This is the last thing that seems like a good idea for a highly attacked, highly security relevant code base like TOR.
I’m not a contributor so I’m not in a position to tell you what to do. I can merely express my concerns. I would also like to note that an LLM code ban, while not 100% enforceable, can greatly reduce contributors daring to do so and therefore greatly reduce the hidden bugs inserted by LLMs. There are also many high-profile projects, e.g. SDL and Qemu (both I think C/C++) with LLM code bans.
Bottom line: “… the best defence is to remember what AI actually is: a tool that confidently gives you one answer, whether it’s right or wrong. Just because it looks like a giant tech company is speaking to you instead of some random website doesn’t mean you should have faith.”
I believe this will occur more and more as we go on whether we like it or not. The rush to get product to market will drive it (in general , not talking about Tor). The AI code will be good enough much of the time that we get to “trust” it.
Since my linux is not up to snuff, I had AI translate a 10 or 12 line batch file to linux. Tested it and it worked. Never really investigated the man page for the command(s) it used so I learnt nothing. Eventually I will look at it.
Edited 1 day later
There was the bash if command which I did not fully understand with its different parameters and the read command to get arguments from the command line. So I read the man pages. Now I know.
Not my experience with LLM models. A few months ago I had a task involving processing a batch of files in a folder with a certain program, I was lazy so I had GPT4 generated me a bash script with for loop, it was complex, supports all kinds of customization, and doesn’t work. It took me 10 minutes to figure out how to write bash for loops and completed the task.
That’s the last time I touched a LLM.
I think the difference may be that I gave it the Windows code I wanted linuxised. Later I noticed it added something. In and IF clause I check for and read the first argument passed and perform an action ignoring anything else passed. But it checks that a second argument is NOT passed before completing the action. Did it dummy proof?
In mine I can type: command arg and more garbage passed and get the result; In its conversion it barfs the message when no argument is passed. Which is dummy proof?
I could remove that part and maybe save one billionth of one tenth of one second in a script I may use once a week.
I’m sure if I had to “talk” to it and describe what I wanted that I would have gotten a result similar to your experience.