Conversation

Notices

1. Embed this notice
   Christine Lemmer-Webber (cwebber@social.coop)'s status on Friday, 13-Mar-2026 03:54:17 JST Christine Lemmer-Webber

   systemd goes AI agent slopware https://github.com/systemd/systemd/blob/c1d4d5fd9ae56dc07377ef63417f461a0f4a4346/AGENTS.md

   has slop documentation now too

   • Rich Felker repeated this.
   • Embed this notice
     Christine Lemmer-Webber (cwebber@social.coop)'s status on Friday, 13-Mar-2026 03:54:45 JST Christine Lemmer-Webber

     in reply to

     One more reason to use Guix + Shepherd!

   • Embed this notice
     FoolishOwl (foolishowl@social.coop)'s status on Friday, 13-Mar-2026 03:55:53 JST FoolishOwl

     in reply to

     @cwebber I have no words.

   • Embed this notice
     Christine Lemmer-Webber (cwebber@social.coop)'s status on Friday, 13-Mar-2026 04:13:21 JST Christine Lemmer-Webber

     in reply to

     • Nelson

     @skyfaller Linux already is slopifying

   • Embed this notice
     Nelson (skyfaller@jawns.club)'s status on Friday, 13-Mar-2026 04:13:22 JST Nelson

     in reply to

     @cwebber Will GNU Guix be able to keep LLMs out of Shepherd and Hurd? I'm also worried about the Linux kernel potentially slopifying.

   • Embed this notice
     Niklas (ytvwld@chaos.social)'s status on Friday, 13-Mar-2026 04:33:08 JST Niklas

     in reply to

     • Nelson

     @cwebber @skyfaller but Hurd is too, right? https://lists.gnu.org/archive/html/bug-hurd/2026-02/msg00133.html

   • Embed this notice
     Christine Lemmer-Webber (cwebber@social.coop)'s status on Friday, 13-Mar-2026 04:34:18 JST Christine Lemmer-Webber

     in reply to

     • Ludovic Courtès
     • Nelson
     • Niklas

     @skyfaller @ytvwld Hurd is not Guix, but is one of the kernel options available for Guix.

     @civodul has loosely floated the idea on here of having a "no AI contributions in Guix" policy (and I think that should extend to the Shepherd). I'm for it.

   • Embed this notice
     Nelson (skyfaller@jawns.club)'s status on Friday, 13-Mar-2026 04:34:19 JST Nelson

     in reply to

     • Niklas

     @ytvwld @cwebber Yes, this is what I was looking for but I couldn't find the reference, looks like slop is infecting Guix projects already. It's probably not too late to change course if Guix can find its spine, but given how many previously respected projects have fallen already I'm not optimistic.

   • Embed this notice
     Brian! (bclindner@mas.to)'s status on Friday, 13-Mar-2026 04:36:21 JST Brian!

     in reply to

     @cwebber you'll notice about everything Red Hat touches is compromised in this regard! :harold:

     Christine Lemmer-Webber repeated this.
   • Embed this notice
     Ingo (lasombra_br@mas.to)'s status on Friday, 13-Mar-2026 04:36:21 JST Ingo

     in reply to

     • Brian!

     @bclindner @cwebber This time it seems there’s no Red Hat involvement

   • Embed this notice
     Doug Whitfield [Minneapolis] (musicman@mastodon.social)'s status on Friday, 13-Mar-2026 05:08:14 JST Doug Whitfield [Minneapolis]

     in reply to

     @cwebber you broke github

   • Embed this notice
     Christine Lemmer-Webber (cwebber@social.coop)'s status on Friday, 13-Mar-2026 05:08:31 JST Christine Lemmer-Webber

     in reply to

     • Doug Whitfield [Minneapolis]

     @musicman that's right the christine effect isn't limited to fedi nodes

   • Embed this notice
     Christine Lemmer-Webber (cwebber@social.coop)'s status on Friday, 13-Mar-2026 05:11:39 JST Christine Lemmer-Webber

     in reply to

     • Ludovic Courtès
     • Nelson
     • Niklas

     @skyfaller @ytvwld @civodul I think an easier option: a one year moritorium on AI based contributions, while what that means shakes out, set to be re-evaluated.

   • Embed this notice
     Christine Lemmer-Webber (cwebber@social.coop)'s status on Friday, 13-Mar-2026 06:35:53 JST Christine Lemmer-Webber

     in reply to

     Looks like they're also using Claude for PR review https://github.com/systemd/systemd/commit/9a70fdcb741fc62af82427696c05560f4d70e4de

     Which probably means systemd is now the most attractive target in FOSS for an AI prompt injection attack to insert a backdoor

     Rich Felker repeated this.
   • Embed this notice
     Christine Lemmer-Webber (cwebber@social.coop)'s status on Friday, 13-Mar-2026 07:25:06 JST Christine Lemmer-Webber

     in reply to

     • elle

     @elle Guix doesn't use systemd and has good people in it (biased: I am a Guix contributor)

   • Embed this notice
     elle (elle@weathered-steel.social)'s status on Friday, 13-Mar-2026 07:25:07 JST elle

     in reply to

     @cwebber this is so disheartening... they are opening up huge attack vectors that they absolutely don't have to.

     wonder how big the bribe was to get systemd maintainers to start using Claude?

     time to start shopping around for non-systemd distros, I guess. thanks assholes

   • Embed this notice
     Gábor Udvari (gaborudvari@fosstodon.org)'s status on Friday, 13-Mar-2026 07:26:16 JST Gábor Udvari

     in reply to

     • ?
     • Aging Owlbear :lgbtq_heart:

     @cocaine_owlbear @cwebber Guix has channels for third-party packages, kinda like Ubuntu PPAs or Arch AUR, but more decentralized. There is one such channel with firmwares and vanilla kernels called nonguix. Theres is a LiveCD maintained by @hako with that channel already enabled, you can try it out with your current laptop:

     https://codeberg.org/hako/Testament#headline-9

   • Embed this notice
     Aging Owlbear :lgbtq_heart: (cocaine_owlbear@retro.pizza)'s status on Friday, 13-Mar-2026 07:26:18 JST Aging Owlbear :lgbtq_heart:

     in reply to

     @cwebber I'm more of an OpenRC or dinit kind of Owlbear personally. Also, Guix doesn't support my laptop's hardware (imma be a lot more careful about my next laptop…)

     (edited to change NY to my. Thanks autocorrect, you're really worth the hassle...)

     Christine Lemmer-Webber repeated this.
   • Embed this notice
     elle (elle@weathered-steel.social)'s status on Friday, 13-Mar-2026 07:30:41 JST elle

     in reply to

     @cwebber you know, I have been meaning to try out Guix. their work on reproducible builds is really impressive.

     thanks for the pointer! 💜

   • Embed this notice
     Christine Lemmer-Webber (cwebber@social.coop)'s status on Friday, 13-Mar-2026 07:52:50 JST Christine Lemmer-Webber

     in reply to

     • Erin 💽✨

     @erincandescent If it isn't opening/closing and merging PRs itself, then it probably isn't at this risk point yet. I guess I'm nervous from seeing more and more projects offload more and more review and action to such things. But yeah, the real risk is when you give the bot the capability to merge the PR itself.

   • Embed this notice
     Erin 💽✨ (erincandescent@akko.erincandescent.net)'s status on Friday, 13-Mar-2026 07:52:53 JST Erin 💽✨

     in reply to

     @cwebber i’m not sure how, claude is running inside a read only github actions sandbox.

   • Embed this notice
     Christine Lemmer-Webber (cwebber@social.coop)'s status on Friday, 13-Mar-2026 07:56:54 JST Christine Lemmer-Webber

     in reply to

     • Erin 💽✨
     • Adrian Chadd <verified.png>

     @erikarn @erincandescent There's no way to prevent poisoning of training data when the training data comes from "slurp up the whole internet"

     See also: https://www.schneier.com/blog/archives/2026/03/manipulating-ai-summarization-features.html

   • Embed this notice
     Adrian Chadd <verified.png> (erikarn@mstdn.social)'s status on Friday, 13-Mar-2026 07:56:56 JST Adrian Chadd <verified.png>

     in reply to

     • Erin 💽✨

     @cwebber @erincandescent right, now it's time to focus on avoiding people poisoning training data and prompting.

     I'm much more worried about code being merged that introduces subtle back doors that the LLM judges as "safe".

     (And I'm not talking about it without seeing it actively being used like this right now, fwiw.)

   • Embed this notice
     Rich Felker (dalias@hachyderm.io)'s status on Friday, 13-Mar-2026 08:01:32 JST Rich Felker

     in reply to

     • Erin 💽✨
     • Adrian Chadd <verified.png>

     @cwebber @erikarn @erincandescent Poisoning training data is good. We want there to be bad outcomes for folks who use this shit.

   • Embed this notice
     Christine Lemmer-Webber (cwebber@social.coop)'s status on Friday, 13-Mar-2026 09:22:36 JST Christine Lemmer-Webber

     in reply to

     • Chip Butty
     • Doug Whitfield [Minneapolis]

     @musicman @otfrom Probably enough visits from fedi all at once looked like a DDOS on that page

   • Embed this notice
     Doug Whitfield [Minneapolis] (musicman@mastodon.social)'s status on Friday, 13-Mar-2026 09:22:37 JST Doug Whitfield [Minneapolis]

     in reply to

     • Chip Butty

     @otfrom @cwebber no, I think it got rate-limited

   • Embed this notice
     Chip Butty (otfrom@functional.cafe)'s status on Friday, 13-Mar-2026 09:22:38 JST Chip Butty

     in reply to

     • Doug Whitfield [Minneapolis]

     @musicman @cwebber I've been getting that a lot from GitHub when I'm not logged in.

     Do you think they might be having code quality issues?

   • Embed this notice
     To #Flancia and beyond! (flancian@social.coop)'s status on Friday, 13-Mar-2026 18:56:14 JST To #Flancia and beyond!

     in reply to

     @cwebber this looks quite reasonable to me! It also seems like a nice short entrypoint into the project for human coders, as it's usually the case for well written instructions.

   • Embed this notice
     Christine Lemmer-Webber (cwebber@social.coop)'s status on Friday, 13-Mar-2026 20:53:22 JST Christine Lemmer-Webber

     in reply to

     Poettering closed the issue https://github.com/systemd/systemd/issues/41085#issuecomment-4053443496

     Asking for detection of security vulnerabilities from an LLM is one thing though, that one I could consider useful, but the real question is code and documentation generation. It does seem that for now, the bot usage isn't auto-merging PRs, which does alleviate some previous concerns of mine if reading that right.

     But, in AGENTS.md it does mention "docs/CODING_STYLE.md — full style guide (must-read before writing code)". https://github.com/systemd/systemd/blob/main/AGENTS.md

     They do require disclosure in the project also of LLM usage. But this does imply that LLM contributed changes are considered welcome, so we will probably see more of them, but I suppose at least they should hopefully be marked appropriately.

     Rich Felker repeated this.
   • Embed this notice
     Christine Lemmer-Webber (cwebber@social.coop)'s status on Friday, 13-Mar-2026 21:08:27 JST Christine Lemmer-Webber

     in reply to

     I will admit, I made this thread when pretty frustrated and upset about it. SystemD is so key to the security of many peoples' machines. I don't necessarily see having security reviews be a problem the same way that codegen and etc are. And I was wrong about the PR review vulnerability risk in that *for now* afaict the review bot is just performing read-only security review, is not taking auto-action on merging, which is the real risk.

     So maybe I overreacted? But Poettering's comment reads the way that most comments I have read that have been drawn into AIgen code have gone, which is "you gotta admit that things are changing, these things are getting really good" and then opening the door to aigen contributions. Which I am very wary of...

   • Embed this notice
     lj·rk (ljrk@todon.eu)'s status on Friday, 13-Mar-2026 21:11:08 JST lj·rk

     in reply to

     @cwebber This. I do think that writing code oneself and running it through checkers (any, and the more the better, roughly, as long as they don't replace humans) is a good thing. But these checkers should run sandboxed, just flag issues -- as any linter. And if that stuff is LLM-powered, so be it. But agentic coding? LLM-driven suggestions/refactoring? I'm soooo weary of this.

   • Embed this notice
     Christine Lemmer-Webber (cwebber@social.coop)'s status on Friday, 13-Mar-2026 22:00:32 JST Christine Lemmer-Webber

     in reply to

     • Jan Lehnardt :couchdb:

     @janl Indeed, people have gotten the mistaken impression that the licensing issues have been answered. THEY HAVEN'T YET! The US Supreme Court *declined to take on* a case which had ruled in a lower court that AI generated materials were in the public domain. And yet I am seeing *all over the place* people saying that the US Supreme Court said AI output is in the public domain. They didn't!

     And outside the US, nothing is answered either! It's true that the US tends to set international precedent but we are *also* not in times where we can count on that, either.

   • Embed this notice
     Jan Lehnardt :couchdb: (janl@narrativ.es)'s status on Friday, 13-Mar-2026 22:00:34 JST Jan Lehnardt :couchdb:

     in reply to

     @cwebber I keep being baffled by these folks just ignoring the code provenance and licensing issues.

   • Embed this notice
     Rich Felker (dalias@hachyderm.io)'s status on Sunday, 15-Mar-2026 13:39:32 JST Rich Felker

     in reply to

     • daandemeyer

     @daandemeyer @cwebber Um, it's called trust and human relationships. If you don't trust someone not to be lying about the provenance of code they send you, you shouldn't be entertaining accepting code from them in the first place.

   • Embed this notice
     daandemeyer (daandemeyer@mastodon.social)'s status on Sunday, 15-Mar-2026 13:39:33 JST daandemeyer

     in reply to

     @cwebber the AI contributions will happen regardless. It's trivial to have e.g. opus 4.6 spit out prs that we would not be able to classify as being written by AI. In fact, by adding an AGENTS.md that instructs AIs to add disclosure, we probably make AI written prs more obvious. Anyway, if we know people are going to use AI to contribute in ways we cannot reliably detect, we may as well add instructions to make those prs as good as possible.