There is now a “slopware” list on Codeberg cataloging FOSS projects that have used AI in any capacity—not adopted it necessarily, just used it. The entries are often absurd: one older commit reportedly listed a project because “the dev learned something from Claude once.” It’s not about code quality or security concerns, it’s about chastising and othering people for daring to open a chat window.
As if developing FOSS was not thankless enough already lol.
Some people are now refusing to use any “slopware” at all. A recent example: rsync’s developer fixed long-standing security issues that kept getting reported by people who used AI. So, he used AI to find the bugs, fixed them himself, and then also used AI to update the unit tests based on his particular needs for the tests rsync needs.
The fixes he pushed introduced regressions, which is implicit behavior that was never explicitized before. The security updates broke these behaviors, and so for a handful of people rsync stopped working.
The thing is, if you have two users with a very particular edge case and one million users without it, and all face the same security vulnerabilities, who takes precedence? Security issues need to be fixed. That’s not really negotiable.
The weirdest part about people suddenly jumping ship because there’s “AI” is that FOSS devs make no money from user engagement. Whether one person or one hundred thousand use their software means the exact same to them. A few people jumping ship will not hurt sales figures or sponsors… it’s all very capitalistic in understanding.
Anyway, rsync is a segue to the real problem: security. When the bugs were introduced in the new rsync, there was outrage. People started recommending openrsync, or forked rsync from before there were mentions of AI in the commits.
As the rsync maintainer pointed out though, openrsync fails most of the tests that rsync uses. A test is basically “does the software do this particular thing correctly: yes/no”. The fact that openrsync fails tests that rsync doesn’t means that:
- it doesn’t have feature parity,
- it might not work for your particular usecase, and
- it doesn’t fix the critical security issues the AI pointed out that rsync fixed.
This is where we are at today. You can open any agentic interface, put five dollars of credit on DeepSeek or whatever else, download the git repo and tell the AI: “find security vulnerabilities.” That is all you need to do. It will also helpfully write you a script that exploits the vulnerabilities it found.
This is why rsync had to push the security update. The problems were real, and the maintainer kept getting flooded by reports that any old joe found with their AI.
So okay, openrsync doesn’t use AI. That means it doesn’t correct security bugs that will take an AI fifteen minutes to find. It will probably never even know about these vulnerabilities unless someone is kind enough to report it on the repo, and they do fear getting put on the slopware list for committing the unforgivable sin of patching a vulnerability in their software.
If I were a hacker… I would target that slopware list (thanks for listing software that is easy to exploit btw). I would send an agent on it, find vulnerabilities that I know the maintainers will not be able to patch because they refuse to use AI to find the patterns, and then hack whatever I can with what I find.
I am far from the first person who has thought of that, I can confidently say that much.
The rsync vulnerabilities were there for twenty years. It’s just that they were so improbable to figure out that nobody did in those twenty years. AI does not work like a person. It can ingest your entire codebase and connect patterns. It doesn’t tire out either. Once it finds a thread, it can pull on it forever, trying all sorts of different ways to activate the vulnerability.
The people that forked rsync to “before the AI slop” are basically saying: “yeah, there are security vulnerabilities that everyone knows about in this fork.”
I would compare it to a firewall. A firewall prevents machines from connecting to your computer when they should not be allowed to. If you do not have a firewall, any machine can try connecting to you. Refusing to use a firewall because of some purity statement, e.g. “but I feel like hackers should not be allowed to just connect to my home computer. Before we had the internet they could not do that, so why should I change?”, is basically advertising free parking to everyone. Hackers use new methods, and you need to match those methods.
It’s not theoretical either. In May 2026, researchers found they could privilege escalate to root on any Linux machine in just ten lines of Python. They partially found it with AI. Ten lines of Python is something a “helpful” forum user can add to the end of a cracked software file they’re uploading for you and you wouldn’t even catch it.
Yes, vulnerabilities have always existed. But what AI does is allow anyone to find really improbable, deeply-buried vulnerabilities. And having a list of software that “does not use AI,” and using that software, is basically saying “come hack me.”
I don’t mean to make you paranoid about the software you use. Vulnerabilities are being exploited all the time, and it’s a game of cat and mouse where hackers find a method, and security researchers patch that method. You won’t even always have the latest patches.
What I’m saying rather is that actively refusing to use software that used AI is basically digging your own security grave. It’s like refusing to use a firewall, or refusing to move on from Windows XP.
I mean, the “slopware” repo even admits some of this:
Name: espeak-ng. Alternative to consider: espeak
¹espeak may be considered heavily outdated and very bad from a modern standpoint.
Amazing.
Exactly. Like I’m not even “the best” AI coder or whatever, I don’t pretend that my small projects are anything beyond what they are. But I can now make scripts that I need and that solve a real problem for me, and share them with people. They can also take my apps (or any other app), give it to their agentic AI, and have it rework it for their particular needs. The extensibility is unmatched now (although I think it’s still better to merge your additions back to the repo but that’s another discussion).
Here’s an example: I have the reminder app on my codeberg. You use it with mostly natural language:
reminder 7PM Call Pam. That’s all you need to type. It parses the command with python to delineate what is time, what is the actual reminder text (Call Pam), etc. The date formats are taken from the ‘date’ command, nothing special (and huge thanks to the project maintainers for adding that in over the years). We added some custom parsing that the ‘date’ package doesn’t natively support. So you can type:and it will understand any of those combinations without making you do extra work. This is because I wanted it to be intuitive and easy to use; a tool that conforms to you, not you having to conform to it.
I looked at other reminder apps… if you can even find them (a longstanding problem tbh). The ones I found either were either OS-specific or required so many workarounds. One I found was very similar to mine but required you to use it like this:
remindme start remindme in --hr 2 --min 30 --sec 10 --about "Do something cool" remindme stopany time you wanted a reminder to be set (start and stop commands required because it needs to start a server)
The explanation is simple: --arguments are easier to code in and leads to fewer edge cases that can break code. So overall it’s just easier and faster for the programmer to do it this way, I totally get it. But AI doesn’t care about “easy” or “hard”, that’s now how it parses code (actually, it can care about it and it will affect the quality of its output or how it approaches the problem when in practical terms it really shouldn’t lol).
So that’s just one example. If you know your stuff, you can harness your LLM to confidently stay within the bounds you make for it. I can’t really do that when it comes to code, I’m not a programmer. The person who made that remindme app could probably do it to just… automate a whole lot of convenience into their app that the end user will feel.
At the end of the day it’s a tool that gets placed in a process. If you have a solid process for code review there’s no reason you will commit bad code. All the problems that Windows is having for example (broken updates, task manager using all your CPU, the Start menu taking several seconds to open) is probably not because of AI but because they started relaxing their standards. They tried to move everything to WebView2 which is html+css+js instead of building native C++ apps (at least I think it’s C++), and part of that is that all the people that know and code in C++ are retiring.
Regarding the rsync thing, someone did the math and found that the two releases tagged with Claude were not particularly more buggy than any prior release, and did not lead to particularly more issues opened on the repo. They just received more attention because “AI”.
It particularly excels at anything related to Linux, I found. In agentic, it can just do everything for you because everything in Linux is a file (so it can easily write and read what it needs), and everything is available from the command line. If one thing can’t be done one way in the cli, there’s an alternative that’s available.
One thing I found is that because it has no concept of time and is nudged towards being helpful immediately, it sometimes might sprinkle in outdated advice in an otherwise solid guide. Like recommending you be careful about running some command on an HDD when everyone has an SSD (it did not ask me or check if I had an SSD first) and the advice is from a 2004 forum post or something. Still, I learned to “measure twice, cut once” as they say when working on my computer so it’s often not a guide-killer, it’s just superfluous.
That’s so cool you were able to overcome on the reminder app design with the help of AI.
I think this kind of thing can really be a game-changer in the right contexts. The barrier of having to hire a software engineer, or a team of them (and just the limited resources of it), is going to mean a lot of nuances of requests that people have are just logistically unsound. It kind of makes me think of modding in video games in that way. Modding (for games that are easier to mod due to their design) removes a lot of barriers for people making little tweaks that customize the game more to their liking and with less technical knowledge needed to do it.
The right use of AI is arguably similar in a way, like in the app example you gave.
Exactly. I do think for any given software team or product, it is going to be a question how useful AI will be in their particular pipeline with their particular product. But that’s more a logistical question, which I’d imagine will relate to things like how easily you can get the AI to navigate that particular unique codebase and so on. As long as you have an approval process, you can, as you say, prevent it from committing bad code. Just as you’d do with a code review of a teammate.
Capitalism tends to lead to “enshittifying” as that one person coined the term, so that definitely can happen with or without AI in the picture.
Time is a funny thing to me with gen AI. Because gen AI can be pretty bad with actual numbers sometimes, whether it’s time or other ways they factor in. But it runs on a computer, which is on the underlying level far better and faster at numbers than humans are. So like, the token by token probability nature of it can cause it to screw up numbers, but it’s running on a thing that’s incredible at numbers.