Unfortunately for the people mad about this, I predict the only thing they will accomplish by pressuring the rsync maintainers, is to discourage everyone else from responsibly disclosing their use of AI. You’re just going to make people disable Claude attribution on their commits to avoid drama.
> You’re just going to make people disable Claude attribution on their commits to avoid drama.<p>People should be doing this regardless of drama. No reason to provide free advertising for trillion dollar corporations. Generated-by trailers are only relevant when contributing to third party projects, in that case disclosure is polite.
If Claude is actually good enough to commit to rsync, of course I'm going to look at that and think "it's good enough for my side project too." And (benefit to companies aside) that is info it is useful to know, if it's true.
[dead]
I never care about AI usage disclosure, because I don't believe that human produced code is necessarily better than AI produced code, unless it's someone I personally know.<p>People need to be responsible for code they commit and push anyways. This has never changed. Whether the code is written by hand, by their cat walking over keyboard, or by AI, is not my concern.<p>A project's code quality can decline for all kinds of reasons. I don't think it's productive to laser-focus on whether it's produced by AI or not. That's a distraction. If a person just want to find excuse to criticize AI, and another person wants to fight back and defend AI, sure, go for it. But that's how you would want to assess a project's code quality.
Is that a bad thing? I mean from the perspective of Anthropic's marketing department sure, but if agents are just another type of tool in developer's tool belt - as I see people recently like to claim - attribution feels kinda weird. In the end it is the developer who is responsible for their commits.
I think it will be funny to watch people lose their collective minds when open source maintainers start requiring llm use.<p>This idea that the community can try to pressure an open source maintainers about the tools they use based off of kneejerk political reactions is so offensive.<p>Let's go the opposite way: "sorry I'm closing this pr because it didn't use an llm."
It makes no sense at all to do that. The only thing that matters is whether the code is good.
This is my whole point. The whole thing is ludicrous.<p>And lo and behold, people are losing their collective minds, down voting, flagging me and demanding credentials.
"let's go the opposite way"<p>Do you have any popular open source projects? Or are you just an Internet gremlin?
I don't have a dog in this fight, but a few points that look a little suspicious:<p>- The release with the highest number of attributed bugs is the release _right before_ the first release with Claude-coauthored commits, released in January; is there a chance that unattributed LLM-authored commits made it into this release?<p>- The release attribution methodology is not great, since it will tend to attribute bugs introduced in a minor version update to the longest-lived patch release of that minor version. I doubt that 3.4.1 actually introduced a lot of bugs, but since it was released a day after 3.4.0, bugs that were introduced in that release get attributed to 3.4.1.<p>- Relatedly, more recent releases have had less time to have bugs filed against them, so there may be a bit of a bias toward evaluating recent releases as less buggy.
Your first and second points seem to contradict each other because if all of the bugs for 3.4.1 should be attributed to 3.4.0, that pushes the timetable back even further that unattributed LLM commits would have to have been being committed to the project, which just makes your point even more absurd.<p>Which brings me to my overall response, which is that there is absolutely no evidence, and nothing even intimating this hypothesis, that LLM commits were secretly being added to earlier releases before they were attributed, and that's why the rate of bugs is higher. There's no reason to think that it's an unreasonable thing to think, and there's no evidence for that whatsoever unless you beg the question and assume that higher bug counts must automatically indicate AI involvement, which is just circular reasoning. You're essentially just making up a hypothesis out of thin air to preserve your point.<p>Regarding your third point, that one's fair, but I've done the analysis and I can put it up if you want, as to how long it usually takes to find bugs and how far through the release cycle we are for each version.
Isn't the metric that you've used "bugs per commit ~ per new line of code" going to miss the issue?<p>All code is technical debt.<p>If rsync releases used to have 500 lines changed and 5 bugs in and AI-powered rsync releases have 50000 lines and 500 bugs, it's the same bugs/line but much worse experience for the user?<p>I've not looked into the details of this case and I do use AI assistance coding at work but in my experience, the problem is that it's too easy to write lots of code and therefore hard to review the huge volumes of code and this analysis will ignore that?<p>edit: actually your table shows there weren't unusually large numbers of commits in this release, so perhaps my initial skepticism shows a bias I have?
Sorry, I should have said this explicitly in the original comment: I think you're likely _correct_ that there isn't a clear increase in the rate of bugs attributable to LLM-authored code in rsync. Your analysis provides evidence in this direction; these are just the things that made me go "hmm". They're not accusations or claims that the conclusion is invalid. But they're definitely things to be curious about.<p>Regarding unlabeled LLM-authored commits, I don't think it's unreasonable in general to think that an open-source project might have had unlabeled LLM-authored commits at some point before 2026. Looking more closely at rsync's recent commit history, I think it's less likely in this case. There's just a low number of commits in general, _until_ large batches of Claude-authored commits start showing up early this year. But this then raises some questions about the bugs-per-commit metric; it does correct for something like "size of release", but also obscures a significant shift in commit velocity that may be downstream of adding LLM development tools to the workflow.<p>Like I said, I don't have a dog in this fight, and I try not to approach sorts of questions from a position of explicit advocacy. I do think it's an interesting question, though, and we should try to understand what the data is actually telling us.
You can use LLMs in multiple ways, from very hands on to make local changes to completely hands-off.<p>I've seen plenty of code that was LLM generated but the commit message itself did not have the co-author attached to it. This only seems to happen when someone's interface to the codebase is completely though Claude/Codex/..., and those are usually the most verbose commits, and yet they say the least, because they just summarize the code changes, not the why.<p>On the other hand I've seen developers using Claude as a tool. They have VSCode open and a terminal window with Claude and go back and forth, ensuring they write correct code, and leave the plumbing to Claude.<p>So maybe the author of the code started off small and it grew over time?
This is a neat post and I'm glad it got written and this is a little bit off-topic but:<p>Hey, 'logicprog, your writing is fine!<p>Use LLMs to critique your writing, check its structure, vet your choice of topic sentences, check flow from graf to graf and section to section, look for passive voice and overused words. LLMs are fantastic for that. <i>But don't use a single word an LLM suggests in your actual writing.</i> If it suggests something really fucking good, too bad, those words are disqualified. It's an easy red line to adhere to, easier than it sounds, and it'll keep your writing human.<p>(You ended up somewhere around here anyways, but that was after you posted something with LLM-written language because you weren't confident enough in your own writing. The things you do "worse" than an LLM are what make you you; be protective of them!)
Not going to critique this survey. Must have taken a lot of time and required a lot of patience. Great work!<p>I think it will be up to some group in academia to make a real full blown study across several repositories.<p>There must be tons to learn on how LLMs have changed software development and perhaps the cleanest separation will simply be going by what repositories declare e.g. "No LLM involved" vs those that proudly do the opposite or are neutral.<p>Bugs is not the only variable of interest here. I am guessing someone is already doing this as we discuss it here...
> It does not control for commit complexity, security intensity, or bug severity. It does not distinguish between a one-line typo fix and a CVE patch. It is a blunt instrument. But the critics' accusation is also blunt: "Claude is making things worse." A blunt instrument is the fairest response.<p>If by fairest you mean to say that this analysis and response is sufficient, then I'm sorry but I have to disagree. We really need to understand if the nature of the bugs are worse from a user's perspective. Even if the rate stayed unchanged, if the result is the perceived quality of the software declined then I would personally consider that worse, especially if I were a project maintainer.<p>That's not meant to be wholly dismissive either. But in general, I don't think quantitative analysis alone is enough to fully answer this type of question.
But it <i>is</i> fair. Up to this point I have yet to see anyone say they did an analysis of the code and found X regressions of Y severity. All they say is "there are more bugs because LLM". This analysis, which you can verify yourself if you wish, says "the bugs [number of] are pretty average even with LLM", which is a direct response to that. If you'd like a more nuanced analysis you're welcome to do one and share the result, if you're so inclined.
Another update: did an automated severity analysis on each bug report (~2000 of them!) using an LLM at temp=0 with a very strict rubric (and I checked to make sure that it rated things in a consistent, stable way using it). The rubric, LLM used, and some example ratings are included in the methodology section. For now, the information was just stored per-bug in the DuckDB and used to filter out non-bug bugs, to get a clearer signal. I'm going to try to use it to see if the post-Claude bugs were more severe in any way next.
Okay, I really have to point out to everyone: <i>the numbers and report cards are TEMPLATED IN BY A SCRIPT</i>. Hallucinations are a moot point. <a href="https://github.com/alexispurslane/rsync-analysis/blob/main/scripts/regression_report.html" rel="nofollow">https://github.com/alexispurslane/rsync-analysis/blob/main/s...</a>
I'm just curious about testing.<p>Is this a configuration that's not common and thus not tested?<p>If people think they can do better, I want to see their forks and them keeping up with it.<p><a href="https://github.com/RsyncProject/rsync/graphs/contributors?from=6%2F1%2F2024" rel="nofollow">https://github.com/RsyncProject/rsync/graphs/contributors?fr...</a>
> The analysis uses a single metric: bugs per 10 commits (bugs/10c).<p>Bugs per commit as a metric papers over severity, both in terms of security severity as well as the effect on the user. A mislabeled button has the same weight as the entire app crashing in this framework.
IMO "bugs per commit" is even worse than that, because, in addition to what you say, it also hides the extraordinary spike of commit activity of a project that had previously been stable. [0]<p>It is the exact metric you'd choose if you wanted to make the current situation of rsync look like not a big deal.<p>[0] <a href="https://github.com/RsyncProject/rsync/graphs/commit-activity" rel="nofollow">https://github.com/RsyncProject/rsync/graphs/commit-activity</a>
Why don't you prove the bugs increased then?<p>Why is it that some unfounded claim is made and the onus is suddenly on the project maintainer to prove it beyond all doubt?<p>It should be on the person making the claim to prove it
There was no analysis of severity in all of the rage posting that occurred. The single point being pushed was "use of an LLM led/leads to more bugs". The author specifically states that's what they're addressing (blunt accusation -> blunt response).
The specific problems mentioned were all reasonably severe. The original post itself described a show-stopping bug:<p><pre><code> So my systems recently updated to rsync 3.4.3, and as soon as that happened my backup system - which does incremental backups using multiple --compare-dest= arguments - started to fail on anything but a full backup.
</code></pre>
Incremental backups is perhaps the <i>primary</i> use of rsync, and they were broken for this person. That's pretty severe.<p>The second reply is similar:<p><pre><code> i wondered why my 3d printers were running like sh*t and at 100% cpu; turns out log2ram uses rsync.
</code></pre>
This one I took with a grain of salt, since it read more like a dogpile than an actual bug report. However, if it's genuine, it's also reasonably severe.<p>Later in the comments, someone attempted to provide a list of issues that had been added: <a href="https://github.com/RsyncProject/rsync/issues/929#issuecomment-4585695638" rel="nofollow">https://github.com/RsyncProject/rsync/issues/929#issuecommen...</a>. The list included several failures to build or run rsync that appear to have resulted from broken backward compatibility. That seems reasonably severe. If intentional, I would have expected mention in the release notes about the removal of backwards compatibility, but none was made.<p>The issue comments already degraded into a lot of unnecessary vitriol even before the above mentioned comment and only gets worse from there, so I stopped. But, the fact remains that the whole issue started with a severe bug.<p>I applaud the attempt at dispassionately analyzing whether the recent LLM releases of rsync were normal or outliers as far as bugs are concerned, but I don't think you can do so properly without analyzing severity.
To keep such an analysis fair and contextually relevant, it would have to be extended to the previous 928 issues as well (of course filtering for bug reports). I don't see anyone doing such an analysis, I think because they don't expect they'd find it useful (at least not as the rage fuel that many are seeking); what they'd be more likely to find is that there is a similar severity-mix going all the way back to v1.0.0, because these things inevitably happen whether coding is done by human or machine.<p>"A lot of claims in the wider discussion have treated every recent bug report as if it had the same cause. That is not accurate. Some reports were regressions from recent security hardening, some were missing historical test coverage, some were older bugs found because rsync suddenly had more eyes on it (especially by AI that can find issues quickly) and some were packaging or environment-specific failures. A Co-authored-by line is not enough by itself to establish root cause." - <a href="https://github.com/RsyncProject/rsync/issues/929#issuecomment-4632674249" rel="nofollow">https://github.com/RsyncProject/rsync/issues/929#issuecommen...</a>
[flagged]
so the answer is: no. actaully less bugs. thanks
> But the critics' accusation is also blunt: "Claude is making things worse." A blunt instrument is the fairest response.<p>So the criticism was bad, and that somehow makes it ok to use a bad metric?
That's not what I'm saying. What I'm saying is that if the criticism is referring to a broad set of metrics like bugs per release and number of commits that were made by Claude, then it's correct to look at precisely those things because that's what the claim is about.
AI + Interest != Expertise<p>I come to hn because I get very nuanced, informed information and glorious puns.
The TLDR seems to be: needs more data.
Ok.<p><pre><code> $ apt-cache policy rsync | grep Installed
Installed: 3.4.1+ds1-7ubuntu0.2
$ sudo apt-mark hold rsync
rsync set on hold.</code></pre>
That version has security fixes from the same day as the latest rsync release: <a href="https://ubuntu.com/security/notices/USN-8283-1" rel="nofollow">https://ubuntu.com/security/notices/USN-8283-1</a><p>As usual, Ubuntu backported fixes and didn't upgrade to a new version. Whether or not they also backported regressions in edge cases that afflict the latest rsync, I don't know. Pinning the Ubuntu package may prevent getting further regressions, but is preventing you getting any future such backported security fixes.
Did you face any actual bugs or regressions? Or are you doing this just because of the bandwagon that's going around right now? Because until you can actually present an argument for why this release is worse than any of the others, which is precisely the subject of my post, then this is not an argument against my post at all. This is just a self-referential appeal to authority.
Nah, I skimmed TFA but then I went into the linked GH issues thread, and that's the one that scared me a bit. I just want to hold it for a while and not run into some of the things I'm reading since I'm on the latest ubuntu. Just a precaution.<p>I didn't have the time to actually think about any "arguments" at all tbh it's just a knee jerk reaction as I get ready to log off for the weekend. Not actually looking to argument for or against your post at all lol.
Is there a non vibe coded fork of rsync?
Claude is just a tool ? The developers who merged that code and didn't properly test increased the bugs.
"Did cars increase traveling deaths?"<p>"Cars are just a tool. The drivers who piloted the vehicles and weren't careful enough [are responsible for the deaths.]"
If something's a bad tool that misleads people into doing bad work, it would be good to know that.
This tool is claimed to be able to find and fix bugs.
Please read the article.<p>The unsolicited security reports are the issue.
<p><pre><code> What followed was extraordinary: 329 comments and counting, ranging from thoughtful concern to outright harassment.
The thread did not stop at words. One user posted My Little Pony drawings of themselves strangling the "project janitor that pushed vibecoded commits":
It spread to Hacker News and Lobsters, generating hundreds more comments.
</code></pre>
This is false, it did not appear on Lobsters. Here is the function in the codebase that prohibits this kind of brigading: <a href="https://github.com/lobsters/lobsters/blob/main/app/models/story.rb#L371-L407" rel="nofollow">https://github.com/lobsters/lobsters/blob/main/app/models/st...</a><p>Please correct your article.
It is neat that Lobsters has this feature (and HN should too), and I'm glad you took a beat to explain it. I think you didn't need the last sentence, though.
I have done so! that was a misremembering on my part. first mention of Lobsters is now here:<p>> On Lobste.rs, in response to the Medium essay Tridge himself posted in response, finally some users like boramalper begin to actually ask for evidence one way or another:
[stub for offtopicness]<p>[see <a href="https://news.ycombinator.com/item?id=48416020">https://news.ycombinator.com/item?id=48416020</a> for how all this happened in the first place]
So the original unfounded claim has 400+ comments because its perfect HN ragebait<p>The author provides evidence to the contrary and the HNers won't even engage with it instead just talking about the writing of the article in classic HN bikeshedding fashion.<p>How about after that we talk about the formatting of the website and the colors?<p>This site is really going down hill<p>Where is the accountability for your own opinions?<p>Are you guys only upvoting things that confirm your existing gripes?
Some notes on this:<p>- I used GLM 5.1 to help with the coding and math for this.<p>- However, I explicitly dictated where the data should be pulled from (GitHub, Bugzilla, mailing list), how it should be tagged and grouped, and what data to look at (e.g. bugs instead of regressions)<p>- Additionally, I consulted with my wife, who has a master's degree in statistics from Penn State University for what sort of statistical methodology would be justified for this very limited data set, while still giving as much information as possible.<p>- I know the website looks like we stereotypically consider vibe-coded websites to look, but I actually explicitly asked for that. The original HTML design looked like a website from 1995, and I just prefer how this looks. It's pretty!
I really struggle to believe you wrote text like:<p>> A simple distributional analysis of every rsync release with bug data. No model. No assumptions. Just placement.
No, I didn't write the text itself. I'm typically significantly more verbose and elliptical, and more than that, the numbers and methodology changed often enough over the course of the last couple days I was working on this because I was trying to get it to be as accurate and fair as possible that trying to keep the whole thing up to date manually would have been problematic.
In general, it seems HN does not like to read llm-generated articles. I ran into this myself when using an llm to edit some stuff I wrote.<p>At the time, I found this a bit irritating, but with a few weeks time I see the merit. The informational content tends to fall into “derivative” territory when LLM’s write stuff. And people are here for novelty and some socialization.<p>Also LLM prose seems optimized for engagement rather than concise communication. Takes longer to sift through linguistic boilerplate to get to the point. (The quoted bit being a case in point)
Why would anyone spend time reading something that someone couldn't even spend the time to write themselves?
I just find it to be utter dreck. It has one of the most agitating prose styles I've ever seen. I would legitimately rather read actual broken English than the cliché polished turds Claude pops out. I am not an LLM hater, I think these tools are pretty impressive and often even useful, but even if I didn't care about the fact that I want to read communication from humans and not robots (and I <i>do</i> care about that, FWIW) I just find the current LLMs are horrid at writing.<p>And while the comments are always flooded with people like me, the upvotes seem to tell a different story; clearly LLM writing really does appeal to some people. Or idk, maybe a lot of people who vote on stories and don't comment don't actually read them. Hard to say for sure.
I don't even know what "just placement" is.<p>(I need a better model to translate from llmese.)
[flagged]
I'd suggest writing the lead-in yourself and boxing AI prose separately from your prose in the analysis for future articles. You can give the humanized summary/eli5/key points, then have "details according to AI" boxes that go into nitty-gritty. People seem to dislike AI ghostwriting, but most of these people still use AI, so perhaps keeping authorship clear and separate will avoid some of the flak.
This seems fair. Of course, now that I've posted this here once, I doubt it'll get constructive engagement again, but I can at least improve this for the future
Even if everything in the article is true you should not use AI to write this. A analogy would be tobacco company report on how smoking isn’t so bad for you.
This submission was heavily flagged, presumably because the article sounded like genai. But the article now says the following:<p>> <i>After posting this on Hacker News and recieving almost no substantive input, discussion, or response on the actual content of the article, I decided to rewrite all of the prose in my own voice.</i><p>I've therefore turned off the flags and hopefully people can actually now discuss the claims/findings being reported.
> I decided to rewrite all of the prose in my own voice.<p>Soo... it didn't just sound like genai but was genai?<p>___<p>Huh. From the article:<p>> If anyone complains about my verbosity or sentence structure — as they usually do, which is the reason I originally let the AI write the prose, among other reasons obsoleted by templating — they can go fuck themselves.<p>This is kinda sad, honestly.
But also should show the author that doing what people try to bully you into doing will not stop them from bullying you.<p>Just stick with your unique voice man. If people don't want to read that that's fine. They do not have to. You're fine<p>.. what are those em-dashes doing there though?
> .. what are those em-dashes doing there though?<p>You're literally doing exactly the bullying I was trying to avoid, even while denouncing it. I <i>like em-dashes</i>. I have AuDHD, and they help me represent how I think.
> You're literally doing exactly the bullying I was trying to avoid<p>Uhm, no. Really just no.
And, frankly, I find it shameful that you'd throw such an accusation at me.<p>But I guess we can stop here.<p>Idk man. The internet can be a bit too much sometimes. I truly get that, but this was too much from your side.<p>Wish you all the best.
Right so it’s gonna be a litmus test for knowledge workers going forward if they can separate style over substance. Genai tells are style. You have to be able to evaluate the ideas.
I doubt that you can separate style from substance in that way, because you can't separate writing from thinking.<p>I agree that it will be interesting to see how this develops going forward. One can imagine wildly varying scenarios.
Hm. Nah. Why?<p>Why should I care? If it's a good thought, chances are it appears without slop around it.
If it doesn't re-appear, life will still go on regardless.<p>No need to shift through noise just to avoid FOMO.
The em dashes are fine.<p>If someone gives them shit about their writing, that's on the critic for being shitty. If they use AI to write, that's on them for being fake. But, to write online at all requires being ready to have people be shitty to you and ideally not reacting in a way that makes the situation worse. Sounds like they need work on that part.<p>Anyway it is basically always possible for someone to find something legitimately bad about anything a person does. The question is, how much of an issue is that? Not much actually. So you have flaws. Fine, just be flawed. It had no affect on your life beyond your reaction to the attack. And putting aside that reaction is a prerequisite for learning anything useful (or discerning that there is nothing to learn) from the experience.<p>Good people will trust good intentions through the flaws, while shitty people will write off your work and your intentions because of the flaws (and try to make sure you feel bad about it in the process). But it's always they're too weak to express disagreement maturely, or sometimes because they're bitter and threatened by your good intentions directly. Either way, it's their flaw, not yours.
> I decided to rewrite all of the prose in my own voice<p>"Claude, rewrite all of the prose in my own voice."<p>The funny part is that it probably works.
> A simple distributional analysis of every rsync release with bug data. No model. No assumptions. Just placement.<p>If you want me to read your analysis, you are going to have to make it not read like Claude wrote it. What does "placement" even mean here?
Yeah, made me chuckle that an LLM— probably Claude— was used to write this.<p>The use of "regime shift" is what gave it away for me. I've never seen a human write that, but Claude does from time to time.<p>At least they removed occurrences of "load-bearing".
It's the ultimate product for marketers. It inserts itself as an advertisement into every conversation now and defends itself against criticism. Just crazy. There's no hope for the rest of us.
It's not defending itself here, both because I used GLM 5.1, not Claude, and because I was the one who decided to do this analysis, iterated through six or seven different methodologies to try to find the one that was most honest with the data that I had (all of the methodologies showed directionally and often in magnitude the exact same thing, but I wanted to do something that fit the purpose, in consultation with my wife, who, as I've mentioned elsewhere, has a master's degree in statistics), and, of course, I specifically chose all of the metrics and sources for the data.<p>If you don't want to read the LLM prose, you can just go to the GitHub of my project, grab the scripts, and run the full pipeline. It will gather the data, build the database, and run the analysis from scratch for you, and you can look at the numbers directly. It's all repeatable.
"Placement" as in where the Claude-driven releases exist within the existing distribution of bugs per 100 commits. If they're not OOD, then nothing is unusual.<p>Also, it wasn't written by Claude FWIW, GLM 5.1.
A lot of people criticizing because it's heavily written with LLM, but I mean, if someone produced this piece pre-LLM, would they criticize it? is the critique due to use of LLM or due to the content being truly hard to follow? I read it and I would say, there are some problems with the writing, but its not a bad piece.<p>Of course this is a bigger problem, as its now harder to distinguish content that is "AI slop" with "content co-authored with AI that is carefully reviewed" with a quick glimpse, and the "AI smell" is quite off-putting. My initial reaction was also negative, but after glimpsing it through and reading the summaries, I found it decent summary, which also... speaks of this thread, of the content of the blog post and everything about the discussion and the strong feelings people have developed around the use of LLMs.<p>Anyhow, it would be good to disclose the repo with the code for the statistics & use of LLM in the writing right up front. Which model, and why it was used to do the writing, etc. Its enough to say "I think it writes better than I do" or "I was in a hurry, sorry" or what ever, but it really should be disclosed. It reads more honest.<p>ps. really... that sideways scroll? plz fix it.
> content co-authored with AI that is carefully reviewed<p>The problem I see is that this is indistinguishable to a reader at a glance.<p>Distancing the writing from the "AI smell" not only improves the quality by dropping the unnecessary ocean of rhetorical devices, it forces the human to have real weight and agency on what's being said.<p>I think that act of distancing from raw LLM output through refinement is a huge quality leap. Even if you're only doing the refinement with an LLM, it forces the writing to have more voice and ideas from the author.<p>I can see the work that went into the analysis here but again, as a casual reader, it's impossible to tell that there were any original ideas here expressed by the author.
Thank you for your constructive input, you're one of only a few others here who had any. I'll definitely do that. I didn't think, since the output was templated directly from the numbers generated by a reproducible python script, that people would get so up in arms about the aesthetics, but I guess I forgot to <i>say</i> that.
The most quoted line here is "A simple distributional analysis of every rsync release with bug data. No model. No assumptions. Just placement." Not only is it cringe to read, it's also nonsensical ("placement" means what?)<p>If OP had said "here's an AI summary of the data" and generated a <i>conscise</i> summary, I think I would fine with it. But default AI writing is really verbose -- the opposite of a compression algorithm, spewing out cliched phrases that don't add information. It's exhausting to read, and it lacks the interesting noise of a human response.
This article <i>reeks</i> of LLM "assistance" at the very least.<p>Please, why can't people write stuff by hand themselves any more? It's a good analysis but how can I trust it without reviewing everything myself?!
I mean, you can literally clone my repo, run the Python that rebuilds the database and does the whole data analysis and to end from scratch, and verify that the numbers are accurate. I made the code for this analysis public for that exact reason. This wasn't just an LLM running unsupervised in a loop. I came up with the methodologies and metrics and data scraping strategies precisely myself, iterated on it to try to be as honest with what the data could show as possible.
I think the point people are making is that when the text has an "AI smell" (it does), we immediately lose trust in the veracity of any claim being made and feel like continuing to read what is possibly a hallucinated fiction is a complete waste of time.<p>At this point we're all used to skimming through thousands of AI-generated sentences every working day and constantly thinking "this is likely to be 20% bullshit", it's hard to turn that off even if I try.
Do you think it would help if I went through and manually rewrote all of the prose? If it would get people to listen, I'd be totally willing to do it. It's not like I don't like writing. I just was focused on something else when I was making this, namely trying to find a good methodology that isn't insane for this low amount of data.
When there's no discernable human filter on the text output, reading the text suggests it's what the LLM produced and not what a human considered.<p>This is low-quality--every single day I witness Codex and Claude misunderstand, mislead, and hallucinate responses based on "assumptions" and I have to fact-check them.<p>If I wanted a statistical analysis and to be the human in the loop, I would ask the LLM myself, and I would definitely NOT read an article that just dumps the LLM output as-is.
Yes, that would help considerably.<p>(Also, I suggest clearly acknowledging where AI was/wasn’t used. I like CuriosityC’s suggestion: <a href="https://news.ycombinator.com/item?id=48411968">https://news.ycombinator.com/item?id=48411968</a>)
Alright, I'll do that. Although, sadly, I already posted it here, so I won't be able to post it again — I'll be stuck with this trash comments section that doesn't deal with any of the actual claims, just the aesthetics.
I'm pretty sure more people would read it to the end if it didn't seem like AI output, yes.. At the very least you would have fewer (maybe not 0!) comments here saying it's AI slop.
> I mean, you can literally<p>You didn't care enough to make a good writeup, why should we believe that you cared enough to make a good analysis?
You don't have to believe. The repository is there for anyone to attempt reproducing the results. Criticisms without proof when there's a pretty straightforward way toward that proof are pointless. Go run the experiment and rip that apart if it doesn't hold up. And until then, refrain from criticizing.
Wow.<p>I am pretty insensitive to AI writing. I have never commented before about something sounding like AI, because mostly I don't notice. But this was <i>so</i> over the top that I spent the whole article trying to decide whether it was an intentional parody of AI writing style.<p>This article's language is not en-US. It's not en-BR. It's en-SLOP.<p>Yes, that was my clumsy attempt at AI parody. Here's another: this article doesn't just have AI tells. It <i>is</i> AI tells.<p>Every sentence is saturated with AI style. Perhaps the author so AI-indoctrinated that they can't see this? It doesn't read as even vaguely plausible human writing. Which is mightily ironic given the thesis of "AI generated stuff is just fine, m'kay?" The writing style does more to defeat its conclusion than the analysis itself.<p>As for the substance of the analysis, it seems pretty good to me but I see some flaws that weaken it a bit.<p>The presence of "The Outlier Nobody Noticed" proves nothing and deserves no more than a passing mention. A random release introduced way more bugs than the Claude-containing releases. That provides evidence that Claude doesn't introduce more bugs only if your hypothesis is a very naive "AI is the <i>only</i> thing that can ever increase bug introduction rates."<p>The whole analysis has very limited data. It's necessarily based off a single pair of releases at the very end of the chronological timeline. You would never be able to reject a null hypothesis based only on that, so it's even less sound to present it as <i>proving</i> the null hypothesis. (By the same token, it would be incorrect for critics to claim that it proves their point. Did anyone claim this, though? The heated complaints seemed more based on priors about AI code.)<p>"The critics' claim is a simple comparison: did the rate go up?" That's reductive. For one, these releases are known to be in reaction to a flood of (AI-discovered!) security reports, which is a novel situation and in fact is a huge confound to anyone arguing about what those two releases mean -- they're both heavily AI-written, but in response to an unusual situation. When the samples are only drawn from a distinct scenario, statistic analysis can only speak to the quality of code in that scenario.<p>Also, another reasonable hypothesis could be: AI-written code has bugs of a different flavor that bothers users more. It's optimized for passing tests and convincing people and AIs that security holes are closed, which means other considerations like preserving functionality can more easily be regressed as compared to if humans were doing it. (If true, it still doesn't support the claim that depending on AI code is a catastrophe, fwiw.)<p>I'm not arguing the conclusion is wrong. I'm saying the analysis proves far less than it claims to. As for whether it's a debacle for rsync to become dependent on AI code generation, I think that's a reasonable debate to have but it's not going to be resolved this reductively.
> The presence of "The Outlier Nobody Noticed" proves nothing and deserves no more than a passing mention. A random release introduced way more bugs than the Claude-containing releases. That provides evidence that Claude doesn't introduce more bugs only if your hypothesis is a very naive "AI is the only thing that can ever increase bug introduction rates."<p>It does not statistically prove anything, but as I thought I made extremely clear <i>in the card where I discuss it</i>, the point of bringing it up is different: to prove the hypocrisy of the anti-AI crowd.<p>> By the same token, it would be incorrect for critics to claim that it proves their point. Did anyone claim this, though? The heated complaints seemed more based on priors about AI code.<p>The entire outrage is because people noticed what they thought was an unusual number of bugs and/or regressions in the release, saw it had Claude in it, and assumed a causal link, not just "priors about AI code."<p>> You would never be able to reject a null hypothesis based only on that, so it's even less sound to present it as proving the null hypothesis.<p>The point I'm trying to make is that there is no evidence, based on these two releases, to think Claude made anything worse, whatsoever, and so the outrage is unfounded. This doesn't require me to <i>prove</i> Claude <i>didn't</i> cause any problems. If I ever made the latter claim, I should clean that up.<p>> It's optimized for passing tests and convincing people and AIs that security holes are closed, which means other considerations like preserving functionality can more easily be regressed as compared to if humans were doing it.<p>Tridge actually explicitly says he made that tradeoff on purpose, not the AI.<p>> Every sentence is saturated with AI style. Perhaps the author so AI-indoctrinated that they can't see this? It doesn't read as even vaguely plausible human writing. Which is mightily ironic given the thesis of "AI generated stuff is just fine, m'kay?" The writing style does more to defeat its conclusion than the analysis itself.<p>I've since rewritten nearly 100% of the prose in the analysis with my own, more inflammatory and verbose style. I also intentionally left in my natural mispellings and typos, to prove it was me.
My post wasn't written in a way to make friends, but:<p>> I've since rewritten nearly 100% of the prose in the analysis with my own, more inflammatory and verbose style. I also intentionally left in my natural mispellings and typos, to prove it was me.<p>Thank you thank you thank you. I would love to be able to describe how hard it was for me to think about the actual evidence you're presenting when reading about it through the AI writing, but I suspect it's one of those things where it bothers you or it doesn't. If you'd like to empathize, maybe I'll give it one try: imagine an otherwise solid PhD thesis written in crayon. The facts and evidence and reasoning are unaffected, but it's <i>just so hard</i> to take it seriously.<p>Anyway, with the rewrite I don't have to battle my kneejerk reactivity nearly as much.<p>I'm no expert like she is, but based on what I know, I agree with your wife on the statistics. That style of analysis is going to be the best you can do with the data available. It's an accepted way to stretch data without being too dependent on an assumed distribution. It's a good analysis. I still don't come away with the conclusion that concerns about AI code maintenance are necessarily overblown, but that's fine. I think your analysis project is a very solid contribution, and it's a hell of a lot more evidence-based than the rants people were posting.
This article is unfortunately unreadable because all of the prose is unfiltered LLM slop.
[flagged]
[dead]
Is this an analysis made by/with Claude?
FWIW, I asked ChatGPT to review the article just for my amusement. It's conclusion was:<p>"My honest assessment is that this is a competent calculation performed on a badly confounded measurement, followed by conclusions substantially stronger than the calculation warrants. It is useful as a rebuttal to “the Claude releases are obviously unprecedented disasters,” but not as evidence that Claude was harmless."
It very obviously is. "The Outlier Nobody Noticed" -_-"
Typical AI slop post. It’s pretty hilarious that he just added spaces before the emdashes and claims it’s human written.<p>If I’m hiring and I see this kind of slop, I ain’t hiring you.
Emdashes don't really tell you much anything these days tbh. Many languages use them regularly and those people often bring the habit with them when they write in English — me included. Plus I would imagine every major model has tuned them way down at this point due to the backlash.
I rewrote all the AI prose several hours ago with purely my own. I like em-dashes, and specifically use them with spaces as a habit. I don't know what to tell you.