#Code reviews seem to be the biggest bottleneck in software development right now.
Open source package ecosystems are victims of their own success. There's a long tail of iffy packages that nobody has reviewed, and nobody wants to.
For the top projects, maintenance is tough. Stakes are high. Reviews are hard. Contributions are meh quality (even before LLMs). It's not just code, but a people problem too. GitHub's primitive workflow wastes everyone's time.
Something's gonna break.
LLMs can spit code-alike outputs 24/7, faster than humans can read it. This is a DoS attack on open source.
A maintainer can't trust that the person submitting a PR has properly reviewed the code, so they have to do all the review work anyway. There's zero benefit. If the maintainer wanted LLM-generated code, they could ask an LLM themselves, and skip the trust issues and slowness of dealing with a random middleman submitting it.
Something's gonna break.
@kornel well, yes ... and no. I'm one of the two main developers of the FLOSS DAW ardour, and it is true that we are running into issues with LLM generated PRs.
But we're also running into people using an LLM to solve a very specific problem that is bugging them, something that we would never "ask an LLM ourselves" to do. Those PRs are often just a handful of lines with (often) obvious correctness.
It would be a shame to throw out that baby with the other stinky bathwater.
Kornel
PaulDavisTheFirst