Were you able to enable extended security updates without logging in?
I've held out for literal years, but that was the thing that finally made me log into an online user account (and start figuring out how to finally cut the last bit of Windows out of my life)
At $DAYJOB, there's an internal version of this, which I think just uses Claude Code (or similar) under the hood on a checked out copy of the PR.
Then it can run `git diff` to get the diff, like you mentioned, but also query surrounding context, build stuff, run random stuff like `bazel query` to identify dependency chains, etc.
They've put a ton of work into tuning it and it shows, the signal-to-noise ratio is excellent. I can't think of a single time it's left a comment on a PR that wasn't a legitimate issue.
I would argue it's more important than ever to make new languages with new ideas as we move towards new programming paradigms. I think the existence of modern LLMs encourages designing a language with all of the following attributes:
- Simple semantics (e.g. easy to understand for developers + LLMs, code is "obviously" correct)
- Very strongly typed, so you can model even very complex domains in a way the compiler can verify
- Really good error messages, to make agent loops more productive
- [Maybe] Easily integrates with existing languages, or at least makes it easy to port from existing languages
We may get to a point where humans don't need to look at the code at all, but we aren't there yet, so making the code easy to vet is important. Plus, there's also a few bajillion lines of legacy code that we need to deal with, wouldn't it be cool if you could port (or at least extend it) it into some standardized, performant, LLM-friendly language for future development?
I think that LLMs will be complemented best with a declarative language, as inserting new conditions/effects in them can be done without modifying much (if any!) of the existing code. Especially if the declarative language is a logic and/or constraint-based language.
We're still in early days with LLMs! I don't think we're anywhere near the global optimum yet.
Also, I took a quick look and I don't understand how your tool could possibly produce "even smaller images". The article is using multi-stage builds to produce a final Docker image that is quite literally just the target binary in question (based on the scratch image), whereas your tool appears be a whole Linux distribution.
I hesitate to lump this into the "every new technology" bucket. There are few things that exist today that, similar to what GP said, would have been literal voodoo black magic a few years ago. LLMs are pretty singular in a lot of ways, and you can do powerful things with them that were quite literally impossible a few short years ago. One is free to discount that, but it seems more useful to understand them and their strengths, and use them where appropriate.
Even tools like Claude Code have only been fully released for six months, and they've already had a pretty dramatic impact on how many developers work.
In defense of OpenAI in this particular situation, GPT 5 can be incredibly jargon-y at times, making it much worse of a learning tool than other LLMs. Here's some response snippets from me asking a question about dual-stack networking:
> Get an IPv6 allocation from your RIR and IPv6 transit/peering. Run IPv6 BGP with upstreams and in your core (OSPFv3/IS-IS + iBGP).
> Enable IPv6 on your access/BNG/BRAS/CMTS and aggregation. Support PPPoE or IPoE for IPv6 just like IPv4.
> Security and ops: permit ICMPv6, implement BCP38/uRPF, RA/DHCPv6 Guard on access ports, filter IPv6 bogons, update monitoring/flow logs for IPv6.
Speaking like a networking pro makes sense if you're talking to another pro, but it wasn't offering any explanations with this stuff, just diving deep right away. Other LLMs conveyed the same info in a more digestible way.
Probably not as much as people who heavily lean on their tribes lingo want to believe, but yes. I think we would prefer an AI that is fantastic as understanding what we know. If it's not, it costs time either way — which is not great, either way.
I always wonder how useful such explanations could be. If you don’t know (or can’t guess) what ICMPv6 is (and how much would knowing it stands for “Internet Control Message Protocol version 6” help?), perhaps you asked the wrong question or, yes, you’re dangerously out of your depth and shouldn’t be trying to implement a networking stack without doing some more research.
I've held out for literal years, but that was the thing that finally made me log into an online user account (and start figuring out how to finally cut the last bit of Windows out of my life)
reply