it was always a risk in stack overflow so i dont see why suddenly the world needs to exclusively create safe spaces for all the ‘down with safe spaces’ crowd.
The code YOU run. If your code runs other code, that doesn’t fall under this.
“Don’t ride a car unless you know how driving a car works” doesn’t mean you need to understand the chemical composition of the metal in the motor parts
Well, I think it’s legit to use software without understanding the code or use hardware without understanding the specifics of the logical mechanisms of the silicon. But when you’re writing software, you really should know what’s in your own code. Anything else is bad form in my opinion.
I don’t like to use libraries I don’t understand. Probably part why I’m not a professional developer, but it’s the principle of the thing - don’t put out code you can’t vouch for.
I mean, yes, it’s way easier to just use the library, trust it works; but by that logic, it’s also way easier to just let an llm code for you.
…but do yoz “understand libraries” by reading every line of their code, or by reading the documentation? And only in the parts you’re actually interested in?
Yeah, a general understanding is enough. But I think yeah, actually skim over the code, at least get a basic idea about how the internal methods work. Depending on what you’re using the library for, it could be prudent to know more about how data structures are handled.
Honestly, you’ll probably learn something in the process.
Probably part why I’m not a professional developer, but it’s the principle of the thing
There’s no ‘principle’ here, that’s something that simply would not be possible in any sort of large project. To suggest all professional software developers read every line of every library before using it is ridiculously unworkable.
Libraries can be audited. LLM generated code cannot.
Edit: to clarify, it is impossible to audit all LLM generated code across a number of projects, that would replace a single library. It simply won’t happen, because there will always be a non trivial number of users who will copy and paste code without inspecting it. In contrast, widely used open source libraries may be audited by a small subset of their users, and the rest would benefit from that.
Any library with a critical user mass is auditable, because a fraction of those users would take the time to do so, whereas all LLM generated variations of the same library cannot and will never be auditable.
Like all of human knowledge, I swear you antillm people are out of your mind.
Here we have a way to bring coding and creation to the masses at a much lower bar and most of the LLM projects I see are MIT licensed, it’s literally a revolution for open source but half of you are pearl clutching and acting like god damn Microsoft.
Self host an open model, but yeah 20 a month is not that expensive for what you can do with it.
But that’s not what anyone in this thread is saying, they’re saying LLM code bad and stealing so let’s poison open source projects. Also sharing code is bad now, when I’m sure many of these people would claim they like open source code.
Again, I think knowledge and code should be free for all to use so that we all benefit from it.
“self host an open model”. My dude, you need pretty beefy hardware to run a slow and shit model that won’t even compare to the 0.33x models you get with a copilot subscription.
I figured you wouldn’t be able to look past your own personal experience. I’m sorry to say that most people outside your bubble cannot afford either the subscription nor the hardware to run usable LLMs locally.
“Sharing code is bad now” because a handful of companies scraped it and not only they haven’t given anything back, they are reselling it in different shapes, and telling people that now all that data is proprietary. So, yes, stolen is an apt word for it.
Anyway, all this talk about “democratizing” knowledge is bullshit. Libraries democratized knowledge. The internet democratized knowledge. Anyone can learn how to code if they put the time and read a book and practice.
But delegated thinking is the opposite of acquiring knowledge, so what the hell are you people yapping about.
I think that’s the problem though, isn’t it. It is other people’s work, condensed down into what could semi-accurately be called a statistics based random word generator. If LLMs were good at it or had people checking behind then that were good we wouldn’t be in this mess in the first place.
I meant more the process of generating code via LLM isn’t work. The end result ultimately uses someone else’s work, yes, but the process can be and should be sabotaged.
Luckily, the LLM coding isnt people’s work
So long as the person is using some form of version control, it’s effectively just a slap on the wrist.
I mean, my thought would be “Don’t fucking run code that you don’t understand”.
it was always a risk in stack overflow so i dont see why suddenly the world needs to exclusively create safe spaces for all the ‘down with safe spaces’ crowd.
If we all followed that rule, we’d be using nothing more complex than an 8080.
The code YOU run. If your code runs other code, that doesn’t fall under this.
“Don’t ride a car unless you know how driving a car works” doesn’t mean you need to understand the chemical composition of the metal in the motor parts
Well, I think it’s legit to use software without understanding the code or use hardware without understanding the specifics of the logical mechanisms of the silicon. But when you’re writing software, you really should know what’s in your own code. Anything else is bad form in my opinion.
It’s an imported library, since when are devs expected to be inspecting the source code of every library they import?
I don’t like to use libraries I don’t understand. Probably part why I’m not a professional developer, but it’s the principle of the thing - don’t put out code you can’t vouch for.
I mean, yes, it’s way easier to just use the library, trust it works; but by that logic, it’s also way easier to just let an llm code for you.
…but do yoz “understand libraries” by reading every line of their code, or by reading the documentation? And only in the parts you’re actually interested in?
Yeah, a general understanding is enough. But I think yeah, actually skim over the code, at least get a basic idea about how the internal methods work. Depending on what you’re using the library for, it could be prudent to know more about how data structures are handled.
Honestly, you’ll probably learn something in the process.
There’s no ‘principle’ here, that’s something that simply would not be possible in any sort of large project. To suggest all professional software developers read every line of every library before using it is ridiculously unworkable.
deleted by creator
? Do you have me confused with somebody else?
Libraries can be audited. LLM generated code cannot.
Edit: to clarify, it is impossible to audit all LLM generated code across a number of projects, that would replace a single library. It simply won’t happen, because there will always be a non trivial number of users who will copy and paste code without inspecting it. In contrast, widely used open source libraries may be audited by a small subset of their users, and the rest would benefit from that.
Yes it can, its literally still code.
I know it’s code. You are missing the point.
Any library with a critical user mass is auditable, because a fraction of those users would take the time to do so, whereas all LLM generated variations of the same library cannot and will never be auditable.
True, but I would think developers should at least be following it with the code they’re actually working on.
It’s an imported library, since when are devs expected to be inspecting the source code of every library they import?
Since forever? Don’t you do security audits on the libraries you use?
One person from the team, maybe. You don’t have every single dev read every line of code in the libraries, which is what is being specified here
it used to be a thing but javascript npm brainrot happened
Reminds me of https://www.youtube.com/watch?v=OPKGbg16ulU (and also https://www.youtube.com/channel/UCS0N5baNlQWJCUrhCEo8WlA)
I’m a developer, and I support this message.
Fuck all LLM created content. Fuck it all. Burn it all down, my friends.
It’s the stolen work of other people.
Like all of human knowledge, I swear you antillm people are out of your mind.
Here we have a way to bring coding and creation to the masses at a much lower bar and most of the LLM projects I see are MIT licensed, it’s literally a revolution for open source but half of you are pearl clutching and acting like god damn Microsoft.
You are missing the most important questions here: who can afford it, and who owns it.
It’s easy to be pro LLM when $20 a month is not a big deal.
Self host an open model, but yeah 20 a month is not that expensive for what you can do with it.
But that’s not what anyone in this thread is saying, they’re saying LLM code bad and stealing so let’s poison open source projects. Also sharing code is bad now, when I’m sure many of these people would claim they like open source code.
Again, I think knowledge and code should be free for all to use so that we all benefit from it.
“self host an open model”. My dude, you need pretty beefy hardware to run a slow and shit model that won’t even compare to the 0.33x models you get with a copilot subscription.
I figured you wouldn’t be able to look past your own personal experience. I’m sorry to say that most people outside your bubble cannot afford either the subscription nor the hardware to run usable LLMs locally.
“Sharing code is bad now” because a handful of companies scraped it and not only they haven’t given anything back, they are reselling it in different shapes, and telling people that now all that data is proprietary. So, yes, stolen is an apt word for it.
Anyway, all this talk about “democratizing” knowledge is bullshit. Libraries democratized knowledge. The internet democratized knowledge. Anyone can learn how to code if they put the time and read a book and practice.
But delegated thinking is the opposite of acquiring knowledge, so what the hell are you people yapping about.
I think that’s the problem though, isn’t it. It is other people’s work, condensed down into what could semi-accurately be called a statistics based random word generator. If LLMs were good at it or had people checking behind then that were good we wouldn’t be in this mess in the first place.
I meant more the process of generating code via LLM isn’t work. The end result ultimately uses someone else’s work, yes, but the process can be and should be sabotaged.