Hello, > rsync has started to allow LLM-generated code in. This has already > resulted in user reports that saw subtle changed behaviour.
rsync has been in dire need of funding and contributors for at least the last couple of years. The biggest regressions started in January 2025 with the CVE fixes preceding AI contributions, the biggest regression concerning symlinks is still pending 1+ year later. Reverting rsync to the pre-LLM version means reintroducing fixed CVEs (a different wave than the ones from January 25), but ultimately it won't solve the lack of funding and contributors. We cannot reintroduce the CVEs unless we are certain the regressions are worse than the CVEs, I'm not there yet. I've started packaging gokr-rsync last year when I noticed alternatives would be needed, but a lack of time blocked me from proceeding. puida@ helped me package the reverse-dependencies and now very little should be pending before the package is ready for upload. However, out of all rsync alternatives, the maximum supported protocol version is v27. https://salsa.debian.org/go-team/packages/gokr-rsync Regards, -- Samuel Henrique <samueloph>
