• 1024_Kibibytes@lemm.ee
      link
      fedilink
      arrow-up
      123
      arrow-down
      1
      ·
      7 months ago

      That is the real dead Internet theory: everything from production to malicious actors to end users are all ai scripts wasting electricity and hardware resources for the benefit of no human.

        • redd@discuss.tchncs.de
          link
          fedilink
          arrow-up
          27
          ·
          7 months ago

          Not only internet. Soon everybody will use AI for everything. Lawyers will use AI in court on both sides. AI will fight against AI.

          • devfuuu@lemmy.world
            link
            fedilink
            arrow-up
            28
            ·
            edit-2
            7 months ago

            I was at a coffee shop the other day and 2 lawyers were discussing how they were doing stuff with ai that they didn’t know anything about and then just send to their clients.

            That shit scared the hell out of me.

            And everything will just keep getting worse with more and more common folk eating the hype and brainwash using these highly incorrect tools in all levels of our society everyday to make decisions about things they have no idea about.

            • NABDad@lemmy.world
              link
              fedilink
              English
              arrow-up
              18
              ·
              7 months ago

              I’m aware of an effort to get LLM AI to summarize medical reports for doctors.

              Very disturbing.

              The people driving it where I work tend to be the people who know the least about how computers work.

          • Telorand@reddthat.com
            link
            fedilink
            arrow-up
            9
            ·
            7 months ago

            It was a time of desolation, chaos, and uncertainty. Brother pitted against brother. Babies having babies.

            Then one day, from the right side of the screen, came a man. A man with a plastic rectangle.

      • atomicbocks@sh.itjust.works
        link
        fedilink
        English
        arrow-up
        17
        ·
        7 months ago

        The Internet will continue to function just fine, just as it has for 50 years. It’s the World Wide Web that is on fire. Pretty much has been since a bunch of people who don’t understand what Web 2.0 means decided they were going to start doing “Web 3.0” stuff.

        • UnderpantsWeevil@lemmy.world
          link
          fedilink
          English
          arrow-up
          19
          ·
          7 months ago

          The Internet will continue to function just fine, just as it has for 50 years.

          Sounds of intercontinental data cables being sliced

      • josefo@leminal.space
        link
        fedilink
        arrow-up
        3
        ·
        7 months ago

        That would only happen if we give power to our ai assistants to buy things on our behalf, and manage our budgets. They will decide among themselves who needs what and the money will flow to billionaires pockets without any human intervention. If humans go far enough, not even rich people would be rich, as trust funds, stock portfolios would operate under ai. If the ai achieves singularity with that level of control, we are all basically in spectator mode.

  • merthyr1831@lemmy.ml
    link
    fedilink
    English
    arrow-up
    172
    arrow-down
    1
    ·
    7 months ago

    AI is yet another technology that enables morons to think they can cut out the middleman of programming staff, only to very quickly realise that we’re more than just monkeys with typewriters.

      • toynbee@lemmy.world
        link
        fedilink
        arrow-up
        11
        ·
        7 months ago

        I was going to post a note about typewriters, allegedly from Tom Hanks, which I saw years and years ago; but I can’t find it.

        Turns out there’s a lot of Tom Hanks typewriter content out there.

        • r.EndTimes@lemm.ee
          link
          fedilink
          English
          arrow-up
          7
          ·
          7 months ago

          He donated his to my hs randomly, it was supposed to goto the valedictorian but the school kept it lmao, it was so funny because they showed everyone a video where he says not to keep the typewriter and its for a student

      • xthexder@l.sw0.com
        link
        fedilink
        arrow-up
        45
        arrow-down
        1
        ·
        7 months ago

        But then they’d have a dev team who wrote the code and therefore knows how it works.

        In this case, the hackers might understand the code better than the “author” because they’ve been working in it longer.

      • merthyr1831@lemmy.ml
        link
        fedilink
        English
        arrow-up
        5
        ·
        7 months ago

        True, any software can be vulnerable to attack.

        but the difference is a technical team of software developers can mitigate an attack and patch it. This guy has no tech support than the AI that sold him the faulty code that likely assumed he did the proper hardening of his environment (which he did not).

        Openly admitting you programmed anything with AI only is admitting you haven’t done the basic steps to protecting yourself or your customers.

  • ✨🗝🪄♠️🎩♠️🪄🕸✨@sh.itjust.worksBanned from community
    link
    fedilink
    English
    arrow-up
    147
    arrow-down
    1
    ·
    7 months ago

    Hilarious and true.

    last week some new up and coming coder was showing me their tons and tons of sites made with the help of chatGPT. They all look great on the front end. So I tried to use one. Error. Tried to use another. Error. Mentioned the errors and they brushed it off. I am 99% sure they do not have the coding experience to fix the errors. I politely disconnected from them at that point.

    What’s worse is when a noncoder asks me, a coder, to look over and fix their ai generated code. My response is “no, but if you set aside an hour I will teach you how HTML works so you can fix it yourself.” Never has one of these kids asking ai to code things accepted which, to me, means they aren’t worth my time. Don’t let them use you like that. You aren’t another tool they can combine with ai to generate things correctly without having to learn things themselves.

    • Thoven@lemdro.id
      link
      fedilink
      English
      arrow-up
      63
      ·
      7 months ago

      100% this. I’ve gotten to where when people try and rope me into their new million dollar app idea I tell them that there are fantastic resources online to teach yourself to do everything they need. I offer to help them find those resources and even help when they get stuck. I’ve probably done this dozens of times by now. No bites yet. All those millions wasted…

    • MyNameIsIgglePiggle@sh.itjust.works
      link
      fedilink
      arrow-up
      29
      arrow-down
      1
      ·
      7 months ago

      I’ve been a professional full stack dev for 15 years and dabbled for years before that - I can absolutely code and know what I’m doing (and have used cursor and just deleted most of what it made for me when I let it run)

      But my frontends have never looked better.

    • _carmin@lemm.eeBanned from community
      link
      fedilink
      English
      arrow-up
      2
      arrow-down
      1
      ·
      7 months ago

      Coder? You havent been to university right?

  • M0oP0o@mander.xyz
    link
    fedilink
    arrow-up
    113
    arrow-down
    1
    ·
    7 months ago

    Ha, you fools still pay for doors and locks? My house is now 100% done with fake locks and doors, they are so much lighter and easier to install.

    Wait! why am I always getting robbed lately, it can not be my fake locks and doors! It has to be weirdos online following what I do.

  • rtxn@lemmy.world
    link
    fedilink
    arrow-up
    107
    ·
    7 months ago

    “If you don’t have organic intelligence at home, store-bought is fine.” - leo (probably)

  • rekabis@programming.dev
    link
    fedilink
    arrow-up
    62
    ·
    7 months ago

    The fact that “AI” hallucinates so extensively and gratuitously just means that the only way it can benefit software development is as a gaggle of coked-up juniors making a senior incapable of working on their own stuff because they’re constantly in janitorial mode.

    • daniskarma@lemmy.dbzer0.com
      link
      fedilink
      arrow-up
      21
      arrow-down
      4
      ·
      edit-2
      7 months ago

      Plenty of good programmers use AI extensively while working. Me included.

      Mostly as an advance autocomplete, template builder or documentation parser.

      You obviously need to be good at it so you can see at a glance if the written code is good or if it’s bullshit. But if you are good it can really speed things up without any risk as you will only copy cody that you know is good and discard the bullshit.

      Obviously you cannot develop without programming knowledge, but with programming knowledge is just another tool.

      • Nalivai@lemmy.world
        link
        fedilink
        arrow-up
        13
        arrow-down
        1
        ·
        7 months ago

        I maintain strong conviction that if a good programmer uses llm in their work, they just add more work for themselves, and if less than good one does it, they add new exciting and difficult to find bugs, while maintaining false confidence in their code and themselves.
        I have seen so much code that looks good on first, second, and third glance, but actually is full of shit, and I was able to find that shit by doing external validation like talking to the dev or brainstorming the ways to test it, the things you categorically cannot do with unreliable random words generator.

        • daniskarma@lemmy.dbzer0.com
          link
          fedilink
          arrow-up
          3
          arrow-down
          1
          ·
          edit-2
          7 months ago

          That’s why you use unit test and integration test.

          I can write bad code myself or copy bad code from who-knows where. It’s not something introduced by LLM.

          Remember famous Linus letter? “You code this function without understanding it and thus you code is shit”.

          As I said, just a tool like many other before it.

          I use it as a regular practice while coding. And to be true, reading my code after that I could not distinguish what parts where LLM and what parts I wrote fully by myself, and, to be honest, I don’t think anyone would be able to tell the difference.

          It would probably a nice idea to do some kind of turing test, a put a blind test to distinguish the AI written part of some code, and see how precisely people can tell it apart.

          I may come back with a particular piece of code that I specifically remember to be an output from deepseek, and probably withing the whole context it would be indistinguishable.

          Also, not all LLM usage is for copying from it. Many times you copy to it and ask the thing yo explain it to you, or ask general questions. For instance, to seek for specific functions in C# extensive libraries.

          • Nalivai@lemmy.world
            link
            fedilink
            arrow-up
            2
            ·
            7 months ago

            That’s why you use unit test and integration test.

            Good start, but not even close to being enough. What if code introduces UB? Unless you specifically look for that, and nobody does, neither unit nor on-target tests will find it. What if it’s drastically ineffective? What if there are weird and unusual corner cases?
            Now you spend more time looking for all of that and designing tests that you didn’t need to do if you had proper practices from the beginning.

            It would probably a nice idea to do some kind of turing test, a put a blind test to distinguish the AI written part of some code, and see how precisely people can tell it apart.

            But that’s worse! You do realise how that’s worse, right? You lose all the external ways to validate the code, now you have to treat all the code as malicious.

            For instance, to seek for specific functions in C# extensive libraries.

            And spend twice as much time trying to understand why can’t you find a function that your LLM just invented with absolute certainty of a fancy autocomplete. And if that’s an easy task for you, well, then why do you need this middle layer of randomness. I can’t think of a reason why not to search in the documentation instead of introducing this weird game of “will it lie to me”

            • daniskarma@lemmy.dbzer0.com
              link
              fedilink
              arrow-up
              1
              arrow-down
              1
              ·
              edit-2
              7 months ago

              Any human written code can and will introduce UB.

              Also I don’t see how you will take more that 5 second to verify that a given function does not exist. It has happen to me, llm suggesting unexisting function. And searching by function name in the docs is instantaneous.

              I you don’t want to use it don’t. I have been more than a year doing so and I haven’t run into any of those catastrophic issues. It’s just a tool like many others I use for coding. Not even the most important, for instance I think LSP was a greater improvement on my coding efficiency.

              It’s like using neovim. Some people would post me a list of all the things that can go bad for making a Frankenstein IDE in a ancient text editor. But if it works for me, it works for me.

              • Nalivai@lemmy.world
                link
                fedilink
                arrow-up
                2
                ·
                7 months ago

                Any human written code can and will introduce UB.

                And there is enormous amount of safeguards, tricks, practices and tools we come up with to combat it. All of those are categorically unavailable to an autocomplete tool, or a tool who exclusively uses autocomplete tool to code.

                Also I don’t see how you will take more that 5 second to verify that a given function does not exist. It has happen to me, llm suggesting unexisting function. And searching by function name in the docs is instantaneous.

                Which means you can work with documentation. Which means you really, really don’t need the middle layer, like, at all.

                I haven’t run into any of those catastrophic issues.

                Glad you didn’t, but also, I’ve reviewed enough generated code to know that a lot of the time people think they’re OK, when in reality they just introduced an esoteric memory leak in a critical section. People who didn’t do it by themselves, but did it because LLM told them to.

                I you don’t want to use it don’t.

                It’s not about me. It’s about other people introducing shit into our collective lives, making it worse.

                • daniskarma@lemmy.dbzer0.com
                  link
                  fedilink
                  arrow-up
                  1
                  arrow-down
                  1
                  ·
                  edit-2
                  7 months ago

                  You can actually apply those tools and procedures to automatically generated code, exactly the same as in any other piece of code. I don’t see the impediment here…

                  You must be able to understand that searching by name is not the same as searching by definition, nothing more to add here…

                  Why would you care of the shit code submitted to you is bad because it was generated with AI, because it was copied from SO, or if it’s brand new shit code written by someone. If it’s bad is bad. And bad code have existed since forever. Once again, I don’t see the impact of AI here. If someone is unable to find that a particular generated piece of code have issues, I don’t see how magically is going to be able to see the issue in copypasted code or in code written by themselves. If they don’t notice they don’t, no matter the source.

                  I will go back to the Turing test. If you don’t even know if the bad code was generated, copied or just written by hand, how are you even able to tell that AI is the issue?

        • HumanPerson@sh.itjust.works
          link
          fedilink
          English
          arrow-up
          1
          ·
          7 months ago

          There is an exception to this I think. I don’t make ai write much, but it is convenient to give it a simple Java class and say “write a tostring” and have it spit out something usable.

    • millie@beehaw.org
      link
      fedilink
      English
      arrow-up
      7
      ·
      edit-2
      7 months ago

      Depending on what it is you’re trying to make, it can actually be helpful as one of many components to help get your feet wet. The same way modding games can be a path to learning a lot by fiddling with something that’s complete, getting suggestions from an LLM that’s been trained on a bunch of relevant tutorials can give you enough context to get started. It will definitely hallucinate, and figuring out when it’s full of shit is part of the exercise.

      It’s like mid-way between rote following tutorials, modding, and asking for help in support channels. It isn’t as rigid as the available tutorials, and though it’s prone to hallucination and not as knowledgeable as support channel regulars, it’s also a lot more patient in many cases and doesn’t have its own life that it needs to go live.

      Decent learning tool if you’re ready to check what it’s doing step by step, look for inefficiencies and mistakes, and not blindly believe everything it says. Just copying and pasting while learning nothing and assuming it’ll work, though? That’s not going to go well at all.

    • Devanismyname@lemmy.ca
      link
      fedilink
      English
      arrow-up
      7
      arrow-down
      13
      ·
      7 months ago

      It’ll just keep better at it over time though. The current ai is way better than 5 years ago and in 5 years it’ll be way better than now.

      • almost1337@lemm.ee
        link
        fedilink
        arrow-up
        17
        arrow-down
        1
        ·
        7 months ago

        That’s certainly one theory, but as we are largely out of training data there’s not much new material to feed in for refinement. Using AI output to train future AI is just going to amplify the existing problems.

        • Devanismyname@lemmy.ca
          link
          fedilink
          English
          arrow-up
          2
          arrow-down
          13
          ·
          7 months ago

          I mean, the proof is sitting there wearing your clothes. General intelligence exists all around us. If it can exist naturally, we can eventually do it through technology. Maybe there needs to be more breakthroughs before it happens.

            • mindbleach@sh.itjust.works
              link
              fedilink
              arrow-up
              2
              arrow-down
              5
              ·
              7 months ago

              I mean - have you followed AI news? This whole thing kicked off maybe three years ago, and now local models can render video and do half-decent reasoning.

              None of it’s perfect, but a lot of it’s fuckin’ spooky, and any form of “well it can’t do [blank]” has a half-life.

              • Korhaka@sopuli.xyz
                link
                fedilink
                English
                arrow-up
                4
                ·
                7 months ago

                Seen a few YouTube channels now that just print out AI generated content. Usually audio only with a generated picture on screen. Vast amounts could be made so cheaply like that, Google is going to have fun storing all that when each only gets like 25 views. I think at some point they are going to have to delete stuff.

              • SaraTonin@lemm.ee
                link
                fedilink
                English
                arrow-up
                2
                ·
                7 months ago

                If you follow AI news you should know that it’s basically out of training data, that extra training is inversely exponential and so extra training data would only have limited impact anyway, that companies are starting to train AI on AI generated data -both intentionally and unintentionally, and that hallucinations and unreliability are baked-in to the technology.

                You also shouldn’t take improvements at face value. The latest chatGPT is better than the previous version, for sure. But its achievements are exaggerated (for example, it already knew the answers ahead of time for the specific maths questions that it was denoted answering, and isn’t better than before or other LLMs at solving maths problems that it doesn’t have the answers already hardcoded), and the way it operates is to have a second LLM check its outputs. Which means it takes,IIRC, 4-5 times the energy (and therefore cost) for each answer, for a marginal improvement of functionality.

                The idea that “they’ve come on in leaps and bounds over the Last 3 years therefore they will continue to improve at that rate isn’t really supported by the evidence.

                • mindbleach@sh.itjust.works
                  link
                  fedilink
                  arrow-up
                  3
                  arrow-down
                  1
                  ·
                  edit-2
                  7 months ago

                  We don’t need leaps and bounds, from here. We’re already in science fiction territory. Incremental improvement has silenced a wide variety of naysaying.

                  And this is with LLMs - which are stupid. We didn’t design them with logic units or factoid databases. Anything they get right is an emergent property from guessing plausible words, and they get a shocking amount of things right. Smaller models and faster training will encourage experimentation for better fundamental goals. Like a model that can only say yes, no, or mu. A decade ago that would have been an impossible sell - but now we know data alone can produce a network that’ll fake its way through explaining why the answer is yes or no. If we’re only interested in the accuracy of that answer, then we’re wasting effort on the quality of the faking.

                  Even with this level of intelligence, where people still bicker about whether it is any level of intelligence, dumb tricks keep working. Like telling the model to think out loud. Or having it check its work. These are solutions an author would propose as comedy. And yet: it helps. It narrows the gap between “but right now it sucks at [blank]” and having to find a new [blank]. If that never lets it do math properly, well, buy a calculator.

          • Nalivai@lemmy.world
            link
            fedilink
            arrow-up
            1
            ·
            7 months ago

            Everything possible in theory. Doesn’t mean everything happened or just about to happen

      • GenosseFlosse@feddit.org
        link
        fedilink
        arrow-up
        2
        ·
        7 months ago

        To get better it would need better training data. However there are always more junior devs creating bad training data, than senior devs who create slightly better training data.

        • SaraTonin@lemm.ee
          link
          fedilink
          English
          arrow-up
          6
          arrow-down
          1
          ·
          7 months ago

          And now LLMs being trained on data generated by LLMs. No possible way that could go wrong.

  • Electric@lemmy.world
    link
    fedilink
    arrow-up
    59
    ·
    7 months ago

    Is the implication that he made a super insecure program and left the token for his AI thing in the code as well? Or is he actually being hacked because others are coping?

  • formulaBonk@lemm.ee
    link
    fedilink
    English
    arrow-up
    46
    ·
    7 months ago

    Reminds me of the days before ai assistants where people copy pasted code from forums and then you’d get quesitions like “I found this code and I know what every line does except this ‘for( int i = 0; i < 10; i ++)’ part. Is this someone using an unsupported expression?”

      • Moredekai@lemmy.world
        link
        fedilink
        arrow-up
        42
        ·
        7 months ago

        It’s a standard formatted for-loop. It’s creating the integer variable i, and setting it to zero. The second part is saying “do this while i is less than 10”, and the last part is saying what to do after the loop runs once -‐ increment i by 1. Under this would be the actual stuff you want to be doing in that loop. Assuming nothing in the rest of the code is manipulating i, it’ll do this 10 times and then move on

        • Fermion@feddit.nl
          link
          fedilink
          arrow-up
          7
          ·
          7 months ago

          I would also add that usually i will be used inside the code block to index locations within whatever data structures need to be accessed. Keeping track of how many times the loop has run has more utility than just making sure something is repeated 10 times.

      • jqubed@lemmy.world
        link
        fedilink
        arrow-up
        13
        ·
        7 months ago

        @Moredekai@lemmy.world posted a detailed explanation of what it’s doing, but just to chime in that it’s an extremely basic part of programming. Probably a first week of class if not first day of class thing that would be taught. I haven’t done anything that could be considered programming since 2002 and took my first class as an elective in high school in 2000 but still recognize it.

      • JustAnotherKay@lemmy.world
        link
        fedilink
        arrow-up
        7
        ·
        edit-2
        7 months ago

        for( int i = 0; i < 10; i ++)

        This reads as “assign an integer to the variable I and put a 0 in that spot. Do the following code, and once completed add 1 to I. Repeat until I reaches 10.”

        Int I = 0 initiates I, tells the compiler it’s an integer (whole number) and assigns 0 to it all at once.

        I ++ can be written a few ways, but they all say “add 1 to I”

        I < 10 tells it to stop at 10

        For tells it to loop, and starts a block which is what will actually be looping

        Edits: A couple of clarifications

    • barsoap@lemm.ee
      link
      fedilink
      arrow-up
      1
      arrow-down
      1
      ·
      edit-2
      7 months ago

      i <= 9, you heathen. Next thing you’ll do is i < INT_MAX + 1 and then the shit’s steaming.

      I’m cooked, see thread.

        • barsoap@lemm.ee
          link
          fedilink
          arrow-up
          1
          ·
          edit-2
          7 months ago

          I mean i < 10 isn’t wrong as such, it’s just good practice to always use <= because in the INT_MAX case you have to and everything should be regular because principle of least astonishment: That 10 might become a #define FOO 10, that then might become #define FOO INT_MAX, each of those changes look valid in isolation but if there’s only a single i < FOO in your codebase you introduced a bug by spooky action at a distance. (overflow on int is undefined behaviour in C, in case anyone is wondering what the bug is).

          …never believe anyone who says “C is a simple language”. Their code is shoddy and full of bugs and they should be forced to write Rust for their own good.

          • kevincox@lemmy.ml
            link
            fedilink
            arrow-up
            5
            ·
            edit-2
            7 months ago

            But your case is wrong anyways because i <= INT_MAX will always be true, by definition. By your argument < is actually better because it is consistent from < 0 to iterate 0 times to < INT_MAX to iterate the maximum number of times. INT_MAX + 1 is the problem, not < which is the standard to write for loops and the standard for a reason.

            • barsoap@lemm.ee
              link
              fedilink
              arrow-up
              2
              ·
              edit-2
              7 months ago

              You’re right, that’s what I get for not having written a line of C in what 15 years. Bonus challenge: write for i in i32::MIN..=i32::MAX in C, that is, iterate over the whole range, start and end inclusive.

              (I guess the ..= might be where my confusion came from because Rust’s .. is end-exclusive and thus like <, but also not what you want because i32::MAX + 1 panics).

                • barsoap@lemm.ee
                  link
                  fedilink
                  arrow-up
                  1
                  ·
                  7 months ago

                  Would you be bold enough to write if (i++ == INT_MAX) break? The result of the increment is never used, but an increment is being done, at least syntactically, and it overflows, at least theoretically, so maybe (I’m not 100% sure) the compiler could be allowed to break out into song because undefined behaviour allows anything to happen.

  • mindbleach@sh.itjust.works
    link
    fedilink
    arrow-up
    45
    ·
    7 months ago

    An otherwise meh article concluded with “It is in everyone’s interest to gradually adjust to the notion that technology can now perform tasks once thought to require years of specialized education and experience.”

    Much as we want to point and laugh - this is not some loon’s fantasy. This is happening. Some dingus told spicy autocomplete ‘make me a database!’ and it did. It’s surely as exploit-hardened as a wet paper towel, but it functions. Largely as a demonstration of Kernighan’s law.

    This tech is borderline miraculous, even if it’s primarily celebrated by the dumbest motherfuckers alive. The generation and the debugging will inevitably improve to where the machine is only as bad at this as we are. We will be left with the hard problem of deciding what the software is supposed to do.

    • easily3667@lemmus.org
      link
      fedilink
      English
      arrow-up
      9
      ·
      edit-2
      7 months ago

      This industry also spends most of it’s money either changing things that don’t need to change (we optimized the right click menu to remove this item, mostly to fuck your muscle memory) or to avoid changing things (rather than implementing 2fa, banks have implemented 58372658 distinct algorithms for detecting things that might be fraud).

      If you’re just talking about enabling small scale innovation you’re probably right, but if you’re talking about the industry as a whole I think you need to look at what people in industry are actually spending their time on.

      it’s not code.

    • Uli@sopuli.xyz
      link
      fedilink
      arrow-up
      8
      arrow-down
      1
      ·
      edit-2
      7 months ago

      Yeah, I’ve been using it heavily. While someone without technical knowledge will surely allow AI to build a highly insecure app, people with more technological knowledge are going to propel things to a level where the less tech savvy will have fewer and fewer pitfalls to fall into.

      For the past two months, I’ve been leveraging AI to build a CUE system that takes a user desire (e.g. “i want to deploy a system with an app that uses a database and a message queue” expressed as a short json) and converts a simple configuration file that unpacks into all the kubernetes manifests required to deploy the system they want to deploy.

      I’m trying to be fully shift-left about it. So, even if the user’s configuration is as simple as my example, it should still use CUE templating to construct the files needed for a full DevSecOps stack - Ingress Controller, KEDA, some kind of logging such as ELK stack, vulnerability scanners, policy agents, etc. The idea is the every stack should at all times be created in a secure state. And extra CUE transformations ensure that you can split the deployment destinations in any type of way, local/onprem, any cloud provider, or any combination thereof.

      The idea is that if I need to swap out a component, I just change one override in the config and the incoming component already knows how to connect to everything and do what the previous component was doing because I’ve already abstracted the component’s expected manifest fields using CUE. So, I’d be able to do something like changing my deployment from one cloud to another with a click of a button. Or build up a whole new fully secure stack for a custom purpose within a few minutes.

      The idea is I could use this system to launch my own social media app, since I’ve been planning the ideal UX for many years. But whether or not that pans out, I can take my CUE system and put a web interface over it to turn it into a mostly automated PaaS. I figure I could undercut most PaaS companies and charge just a few percentage points above cost (using OpenCost to track the expenses). If we get to the point where we have a ton of novices creating apps with AI, I might be in a lucrative position if I have a PaaS that can quickly scale and provide automated secure back ends.

      Of course, I intend on open sourcing the CUE once it’s developed enough to get things off the ground. I’d really love to make money from my creative ideas on a socialized media app that I create, am less excited about gatekeeping this kind of advancement.

      Interested to know if anyone has done this type of project in the past. Definitely wouldn’t have been able to move at nearly this speed without AI.

        • Uli@sopuli.xyz
          link
          fedilink
          arrow-up
          1
          ·
          edit-2
          7 months ago

          I’ve never heard of this before, but you’re right that it sounds very much like what I’m doing. Thank you! Definitely going to research this topic thoroughly now to make sure I’m not reinventing the wheel.

          Based on the sections in that link, I wondered if the MASD project was more geared toward the software dev side or devops. I asked Google and got this AI response:

          “MAD” (Modern Application Development) services, often used in the context of software development, encompass a broader approach that includes DevOps principles and tools, focusing on rapid innovation and cloud-native architectures, rather than solely on systems development.

          So (if accurate), it sounds like all the modernized automation of CI/CD, IaC, and GitOps that I know and love are already engaging in MAD philosophy. And what I’m doing is really just providing the last puzzle piece to fully automate stack architecting. I’m guessing the reason it doesn’t already exist is because a lot of the open source tools I’m relying on to do the heavy lifting inside kubernetes are themselves relatively new. So, hopefully this all means I’m not wasting my time lol

          • Senal@programming.dev
            link
            fedilink
            English
            arrow-up
            2
            ·
            7 months ago

            AFAICT MASD is an iteration on MDE which incorporates parts of MAD but not in a direct fashion.

            Lots of acronyms there.

            These types of systems do exist, they just aren’t mainstream because there hasn’t been a version of them that could be easily used for general development outside of the specific mid-level niches they are built in.

            I think it’s the goal, but I’ve not seen anything come close yet.

            Admittedly I’m not an authority so it may just be me missing the important things.

            • Uli@sopuli.xyz
              link
              fedilink
              arrow-up
              1
              ·
              7 months ago

              Thanks for the info. When I searched MASD, it told me instead about MAD, so it’s good to know how they’re differentiated.

              This whole idea comes from working in a shop where most of their DevSecOps practices were fantastic, but we were maintaining fleets of Helm charts (picture the same Helm override sent to lots of different places with slightly different configuration). The unique values for each deployment were buried “somewhere” in all of these very lengthy values.yaml override files. Basically had to did into thousands of lines of code whenever you didn’t know off-hand how a deployment was configured.

              I think when you’re in the thick of a job, people tend to just do what gets the job done, even if it means you’re going to have to do it again in two weeks. We want to automate, but it becomes a battle between custom-fitting and generalization. With the tradeoff being that generalization takes a lot of time and effort to do correctly.

              So, I think plenty of places are “kind of” at this level where they might use CUE to generalize but tend to modify the CUE for each use case individually. But many DevOps teams I suspect aren’t even using CUE, they’re still modifying raw yaml. I think of yaml like plumbing. It’s very important, but best not exposed for manual modification unless necessary. Mostly I just see CUE used to construct and deliver Helm/kubernetes on the cluster, in tools like KubeVela and Radius. This is great for overriding complex Helm manifests with a simple Application .yaml, but the missing niche I’m trying to fill is a tool that provides the connections between different tools and constrains the overall structure of a DevSecOps stack.

              I’d imagine any company with a team who has solved this problem is keeping it proprietary since it represents a pretty big advantage at the moment. But I think it’s just as likely that a project like this requires such a heavy lift before seeing any gain that most businesses simply aren’t focusing on it.

              • Senal@programming.dev
                link
                fedilink
                English
                arrow-up
                1
                ·
                7 months ago

                My experiences are similar to yours, though less k8’s focused and more general DevSecOps.

                it becomes a battle between custom-fitting and generalisation.

                This is mentioned in the link as “Barely General Enough” I’m not sure i fully subscribe to that specific interpretation but the trade off between generalisation and specialisation is certainly a point of contention in all but the smallest dev houses (assuming they are not just cranking hard coded one-off solutions).

                I dislike the yaml syntax, in the same way i dislike python, but it is pervasive in the industry at the moment so you work with that you have.

                I don’t think yaml is the issue as much as the uncontrolled nature of the usage.

                You’d have the same issue with any format as flexible to interpretation that was being created/edited by hand.

                As in, if the yaml were generated and used automatically as part of a chain i don’t think it’d be an issue, but it is not nearly prescriptive enough to produce the high level kind of model definitions further up the requirements stack.

                note: i’m not saying it couldn’t be done in yaml, i’m saying that it would be a massive effort to shoehorn what was needed into a structure that wasn’t designed for that kind of thing

                Which then brings use back to the generalisation vs specialisation argument, do you create a hyper-specific dsl that allows you only to define things that will work within the boundaries of what you want, does that mean it can only work in those boundaries or do you introduce more general definitions and the complexity that comes with that.

                Whether or not the solution is another layer of abstraction into a different format or something else entirely i’m not sure, but i am sure that raw yaml isn’t it.

                • Uli@sopuli.xyz
                  link
                  fedilink
                  arrow-up
                  1
                  ·
                  7 months ago

                  Yes, I think yaml’s biggest strength is also its built-in flaw: its flexibility. Yaml as a data structure is built to be so open-ended that it can be no surprise when every component written in Go and using Yaml as a data structure builds their spec in a slightly different way, even when performing the exact same functions.

                  That’s why I yearned for something like CUE and was elated to discover it. CUE provides the control that yaml by its very nature cannot enforce. I can create CUE that defines the yaml structure in general so anything my system builds is valid yaml. And I can create a constraint which builds off of that and defines the structure of a valid kubernetes manifest. Then, when I go to define the CUE that builds up a KubeVela app I can base its constraints on those k8s constraints and add only KubeVela-specific rules.

                  Then I have modules of other components that could be defined as KubeVela Applications on the cluster but I define their constraints agnostically and merge the constraint sets together to create the final yaml in proper KubeVela Application format. And if the component needs to talk to another component, I standardize the syntax of the shared function and then link that function up to whatever tool is currently in use for that purpose.

                  I think it’s a good point that overgeneralization can and does occur and my “one size fits all” approach might not actually fit all. But I’m hoping that if I finish this tool and shop it to a place that thinks it’s overkill, I can just have them tell me which parts they want generalized and define a function to export a subset of my CUE for their needs. And in that scenario, I would flip and become a big proponent of “Just General Enough”. Because then, they can have the streamlined fit-for-purpose system they desire and I can have the satisfaction of not having to do the same work over and over again.

                  But the my fear about going down that road is that it might be less of an export of a subset of code and more of building yet another system that can MAD-style generate my whole CUE system for whatever level of generalization I want. As you say, it just becomes another abstraction layer. Can’t say I’m quite ready to go that far 😅

    • HiddenLayer555@lemmy.ml
      link
      fedilink
      English
      arrow-up
      6
      ·
      edit-2
      7 months ago

      It is in everyone’s interest to gradually adjust to the notion that technology can now perform tasks once thought to require years of specialized education and experience.

      The years of specialized education and experience is not for writing code in and of itself. Anyone with an internet connection can learn to do that in not that long. What takes years to perfect is writing reliable, optimized, secure code, communicating and working efficiently with others, writing code that can be maintained by others long after you leave, knowing the theories behind why code written in a certain way works better than code written in some other way, and knowing the qualitative and quantitative measures to even be able to assess whether one piece of code is “better” than the other. Source: Self-learned programming, started building stuff on my own, and then went through an actual computer science program. You miss so much nuance and underlying theory when you self-learn, which directly translates bad code that’s a nightmare to maintain.

      Finally, the most important thing you can do with the person that has years of specialized education and experience is you can actually have a conversation with them about their code, ask them to explain in detail how it works and the process they used to write it. Then you can ask them followup questions and request further clarification. Trying to get AI to explain itself is a complete shitshow, and while humans do have a propensity to make shit up to cover their own/their coworkers’ asses, AI does that even when it make no sense not to tell the truth because it doesn’t really know what “the truth” is and why other people would want it.

      Will AI eventually catch up? Almost certainly, but we’re nowhere close to that right now. Currently it’s less like an actual professional developer and more like someone who knows just enough to copy paste snippets from Stack Overflow and hack them together into a program that manages to compile.

      I think the biggest takeaway with AI programming is not that it can suddenly do just as well as someone with years of specialized education and experience, but that we’re going to get a lot more shitty software that look professional on the surface, but is a dumpster fire inside.

      • mindbleach@sh.itjust.works
        link
        fedilink
        arrow-up
        3
        ·
        7 months ago

        Self-learned programming, started building stuff on my own, and then went through an actual computer science program.

        Same. Starting with QBASIC, no less, which is an excellent source of terrible practices. At one point I created a code snippet that would perform a division and multiplication to find the remainder, because I’d never heard of modulo. Or functions.

        Right now, this lets people skip the hair-pulling syntax errors, and tell the computer what they think the program should be doing, in plain English. It’s not even “compileable pseudocode.” It’s high-level logic, nearly to the point that logic errors are all that can remain. It desperately needs some non-answer feedback states for if you tell it to “implement MP4 encoding” and expect that to Just Work.

        But it’s teaching people to write the comments first.

        we’re nowhere close to that right now.

        The distance from here to “oh shit” is shorter than we’d prefer. This tech works like a joke. “Chain of thought” apparently means telling the robot to act smarter… and it does. Which is almost less silly than Stable Diffusion removing every part of the marble that doesn’t look like Hatsune Miku. If it’s stupid, but it works… it’s still stupid. But it works.

        Someone’s gonna prompt “Write like Donald Knuth” and the robot’s gonna go, “Oh, you wanted good code? Why didn’t you say so.”

  • Nangijala@feddit.dk
    link
    fedilink
    arrow-up
    38
    arrow-down
    1
    ·
    7 months ago

    This feels like the modern version of those people who gave out the numbers on their credit cards back in the 2000s and would freak out when their bank accounts got drained.

  • Charlxmagne@lemmy.worldBanned from community
    link
    fedilink
    arrow-up
    34
    ·
    7 months ago

    This is what happens when you don’t know what your own code does, you lose the ability to manage it, that is precisely why AI won’t take programmer’s jobs.