Anything is better than nothing.

Go and Zig are serious languages. Go is especially established and has a big ecosystem and capabilities. You could stick with Go forever if you don’t want to expand afterwards.

Starting ‘simpler’ is better because it gives you successes. It keeps you going.

The developer used AI and it introduced bugs and that was bad for people.

Was it the AI that introduced bugs, or them, while working with AI there or in other parts?
Would the bugs not have occurred if they made the changes without AI?
Would they have made any changes without AI? Would we be better off without changes for security robustness?

You make it sound like a direct correlation. Having read their response, that seems like an assumption without reasonable foundation.

Changes always have a risk of introducing bugs.
I’m no friend of using AI without the necessariy expertise, but from their response, they seem to have taken a very thorough, reasonable approach, and they seem to have the expertise to do so.

I don’t know the degree to that, but bugs do happen occasionally either way as long as there are changes. In the article, they explain why the changes are necessary. Prioritizing security over no-change-stability seems reasonable and warranted.

This reasoning assumes any LLM-assisted change is faulty, right?

The linked article doesn’t make me concerned. They seem to have the expertise, seem to apply due diligence and good practice around (selectively) using LLM.

Can people not directly involved in and working on the project assess the risks well? Do we not have to depend on author and project leadership expertise just like we had to before with any parts of development, management, and tool and infrastructure use?

I haven’t looked up the original communication or drama, but I assume communication could have been much better. Maybe the commits didn’t say much about the reasoning and due diligence that they describe in this article? Other than that, how can you make a better judgment about the changes than them without taking a thorough look and assessment?

Have you read the linked article? They explain how they used AI. It’s not like AI produced the code and that’s it.

They also explain about this version and the next minor version.

In your eyes, is all AI-produced text and code slop? Or did you check on the Python tests they designed and implemented with the help of AI, and after analysis of that, you came to the conclusion that it’s slop (as in nonsensical, incoherent, faulty, or similar)?

Is that your assumption given that they’re using AI? Because it’s not at all what I have taken away from their article.

Is “not properly maintained anymore” your interpretation of them using AI? Or what do you base that on?

I have no idea. That was a long time ago.

/edit:

the origin stories of Fedora contributors – the moments that brought people into this project and kept them here

I guess, OP at least, is only about Fedora.

Was the second commitment cleanup?

I didn’t get that feeling at all. They didn’t make any such claims or used such wordings which I often see elsewhere.

Also, nobody actually knows if human intelligence is just finer grained stochastic prediction as well.

An interesting but valid argument. It doesn’t make AI better than it is, but any human contribution and change can and often is also faulty. People have gaps of knowledge, sometimes unwarranted confidence, other times lack of care, or just miss things. It’s not like we’re comparing the perfect human vs faulty AI.

If you don’t mind the security risk then you can of course use an older release.

I haven’t read the original rage/drama but I can imagine if from other drama instances.

This post is certainly a good, founded response.

There’s some valid concerns in AI usage, but unwarranted or inappropriate harsh criticism when it’s an established trusted developer and engineer - if we assumed good practice before then we could assume continued good practice. Maybe LLM is one point of increasing skepticism, but criticism should be open, respectful, and fair.

They invested a lot of time and effort into a public good project. In that context, they deserve at least respectful and non-worst-assumptuous criticism.

Inspected, looks like even hidden-behind elements receive matrix transformation updates.

Presumably, skipping those could increase performance? But maybe it’s not possible with this approach. I haven’t checked deeply. I guess it’s infeasible.

The browser’s compositor handles the 3D layering.

But someone should!

“found your profile”, as in, supposedly personalized, but the email is “tracked with Mailsuite” with an opt out link, indicating mass sending. Already suspicious.

From the description I broadly had a suspicion which was confirmed by the reply. They want you to be the employee or contractor and act as the face and communicator, while in an undisclosed matter, hidden from the employer, it’s not you doing the work but them. It’s a scam.

It’s an impersonation scam that recently became somewhat popular. I don’t remember where I’ve seen or read about it. Either some article(s) or YouTube.

Mavis Beacon Teaches Typing is an application software program designed to teach touch typing. Released in late 1987 by The Software Toolworks, the program aimed to enhance users’ typing skills through a series of interactive lessons and games. Mavis Beacon is an entirely fictional character created for marketing purposes. - Wikipedia

The G in GNU stands for GET after all!

GNU Hurd

Microkernels project. In development since 1990, with varying activity.

After years of stagnation, development picked up again in 2015 and 2016, with four releases during these two years.[18] Since then, no release was made, but distributions pick up snapshots to produce distribution releases. - Wikipedia

Wikipedia lists six distributions; amongst them Arch, Debian, Gentoo, Guix

When I see that it’s GNU, I can trust in it’s license, and that it’s backed by an org - whether actively maintained and developed or not. My impression is that the sources are not accessible to me, personally, mainly because of legacy tech stack but also they’re typically in C or C++ which is often less approachable, and often they’re Linux-only or -focused.

The GNU label, (if confirmed by the project being on their official websites), gives projects an immediate boost in trustworthiness over random FOSS projects.

I suspect many don’t enforce it via GitHub functionality, but do implicitly require or recommend reviews.

How many contributors do these projects have? All multiple active?

If the original contract was for software without source code, you’ll have to negotiate. I don’t think it’s helpful to look for options and licenses before knowing what they are ready to do and share and what restrictions they would require for that.

They would be very well within their right to outright refuse. The vendor-lock-in may even have been an explicit business strategy. I assume they offer maintenance, at a higher price than you would cost?