They only documented it after all the outcry, which is way too late.
Documenting it post release still counts as having released undocumented behavior.
And if its malicious (which this 100% is), then it doesn’t fuckin matter anyways lol. You now are treated akin to a trojan maintainer by companies. You’ll get flagged as “don’t ever use anything by this person”
Super great way to get yourself flagged and lose any opportunity in the future for possibly licensing stuff you maintain for big bucks. What company would risk paying money to someone who does childish stuff like that lol
imo it’s more accurate to call it polarizing and get you blacklisted by the types of people you maybe don’t want using your code anyways. Personally anyone doing this I’m going to be more likely to use their code
by the types of people you maybe don’t want using your code anyways
…companies? Sure I guess, if you want to angle your career trajectory towards “unemployable” by all means lol.
Personally anyone doing this I’m going to be more likely to use their code
I am a tech lead, if any dev under me intentionally added/used a tool to our systems because it had malicious undocumented behaviors of any kind, they would be fired immediately and any company that contacted us for reference would be informed of their behavior.
To be clear, this is the scenario of
Me: hey I saw you installed [tool], that thing is flagged by our systems for the maintainers having done malicious undocumented stuff in the past
Dev: haha yeah thats why I used it
Me: you are joking right?
Thatd be an instant high level escalation to “strip this person of privs and get them off our system asap, and HR now has to be involved”
You dont fuckin do shit like that in a real company if you wanna stay employed lol.
I understand the sentiment, if you don’t like AI code generation you’re probably thinking you’re on the same side. But what happens if this person finds something else they hate that you don’t hate, and finds a way to sabotage that? They’ve already demonstrated a willingness to be destructive. And you’re running their code so they don’t need anything even remotely as dumb as some AI agents to exploit, they can just write destructive code normally.
Is it merely hating AI code generation or is it “AI code generation is in practice anti-FOSS” (unless there’s an ethical AI out there, trained exclusively on public domain code, that I don’t know about)?
Most open source maintainers never “license [any] stuff you maintain for big bucks” that is often hard to do and/or goes against the philosophy of open source entirely.
And I don’t even think this is malicious behaviour as it just nukes the code of this package and nothing else if you are not being careful yourself…
If you don’t do version control you are not a good programmer, imo
Most open source maintainers never “license [any] stuff you maintain for big bucks” that is often hard to do and/or goes against the philosophy of open source entirely.
Uhhh… no this is actually very common. Usually with scaling licenses, “free for use if your company is below [threshold]”, its super common…
And I don’t even think this is malicious behaviour as it just nukes the code of this package and nothing else if you are not being careful yourself…
Are you even reading what you just wrote lol.
Being “sorta” malicious is still malicious. And companies usually have zero tolerance for that shit.
If you don’t do version control you are not a good programmer, imo
You really underestimate how much damage this could do then, lol…
Fortunately, this behaviour is explicitly documented.
They only documented it after all the outcry, which is way too late.
Documenting it post release still counts as having released undocumented behavior.
And if its malicious (which this 100% is), then it doesn’t fuckin matter anyways lol. You now are treated akin to a trojan maintainer by companies. You’ll get flagged as “don’t ever use anything by this person”
Super great way to get yourself flagged and lose any opportunity in the future for possibly licensing stuff you maintain for big bucks. What company would risk paying money to someone who does childish stuff like that lol
imo it’s more accurate to call it polarizing and get you blacklisted by the types of people you maybe don’t want using your code anyways. Personally anyone doing this I’m going to be more likely to use their code
…companies? Sure I guess, if you want to angle your career trajectory towards “unemployable” by all means lol.
I am a tech lead, if any dev under me intentionally added/used a tool to our systems because it had malicious undocumented behaviors of any kind, they would be fired immediately and any company that contacted us for reference would be informed of their behavior.
To be clear, this is the scenario of
Me: hey I saw you installed [tool], that thing is flagged by our systems for the maintainers having done malicious undocumented stuff in the past
Dev: haha yeah thats why I used it
Me: you are joking right?
Thatd be an instant high level escalation to “strip this person of privs and get them off our system asap, and HR now has to be involved”
You dont fuckin do shit like that in a real company if you wanna stay employed lol.
I understand the sentiment, if you don’t like AI code generation you’re probably thinking you’re on the same side. But what happens if this person finds something else they hate that you don’t hate, and finds a way to sabotage that? They’ve already demonstrated a willingness to be destructive. And you’re running their code so they don’t need anything even remotely as dumb as some AI agents to exploit, they can just write destructive code normally.
You can decide if you want to use it or not, at your own risk. It’s free software, written by people in their free time, they owe you nothing.
Sure, you have that right.
And companies will exercise that right by blanket blacklisting everything related to you which can have huge sweeping impacts on your career lol
Its a super super stupid move to make. You are free to do a lotta other shit that tanks your career too lol
Is it merely hating AI code generation or is it “AI code generation is in practice anti-FOSS” (unless there’s an ethical AI out there, trained exclusively on public domain code, that I don’t know about)?
Most open source maintainers never “license [any] stuff you maintain for big bucks” that is often hard to do and/or goes against the philosophy of open source entirely.
And I don’t even think this is malicious behaviour as it just nukes the code of this package and nothing else if you are not being careful yourself…
If you don’t do version control you are not a good programmer, imo
Uhhh… no this is actually very common. Usually with scaling licenses, “free for use if your company is below [threshold]”, its super common…
Are you even reading what you just wrote lol.
Being “sorta” malicious is still malicious. And companies usually have zero tolerance for that shit.
You really underestimate how much damage this could do then, lol…