On 4/8/26 13:16, Martin Cracauer wrote:
Ra??l Cuza wrote on Wed, Apr 08, 2026 at 03:18:04PM -0400:
The number of people who can patch vulnerabilities will also grow, if projects
can accept their patches.
If you can review them with enough throughput.
I think there is an obvious imbalance between the number of
independents coming up with holes, exploits and patches and people who
are trusted by the project to judge whether those patches are correct,
don't break anything unrelated and are not secretly malicious.
not to mention making sure someone a) understands the intent and real
impact of a given patch and b) how it logically fits into the wider system.
in my experience claude is so overly verbose most engineers eyes glaze
over by the 2nd or 3rd it submits and just blindly accept them.
-p
--
Pete Wright
[email protected]
