Are there really no safe guards to the merging process except for human oversight?
Isnt there some “In Review State” where people who want to see the experimental stuff, can pull this experimental stuff and if enough™ people say “This new shit is okay” it gets merged?
So the Main Project doesnt get poisoned and everyone can still contribute in a way and those who want to Experiment can test the New Stuff.
It is my understanding that pull requests say “Hey, I forked and modified your project. Look at it and consider adopting my changes in your project.” So anyone who wants to look at the “experimental stuff” can just pull that fork. Someone in charge of the main branch decides if and when to merge pull requests.
The problem becomes the volume of requests; they’re kinda getting DDOS’d.
Yup! Replace the word “fork” with “branch” and that basically matches the workflow. Forking implies you are copying the code in its current state and going off to do your own thing, never to return (but maybe grabbing updates from time to time).
One would hope that the users submitting these PRs vetted to LLM’s output before submitting, but instead all of that work is getting shifted onto the maintainers.
Many do have automated checking, testing, rules for the PR maker to follow and such.
The issue is that these submitters are (often) drive-by spammers. They aren’t honest, they don’t care about the project, they just want quick kudos for a GitHub PR on a major project.
Filtering a sea of scammers is a whole different ballgame than guiding earnest, interested contributors.
Most projects don’t have enough people or external interest for that kind of process.
It would be possible to establish some tooling like that, but standard forges don’t provide that. So it’d feel cumbersome.
And in the end you’re back at having contributors, trustworthiness, and quality control. Because testing and reviewing are contributions too. You don’t want just a popularity contest (I want this) nor blindly trust unknown contribute.
Stupid question:
Are there really no safe guards to the merging process except for human oversight?
Isnt there some “In Review State” where people who want to see the experimental stuff, can pull this experimental stuff and if enough™ people say “This new shit is okay” it gets merged?
So the Main Project doesnt get poisoned and everyone can still contribute in a way and those who want to Experiment can test the New Stuff.
It is my understanding that pull requests say “Hey, I forked and modified your project. Look at it and consider adopting my changes in your project.” So anyone who wants to look at the “experimental stuff” can just pull that fork. Someone in charge of the main branch decides if and when to merge pull requests.
The problem becomes the volume of requests; they’re kinda getting DDOS’d.
Yup! Replace the word “fork” with “branch” and that basically matches the workflow. Forking implies you are copying the code in its current state and going off to do your own thing, never to return (but maybe grabbing updates from time to time).
One would hope that the users submitting these PRs vetted to LLM’s output before submitting, but instead all of that work is getting shifted onto the maintainers.
Many do have automated checking, testing, rules for the PR maker to follow and such.
The issue is that these submitters are (often) drive-by spammers. They aren’t honest, they don’t care about the project, they just want quick kudos for a GitHub PR on a major project.
Filtering a sea of scammers is a whole different ballgame than guiding earnest, interested contributors.
Most projects don’t have enough people or external interest for that kind of process.
It would be possible to establish some tooling like that, but standard forges don’t provide that. So it’d feel cumbersome.
And in the end you’re back at having contributors, trustworthiness, and quality control. Because testing and reviewing are contributions too. You don’t want just a popularity contest (I want this) nor blindly trust unknown contribute.
You can always checkout the branch and run it yourself.
It would be nice to bump upthe useful stuff through the community but even then there could be bot accounts that push the crap to the top