On Mon, 2026-05-04 at 10:54 +0200, Siteshwar Vashisht wrote: > An AI analysis (Sonnet 4.6) of the mass scan is now available[1]. If > a > package is not listed in the AI analysis report, it did not find any > issues that may require immediate attention from upstream or package > maintainers. > > [1] > https://svashisht.fedorapeople.org/openscanhub/mass-scans/ai-analysis-f45-28-Apr-2026
This is really impressive, thanks. What inputs from the tools is the AI receiving? With my "GCC analyzer maintainer" hat on, I'm wondering: (a) if GCC could provide additional information that might be of use to the AI (b) if the AI could provide information to the GCC analyzer (e.g. parts of the code to focus attention on), or perhaps synthesize additional checks to be seen on particular API entrypoints (e.g. "can fail, need to check for null", "data is attacker-controlled and needs sanitizing", etc). Re (a), if this is all just text-based, then maybe better human- readable output leads to better AI-readable output? Dave -- _______________________________________________ devel mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/[email protected] Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new
