Does vibe coding risk destroying the Open Source ecosystem? According to a pre-print paper by a number of high-profile researchers, this might indeed be the case based on observed patterns and some…
Eh. I never considered myself some hard-core old professional, but:
The LLM will not interact with the developers of a library or tool, nor submit usable bug reports, or be aware of any potential issues no matter how well-documented
If an LLM introduces a dependency, I will sure as hell go see it myself. Enough people do not do that for this to become a problem?
there’s at least one guy i know of on github whose claim to fame is he finds code in existing node codebases by big corpos that’s duplicated, breaks it out into a library, then PRs the original codebase with “instead of doing <this part> manually, switch to depending on this library”, then adds to his profile “my code is used by <big corpo>”. he had thousands of libraries like that last i checked, most of them less than ten lines of code. the manifest and other boilerplate is way larger than the actual code.
Your node_modules directory can get so bloated that the community came up with different package managers just for deduplication! pnpm, for example, makes one global-adjacent cache, and then just symlinks the dependencies as needed. This is because the regular npm doesn’t, because what if the package changed between the 20ms since I downloaded it for nuxt? (Sorry Nuxt users, had to pick a name)
Eh. I never considered myself some hard-core old professional, but:
If an LLM introduces a dependency, I will sure as hell go see it myself. Enough people do not do that for this to become a problem?
ever heard of node.js?
Heard, not used though. Jokes about isEven™ too, but I never thought it goes like this in anything intended for external use
there’s at least one guy i know of on github whose claim to fame is he finds code in existing node codebases by big corpos that’s duplicated, breaks it out into a library, then PRs the original codebase with “instead of doing <this part> manually, switch to depending on this library”, then adds to his profile “my code is used by <big corpo>”. he had thousands of libraries like that last i checked, most of them less than ten lines of code. the manifest and other boilerplate is way larger than the actual code.
Your
node_modulesdirectory can get so bloated that the community came up with different package managers just for deduplication!pnpm, for example, makes one global-adjacent cache, and then just symlinks the dependencies as needed. This is because the regularnpmdoesn’t, because what if the package changed between the 20ms since I downloaded it fornuxt? (Sorry Nuxt users, had to pick a name)