zlacker

[parent] [thread] 3 comments
1. anon-3+(OP)[view] [source] 2026-02-09 04:43:40
I am still not going to merge random code from a supposed trusted invdividual. As it is now, everyone is supposedly trusted enough to be able to contribute code. This vouching system will make me want to spend more time, not less, when contributing.
replies(2): >>freaky+Z >>bccdee+Q2
2. freaky+Z[view] [source] 2026-02-09 04:56:04
>>anon-3+(OP)
Trust signals change behavior at scale, even if individuals believe they're immune.

You personally might stay careful, but the whole point of vouching systems is to reduce review effort in aggregate. If they don't change behavior, they add complexity without benefi.. and if they do, that's exactly where supply-chain risk comes from.

3. bccdee+Q2[view] [source] 2026-02-09 05:19:17
>>anon-3+(OP)
I think something people are missing here is, this is a response to the groundswell in vibecoded slop PRs. The point of the vouch system is not to blindly merge code from trusted individuals; it's to completely ignore code from untrusted individuals, permitting you to spend more time reviewing the MRs which remain.
replies(1): >>aragil+Yr
◧◩
4. aragil+Yr[view] [source] [discussion] 2026-02-09 09:34:36
>>bccdee+Q2
Would it not be better to report accounts then?
[go to top]