Comment by 20k
4 days ago
Analysing codebases with LLMs to find security vulnerabilities is completely unrelated to committing code generated with LLMs
4 days ago
Analysing codebases with LLMs to find security vulnerabilities is completely unrelated to committing code generated with LLMs
It's a fair comparison. There's a fair amount of plausible-sounding bullshit being peddled as a transparent advertisement for an ai-driven "code security" firm.
and how do you propose fixing the hundreds, if not thousands, of valid, impactful security bugs that frontier models will find?
That seems like an unfounded assumption. Why should one assume that Git Annex has hundreds or thousands of critical, exploitable security vulnerabilities?
This isn't a problem that is isolated to Git Annex. There are many maintainers out there taking anti-LLM stances, and you don't have to look very far to find OSS projects drowning from the wave of bugs.
https://daniel.haxx.se/blog/2026/05/26/the-pressure/
1 reply →
If you can't fix them without LLMs, then you can't fix them. You probably shouldn't be trusted with maintaining the codebase in the first place.
How about if you don't have time to fix them without LLMs?
12 replies →