#AI hallucinates software packages and devs download them – even if potentially poisoned with malware

https://www.theregister.com/2024/03/28/ai_bots_hallucinate_software_packages/

why

what do you mean ?

ai bots hallucinate packages

Natural monkey asks articial monkey for advice and actually follows it

why does dev downloas them

AI Bots hallucinate in general

The idea here being that someone nefarious could ask models for code advice, make a note of imagined packages AI systems repeatedly recommend, and then implement those dependencies so that other programmers, when using the same models and getting the same suggestions, end up pulling in those libraries, which may be poisoned with malware.
thanks for the advice theregister!

https://tenor.com/bTFH6tz9f4E.gif

literally this

JS devs would rather import an 11-line left-pad library than write it themselves

ofc it will the js dev... why i'm not surprised

if anyone would like to collaborate, im down

lets do some evil shit

😈

i'll end you

ofcourse, i must get my beauty sleep at 12:15:33 AM

Other langs have that bad too; Rust has a similar issue, though nowhere near as severe as JS

no u must focus my brother

OTOH average C dev wanting to reinvent the wheel everytime and introducing bugs that way

they rewrite C -> rust as a living [drama, mess]

all day

true, there's a balance
tho that's why you keep the wheels you re-invent after your code project 😛

js are the worst devs

they don't even know why their code works