The problem is as usual, users. AI for maintenance (updating & testing deps, re-writing parts to run with next major version of lib) is pretty low error % and just need some supervision and can make it more effective, in hands of people already familiar with project
But the flipside is of course users that are clueless won't now be stopped by "can't make a PR", they will throw prompt at AI and send it when the AI decides it's good enough
It took that long because nothing it does now was ever a requirement. It was created as serial/parallel port replacement (fun fact - max speed parallel port is faster than USB 1.1, at ~2.5MB/s).
If we designed it now it would be up to 48V from the get go, USB-PD only (there is zero reason for static modes aside from fallback 5V for simple gadgets) and be just a PCIe transport . USB to HDMI could just be a single chip that does PCIe framebuffer device.
I work with someone who did a lot of work with this to improve our ability to generate awesome visualizations with little thinking. It's a very powerful language but needs guardrails and guidance, particularly if you want end users to be able to produce consistent and standardized visualizations without knowing anything about it.
> If you asked me to build a house, I could probably assemble something that would stand for a few months. Hopefully. It might even keep the rain out. But it might also fall on my head, because I do not know enough about building houses to be confident that it won’t.
Oh no. You'd go and research that, look at existing stuff, read about it, look at tutorials and while still making a ton of mistakes at least try to follow best practices.
People don't do that when they use AI to do task unfamiliar with them. They look at it working and just okay it the moment it "looks okay". They don't even ask the AI followup questions, just accept whatever
OpenSSH thankfully cares little for corporate security theathre
But I can sympathise, our stuff got flagged in audit because we foolishly assumed that some requirement was checked by just having OpenSSH "new enough",but it turned out that RedHat for that RHEL version patched back some old considered insecure primitives to keep their customers happy...
It would be nice to have defaults that are following regulations because it sucks to have and maintain explicit list.
If it would be a simple toggle - secureciphersonly=yes sure, but listing them is just creating tech debt.
But the flipside is of course users that are clueless won't now be stopped by "can't make a PR", they will throw prompt at AI and send it when the AI decides it's good enough
reply