Danielle ForéUghhhhh someone submitted an app to appcenter that is not only obviously vibe coded because Claud is on the repo but also because there’s a lot of really big mistakes.
Honestly I don’t like this at all. If you want to learn to write apps please ask for mentorship and join our community there’s lot of people willing to help. But I can’t help but feel like this is a waste of my time because you’re not learning anything this way. It feels gross
I also feel like we need something in appstream so that people in the App Store can know an app was made with an LLM and avoid it
Feel free to throw your acks here: https://github.com/ximion/appstream/issues/744
We've also now started a discussion for the appcenter submission process if we'll allow submissions to our flatpak remote that are known to contain LLM-generated code
https://github.com/elementary/appcenter-reviews/discussions/647
Terminal TiltI hope you take a strict #NoAI policy. You'll have to block things like KeePassXC, Calibre, and Fluxer (three apps that break my heart).
TSRBerry@terminaltilt Pretty disappointed about KeePassXC. While I still trust them now, I'm sad that their blog post only focuses on the code perspective and doesn't discuss how they think they can justify the waste of energy or how any code generated by the theft machine would be GPL compatible.
I really hoped they would reject LLMs based on morals instead of arguing like that.
I agree, it is disappointing. It tarnishes the entire project. Security and LLMs are incompatible. Security relies on intent and auditability, knowing exactly why every line of code exists. LLMs are just whatever spitting out the most probable next character based on a mountain of stolen data.
If a developer doesn't have the mental ability to write their own security implementation, how can I trust them to audit it?