User avatar
privTri Volpeon areonNSmol @volpeon@icy.wyvern.rip
Admin
Wyvern-shaped software developer and hobby vector artist. Also sometimes a fluffy werewolf alien creature (Areon).

Creator of the neofoxes, neocats and other emojis. wvrnBox
Website https://volpeon.ink/
Speaking German, English
Age 30s
Pronouns he / him
Backup Account @volpeon@goto.wyvern.rip
Bonus Content @areon@icy.wyvern.rip
User avatar
privTri Volpeon areonNSmol @volpeon@icy.wyvern.rip
7mo
It irks me to no end that I had to use rootMargin: "101% 0px -101% 0px" for the IntersectionObserver to detect if the user is at the top of the page. 100%/-100% detects even the very top as scrolled.
User avatar
privTri Volpeon areonNSmol @volpeon@icy.wyvern.rip
7mo
@catsalad neocat_boop_woozy
User avatar
privTri Volpeon areonNSmol @volpeon@icy.wyvern.rip
7mo
AAAAAAAAA MONDAY
This post has attachments, but this server's configuration prevents them from being displayed here.
User avatar
privTri Volpeon areonNSmol @volpeon@icy.wyvern.rip
7mo
@gsuberland I still have mine. The insulation of all the cables has disintegrated, though wvrnFlat
User avatar
privTri Volpeon areonNSmol @volpeon@icy.wyvern.rip
7mo
@loganer So my header just had the website's background color when scrolled so that things just got cut off visually. And then I remembered how in Google Keep, for instance, the app bar becomes a darker shade when you scroll.
User avatar
privTri Volpeon areonNSmol @volpeon@icy.wyvern.rip
7mo
I learned a thing from Google
This post has attachments, but this server's configuration prevents them from being displayed here.
User avatar
privTri Volpeon areonNSmol @volpeon@icy.wyvern.rip
7mo
@SteffoSpieler Nope, hab mich auch im ersten Moment gefragt was Publikum-Shits sein sollen. neofox_googly_woozy
User avatar
privTri Volpeon areonNSmol @volpeon@icy.wyvern.rip
7mo
@abucci Thanks for your reply! You're making good points which I overall agree with. I've had rather subpar experiences with LLM-generated code at work myself, so it's not like I don't see the downsides and how it leads to the erosion of skill. It's true that this also has implications on the security.

However, from what I've seen, I think the way GitHub integrates Copilot into the process makes it less likely to cause the same degradation as an AI assistant directly integrated into an editor. As I said elsewhere, GitHub presents Copilot as a PR author and your usage of it is akin to iterating a PR with a human author until it meets the project's standards.
If regular PRs don't pose a risk to one's skills, then I don't see why this would. It incentivizes the thinking that the AI must be held to the same standards as any other PR author, that it isn't inherently above them. I think this is a good way to handle it.
I'm happy to be corrected if my understanding of Copilot or the way the devs use it is wrong. You're clearly more involved in this topic than I am.

Apart from that, I do wonder how realistic it is to expect projects to reject LLMs contributions forever. No matter what you and I want, the global trend moves towards increasing adoption of AI and this means external contributions will become more and more "tainted", with and without their knowledge. Given this outlook, I think it's better to be open for AI contributions. This allows the developers to become familiar with the strengths and weaknesses of AI, and it creates an environment where contributors are willing to disclose their use of it so that reviews can be conducted with appropriate care. An environment where AI is banned will only lead to people trying to deceive the developers and causing necessary trouble.

@ngaylinn
User avatar
privTri Volpeon areonNSmol @volpeon@icy.wyvern.rip
7mo
I finally have some ideas to improve my website's design.
This post has attachments, but this server's configuration prevents them from being displayed here.
User avatar
privTri Volpeon areonNSmol @volpeon@icy.wyvern.rip
7mo
@vel Da weiß man, dass die Lösung aus Deutschland kommt drgn_woozy
User avatar
privTri Volpeon areonNSmol @volpeon@icy.wyvern.rip
7mo
3pm and it's already getting dark outside neofox_googly_shocked
User avatar
privTri Volpeon areonNSmol @volpeon@icy.wyvern.rip
7mo
I recently found this YouTube channel: www.youtube.com/@any_austin/videos
Stuff like this is right up my alley
User avatar
privTri Volpeon areonNSmol @volpeon@icy.wyvern.rip
7mo
@nova [ Leggies extended ]
User avatar
privTri Volpeon areonNSmol @volpeon@icy.wyvern.rip
7mo
Ever since I learned of the "not just X, but Y" pattern LLMs like to use, I notice so many probably AI-generated texts
User avatar
privTri Volpeon areonNSmol @volpeon@icy.wyvern.rip
7mo
@sitcom_nemesis @errant

It doesn't matter what the AI is or isn't. GitHub's presentation of it leads to the AI having the same status as an external contributor, which incentivizes the thinking that it must be held up to the same standards as human contributors. I'd even say that this is the only healthy approach because implicitly trusting humans more means that in case they use AI outside of GitHub and act like it's their own work, your own bias may prevent you from seeing flaws you'd pay closer attention to when reviewing an AI's output.

I'm not sure what the problem with responsibility is. Isn't this a project governance issue, i.e. "you take full responsibility" means you'll get kicked out if you contribute garbage AI code? How is this a security problem?
User avatar
privTri Volpeon areonNSmol @volpeon@icy.wyvern.rip
7mo
@sitcom_nemesis @errant
but surely all the checking and prerequisite expertise would nix most advantages of using it?
Sure, but why would this be a concern for anyone but the user themself? I'm sure I use things which other people may not like, such as VSCode or GNOME. Is it valid for them to tell me what to use and how?
And it looks like for most AI PRs in KeepassXC, the person working with the AI ultimately approves the code... hardly a rock solid review process. Usually, there's two humans in the loop.
The way the AI is integrated in GitHub makes it a separate entity from the reviewer with an interaction workflow akin to iterating a PR with its author until it matches the project's standards. In both cases, the PR author — AI or human — is untrustworthy and the reviewer is trustworthy. There are also non-AI PRs where only one developer conducted the review, so there's no difference between AI and non-AI standards.

If this strikes you as flawed, then your concerns should lie with the review process itself.
User avatar
privTri Volpeon areonNSmol @volpeon@icy.wyvern.rip
7mo
@errant From what I've seen from the developers, they're well aware of the risks and capabilities of AI. You aren't wrong that careless (non-)developers are too confident in AI, but this doesn't imply the inverse: that all users of AI are automatically careless. As long as they consistently demonstrate responsible use of it, I personally see no problem from a security standpoint.
User avatar
privTri Volpeon areonNSmol @volpeon@icy.wyvern.rip
7mo
I don't like that people use security as an angle when criticizing the use of AI in KeePassXC. If a project accepts public contributions, this means there will be malicious actors trying to smuggle in code which weakens security. The project must therefore have a solid review process in place to ensure this doesn't happen.

If you see AI as this huge security threat, then you don't trust this review process. But then you shouldn't have trusted the software at any time before to begin with.
User avatar
privTri Volpeon areonNSmol @volpeon@icy.wyvern.rip
7mo
@vel Oh scheiße, ich äh... bin mal für ein paar Tage weg neofox_googly_shocked
User avatar
privTri Volpeon areonNSmol @volpeon@icy.wyvern.rip
7mo
@vel Was passiert, wenn man sie aus Versehen mal nicht an einem Sonntag aufbackt? Frage für einen Freund drgn_sip_nervous