There is now a “slopware” list on Codeberg cataloging FOSS projects that have used AI in any capacity—not adopted it necessarily, just used it. The entries are often absurd: one older commit reportedly listed a project because “the dev learned something from Claude once.” It’s not about code quality or security concerns, it’s about chastising and othering people for daring to open a chat window.
As if developing FOSS was not thankless enough already lol.
Some people are now refusing to use any “slopware” at all. A recent example: rsync’s developer fixed long-standing security issues that kept getting reported by people who used AI. So, he used AI to find the bugs, fixed them himself, and then also used AI to update the unit tests based on his particular needs for the tests rsync needs.
The fixes he pushed introduced regressions, which is implicit behavior that was never explicitized before. The security updates broke these behaviors, and so for a handful of people rsync stopped working.
The thing is, if you have two users with a very particular edge case and one million users without it, and all face the same security vulnerabilities, who takes precedence? Security issues need to be fixed. That’s not really negotiable.
The weirdest part about people suddenly jumping ship because there’s “AI” is that FOSS devs make no money from user engagement. Whether one person or one hundred thousand use their software means the exact same to them. A few people jumping ship will not hurt sales figures or sponsors… it’s all very capitalistic in understanding.
Anyway, rsync is a segue to the real problem: security. When the bugs were introduced in the new rsync, there was outrage. People started recommending openrsync, or forked rsync from before there were mentions of AI in the commits.
As the rsync maintainer pointed out though, openrsync fails most of the tests that rsync uses. A test is basically “does the software do this particular thing correctly: yes/no”. The fact that openrsync fails tests that rsync doesn’t means that:
- it doesn’t have feature parity,
- it might not work for your particular usecase, and
- it doesn’t fix the critical security issues the AI pointed out that rsync fixed.
This is where we are at today. You can open any agentic interface, put five dollars of credit on DeepSeek or whatever else, download the git repo and tell the AI: “find security vulnerabilities.” That is all you need to do. It will also helpfully write you a script that exploits the vulnerabilities it found.
This is why rsync had to push the security update. The problems were real, and the maintainer kept getting flooded by reports that any old joe found with their AI.
So okay, openrsync doesn’t use AI. That means it doesn’t correct security bugs that will take an AI fifteen minutes to find. It will probably never even know about these vulnerabilities unless someone is kind enough to report it on the repo, and they do fear getting put on the slopware list for committing the unforgivable sin of patching a vulnerability in their software.
If I were a hacker… I would target that slopware list (thanks for listing software that is easy to exploit btw). I would send an agent on it, find vulnerabilities that I know the maintainers will not be able to patch because they refuse to use AI to find the patterns, and then hack whatever I can with what I find.
I am far from the first person who has thought of that, I can confidently say that much.
The rsync vulnerabilities were there for twenty years. It’s just that they were so improbable to figure out that nobody did in those twenty years. AI does not work like a person. It can ingest your entire codebase and connect patterns. It doesn’t tire out either. Once it finds a thread, it can pull on it forever, trying all sorts of different ways to activate the vulnerability.
The people that forked rsync to “before the AI slop” are basically saying: “yeah, there are security vulnerabilities that everyone knows about in this fork.”
I would compare it to a firewall. A firewall prevents machines from connecting to your computer when they should not be allowed to. If you do not have a firewall, any machine can try connecting to you. Refusing to use a firewall because of some purity statement, e.g. “but I feel like hackers should not be allowed to just connect to my home computer. Before we had the internet they could not do that, so why should I change?”, is basically advertising free parking to everyone. Hackers use new methods, and you need to match those methods.
It’s not theoretical either. In May 2026, researchers found they could privilege escalate to root on any Linux machine in just ten lines of Python. They partially found it with AI. Ten lines of Python is something a “helpful” forum user can add to the end of a cracked software file they’re uploading for you and you wouldn’t even catch it.
Yes, vulnerabilities have always existed. But what AI does is allow anyone to find really improbable, deeply-buried vulnerabilities. And having a list of software that “does not use AI,” and using that software, is basically saying “come hack me.”
I don’t mean to make you paranoid about the software you use. Vulnerabilities are being exploited all the time, and it’s a game of cat and mouse where hackers find a method, and security researchers patch that method. You won’t even always have the latest patches.
What I’m saying rather is that actively refusing to use software that used AI is basically digging your own security grave. It’s like refusing to use a firewall, or refusing to move on from Windows XP.
I mean, the “slopware” repo even admits some of this:
Name: espeak-ng. Alternative to consider: espeak
¹espeak may be considered heavily outdated and very bad from a modern standpoint.
Amazing.
AI is just a tool and it is the system it’s used by that defines peoples favorability towards it. And what we are seeing now is yet another example of how capitalism ruins everything by using it in the most aggressively annoying, stupid, and money grubbing way possible. Which then leads everyone to form a negative opinion of it to the point just the mention of it makes people assume it’s bad.
This is the sickness of western society. The assumption that everything is bad by default because it is all they will ever see.
Meanwhile in China, AI is used to like, keep trains running on time and helping to design infrastructure and such things, and people have quite a positive opinion on it. (As I understand things.)
Meanwhile in China, AI is used to like, keep trains running on time and helping to design infrastructure and such things, and people have quite a positive opinion on it. (As I understand things.)
This is from 2024 but it hasn’t moved much:
(for some reason they publish these stats with China included, and with China excluded lol)
Do the people who follow this list also avoid all proprietary software, or are those ok because they will never know whether LLMs were in use or not with those?
There are plenty of political battles which can and should be fought, but opposing new means of production in principle outside of the specific impacts is fundamentally reactionary
you know, I can see it lol. This was in the Ardour pull requests when someone added an MCP server:
Basically they want the software other people make freely to cater exactly to their use of it. there’s always someone like that showing up. “I’m sure there are other accessibility options” = “I only think of myself and try to impose my views”, all accessibility options can live side-by-side, that’s how inclusive software is made. But they’d rather throw disabled people under the bus because it doesn’t impact them directly (6 heart emoji reacts under their post btw).
Software lives and changes, as does everything else. To want it to be immutable so it caters specifically to one’s own sensibilities indeed looks reactionary.
im very anti genAI but i always had the feeling to not tell devs off for it bc they probably know what theyre doing with it. i feel like people are going into a panic instead of analyzing why genAI is bad
I feel it’s a matter of just finding the part you vibe with. I could show cool AI pictures that absolutely don’t look AI but there is little point to it as they would probably only speak to me. It’s like with everything else, there’s also paintings and drawings I don’t like or don’t find interesting. It has enabled a lot of spam to be created but the spam was already there, it just looked different. I used to have to trudge through pages and pages of stock image websites to find the one I could use, there’s some really improbable stuff in there (like this whole set of a sick employee eating a salad while working from home with the screen reflecting glare in his glasses and a random guitar in the background), and they somehow all have this look of being stock photos.
So I figure, if we’re going to stop ourselves from doing things we enjoy or want to do just because there’s also slop of it that exists, there would be very little left to enjoy!
While I’m not the biggest fan of AI, trying to fight it in software or use software that isn’t “tainted” by it is a losing battle imo.
the entire list wears its heart on its sleeve frankly, a whole manifesto that lumps everything in together. “Permissive AI policy” = “A policy that permits the use of AI/LLMs in any capacity”. So accepting AI bug reports would be enough to be put in the list, because… you realized your software has security vulnerabilities you need to fix? Per their own criterion to not be in the list a maintainer would have to actively refuse bugs found with AI and then… I don’t know, find them themselves instead?
Like I exclusively use deepseek or kimi, I don’t see what their angst against western AI has to do with me lol. In general it’s just very US-centric and somehow it’s once again the entire world’s responsibility to soothe down USians’ anxieties (not that Europe where I live doesn’t rely on US tech or has a better AI policy lol).
Ardour features in it as “Permissive AI policy” because someone created an MCP server. That’s it. An MCP server is a way of communicating data to an LLM and back, it’s an API.
Just the fact they have a row called “Last Untainted Version or Commit ID” says it all really. By all means yell at Microsoft or OpenAI, but FOSS software is already unpopular enough as it is lol.
Even other things like listing Tailwind for being AI sponsored. The Tailwind team was gutted by AI went from 10 people to 2 because their docs and paid services went to 0, while the entire AI vibecoded ecosystem relies on and uses Tailwind almost exclusively (at least Claude does I feel like). They recommend a library that hasn’t been updated in 3 years, sure.
Oh for sure, stuff like offering to install the software (for businesses) or troubleshooting as a paid service to supplement the free software is going to go out more and more, and maintainers will have to find other sources of revenue. That’s not even specific to projects that allow AI, any piece of software (incl proprietary) can just be installed by someone with an AI agent. The agent does it for you and follows the documentation.
There is now a “slopware” list on Codeberg cataloging FOSS projects that have used AI in any capacity—not adopted it necessarily, just used it. The entries are often absurd: one older commit reportedly listed a project because “the dev learned something from Claude once.” It’s not about code quality or security concerns, it’s about chastising and othering people for daring to open a chat window.
Could you imagine if people did this, but for projects whose devs copy/pasted solutions from StackOverflow? It sure seems like a lot of people just don’t even try to understand what AI is. I know I’ve said it many times on here before, but I insist on two major things when it comes to gen AI: 1) That it’s valid to have complaints about AI, BUT 2) They should be coming from a place of understanding something about what it is and how it works. Don’t have to be an ML researcher, that’d be a high bar, just understanding anything beyond “AI bad” really.
As an example relating to the subject of AI and code, in my experience using AI to help with code, it is overall not that far off from when I did coding projects pre-AI and had to scour the internet for help, in that a solution found online may work but still be beyond my understanding. Or it may work in a vacuum, but need adjustment for my use case.
That said, I find gen AI does have differences to scouring the internet for help, both advantages and disadvantages, like:
- Advantages: easy to access at any time and get a fast reply, flexible to the problem, can fill gaps where searching quality is in decline (:/)
- Disadvantages: over-trained toward information density in a reply, which can make it overwhelming if I wanted a slower back and forth; inherently less trustworthy than somewhere like StackOverflow; has to be maintained via more training if software changes, new versions of things come out, etc., or else the user has to supply information on types it doesn’t know and the like
I find that the trustworthiness of information is less of an issue in software than I would have thought it’d be, probably because lots of software is pretty consistent, deterministic information based on years or decades of established languages and software patterns. Which means it’s mainly a matter of training the model well enough on those already established specifics.
Anyway, I feel like I’m rambling a bit, but there’s a certain irony in software looking at software and saying automation bad. Or maybe irony isn’t even the right word. I don’t know, mind-boggling? Software is basically premised on automating things that weren’t automated before and has been able to shrink/change the jobs space in various ways, over decades, because of that. People in software have been making a cozy (relative to many others in the workforce) living off of automating systems and then gen AI shows up and suddenly automation is bad?
I get being cautious of AI touching code, for sure. You don’t want to apply it without care and think you can replace human review and understanding of a problem with ease. But to turn it into a binary thing of a stigma against projects that use it in any way is so asinine. Fundamentally, this is what software was always working toward, but capitalism means people end up seeing it as a threat instead of a relief from certain kinds of labor.
- That it’s valid to have complaints about AI, BUT 2) They should be coming from a place of understanding something about what it is and how it works.
Exactly. Like I’m not even “the best” AI coder or whatever, I don’t pretend that my small projects are anything beyond what they are. But I can now make scripts that I need and that solve a real problem for me, and share them with people. They can also take my apps (or any other app), give it to their agentic AI, and have it rework it for their particular needs. The extensibility is unmatched now (although I think it’s still better to merge your additions back to the repo but that’s another discussion).
Here’s an example: I have the reminder app on my codeberg. You use it with mostly natural language:
reminder 7PM Call Pam. That’s all you need to type. It parses the command with python to delineate what is time, what is the actual reminder text (Call Pam), etc. The date formats are taken from the ‘date’ command, nothing special (and huge thanks to the project maintainers for adding that in over the years). We added some custom parsing that the ‘date’ package doesn’t natively support. So you can type:- sep 5
- 5 september
- september 5 7PM
- 2026.09.05 17:00
and it will understand any of those combinations without making you do extra work. This is because I wanted it to be intuitive and easy to use; a tool that conforms to you, not you having to conform to it.
I looked at other reminder apps… if you can even find them (a longstanding problem tbh). The ones I found either were either OS-specific or required so many workarounds. One I found was very similar to mine but required you to use it like this:
remindme start remindme in --hr 2 --min 30 --sec 10 --about "Do something cool" remindme stopany time you wanted a reminder to be set (start and stop commands required because it needs to start a server)
The explanation is simple: --arguments are easier to code in and leads to fewer edge cases that can break code. So overall it’s just easier and faster for the programmer to do it this way, I totally get it. But AI doesn’t care about “easy” or “hard”, that’s now how it parses code (actually, it can care about it and it will affect the quality of its output or how it approaches the problem when in practical terms it really shouldn’t lol).
So that’s just one example. If you know your stuff, you can harness your LLM to confidently stay within the bounds you make for it. I can’t really do that when it comes to code, I’m not a programmer. The person who made that remindme app could probably do it to just… automate a whole lot of convenience into their app that the end user will feel.
At the end of the day it’s a tool that gets placed in a process. If you have a solid process for code review there’s no reason you will commit bad code. All the problems that Windows is having for example (broken updates, task manager using all your CPU, the Start menu taking several seconds to open) is probably not because of AI but because they started relaxing their standards. They tried to move everything to WebView2 which is html+css+js instead of building native C++ apps (at least I think it’s C++), and part of that is that all the people that know and code in C++ are retiring.
Regarding the rsync thing, someone did the math and found that the two releases tagged with Claude were not particularly more buggy than any prior release, and did not lead to particularly more issues opened on the repo. They just received more attention because “AI”.
I find that the trustworthiness of information is less of an issue in software than I would have thought it’d be, probably because lots of software is pretty consistent, deterministic information based on years or decades of established languages and software patterns. Which means it’s mainly a matter of training the model well enough on those already established specifics.
It particularly excels at anything related to Linux, I found. In agentic, it can just do everything for you because everything in Linux is a file (so it can easily write and read what it needs), and everything is available from the command line. If one thing can’t be done one way in the cli, there’s an alternative that’s available.
One thing I found is that because it has no concept of time and is nudged towards being helpful immediately, it sometimes might sprinkle in outdated advice in an otherwise solid guide. Like recommending you be careful about running some command on an HDD when everyone has an SSD (it did not ask me or check if I had an SSD first) and the advice is from a 2004 forum post or something. Still, I learned to “measure twice, cut once” as they say when working on my computer so it’s often not a guide-killer, it’s just superfluous.
That’s so cool you were able to overcome on the reminder app design with the help of AI.
have it rework it for their particular needs
I think this kind of thing can really be a game-changer in the right contexts. The barrier of having to hire a software engineer, or a team of them (and just the limited resources of it), is going to mean a lot of nuances of requests that people have are just logistically unsound. It kind of makes me think of modding in video games in that way. Modding (for games that are easier to mod due to their design) removes a lot of barriers for people making little tweaks that customize the game more to their liking and with less technical knowledge needed to do it.
The right use of AI is arguably similar in a way, like in the app example you gave.
At the end of the day it’s a tool that gets placed in a process. If you have a solid process for code review there’s no reason you will commit bad code. All the problems that Windows is having for example (broken updates, task manager using all your CPU, the Start menu taking several seconds to open) is probably not because of AI but because they started relaxing their standards. They tried to move everything to WebView2 which is html+css+js instead of building native C++ apps (at least I think it’s C++), and part of that is that all the people that know and code in C++ are retiring.
Exactly. I do think for any given software team or product, it is going to be a question how useful AI will be in their particular pipeline with their particular product. But that’s more a logistical question, which I’d imagine will relate to things like how easily you can get the AI to navigate that particular unique codebase and so on. As long as you have an approval process, you can, as you say, prevent it from committing bad code. Just as you’d do with a code review of a teammate.
Capitalism tends to lead to “enshittifying” as that one person coined the term, so that definitely can happen with or without AI in the picture.
One thing I found is that because it has no concept of time and is nudged towards being helpful immediately, it sometimes might sprinkle in outdated advice in an otherwise solid guide. Like recommending you be careful about running some command on an HDD when everyone has an SSD (it did not ask me or check if I had an SSD first) and the advice is from a 2004 forum post or something. Still, I learned to “measure twice, cut once” as they say when working on my computer so it’s often not a guide-killer, it’s just superfluous.
Time is a funny thing to me with gen AI. Because gen AI can be pretty bad with actual numbers sometimes, whether it’s time or other ways they factor in. But it runs on a computer, which is on the underlying level far better and faster at numbers than humans are. So like, the token by token probability nature of it can cause it to screw up numbers, but it’s running on a thing that’s incredible at numbers.
Gotta add the costs to the disadvantages, especially after github copilot’s price hike. Using my Xiaomi subscription with Kill Code, opencode and as BYOK in the remnants of my copilot subscription.
Even the free ones are still putting in the collective costs.
API costs and just plain hardware costs are definitely huge brakes. Even deepseek flash can be expensive in some regions where 2$ is enough to feed yourself for a day. My hope is as time goes we find new ways to fit bigger models on smaller hardware, which seems to be happening (mainly in China) but who knows when that’ll be available to the general public.
I can see China eventually treating AI as a basic utility, making sure every citizen can afford an API key as easily as they can get a SIM card.
I think they are actually starting to consider it that way, but I don’t remember where I read that (might have been a screenshot here)
Definitely a fair add. My list was not meant to be exhaustive, only what came to mind in the moment. As CriticalResist said, I do hope that’s something that will go down in cost over time; both in literal currency and environment cost, through breakthroughs in hardware and model design that can dramatically reduce the heavy dependency on GPU farms. I’m no ML researcher, but from what I have picked up by osmosis, it seems to me that GPUs as a dependency is kind of a “because it’s the option there is” situation; far from the ideal for processing ML logic in the gen AI form. I know I’ve heard of things here and there about specialized hardware for gen AI, or like fitting a specific smaller model onto a piece of hardware itself, but nothing mainstream that I’m aware of yet.
Actually I think the rsync saga could be a legitimate cause for concern. I say this only as a simpleton. And the guy doing the AI is coding is the father of rsync. So I have to give him the benefit of the doubt and see how it plays out in the long term.
I don’t care about the regressions. Those could have with or without AI. What rsync daddy is doing is rewriting the entire test suite from shell scripts to python script. I don’t care about this either. The potential problem I see is these:
- LLM using developers have been hedging against incorrect code by relying on tests. So if the tests are themselves being rewritten, it should be done with care and deliberation. This is where human reviewers are invaluable but…
- LLMs can output code at breakneck speed. Far faster than any person can review them. The simple solution is to use it in moderation but some people don’t do that for whatever reason. The rsync saga began a few months ago (I didn’t check sorry) and it has about 30k lines of code added since. That’s a lot of code to review. Can rsync’s maintainers reign it in? It is definitely possible but I don’t think skepticism is irrational.
I really can’t judge whether what the maintainer doing is kosher. Experienced developers using it is more like a case study situation for me so I will see how it goes. But yeah, my only hope is that all of its output genuinely goes through people who genuinely read it. Workflows like LLMs writing code for LLMs to review it should be avoided. Bottlenecks and friction are not always a bad thing. If there was no friction we’d not be able to walk.
Regarding the puritanical avoidance of AI written software, I don’t agree with it but I understand where it comes from. People in the West are seeing one trajectory that the technology is taking. There has been absolutely zero coverage about AI in China. I am dying to find out how it is being used there, what different kinds of people think about it, etc. since it is the only other country making its own AI but there has been nothing. But for us the story of AI is being written entirely the marketing departments of OpenAI, Anthropic, Microsoft, Meta and Google. There is a polar opposite to AI puritanism which is pushed by forces with billions of dollars of backing. It has become difficult to be objective about it, especially now that OpenAI (and maybe Anthropic?) are now involved with the MIC. So I don’t agree with it but I am sympathetic.
In May 2026, researchers found they could privilege escalate to root on any Linux machine in just ten lines of Python.
would like to read more about this if you have a link
I got you, it was the Copy Fail vulnerability.
I think it’s nice to have a comprehensive list of how projects use AI, with citations. The reader can draw their own line for what’s acceptable, and I doubt most people would reject AI-assisted security audits.
Just don’t go the way of bcachefs. Edit: Or Bun. I’d say that is a crazier example for some reasons.
