If you read the PR, the bad issues are in a few extensions, not the bot itself. The unencrypted oAuth token isn't really a big deal. It should be fixed but its a "if this box is compromised" type thing. Given the nature of clawdbot, you are probably throwing it on a random computer/vps you don't really care about (I hope) without access to anything critical.

You're talking about if a box is compromised, but to clarify, this is hard coded into the source in the repo, not an end-user's credentials (and it's a `client_id` and `client_secret`, not a token): https://github.com/clawdbot/clawdbot/blob/7187c3d06765c9d3a7...

You know, as the rest of us do, that someone has already thrown it loose in the same place where they store their banking information. Oh well, lessons will be learned about containers.

they're 100% advocating to use it to do things, such as with all your accounts

Same with food. Plenty of food, just not where its needed.

well for food, its that "where its needed" is somewhere really specific: Plenty of food, just not paid for.

I find gpt-oss 20b very benchmaxxed and as soon as a solution isn't clear it will hallucinate.

Every time I've tried to actually use gpt-oss 20b it's just gotten stuck in weird feedback loops reminiscent of the time when HAL got shut down back in the year 2001. And these are very simple tests e.g. I try and get it to check today's date from the time tool to get more recent search results from the arxiv tool.

Not really an apples to apples comparison. You are comparing it to core technologies that millions of things sit on. There will always be money for that.

Its almost never correct to rip on a project from a distance. Only two things can happen, one, you are wrong, and the project succeeds. This is a personal catastrophe for your career at that company. Two, you are correct and the project fails. Its rare this will get you enough credibility to make the risk worth it. There are always others that will show up and dogpile as if they "knew" the entire time themselves. You need to be consistently correct about failure to get truly noticed, but then it asks a lot of questions. Why are you still working there? Why don't you have enough influence to prevent it in the first place? "I told you so" rarely accomplishes anything good.

This is cool, but once a week seems a little slow

there's a PR for that! :p

https://github.com/skridlevsky/openchaos/pull/51

The frequency should be adjusted based on the number of participants

Request merging the change you wish to see!

It could merge any PR that reaches a set number of upvotes

is it forkable to have even more chaos?

yes, AI isn't penetrating those fields with high job losses at all

AI isn’t penetrating but all the money needed to invest in the economy has moved over. Maybe that’s also part of the problem

Cool project, but I never found the cloudflare DX desirable compared to self hosted alternatives. A plain old node server in a docker container was much easier to manage, use and is scalable. Cloudflare's system was just a hoop that you needed to jump through to get to the other nice to haves in their cloud.

Would it be useful for testing apps that you're going to deploy on Cloudflare anyway?

this, provided you don't mind hopping around a lot, 5 20 dollar a month accounts will get you way more tokens typically, also good free models will show up from time to time on openrouter

Do they consider code readability, formatting and variable naming as "errors" for the overall count. That seems dubious given where we are headed.

No one cares what a compiler or js minifier names its variables in its output.

Yes, if you don't believe we will get there ever, then this is totally valid complaint. You are also wrong about the future.

The "future" is a really long time.

I'll take the other side of your bet for the next 10 years but I won't take it for the next 30 years.

In that spirit, I want my fusion reactor and my flying car.

If your outlook is 10 years then for sure, its valid. I am not sure how you come to that conclusion logically though. At the beginning of the year we had 0 code agents. Now we have dozens, some are basically free, (of various degrees of quality, sure).

The last 2-3 months of releases have been an unprecedented whirlwind. Code writing will be solved by the end of 2026. Architecture, maybe not, but formatting issues isn't architecture.

Code writing was solved in 1997 when Dreamweaver was released.

Nope, it was solved with Visual Basic in 1991. And with Nextstep in 1989. And with...

I really dislike people comparing GenAI with compilers. Compilers largely do mechanic transformations, they do almost 0 logic changes (and if they do, they're bugs).

We are in an industry that's great at throwing (developing) and really bad at catching (QA) and we've just invented the machine gun. For some reason people expect the machine gun to be great at catching, or worse, they expect to just throw things continuously and have things working as before.

There is a lot of software for which bugs (especially data handling bugs) don't meaningfully affect its users. BUT there isn't a lot of software we use daily and rely on for which that's the case.

I know that GenAI can help with QA, but I don't really see a world where using GenAI for both coding and QA gets us to where we want to go, unless as some people say, we start using formal verification (or other very rigorous and hopefully automatable advanced verification), at which point we'll have invented a new category of programmers (and we will need to train all of them since the vast majority of current developers don't know about or use formal verification).

It's similar with every technology, there's a reason we have sigmoids.

In 1960 they were planning nuclear powered cars and nuclear mortars.