This is bad.
-
This is bad. This is very, very bad.
I'm not trying to pick on Python here, I pick it because Python is something I'm actively using, and so I have a vested interest in the project *not* being AI-vulnerable.
But it's not good, chat. It's very far from good, in fact.
@xgranade is it "i'm afraid of what it touched" or "i'm displeased it happened at all"?
Because I'm definitely the latter, it's not practical for me to die on that hill.
The former is at least tractable.
-
This is bad. This is very, very bad.
I'm not trying to pick on Python here, I pick it because Python is something I'm actively using, and so I have a vested interest in the project *not* being AI-vulnerable.
But it's not good, chat. It's very far from good, in fact.
@xgranade you shouldn't really be judging the code authors, but rather the maintainers. writing code is usually easier than reviewing it.
-
@theorangetheme @xgranade and possibly a compromise of the Code of Conduct, if Anthropic drops their commitment to not building weapons and turns Claude into another genocide machine at DOD's behest, as it seems they would like to/are being pressured to do.
(that ship has probably sailed on account of e.g. using GitHub in the first place)
@SnoopJ @theorangetheme Anthropic already works with Palantir. But by the time we get to friend-of-a-friend kind of logic...
-
@xgranade you shouldn't really be judging the code authors, but rather the maintainers. writing code is usually easier than reviewing it.
@MissingClara I agree maintaining is the more difficult part, but introducing wildly unethical and flawed tooling into the authorship stage is a problem, and a major one at that.
-
This is bad. This is very, very bad.
I'm not trying to pick on Python here, I pick it because Python is something I'm actively using, and so I have a vested interest in the project *not* being AI-vulnerable.
But it's not good, chat. It's very far from good, in fact.
@xgranade Huh, checked exactly that a few hours ago and didn't see the warning. Recent commit?
-
@xgranade is it "i'm afraid of what it touched" or "i'm displeased it happened at all"?
Because I'm definitely the latter, it's not practical for me to die on that hill.
The former is at least tractable.
@xgranade oh, it looks like the warning is complicated?
https://github.com/python/cpython/commits?author=claude shows no commits
so idk what exactly the warning is saying
-
@xgranade is it "i'm afraid of what it touched" or "i'm displeased it happened at all"?
Because I'm definitely the latter, it's not practical for me to die on that hill.
The former is at least tractable.
@astraluma A bit complex, but the rough summary would be a bit of column A, a bit of column B?
I'm definitely displeased, no question. I'm also afraid of what it touched, but not to the degree that I'm abandoning Python wholesale nor encouraging others to do so.
As mentioned, I'm not trying to pick on Python in particular, so much as that it's an example that's near and dear to my heart?
-
@SnoopJ @theorangetheme Anthropic already works with Palantir. But by the time we get to friend-of-a-friend kind of logic...
@xgranade @theorangetheme yea, you run into "no ethical consumption" awful fast in software
-
@ireneista If there's any monolithic overly centralized dependency that makes sense to take on, it's the language itself.
It would have been nice if alternative implementations like PyPy, IronPython, and Jython could have taken off, but extension modules are just too important to leave out.
@xgranade @ireneista Keep an eye on MicroPython; https://pyscript.net supports it as a backend, where it has the obvious benefit of, well, being small
-
@xgranade oh, it looks like the warning is complicated?
https://github.com/python/cpython/commits?author=claude shows no commits
so idk what exactly the warning is saying
@astraluma Searching through commits directly at the command line, @SnoopJ found a list:
SnoopJ (@SnoopJ@hachyderm.io)
@theorangetheme@en.osm.town @xgranade@wandering.shop here are the commits on `main` where it's explicitly a co-author: (Edit: I missed a few commits because I hadn't pulled :picardfacepalm:) ``` $ git log --oneline -i --grep "Co-authored-by: Claude.*anthropic\.com" 300de1e98ac gh-86519: Add prefixmatch APIs to the re module (GH-31137) ac8b5b68900 gh-143650: Fix importlib race condition on import failure (GH-143651) 9b8d59c136c gh-72798: Add mapping example to str.translate documentation (#144454) 34e5a63f145 gh-141444: Replace dead URL in urllib.robotparser example (GH-144443) 59f247e43bc gh-115952: Fix a potential virtual memory allocation denial of service in pickle (GH-119204) 5b1862bdd80 gh-87512: Fix `subprocess` using `timeout=` on Windows blocking with a large `input=` (GH-142058) cc6bc4c97f7 GH-134453: Fix subprocess memoryview input handling on POSIX (GH-134949) 532c37695d0 gh-137134: Update SQLite to 3.50.4 for binary releases (GH-137135) ```
Hachyderm.io (hachyderm.io)
I found a few more by searching PR discussions, some mention Claude as the author but don't include that in Git metadata.
That said, the warning banner has been appearing for some folks and not others, I have no idea why.
-
@ireneista @xgranade voting eligibility is easy, just join at https://psfmember.org, and either pay dues or self-certify as a contributing member, and register your interest in voting when they send out the yearly email
-
@MissingClara I agree maintaining is the more difficult part, but introducing wildly unethical and flawed tooling into the authorship stage is a problem, and a major one at that.
@xgranade I also dislike it, but the cat's out of the bag, even if it wasn't allowed people would still be using it, just without revealing it
-
@astraluma Searching through commits directly at the command line, @SnoopJ found a list:
SnoopJ (@SnoopJ@hachyderm.io)
@theorangetheme@en.osm.town @xgranade@wandering.shop here are the commits on `main` where it's explicitly a co-author: (Edit: I missed a few commits because I hadn't pulled :picardfacepalm:) ``` $ git log --oneline -i --grep "Co-authored-by: Claude.*anthropic\.com" 300de1e98ac gh-86519: Add prefixmatch APIs to the re module (GH-31137) ac8b5b68900 gh-143650: Fix importlib race condition on import failure (GH-143651) 9b8d59c136c gh-72798: Add mapping example to str.translate documentation (#144454) 34e5a63f145 gh-141444: Replace dead URL in urllib.robotparser example (GH-144443) 59f247e43bc gh-115952: Fix a potential virtual memory allocation denial of service in pickle (GH-119204) 5b1862bdd80 gh-87512: Fix `subprocess` using `timeout=` on Windows blocking with a large `input=` (GH-142058) cc6bc4c97f7 GH-134453: Fix subprocess memoryview input handling on POSIX (GH-134949) 532c37695d0 gh-137134: Update SQLite to 3.50.4 for binary releases (GH-137135) ```
Hachyderm.io (hachyderm.io)
I found a few more by searching PR discussions, some mention Claude as the author but don't include that in Git metadata.
That said, the warning banner has been appearing for some folks and not others, I have no idea why.
@xgranade @astraluma I have seen the warning suppressed in at least one place on GitHub (the C "compiler" they have been wanking about) so I don't know if there's A/B testing going on or just plain old fraud or what
-
@xgranade I also dislike it, but the cat's out of the bag, even if it wasn't allowed people would still be using it, just without revealing it
@MissingClara I agree it's a hard problem, but it's one that is quickly eroding norms and trust in open source, and I think it's worth taking a firm stance on that?
Even if people lie and ignore that stance, that still sets a community value and prevents casual usage, plus gives a clear path towards banning those contributors who lie about their own usage?
-
@xgranade @theorangetheme yea, you run into "no ethical consumption" awful fast in software
-
@ireneista @xgranade voting eligibility is easy, just join at https://psfmember.org, and either pay dues or self-certify as a contributing member, and register your interest in voting when they send out the yearly email
-
This is bad. This is very, very bad.
I'm not trying to pick on Python here, I pick it because Python is something I'm actively using, and so I have a vested interest in the project *not* being AI-vulnerable.
But it's not good, chat. It's very far from good, in fact.
As an addendum, I'm using Python as an example here because it's near and dear to my heart. This is not "Python in particular is exceptionally bad," this is "a very bad thing has been happening in OSS *in general* and Python is now in that blast radius, which makes it harder for me to personally ignore."
-
@xgranade @ireneista Keep an eye on MicroPython; https://pyscript.net supports it as a backend, where it has the obvious benefit of, well, being small
@xgranade @ireneista Huh, maybe even https://brython.info/ ?
I thought that project had fizzled out, but no, it supports 3.14
-
@MissingClara I agree it's a hard problem, but it's one that is quickly eroding norms and trust in open source, and I think it's worth taking a firm stance on that?
Even if people lie and ignore that stance, that still sets a community value and prevents casual usage, plus gives a clear path towards banning those contributors who lie about their own usage?
@xgranade I agree, but it's not up to me 🫤
-
This is bad. This is very, very bad.
I'm not trying to pick on Python here, I pick it because Python is something I'm actively using, and so I have a vested interest in the project *not* being AI-vulnerable.
But it's not good, chat. It's very far from good, in fact.
@xgranade I also saw this on Neovim and Wezterm, both of which I really love. On those projects, it seems to be extremely minor stuff, but it's still extremely depressing.
I was just getting into Python lately too! I started with JavaScript, and then went right to C++/C/Rust since I wanted to do realtime DSP. There's a Python library called Abjad for manipulating Lilypond musical notation that's really cool to play with, but this puts a bit of a damper on that excitement.
