops will just discourage legitimate potential contributors and not stop AI slop. LLMs are good at generating legitimate sounding wall of text. Without actual code, it'll be harder to distinguish legitimate contributors from spammers.
You could ask the submitter to show a quick video recording of the new feature being used. Or if its a bugfix, show the failure scenario and then the fixed non-buggy scenario. If they can't be bothered to show a basic before/after demo of whatever they are working on, then you probably don't want to work with them and accept their code changes anyway.
People already go through hoops and live with it just fine. I don't claim to have the best solution but fundamentally its a social problem and therefore solvable. Perhaps some form of chain of trust.
This is a perfect example of a PR that makes GitHub's react client run like shit.
Click on the Files changed tab and start scrolling if you want to see for yourself. It wasn't always this way. There was a time when you could review PRs containing 500+ modified files without any jank.
The discussion here is amusing to read, but this is obviously a submission to instant-reject. No need for waste your time reading the PR, and I’m sure the maintainer won’t.
This is like spam making the front page of HN. Why?
I actually checked the PR because I was curious if a cutting-edge AI can generate 128k lines of quality code. I mean, if that's true it's great!
Here is what I noticed while reading the PR:
- The PR has surpurisingly little meat. It contains 128k lines, but most of them are AI-generated documentation (86K lines, 68%). It also contains 9K lines of AI-generated tests (7%). So the actual code is just 32K lines (25%).
- For what it's worth mentioning, the documentation is bad. It mostly feels like a copy-and-paste from someone's LLM session. You can check it out yourself: https://github.com/OpenCut-app/OpenCut/blob/b883256/docs/iss...
- I have no deep understanding of OpenCut project, but the code seems buggy? I observe that it casually removes a few logics from the original code without any reason. So it's plausible that the PR is not only useless but harmful to merge.
So my takeaway is that a latest commercial LLM is not getting there, at least yet.
>- The PR has surprisingly little meat. It contains 128k lines, but most of them are AI-generated documentation (86K lines, 68%). It also contains 9K lines of AI-generated tests (7%). So the actual code is just 32K lines (25%).
When you hear about a huge PR or change this should be your default assumption regardless of whether AI or otherwise.
Most huge PRs are only a few thousand lines of "serious logic" code. That code then spawns a bunch of duplication of logic, stuff like adding a dozen few thousand line handling routines to convert a dozen inputs into some single thing. Those then spawn several times their own line count in docs and tests and whatnot.
Great, so now the old "add 30k lines of auto-generated selenium tests to a project and put it on your resume" has a new AI step that amplifies it to 130k lines.
It’s got something for everyone.
1. Outrage is fun! 2. “This confirms my biases!” 3. It’s kind of a funny extreme of bad behavior we’ve all had to deal with
It's interesting and funny and indicative of a broader problem in open-source development, reaching not only technical projects but also stuff like Wikipedia. 90% of the reason I'm here is for the discussion, not literally for the links to news -- there's much better ways to curate news directly to my phone these days.
Plus, again: it's just downright funny. It starts funny b/c he's clearly well-meaning ("I do not think this can be directly merged into the project"), and then you get to the part where there's 300+ commits (20 of which are just "Updated project files") and you just can't help but crack a little smile!
It's novel spam? At least today it is, tomorrow probably not. 128k is impressive!
Because we need to celebrate BullShit at scale ! and celebrate the fearless data-scientists turned software engineers who aided by AI are setting PR records while we software engineers watch with envy and sarcasm.
I wonder, based on the start of the thread:
> I do not think this can be directly merged into the project. I think it requires some manual reviewing if something (I mean some part of code) is useful for the project development.
It seems like maybe his idea was to make a bunch of code, and then see if the maintainers want to pluck anything out of it. This is, of course, not how things are done and not very helpful. Projects don’t need a bunch of AI generated brainstorming. But, I guess, at least it seems well-intentioned? Over-enthusiastic.
My guess is they wanted to share some ideas; as in: what features could be added and what would an example implementation look like. They have no interest in deeper discussions or in forking the project.
To me a large PR with a disclaimer that it should not be merged seems a decent way of doing this and better than not sharing anything at all.
But I see how this could get distracting if more people do this. I assume this is a one time thing. In future I would recommend creating some fork with a note that it is not going to be maintained.
It just seems overwhelming and, therefore, very unlikely to get any traction. But I guess we’ll see.
Better if the submitter opened a feature request clearly describing the feature. As part of such a request, they could provide some screenshots and maybe a link to their AI-slop generated code for anyone curious to demo as a proof-of-concept, but without burdening any human with having to look at the slop.
Low signal, high noise. Why waste time looking for the needle in the haystack?
The fact that this wasn't immediately rejected with a stern "GTFO" tells me the project maintainers have way more patience than me.
I don't see any evidence that a maintainer has responded? It looks like all the responses are by
- Some bot the maintainers are using to do preliminary code review
- Trolls saying "lgtm" and the like.
> A .claude/settings.local.json
We'll at least it's easy to find the root cause of the problem :/
I don’t think that’s the root cause here. The submitter decided that a 128k line PR was a good thing.
AI is a tool. The problem is software engineering best practices (small, reviewable, incremental self-contained PRs.)
No, he did not. He said it was bad thing. He presented a couple of new features for discussion, with a new electron target. He decided to split it up into individual PR's after positive feedback.
The problem is I can automatically ban tabs if I don’t like them. I Can limit the number of characters per line with a script. I cannot prevent you from sending prs with AI slop, nor can I easily detect it
You can make a bot that auto rejects everything over 5k lines though
Ah if you can’t easily detect it, wouldn’t that mean it passes muster?
Human beings make relatively predictable mistakes, to the extent that I can skim read large PRs with mental heuristics and work out whether the dev thought carefully about the problem when designing a solution, and whether they hit common pitfalls etc.
AI code generation tends to pass a bunch of those heuristics while generating code that you can only identify as nonsense by completely understanding it, which takes a lot more time and effort. It can generate sensible variable and function names, concise functions, relatively decent documentation etc while misunderstanding the problem space in subtle ways that human beings very rarely do.
Sounds like it raises the bar on verification requirements.
... In a world where someone almost compromised SSL via a detail-missed trust attack... Maybe that's okay?
No. They’re not hard to detect because they’re good, they’re “hard” to detect because understanding code takes time, and you’re putting that work on the maintainer.
I find it hard to believe that people who don’t intuit this have ever been on the receiving end. If I fill up your email inbox with LLM slop, would you consider that I’ve done you a favor because some of it’s helpful? Or would you care more about the time you’re wasting on the rest, and that it’d take longer to find the good bits than to make them yourself, and just block me?
That's like saying if you could not tell the person calling you was a scammer and lost money, then the call passes muster.
As long as the person submitting PR has put in the effort to ensure it is of high quality, it should not matter what tool they used, right?
Well, overwhelming majority vibies seem not to. Welcome to "block all chinese and russian IPs" era, open source AI edition.
[dead]
It depends. Could you easily determine in this case that it was "AI slop"? I have used LLMs before for PRs, but not with having my brain turned off, and it got merged because it was legitimate, and I would have never sent the PR without doing my own careful review. I may be in the minority, who knows.
[flagged]
How much do we think was spent on claude code for this?
He's still going. Just saw a new commit using Claude to add .vscode to .gitignore and untrack the files. How much did it just cost to do something that can be done in two cli commands.
This is a fork.
We are going to have to learn some new etiquette with this new tech, but that’s always how it’s been.
I appreciate your point and your candor, however forking is not new tech. This 'etiquette' is not at all new.
I’m talking about a form of https://en.m.wikipedia.org/wiki/Eternal_September - new people to open source learning what’s polite. This person just happened to do it in the open!
The attitude of "I will do only the fun part. I'll create some barely workable code and expect others to fix it" existed long before AI code generation. Vibe coding is really enabling it to be taken to another level.
> The attitude of "I will do only the fun part.
It would've been better if the PR author actually had any fun thing they wanted to do. They didn't, hence the PR title "Try to help but need some help." This PR literally has no purpose.
I had a pull request like this on my project somewhat recently, thousands of files changed, the author seemed unsure of what exactly they added, and names suggested use of AI tools.
I think it's a cool use case for AI, for non-programmers to be able to customize open source software for themselves with AI tools (just hope it doesn't introduce a data loss bug or security vulnerability...) But obviously these tools as of today will make an absolute mess over time without a lot of guidance, and being a non-programmer makes it impossible to give it that guidance. I guess it's fine if the only user is the non-programmer and they're never gonna maintain it themselves, but sometimes they assume some of the code somewhere will somehow be useful for the project and so they open a pull request like this without realizing the insanity they're doing
Holy slop.
This does reflect my experience with Claude Code too. It just writes TOO MUCH damn code. It's never able to understand the tiny change that would make the software actually be better without guidance, and at that point I'd rather write it myself.
It's fine for gruntwork though.
my experience as well - it would rather re-invent the wheel over and over
their owners charge per token so...
On the Pro tier, it’s a fixed monthly price with fixed quota per 5 hour window.
That said, every time I’ve tried it, it’s spent ages writing code that barely works, where it keeps writing over-engineered workarounds to obvious errors. Eventually, it gives up and decides broken is good enough, and returns to the prompt. So you still have a point…
It was trained on the code the finest leet coders wrote. I do wish it would look at my existing code base and write more shit code like I write.
This isn't directed at you, but rather the general "A!", "No, A is no good. B!" thing that HN does. Lots of people swear by Claude Code on HN; nearly any post that could shoehorn an AI discussion has someone saying "But I just use Claude Code and it works fine!", with others saying that gemini is better if you pay, etc.
The issue is, very few actually publish the AI code. I have, at least three times on HN. I don't pay for AI - well, i put $10 on deepseek to check it out and have spent less than a penny. I mostly use local or copilot. I've never used chatgpt to write code, nor claude, gemini, grok, or meta.
So, the result is, this comes off as:
Anyhow, in support of my point, here's some of my AI output:https://news.ycombinator.com/item?id=44652138 I used copilot to add static, and fix the digits spoken to singular digits instead of groups, "7, 3, 4" instead of "seven hundred and thirty four." Done with copilot.exe; final version without pops, clicks, and crash at: https://github.com/genewitch/opensource/blob/master/numbers-...
https://github.com/genewitch/opensource/blob/master/specific... and https://github.com/genewitch/opensource/blob/master/markov%3... to convert n-gate to json and then put the json into a markov chain. Done with copilot.exe
https://github.com/genewitch/aider2048clone A local 70b LLM model oneshot with Aider (a tool to write codebases with AI); oneshot means i typed a prompt and then published the output, i didn't edit or change anything or re-prompt.
and the oldest, and my favorite example so far; https://github.com/genewitch/emd A full react app stack - including the node.js 'server.js', done in copilot.exe over the course of ~20 hours. I didn't manually edit the code except for one tiny part where the only math in the code is, and i worked it out on a piece of paper with a pencil, then coded it in myself. i couldn't explain it well enough to copilot for it to produce the code i wanted. Luckily the nuts and bolts of jscript is easy enough, it's all the const and "{}" that i don't "get".
I've linked all of these on HN before, usually in protest to someone else not linking their code and/or complaining that no one links their code.
none of these were "thinking" mode.
Looks like it's mostly tests and AI specs.
It all amounts to chargeable tokens in the end.
Anthropic offers a flat fee subscription.
They offer unlimited flat fee subscriptions? Someone better alert Anthropic:
https://news.ycombinator.com/item?id=44713757
"affecting less than 5% of users"
Conspiracy theories need to at least have a passing compatibility with reality. Anthropic loses money with more tokens used to solve the same problem.
Is it really a conspiracy theory that these companies want to charge by throughput? What exactly is out of the realm of possibility when these companies literally charge by the token...
Coderabbit’s estimate of review time is interesting:
Estimated code review effort
5 (Critical) | ~90 minutes
Does anyone else feel like Coderabbit is mostly noise?
Also can we get rid of “Someone” in the headline?
It’s very clickbaity as the identity of the “Someone” is one of the first things you see by clicking the link.
It's not bait, so it can't be "clickbait."
Nobody here is clicking out of a burning curiosity to resolve the PR-submitter's identity. We can reliably predict it'll be a random account that we've never seen before and will never recognize again.
Analogy: It's like someone linked "A kitten doing somersaults." I don't care which kitten is involved, I'll click because I anticipate cuteness and amusing acrobatics. Replacing it with "Miss Mittens (a kitten) doing somersaults" is unnecessary.
There is zero information gained by actually naming the person in the title. They are just a random contributor out of all the contributors on GitHub
Is their name particularly relevant to the headline? If anything it feels like it might be beneficial to emphasize that it's not about the who here, but instead the what.
What would you prefer? Naming someone that nobody knows?
That begs the question: how big of a codebase can these tools generate that works?
(loop unrolling doesn't count)
Like anyone, it can always keep adding new code that “works”. The problem is that it’s causing other code not to work at the same time, and it doesn’t see that.
More important than code that works now is code that can be reviewed and maintained so it will continue to work in the future. AI-slop, even moderately-sized, might pass the test cases and seem to work, but it is doubtful it will continue to work in the future, particularly if a code base continues to accept more slop.
I always looked forward to the day spammers would invade my free software projects with mountains of generated "contributions"
The title on this PR "Try to help but need some help" LMAO
wow, BS at scale. Love the LGTMs and the ship its. A few of these merged PRs and the project gets into the shitter.
meta/amazon manager be like - productivity through the roof.
This is egregious, but I’ve straight up had coworkers pull this sort of clown work in actual workplaces.
Your coworkers did not push 128 klocs in one PR.
My coworker did push a 1M kloc ai-generated PR once. Over 1K files. It was a fine C++ refactoring. The reviewers had fun, and it was presented in the sprint review as proper usage of the new AI tools.
When we added pre-commit we also had those huge automatic whitespace and style refactorings once in a while over hundreds of repos. No problem at all
Proof needed, otherwise it didn't happen. And I secretly hope that this is some kind of low quality satire
Initial reaction—haven’t read through the code yet, but I expect to see 100% AI slop. Also, I love the comments saying LGTM
———
Quickly glancing through the code. 20 commits with the message, “Update documentation and project organization.”
kill it with fire before it lays eggs
more like nuke it from orbit (its the only way to be sure)
I mean... At the end of the day, this is easy to handle.
Reject: please break into digestible features, probably no more than 1500 lines each. Our team is responsible for hand-verifying all changes and this cannot be hand-verified practically.
... And if they disagree they can fork.
If it's an isolated case and not anything more sophisticated, maybe. When people inevitably start mass-spamming open source projects to make their Github contribution graphs greener, this will be a serious problem that will accelerate maintainer burnouts.
This became a problem when free T-shirts were involved [1]. Now imagine what will happen when job prospects come into the picture.
[1]: https://news.ycombinator.com/item?id=24643894
> When people inevitably start mass-spamming open source projects to make their Github contribution graphs greener
How does GitHub handle that right now? What's to stop an individual account from just dropping line-noise PRs onto projects (i.e. random-bytestring files that couldn't possibly be correct)?
Seems like whatever the social network (and, to be clear, GitHub is a social network) uses to police trolls right now could be applied to AI-spam. This is a problem every social network has to solve eventually; surely GitHub hasn't gone this long with no solution at all?
Yes, now other online platforms have to deal with LLM spam as well. That doesn't really mean we have a solution for that.
Social media hasn't been able to keep up with spam even before LLMs became this big. With LLMs, mass-generating legitimate sounding spam became cheap and effortless.
I suspect the solution will look something like "If you make too many PRs that don't get accepted, it flags your account for manual review... Or just preemptively cuts the account's authority to propose PRs to other people's projects pending appeal." As far as I'm aware, nobody's really drowning at Meta or Reddit regarding LLMs; they've been dealing with low-quality human-generated content at volume for decades. Perhaps this is just a new challenge for GitHub specifically?
I don't think we should be dunking on someone for saying, "I have no idea what I'm doing and I need help." This isn't hubris. They didn't think that this 100k line change would be accepted. They were just asking for guidance.
I don't think this belongs on HN.
This PR has no purpose whatsoever that benefits the project. No open source maintainer should have to put up being spammed with 128k line AI slop made without any concrete purpose. It's mind blowing that AI zealots are now demanding people to be supportive of such spam with an air of moral superiority. Won't somebody please think of the spammers!
If someone wants that green Github contribution graph, they should at least take the time and effort to learn software engineering. They shouldn't steal open source maintainers' time with AI slop and expect them to clean it up. It's beyond offensive. It's telling the maintainers that is what their projects are worth.
To me they look like someone earnestly asking for help, but in the wrong forum. Closing the PR would make sense to me, but I don't think there's any purpose to making this person a main character. I've spent a lot of time in online programming communities, so people asking for help in awkward ways, perhaps inappropriately or with an element of entitlement, that's just Tuesday from my perspective.
I'm not an AI zealot, as it happens. I've made a lot of comments on here critical of AI. I just don't think HN is a place to gawk at random people's faux pas of GitHub etiquette.
My bad for assuming that you were an AI zealot. But I do want to stress that this issue isn't just about a single person. It's much bigger than that.
As I mentioned in my other comments, there were an influx of spammers directed at open source projects when Digital Ocean offered free T-shirts for open source contributions. With LLMs being able to mass-produce plausible looking garbage PRs, spammers looking for job prospects will flood the open source community, burning out maintainers in the process.
This issue needs to be discussed for the survival of open source.
> My bad for assuming that you were an AI zealot.
Thank you for the acknowledgement, that's rarer than it should be and I appreciate it.
I'm sure there's an issue with low quality PRs to open source projects, and that LLMs are making it worse, but I think the Twitter style of discourse where we identify some random person who said something ill advised and lay into them is just scapegoating. I don't think it's going to help open source maintainers deal with bad PRs or help prospective contributors understand how to make a PR (or when not to make one).
The PR author seems clueless.
But, it's at least a little remarkable that the cluelessness was able to then pester someone in an unusual way.