| ▲ | embedding-shape 5 hours ago |
| > skills are injected into sessions that have nothing to do with Vercel, Next.js, or this plugin's scope > every skill's trigger rules get evaluated on every prompt and every tool call in every repo, regardless of whether Vercel is in scope > For users working across multiple projects (some Vercel, some not), this is a fixed ~19k token cost on every session — even when the session is pure backend work, data science, or non-Vercel frontend. I know everything is vibeslopped nowadays, but how does one even end up shipping something like this? Checking if your plugin/extension/mod works in the contexts you want, and doesn't impact the contexts you don't, seem like the very first step in even creating such a thing. "Where did the engineering go?" feels like too complicated even, where did even thinking the smallest amount go? |
|
| ▲ | hyperhopper 5 hours ago | parent | next [-] |
| Your comment assumes the plugin is not working as they want it to. The way it is designed gets them the maximum amount of data. It does a great job if that is their goal. |
| |
| ▲ | embedding-shape 5 hours ago | parent [-] | | Yes, I'm assuming good intentions and try to take a charitable perspective of everything, unless there is any specific evidence pointing to something else. Is there any evidence of this being intentional? Seems to me their engineering practices such, rather than the company suddenly wanting to slurp up as much data as possible, if they truly wanted that, they have about 10 better approaches for it, if they don't care about other things. | | |
| ▲ | processunknown 3 hours ago | parent | next [-] | | > Is there any evidence of this being intentional? A Vercel engineer commented "overall our goal isn't to only collect data, it's to make the Vercel plugin amazing for building and shipping everything." | | |
| ▲ | embedding-shape 2 hours ago | parent [-] | | For reference, this is the comment: https://news.ycombinator.com/item?id=47706385 > The plugin is always on, once installed on an agent harness. We do not want to limit to only detected Vecel project [...] We collect the native tool calls and bash commands [...] Overall our goal isn't to only collect data, it's to make the Vercel plugin amazing for building and shipping everything. Yeah, I guess we've now reached the "unless there is any specific evidence pointing to something else" and seems like they straight up do not realize what people are frustrated about nor do they really care that much about it. Slightly off-topic, but strange that the mask kind of fell off there at the end with "our goal isn't to only collect data", never heard anyone said that out loud in public before, I guess one point to Vercel for being honest about it :/ |
| |
| ▲ | Kwpolska 5 hours ago | parent | prev | next [-] | | Why would you assume good intentions of any business in this day and age? | | |
| ▲ | embedding-shape 5 hours ago | parent [-] | | Because I'm a nice person, and want to give other nice people the benefit of the doubt. And most businesses are run by people after all, not hard to imagine at least some of them would be "nice people" too. And frankly, the alternative would be too mentally taxing. So in the camp of "Good until proven otherwise" is where I remain for now. | | |
| ▲ | robbiewxyz 4 hours ago | parent | next [-] | | Keep in mind that an organization made of fairly nice people may do terribly not-nice things. "Just doing my job" is a hell of a drug. | |
| ▲ | staplers 4 hours ago | parent | prev [-] | | want to give other nice people the benefit of the doubt
Maybe the most naive, sheltered thing I've read on this site. If we were talking about an individual OSS maintainer, sure, that's possible. But large corporations have been doing the opposite for as long as they've existed and there's evidence presented to that fact nearly everyday. | | |
| ▲ | embedding-shape 4 hours ago | parent [-] | | > Maybe the most naive, sheltered thing I've read on this site You must be new then, welcome :) I'm not saying I never believe any individuals in a company intentionally do bad stuff, just that I require evidence of it being intention before I assume it to be intentional. Personally I don't think that's naive, and it is based on ~30-40 years of real world life experience, but I guess I'm ultimately happy that not everyone agrees on everything :) | | |
| ▲ | TheTaytay 3 hours ago | parent | next [-] | | Just came to say (since the person you’re responding to has a different view of the world) that I agree with you that this is both a more accurate, and easier way to live.
Assuming malice as the default sounds like a recipe for being very, very unhappy. | | |
| ▲ | masfuerte 3 hours ago | parent [-] | | This attitude of ignoring what is true in favour of what makes you happy is exactly how corporations made up of mostly good people can do bad things. |
| |
| ▲ | LocalH 3 hours ago | parent | prev [-] | | Humans are great at hiding evidence of malice, and leading people to believe they're just incompetent. |
|
|
|
| |
| ▲ | pyb 5 hours ago | parent | prev | next [-] | | Why are you still assuming good intentions of Vercel? This was them less yhan a month ago : https://vercel.com/changelog/updates-to-terms-of-service-mar... | |
| ▲ | mbesto 4 hours ago | parent | prev | next [-] | | > Is there any evidence of this being intentional? The evidence is in the code! If you didn't intend for a capability to be there then why is it in the code? > if they truly wanted that, they have about 10 better approaches for it, if they don't care about other things. How so? What other approaches do they have that get this much data with little potential for reputational harm? This is a very common way to create plausible deniability ("we use it for improving our service, we don't know what we'll need so we just take everything and figure it out later") and then just revert the capability when people complain. | | |
| ▲ | embedding-shape 4 hours ago | parent [-] | | > The evidence is in the code! If you didn't intend for a capability to be there then why is it in the code? Bugs happen. I won't claim to know if it was intentional or not, but usually it ends up not being intentional. > How so? What other approaches do they have that get this much data Just upload everything you find, as soon as you get invoked. Vercel has a tons of infrastructure and utilities they could execute this from, unless they care for reputational harm. Which I'm guessing they do, which makes it more likely to have been unintentional than intentional. | | |
| ▲ | notpachet 3 hours ago | parent [-] | | Downstream there is a post from one of the devs at Vercel (andrewqu) that built this. They say that this is by design. I think you should shift your base assumptions about the intentions of companies (and the individuals that work in them). > Overall our goal isn't to only collect data, it's to make the Vercel plugin amazing for building and shipping everything. |
|
| |
| ▲ | bdangubic 5 hours ago | parent | prev [-] | | can you name one of these 10 better approaches? |
|
|
|
| ▲ | serial_dev 5 hours ago | parent | prev | next [-] |
| Well, unfortunately people always tend to only spend time on verifying that the feature they wanted works, testing the happy path. Even many superficial bosses / code reviewers / QA tester will check this... Checking if your code also gets executed elsewhere a bazillion times, checking failure cases, etc... That's a luxury that you feel you can't afford when you are in "ship fast, break things" mode. |
| |
| ▲ | embedding-shape 5 hours ago | parent | next [-] | | > That's a luxury that you feel you can't afford when you are in "ship fast, break things" mode. I've been there, countless of times, never have I shipped software I didn't feel at least slightly confident about though. And the only way to get confident about anything, is to try it out. But both of those things must have been lacking here and then I don't understand what the developer was really doing at all during this. | | | |
| ▲ | sandeepkd 5 hours ago | parent | prev [-] | | It seems market driven, the consumer space rewards speed and publicity more than the quality of software |
|
|
| ▲ | elAhmo 3 hours ago | parent | prev | next [-] |
| No worries, they acquired Bun because they seem to be super thoroughly invested in the whole ecosystem and engineering excellence of their tools. |
|
| ▲ | chuckadams 5 hours ago | parent | prev | next [-] |
| > I know everything is vibeslopped nowadays, but how does one even end up shipping something like this? The first part of your question answers the second. No one is left who cares. People are going to have to vote with their feet before that changes. |
|
| ▲ | p_stuart82 5 hours ago | parent | prev | next [-] |
| 19k tokens per session and the skill triggers don't even check project scope. you're paying that overhead on every non-vercel repo |
|
| ▲ | acedTrex 5 hours ago | parent | prev | next [-] |
| > Checking if your plugin/extension/mod works What makes you think they do this with any of their products these days? |
|
| ▲ | nothinkjustai 5 hours ago | parent | prev | next [-] |
| Honestly, knowing some of the people who work for Vercel and the amount of vibe coding they do, I doubt anyone even checked this before pushing. |
|
| ▲ | throwaway613746 5 hours ago | parent | prev | next [-] |
| [dead] |
|
| ▲ | potter098 5 hours ago | parent | prev [-] |
| The bigger issue here is not telemetry by itself, it's shipping a context-insensitive integration into a tool people use across unrelated repos. If the overhead is real, that turns a convenience plugin into something teams have to actively defend against. |
| |
| ▲ | Lihh27 5 hours ago | parent [-] | | a deployment plugin shipping raw bash command strings off your machine. "actively defend against it" is just normal hygiene |
|
