There is now a “slopware” list on Codeberg cataloging FOSS projects that have used AI in any capacity—not adopted it necessarily, just used it. The entries are often absurd: one older commit reportedly listed a project because “the dev learned something from Claude once.” It’s not about code quality or security concerns, it’s about chastising and othering people for daring to open a chat window.

As if developing FOSS was not thankless enough already lol.

Some people are now refusing to use any “slopware” at all. A recent example: rsync’s developer fixed long-standing security issues that kept getting reported by people who used AI. So, he used AI to find the bugs, fixed them himself, and then also used AI to update the unit tests based on his particular needs for the tests rsync needs.

The fixes he pushed introduced regressions, which is implicit behavior that was never explicitized before. The security updates broke these behaviors, and so for a handful of people rsync stopped working.

The thing is, if you have two users with a very particular edge case and one million users without it, and all face the same security vulnerabilities, who takes precedence? Security issues need to be fixed. That’s not really negotiable.

The weirdest part about people suddenly jumping ship because there’s “AI” is that FOSS devs make no money from user engagement. Whether one person or one hundred thousand use their software means the exact same to them. A few people jumping ship will not hurt sales figures or sponsors… it’s all very capitalistic in understanding.

Anyway, rsync is a segue to the real problem: security. When the bugs were introduced in the new rsync, there was outrage. People started recommending openrsync, or forked rsync from before there were mentions of AI in the commits.

As the rsync maintainer pointed out though, openrsync fails most of the tests that rsync uses. A test is basically “does the software do this particular thing correctly: yes/no”. The fact that openrsync fails tests that rsync doesn’t means that:

• it doesn’t have feature parity,
• it might not work for your particular usecase, and
• it doesn’t fix the critical security issues the AI pointed out that rsync fixed.

This is where we are at today. You can open any agentic interface, put five dollars of credit on DeepSeek or whatever else, download the git repo and tell the AI: “find security vulnerabilities.” That is all you need to do. It will also helpfully write you a script that exploits the vulnerabilities it found.

This is why rsync had to push the security update. The problems were real, and the maintainer kept getting flooded by reports that any old joe found with their AI.

So okay, openrsync doesn’t use AI. That means it doesn’t correct security bugs that will take an AI fifteen minutes to find. It will probably never even know about these vulnerabilities unless someone is kind enough to report it on the repo, and they do fear getting put on the slopware list for committing the unforgivable sin of patching a vulnerability in their software.

If I were a hacker… I would target that slopware list (thanks for listing software that is easy to exploit btw). I would send an agent on it, find vulnerabilities that I know the maintainers will not be able to patch because they refuse to use AI to find the patterns, and then hack whatever I can with what I find.

I am far from the first person who has thought of that, I can confidently say that much.

The rsync vulnerabilities were there for twenty years. It’s just that they were so improbable to figure out that nobody did in those twenty years. AI does not work like a person. It can ingest your entire codebase and connect patterns. It doesn’t tire out either. Once it finds a thread, it can pull on it forever, trying all sorts of different ways to activate the vulnerability.

The people that forked rsync to “before the AI slop” are basically saying: “yeah, there are security vulnerabilities that everyone knows about in this fork.”

I would compare it to a firewall. A firewall prevents machines from connecting to your computer when they should not be allowed to. If you do not have a firewall, any machine can try connecting to you. Refusing to use a firewall because of some purity statement, e.g. “but I feel like hackers should not be allowed to just connect to my home computer. Before we had the internet they could not do that, so why should I change?”, is basically advertising free parking to everyone. Hackers use new methods, and you need to match those methods.

It’s not theoretical either. In May 2026, researchers found they could privilege escalate to root on any Linux machine in just ten lines of Python. They partially found it with AI. Ten lines of Python is something a “helpful” forum user can add to the end of a cracked software file they’re uploading for you and you wouldn’t even catch it.

Yes, vulnerabilities have always existed. But what AI does is allow anyone to find really improbable, deeply-buried vulnerabilities. And having a list of software that “does not use AI,” and using that software, is basically saying “come hack me.”

I don’t mean to make you paranoid about the software you use. Vulnerabilities are being exploited all the time, and it’s a game of cat and mouse where hackers find a method, and security researchers patch that method. You won’t even always have the latest patches.

What I’m saying rather is that actively refusing to use software that used AI is basically digging your own security grave. It’s like refusing to use a firewall, or refusing to move on from Windows XP.

I mean, the “slopware” repo even admits some of this:

Name: espeak-ng. Alternative to consider: espeak

¹espeak may be considered heavily outdated and very bad from a modern standpoint.

Amazing.