if Google has the resources to put AI to slop bug reports, then it also has the resources to put AI to also post the fixes. So, they should get going. No one owes Google of all corporations free labour.
I think the last thing ffmpeg devs want is AI generated bugfixes to their assembly-heavy codebase. What they should do is dedicate time for experienced devs to fix the bugs instead.
ffmpeg devs can refuse the AI generated bugfixes for all we care. What I’m heading at is if Google is going to spend AI on posting a problem, then they should also post the solution. At their own expense.
ffmpeg devs can refuse the AI generated bugfixes for all we care.
This is a separate problem, but it’s still a problem. Many projects have seen a rise in slop PRs. curl is notorious for complaining about AI slop vulnerabilities and patch requests.
But I think we both agree that Google needs to be doing something more rather than putting the workload entirely on the ffmpeg devs.
Agree! I hereby propose that Google forwards US$1000 to the developers each time the AI signals a bug. Don’t even need to write it off as expense, it’s just “investment on QA”.
Better suggestion: Stop using AI to do any of this shit. Security research and vulnerability patching should not be reliant upon de facto black-box random number generators.
if Google has the resources to put AI to slop bug reports, then it also has the resources to put AI to also post the fixes. So, they should get going. No one owes Google of all corporations free labour.
I think the last thing ffmpeg devs want is AI generated bugfixes to their assembly-heavy codebase. What they should do is dedicate time for experienced devs to fix the bugs instead.
ffmpeg devs can refuse the AI generated bugfixes for all we care. What I’m heading at is if Google is going to spend AI on posting a problem, then they should also post the solution. At their own expense.
This is a separate problem, but it’s still a problem. Many projects have seen a rise in slop PRs.
curlis notorious for complaining about AI slop vulnerabilities and patch requests.But I think we both agree that Google needs to be doing something more rather than putting the workload entirely on the ffmpeg devs.
Agree! I hereby propose that Google forwards US$1000 to the developers each time the AI signals a bug. Don’t even need to write it off as expense, it’s just “investment on QA”.
Better suggestion: Stop using AI to do any of this shit. Security research and vulnerability patching should not be reliant upon de facto black-box random number generators.