| ▲ | jcgrillo 25 days ago |
| > forget about the shutting it down and think of something actually realistic. Why is it not realistic? Small teams do excellent work. Keep your team small and trusted. Only accept contributions from your team, and people outside your team who are personally vouched for by someone on your team. It's like climbing mountains or sailing or any other type of inherently risky activity--you don't go out with people you don't trust. It's eminently possible, you just don't like the idea of it. |
|
| ▲ | dale_glass 25 days ago | parent | next [-] |
| That's not shutting anything down, that's just being selective with what you accept, and everyone did that already to some extent. Even pre-AI it was obvious that contributions have to be vetted for a bunch of reasons. |
| |
| ▲ | jcgrillo 25 days ago | parent [-] | | Right, so the Github "open contributions" model where anyone can open an issue or a PR or otherwise waste a maintainer's time is broken. Fundamentally insecure under this type of attack. Now that the exploit is being used widely, and costing us immensely, we need to put a lid on it. If the only way to guarantee an AI bot (or its meatspace sock puppet) doesn't waste your time is to move to a "look but don't touch" model, then that's what we need to do. I think this would be a reasonable default: Public repos are read only except for contributors who have been given specific permission, and those permissions are granular e.g. in order of increasing damage potential: - comment on issue - create issue - comment on PR - create PR - run CI against PR - etc. In other words, shut it down. | | |
|
|
| ▲ | bcjdjsndon 25 days ago | parent | prev [-] |
| > It's eminently possible, you just don't like the idea of it. Sounds like you can't accept AI is here to stay |
| |
| ▲ | ToucanLoucan 25 days ago | parent [-] | | "I shit on your floor, guess you have to get used to shit on your floor" No. You go out the door, and then I clean it up, and you don't get invited back. That's how that works. | | |
|
