Flathub now explicitly disallows LLM usage for both submission process and applications being submitted.
Posted by Sjoerd93@reddit | linux | View on Reddit | 234 comments
AiwendilH@reddit
Do I missunderstand this or does this mean any application woritten with the help of LLM agents can't be submitted to flathub anymore? That's....a lot of applications. Also what about updates...can vscode still be updated to newer versions?
https://github.com/flathub-infra/documentation/commit/992f57b30de98ddbd5e80959e9672998c83c8c97
I mean..I totally get it and are in principle in support but this sounds a bit like a total overreaction.
HugoNikanor@reddit
Where is the limit of "AI-assisted"? Is it ok that I use ChatGPT as a search engine for function names?
AiwendilH@reddit
From my reading that is a no:
This is really very restrictive. Got LLM generated function names? No flathub. Got an generated icon, no flathub...LLM assisted Spanish translation of the manual...no flathub.
I really think this needs more clarifying...like this it's absolutely ridicules.
Erik_Kalkoken@reddit
While the wording is indeed very restrictive my guess is they don’t care about projects with a few generated code snippets or generated icons. The purpose is to deny the fully vibe-coded slop projects.
AutistcCuttlefish@reddit
If that was the purpose then they should say that.
As it is, the Linux Kernel itself would be forbidden from being hosted on flathub if it weren't already established.
Lacking the manpower isn't an excuse.
mxzf@reddit
If they say that then you end up with a lot more wasted time on arguments about why someone thinks their stuff isn't as bad as it is.
Much easier to just have a strong blanket policy to dissuade slop in general and turn a blind eye to non-problematic things that violate the policy.
mallardtheduck@reddit
Arbitrary enforcement of the rules is never a good thing. It will be abused. Saying it's "easier" to write a half-assed policy is no excuse.
AutistcCuttlefish@reddit
Easier isn't an excuse either. You know what's even easier than any of this? Charging apps to be hosted on flathub instead of having moderation policies at all.
That would kill the majority of slop overnight and give the project needed funds to expand it's manpower.
Sjoerd93@reddit (OP)
From the literal new policy. A week-old repository that someone shat-out through a Claude subscription? Yeah, we need a way to stop the avalanche of plain slop that's currently going on.
mallardtheduck@reddit
How many years of development do you need to qualify as "mature"? Sounds like a ban on new projects really...
AiwendilH@reddit
As I said...I totally get wanting to disallow slop projects. But disallowing a new project to use LLM assisted translations or icons until they are mature enough and proved they are well-maintained is not the way to go in my view.
If you want to disallow complete slop projects do that in the policies...not set a ultra wide policy disallowing pretty much every LLM use then make base-by-base exceptions nobody can rely on.
Lower-Limit3695@reddit
Flathub does not have the monetary capacity to handle the amount of labor needed to perform the proper screening. They're largely a group of volunteers spending their free time working on it.
Properly screening and managing every LLM generated/assisted project would be a massive undertaking for such an organization.
ormandj@reddit
Where are they going to find the labor to screen for any possible AI use in a project? This is a terrible policy.
mxzf@reddit
Seems more like a sign to point at when they come across stuff that's problematic and whack it, rather than something to be actively individually enforced.
AiwendilH@reddit
One more reason to have clear policies that forbid exactly what they not want..instead of a wide policy and needing man-power to evaluate the exceptions.
Lack or man-power is true for almost every open source project...but I don't see how this policy makes it better...
Nobody expects flathub to scan the projects for LLM use. But having the expectancy that a new project that was completely coded by hand but that had a contributor for the Spanish manual who used LLM assistance can be hosted on flathub and does not depend on the whim of some "flathub-evaluater" is somewhat reasonable in my view.
OptimalMain@reddit
It’s pretty clear to me that their are not talking about translations.
I have seen people announce “whatever” project that was created a week ago with 50k lines of code.
Thats the shit they don’t want.
A huge code base whomever had it made haven’t even looked at all the files contained within it.
AiwendilH@reddit
They changed this policy:
to this:
Documentation is even explicitly called out here. How is it clear that this policy does not apply to translations? From the replies here I read that it's indeed intended to only remove complete slop projects...but if someone read this policy on their website without the discussion here it's not clear at all.
Lower-Limit3695@reddit
With what volunteer resources?
Enforcing precise rules require labor and resources. Magically banning something doesn't magically mean people follow the rules. You have to spend resources to enforce rules and the more complex they are, the more resources needed to enforce them.
Kayra2@reddit
that is so vague it may as well have said "Exceptions may be granted for projects we like"
mxzf@reddit
Realistically it means that they are just trying to get rid of the blatant slop while also taking a strong enough stance to dissuade people from submitting slop. They just don't want to have a whole argument with people every time they spot slop and zap it (because people making crap with AI love to feed your criticism into their chatbot and try and "fix" the issues and argue back instead of recognizing the criticism for what it is).
edward_jazzhands@reddit
The way you are purposefully ignoring every single critique about how this is extremely vague and arbitrary does not instill me with any confidence. As many other people have pointed out, this looks like the policy in effect is just "your app gets in if we like you". There is no set criteria. Your criteria is literally just vibes. Which is kind of ironic.
Sjoerd93@reddit (OP)
If it's of any relief for you, I am not affiliated with Flathub in any way (apart from that I have published software on there). For what it's worth, I do agree that these criteria need clarification for sure. Even though I think it's directionally the correct approach at this moment in time.
ztwizzle@reddit
I think the previous policy of "Submissions or changes where most of the code is written by or using AI without any meaningful human input, review, justification or moderation of the code are not allowed." already covers this without being as vague or combative as the new policy.
SquareWheel@reddit
Flathub just sank their own battleship.
Sjoerd93@reddit (OP)
You and I know very well that this is not a problem. There's just a need for a policy to reject clear LLM-coded slop. Just look through the app submissions now and ask yourself if this is sustainable?
Like 70% of the submitted apps are applications that are being shat out by someone playing around with some LLM "agent" for a few hours. And then they expect people to spend their unpaid free time on reviewing this, and get annoyed when the maintainers don't want it on the store.
There's a need from the maintainer side to be able to block slop-projects. A serious well-maintained project where someone has used an LLM to assist their code will not be blocked through this process. That's not just me speculating, that's literally in the policy: "Exceptions may be granted for mature, well-maintained projects."
mallardtheduck@reddit
Then why is the phrase there? This sounds very much like an excuse to arbitrarily ban whatever they want. If they want to ban AI-generated code, then just say that. "AI-assisted" is so broad as to be basically impossible to disprove. Just using Google to find documentation could count.
Barafu@reddit
I live in a country that writes insane laws and everyone expects police not to follow them, unless they want to. We even have up to 5 years of jail for distributing Linux. Nobody was ever arrested, but the law is there.
I do not think that insane written policies are "not a problem" as long as they can be ignored at a whim of a dude over there.
NotQuiteLoona@reddit
Wait, what? Russia has now laws against distributing Linux???
Barafu@reddit
For 2+ years it is forbidden to participate in any foreign non-profit organisation. Spreading the product of such, and awareness about them, definitely counts as participating.
NotQuiteLoona@reddit
Oh, thos3 foreign agent laws are that extensive, I didn't even know... It's just dumb. I wish you luck. Hope your country would get better soon after all it lived through.
npc_housecat@reddit
The wording seems overly vauge though. What about programs that are not slop but extremely well written, but used AI somewhere in the pipeline.? Or scanned the code for vulnerabilities with an AI tool as well as human review. Generated a texture or bump map instead of downloading one from an online library ??
Sjoerd93@reddit (OP)
Literally from the diff that's linked here.
edward_jazzhands@reddit
"mature" seems like a very loaded term here though, that sounds like it can arbitrarily mean whatever they want it to mean moment to moment.
npc_housecat@reddit
So they could just simplify the whole thing to, 'no badly written low effort projects' I promise you I can write worse code than even the worst AI code.
PseudorandomNoise404@reddit
It’s kind of hilarious how history is being rewritten and now everyone acts like human-written code was always efficient and performant.
dnu-pdjdjdidndjs@reddit
You don't need to, just look at the source code for gtk or xdg desktop portal and you're set.
ElementII5@reddit
But that is not that policy. This rejects anything LLM-coded slop or not.
uzlonewolf@reddit
If it's LLM-coded, it's slop. It really is that simple.
REMERALDX@reddit
Why are you using Linux then
uzlonewolf@reddit
Because it's less sloppy than Microslop?
SquareWheel@reddit
That's the kind of statement that is easy to declare, but falls apart under even the lightest of scrutiny.
uzlonewolf@reddit
Only if you're an AI bro who's mad at having your slop called out.
ztwizzle@reddit
There's tons of major open source projects that explicitly allow AI-assisted contributions. Some examples off the top of my head are the Linux kernel, systemd, firefox, vim, git, and curl. Unless you haven't updated your computer in the past year, you most likely run something AI-written every day.
uzlonewolf@reddit
AI-assisted != LLM-coded.
uzlonewolf@reddit
Only if you're an AI bro who gets mad at people calling out your slop.
wRAR_@reddit
Like the kernel
uzlonewolf@reddit
And rsync https://mastodon.social/@Ferdi_Scholten/116656414698174544
-Crash_Override-@reddit
Quickest way to out yourself as someone who has never done any meaningful development.
uzlonewolf@reddit
And that's the quickest way to out yourself as an AI bro.
-Crash_Override-@reddit
Sick one dudeeee
brahm1nMan@reddit
Use a real search engine since you're searching for one of the things they find most easily?
Oflameo@reddit
Which ones are real? Google isn't a real search engine, it is an ad server with limited search functionality. Do you mean something like Elasticsearch or MariaDB?
HugoNikanor@reddit
When my search term is more of a vibe of what I want a function to do, AI does a much better job of finding it for me. Once the AI gives me a function name I look it up in the official documentation.
AutistcCuttlefish@reddit
Those won't exist for much longer. Google is replacing it with Gemini and the rest of the search industry will follow most likely.
jferments@reddit
Of course it's OK. Just don't tell these losers you used it, and they'll never know.
Sjoerd93@reddit (OP)
At the end of the post:
"As always, we are not applying this retroactively, so any vibecoded apps which were already published will remain available."
aPlexusWoe@reddit
That's actually unfortunate to hear because ClamUI is gaining traction and the whole thing seems to be coded by AI. They just wanted a front-end for ClamAV, but not even the dev seems to know what they're doing from their comments under the Issues section. Their Github account was pretty new too. Of all the apps that should be removed, this one tops them all.
Oflameo@reddit
That is ridiculous. If they have a standard, they need to enforce it consistently or be deprecated.
Extras@reddit
Lmao what a policy.
Well it nothing else this will push them further into irrelevancy.
Jacksaur@reddit
Being the defacto default for Immutable distros is irrelevancy?
Lightprod@reddit
Flatpak are the default.
Flathub is merly an repo/store having an monopoly on the format.
PmMeUrTinyAsianTits@reddit
So its a monopoly but also irrelevant?
ob_knoxious@reddit
It's a monopoly of a tiny fraction of Linux users because nearly everyone is still using apt, zypper, rpm and the like for user installed packages.
I disagree saying they are completely irrelevant but they offer a service that is easily replaceable and giving broad, unenforceable policy with inconsistent application will make everyone mad no matter what side of vibecoding you are on.
PmMeUrTinyAsianTits@reddit
So easily replaced that no one else is even trying to fill the niche really.. oookay. I dont think you have a realistic understanding of how these types of projects exist. You act like they will themselves into being simply because its technically possible, and that aint how it goes. You need a much better understanding of the limits and why they exist.
ob_knoxious@reddit
In the short term Fedora Flatpaks will probably see a lot of traction for those that aren't large enough to host their own distribution networks.
BrageFuglseth@reddit
Flathub or VSCode?
Effective_Scheme2158@reddit
The one who wrote this joke of a policy is Flathub
TheG0AT0fAllTime@reddit
To get this offended over such a blatantly abused new technology shows which side you're on slopper.
-Crash_Override-@reddit
I mean, they're right though. While there are plenty of 'sloppers' using AI, the best developers you know are as well. A knee jerk policy like this may funnel down the 'slop', but it will also turn away many of the people who make meaningful contributions and will have a significant impact.
Its a rock and a hard place, sure, but this policy feels horribly regressive.
Nyctfall@reddit
Get the Clanka!
QuickSilver010@reddit
Anything that can push people to nix instead of flatpak is a win.
AiwendilH@reddit
That's why I ask...what about uploading new versions of vscode to provide users with new versions? The already uploaded ones are okay according to the mastodon post...but I am not clear i that also means LLM assisted projects can still do updates.
Professional-Disk-93@reddit
Wouldn't worry about that. They are going full regulatory capture and will allow large corporations to use AI while locking out new projects:
ImNotABotScoutsHonor@reddit
I don't think you know what regulatory capture means.
SanityInAnarchy@reddit
I guess I can see rejecting wholly-vibecoded spam from flooding flathub overall...
...but flatpak seems like otherwise a decent tool for containing poorly-written applications. The more things like vscode end up being built by LLMs, the less I want to trust them outside of a sandbox. I sure as hell want the agents themselves sandboxed way more often than they are.
And I hate that reword. They took out language that allowed code that uses AI, so long as it has "meaningful human review". Maybe that's too vague to be useful, but I've seen a huge difference between people who put effort in (to the point where you can't tell where they've had AI assistance), and people who just vibe it out without having a clue what they're doing.
At this point, I think the result of outright bans and shaming is gonna be that people just hide it. I don't think that's a good strategy, even if you are fully anti-AI.
CORUSC4TE@reddit
If you cant tell its ai, how should they? Like using it to generate code you know, reviewed, tested and trust is basically the same as writing it yourself.. The issue arises when you are blindly utilizing it.
edward_jazzhands@reddit
For real, if they think getting one snippet of code from an AI which you extensively reviewed and thoroughly understand means you didn't write your program then by that definition, almost nobody in history has ever written a program before.
OptimalMain@reddit
Most things I have installed using flatpak had more permissions than they needed to work.
It’s far from what I would consider sandboxed
Isofruit@reddit
If AI apps desire to be installable, somebody can always take it upon themselves to host their own instance of flathub and do the corresponding code review etc. themselves. Or just let the flood come in and accept the reputation that will come with that.
RepulsiveRaisin7@reddit
Have they talked to devs recently? A blanket ban is just silly
NeuroXc@reddit
So, no software that's been maintained in the past year is allowed. Including Linux, since they chose to allow AI-assisted code as long as it is attributed as such.
Karol-A@reddit
Yeah, how do you even track it on FOSS? When you have hundreds of contributors every release how can you make sure they didn't use AI?
jferments@reddit
You track it just like all the anti-AI zealots on social media do: you just say it "feels" like AI.
piesou@reddit
You don't have hundreds of contributors. You have 2-3 active ones if you are lucky and maybe a couple who only submit bugfixes which in general are not subject to copyright.
ChronicallySilly@reddit
Wow thats bad
PigSlam@reddit
I wonder which AI they’ll use to sort through the entries to determine exceptions.
mguerrette@reddit
This is very dumb
MrScotchyScotch@reddit
Well that sucks. Does anyone have an alternative flatpak host for new apps?
kismetric@reddit
Am I the only one who thinks the previous wording accomplishes the stated goal better than the new policy plus the exception for mature, well-maintained projects? Maybe the burden of reviewing was becoming just too much.
The previous wording:
“submissions or changes most of the code is written by or using AI without any meaningful human input, review, justification or moderation of the code are not allowed.
Submissions or changes having low-quality AI-generated or AI-assisted code are not allowed.”
QuixoticNapoleon@reddit
Not only would this be extraordinarily hard to enforce, it would ban lots of software.
I understand that vibe coded slop sucks and flathub might be flooded with projects that were built in a day and won't be maintained after a week, but wouldn't this affect software such as Neovim which allows LLM assistance?
QuixoticNapoleon@reddit
Upon further reading, it appears that mature projects are exempted. Still, I think that this policy is too strict.
Valkertok@reddit
You won't be able to even have a code where AI only wrote comments according to the rules. This is a horrible knee jerk reaction.
mxzf@reddit
In my experience, using AI to write comments is a waste. It loves to comment stuff that's basically just paraphrasing the code (the most useless comments possible).
PseudorandomNoise404@reddit
That just makes this worse. Legacy slop gets to be grandfathered in? What’s the point of this policy then? Either ban AI or don’t.
jferments@reddit
They can only pretend to ban AI for social media popularity points. If they actually banned AI, they would hardly have any software since the large majority of developers are using it.
TuxTool@reddit
Uh, there are plenty of devs working on apps that do NOT use LLM.
There was he development before and there will be developers moving on with their lives once the AI bubble pops.
ob_knoxious@reddit
I don't like the current state of generative AI but this take is wildly uninformed. Removing all programs that use any AI generated code would be a defacto ban because so many core dependencies would be banned. I'm pretty sure npm uses some ai generated code now, are you going to ban anything that depends on npm? Can I only host something on flathub if I can verify every single upstream dependency is all human written code?
edward_jazzhands@reddit
"plenty" is far too strong a term. Dozens, perhaps.
sketched8@reddit
This is just straight bullshit. there is absolutely no problem in banning vibecoded slop but banning programs using AI assistance is just outright stupid.
PixelmancerGames@reddit
It's not enforceable either way. Not properly. How in the world could they possible know if it was LLM assisted?
Isofruit@reddit
LLM Agent related markdown files in the repository. Since they went for a blanket ban, they can pretty much scan for such a markdown file and decline instantly if they see any of the typical ones.
PixelmancerGames@reddit
I'm sure it'll catch some people. But I use LLM to assist in my coding. And I NEVER copy amd paste LLM code. I believe it should be typed out. Even when I grabbed code from various Google sources. I always typed my code out. If only to help retain it more. I'm sure there are others who take a similar approach.
mxzf@reddit
Sure. And people like you aren't the problem and aren't gonna get dinged over it.
It's the other 90% of people vibecoding that the policy is intended to hit. And those people tend to be much worse at hiding their usage. An aggressive policy both dissuades people from posting stuff that would need to be checked in the first place and also gives them a lot of wiggle room for applying the enforcement as-needed.
decho@reddit
They absolutely can't, unless the developer makes it very obvious, but even that leaves rooms for false-positives. For example, the dev asks an LLM to write some part of the application for them as proof of concept. LLM does it's job, dev reads the code then re-implements it by hand, but forgets to remove traces of previous code (instruction files, comments, etc), and that ends up in the repository. The opposite is also possible, someone vibe-codes an entire app, than makes sure to hide and remove all hints about it to make it seem genuine.
And the language used here is extremely broad - "AI generated or AI assisted", that could mean so many different things in various degrees. AI could auto-complete a variable name for you, or you could ask it questions about your code, that's completely harmless but technically it is AI assisted and almost every one does it.
Dramatic_Mastodon_93@reddit
Ok cry
fellipec@reddit
Other day there was a post of someone "New to Linux" that was "fed up" of how "WinRAR" looks dated and made a better one.
Even the post here on Reddit have all the tell tales of being AI written.
You go to the repo, the oldest file is few hours old, there is only one release, 1.0 and already packed in .deb. The project written in C.
I never gatekeep people trying to learn programming but come on, I'm glad if this kind of thing stay out of official repos.
Especially because can be dangerous. Someone that says to be new to Linux and distributing software packed as a .deb written in C? Either the new to Linux is a lie or the ability to write code is a lie and that could have pretty bad security implications.
Want to vibe code an app? Be my guest. Do it. Publish the code. But unless it gets a good level of maturity, IMHO should stay away from places like Flathub.
FryBoyter@reddit
In my opinion, that alone isn't proof that a chatbot was used at all.
When I develop something, for example, I start by working on it locally. Only once I feel the code is good enough for the general public do I upload it to Codeberg or GitHub. Often, the upload is done without the previous change history. For example, because there was too much “trial and error” involved.
fellipec@reddit
I agree.
And none of what I said alone is proof of anything. The guy could be bad at writing and from another language and asked AI todo write the readme for him.
But when you start to join all those things, although you can't prove a thing, it starts to look like a duck, walk like a duck and quack like a duck.
FryBoyter@reddit
Even so, it doesn't necessarily have to be a duck.
My point is that right now, simply too many users are accusing people without actually having any proof.
For example, I was recently accused twice of posting vibe slop.
One time it was a script. The reason I was given was that the code quality was not good enough. But that’s just because I’m just a bad coder.
Another time, the README.md file was too good. That was simply because another person and I spent two days working on its content. Of course, not the full two days. But within those two days, we both made several changes.
The problem I see is that code written by humans can be terrible. Just as code generated by chatbots can be good. And vice versa.
That’s why I think it’s generally wrong to ban one and allow the other. We should always evaluate each case on its own, regardless of how the code was created.
fellipec@reddit
I'm with you. Ideally those "official" repos should be curated.
But I can't ask anything from volunteers.
Also don't want to discourage people from learning to code, even with AI help.
While the new rule is not 100% I think is better than no rule.
edward_jazzhands@reddit
I'm just gonna ride off this comment to repeat something that I am absolutely amazed most people still don't seem to understand.
If you want to tell whether someone is a vibe coder then look at their git commit history. Vibe coders all started programming when Claude Code came out. If they have absolutely no git commits at all before roughly mid 2025 and then all of a sudden there's a thousand in the following months, odds are high they're a vibe coder.
Obviously it's not proof by itself but it's one of the stronger pieces of evidence available. Especially if it looks like they somehow went from never coding before to suddenly knowing Go, Rust, and C in a very short amount of time.
FukuchiChiisaia21@reddit
"I hoped we will see a larger number of apps where authors made some effort beyond prompting an agent"
Let's assume this is about fully vibe-coded app.
Seen some apps fully vibecoded and does not even working.
Barafu@reddit
I've also seen some apps fully vibecoded and perfectly doing their job, which no other apps do.
Maybe reject bad apps, instead of rejecting them on the basis of where they are from?
Thatoneguy_The_First@reddit
Its less they work and more of upkeep which is notoriously bad among vibe coded apps. Like i think the longest I have seen is a month tops
Barafu@reddit
Do they all have open issues that need fixing? Because in Rust ecosystem I've seen many apps and libs that are done. They do one thing, do it well - why change anything?
mxzf@reddit
Yeah, vibecoded stuff always has odd bugs and edge-cases that cause issues, it's just the nature of the beast.
Thatoneguy_The_First@reddit
Because even they need to be updated from time to time regardless if they want to expand on it or not.
Could get away with it in a proper packed appimage.
But also cause of the sheer amount of projects that arnt one and done programs, especially anything that needs to be connected to the web.
So why bother hosting a vibecode program if they are mostly abandoned quickly? Its not like they arnt going to say no to something that proves they can keep the upkeep for longer than half a year at minimum. It shows that they know what they are doing
faultydesign@reddit
I think that’s what they’re doing anyways, since good llm code is indistinguishable from human code.
Barafu@reddit
Good LLM code is often obviously easier to read. Long comments, verbose names, meticulous adherence to code standards. Before AI when I saw a code like this, I'd suspect the author is either obsessive or is being paid per code size.
FattyDrake@reddit
I'm definitely obsessive. I don't really write comments for others, but for me six months from now.
I never understood why programmers needlessly abbreviate things or use variable names of only a few characters. Text is cheap.
jawknee530i@reddit
I worked for a firm for a decade that had a no commenting policy in code. It worked great because we just used long ass descriptive names for everything. Like:
TakeBidAndOfferWeightsToComputeReverseWeightedValueation(double bid, double offer)
AverageHot2647@reddit
My Dad worked as a programmer in the 1980s and he thinks this may be a cultural hangover from when there were hard limits on the length of variable names.
Barafu@reddit
There are some traditions like i,j for the counters or self for self-reference even in languages where any word can be used.
But overall, I think, a subconscious desire to reduce the amount of typing is what has the most effect here.
Nicksaurus@reddit
I think it's partly just because if the thing on your screen is indecipherable it makes you feel like a cool smart hacker
Isofruit@reddit
C89 - The C standard published in 1989 - Had a limit in that only the first 6 characters of a variable were significant. That obviously got expanded later on, but does explain why only code after the 90's tends to become more human readable.
FattyDrake@reddit
Makes sense!
I've had to work with code from the 90's, and it's horrifying. The great ASCII shortage of the 20th century. Coming across a 5 character variable is like an oasis in a desert.
PseudorandomNoise404@reddit
Because we’re lazy. Why use long variable name when “a” does the trick?
FattyDrake@reddit
So it's easier to understand when you need to work in the function a year later? I'd argue that's more efficient.
But as the saying goes, we don't do these things because they are easy, but because we thought they'd be easy.
PseudorandomNoise404@reddit
Yes but if it was hard to write it should be hard to understand!
In all seriousness though, I usually abbreviate things to the extreme so that the actual math or function calls are easier to read. For me it's easier to remember what "i" refers to instead of seeing "interestRate" written a bunch.
Isofruit@reddit
It entirely depends. In a business-rule heavy environment, your code is a book recording the business rules. You need to essentially tell the story of what those business rules are via your code for the next programmer.
As such longer variable names can be immensely more helpful.
FattyDrake@reddit
Your logic is very compelling and appeals to innate gatekeeping instincts. I'll have to ponder this!
It does make sense with heavy math since that's abbreviated anyway. If there's a short comment in the declaration I'm content.
meskobalazs@reddit
I am lazy, that's why I use long and descriptive variable names with autocompletion.
PseudorandomNoise404@reddit
And just like that your new project is banned from Flathub.
Isofruit@reddit
I'd partially push back on that one in that I think that experience is very much environment dependent, because what I'm seeing from LLMs in a professional webdev environment isn't all that special. Even good LLM code tends to get pointless comments inserted that just repeats information that very readably is laid out in e.g. the variable name it describes. 5-line functions whose required information for understanding is pretty self-contained in the 5 lines you need to write them often enough also get doc comments attached that arent just pointless but actively harmful because they're not going to be kept in sync. More can be said about other things that LLMs do some of the time that arguably isn't good practice.
And I've got to review similar levels of code for years before the LLM train hit the timeline. I wouldn't have said the people are obsessive, that's just... decent code that you write to be readable.
Now in a science environment where people have barely even heard of coding standards and readability in myths and legends, I'd agree with you. But that has more to do with the average scientist turned coder having absolutely atrocious coding style that was a travesty even before LLMs came into play.
Barafu@reddit
My experience is with getting DeepSeek to write Rust. The most strong effect on comments is that LLM copies the quality of comments that already exist in the block of code that is in scope. It is hard to get LLM to write better code if the existing code is obviously bad.
It would be much easier to fix the style of existing code beforehand, but of course it is not possible every time. For such cases, I have written AI skills to fix the comments and coding styles afterwards, but it is important to run them at proper moments.
Isofruit@reddit
I've used half a dozen of the commercial offerings out there paid for by work, for TS (Angular) and java (Spring), mostly openAI and anthropic. The code, regardless of the model ranged from good to fine, but nothing that I'd consider crazy out of the ordinary for a decent developer. Particularly related to accessibility it often screws up big time, only implementing patterns half heartedly or the like.
phylter99@reddit
I think there's a difference in quality between someone that does not know programming and software QC and someone that just picked up a coding agent and gave it a few prompts without any experience. Someone with experience will always be better than the latter and can use vibe coding to create something positive. In my opinion, at that point it is no longer vibe coding though.
I use coding agents a lot for work and probably write much of my code with them as of late, but I'll be damned if I'm going to let them write bad code on my behalf. It's a tool to make my life easier and make me more productive, but not replace me.
nxiviii@reddit
How would you differentiate between good and bad vibe-coded apps as a maintainer? I guess it's very time consuming, with sometimes special knowledge needed within the domain of the app.
Barafu@reddit
Yes. But it is a task that can be easily outsourced: public rating. Like any other app store does.
The contribution only needs to be reviewed for malware and dangerous practices, and when the source code is available, AI does that better than a generic human.
Veprovina@reddit
Have you seen some of the app reviews on flatpaks though?
App has 2 stars, 3 reviews 2 saying "app not work 1 star", one saying "good", all presumably on a different distro with god knows what configuration, and the app is amazing, but ends up with low scores cause it didn't work on 2 computers.
Public reviews are good if there's s lot of people reviewing the apps, but Linux isn't there yet.
pinumbernumber@reddit
Flatpaks are supposed to be stable across all reasonable distros, so if a package is unexpectedly dependent on system configuration then it arguably seems fair for it to have a poor score.
If a phone app ran well on popular phones but badly on a long tail of less common ones, I'd expect that to impact the rating too.
Veprovina@reddit
That does happen though, depending on the phone hardware, some apps do crash on some phones but work fine on others. Not something the developers can account for when making the app.
Same with flatpaks. They're all-in-one in s container, yes, but what if someone has an ancient computer with unsupported hardware, barely manages to even install an OS and the flstpak just can't run, yet they leave a bad review.
Steam has the right idea to include hardware info for such cases, but even then it's optional.
Barafu@reddit
There is more than enough people for reviews to work. The problem is how they set up.
I install the app through the Bazaar app on my desktop. But in order to leave a review, I need to open the browser, open the web site, log in to my account, find the application I want to review, then write.
This why 3 reviews on a popular application is exactly 3 more than I expected. If Flathub wanted working reviews they should have demanded that Bazaar, Discovery and whatever build in the review capability.
Veprovina@reddit
That would help immensely. KDE has a built in way to send crash reports for I think plasma session and kwin, and it's just a few clicks. To send a report to Fedora gnome, I had to get a fedora account, log in, get an app ID from the site, then set up the crash reporter and it still wouldn't do anything cause it wasn't linked to the red hat account. That's way too much work for most people which end up not sending reports. KDE can see the reports and fix things easier. Easier in app reviews would help a lot to make Devs aware of some problems, and users get a better idea of the app. Thres also so fragmentation between flatpaks as well since Fedora had their own repo and all, but that shouldn't matter too much.
nxiviii@reddit
Let's say I make an app now, how would I get a public rating if I didn't event distribute it yet, e.g. over Flathub? It's about the publication, before the app can even be reviewed.
Barafu@reddit
It is not the app store's job to weed out bad applications. App store must not allow malicious and dangerous applications.
After that, drop them all into a "new and unrated" category and let the curious and helpful users to test them out and write reviews.
uzlonewolf@reddit
Except scale makes it not easy. A user is not going to sit there and try hundreds of different apps trying to find one that actually works, they're going to just give up after 2 or 3 and abandon the entire site.
Infinity-of-Thoughts@reddit
Feel free to volunteer your time, I suppose?
Lower-Limit3695@reddit
They don't have enough volunteer resources to do that. Talk is cheap send donations or volunteer.
M4SK1N@reddit
The policy is nonsense. It says:
This basically makes corporate LLM slop exempt from the rule (because they can afford maintaining it). And it's written below the part about disallowing copyrighted, license-incompatible, or ethically questionable code. So you can publish ethically or legally questionable code, but not if you're only a beginning maintainer.
SiteRelEnby@reddit
coughgooglecough
E7ENTH@reddit
Very good
DrollAntic@reddit
This policy is deaf to reality. A seasoned Developer using Ai will output better code than a seasoned developer without Ai. Ai is an amazing empowerment tool.
There is distinction between Ai vibe coded slop by someone who cannot code, and a learned developer using Ai to empower their development process.
SiteRelEnby@reddit
It says "exceptions for mature well-maintained products" which really makes me think this is a denial rubber-stamp for specific submissions, really just a nicer way of saying "devs refuse the right to reject it" when the last added line really kind of runs counter to the rest of it earlier.
LNDF@reddit
I once made a pr to a project using copilot code completion. So I guess that project can't be on flathub now because in 1 commit out of 28000 I pressed TAB once in vs code.
Sjoerd93@reddit (OP)
Literally from the policy: Exceptions may be granted for mature, well-maintained projects.
It's as if nobody reads anymore.
edward_jazzhands@reddit
Yea but many people have pointed out a clear problem with this that you have yet to answer which is that it seems what qualifies as mature and well maintained is completely arbitrary, there's no specific criteria or threshold anyone can point to. So the concern many people have is that it's going to essentially just come down to a few maintainers personally deciding what new projects can qualify based on what they personally like and their own personal taste.
clrksml@reddit
You can't expect them to read when they're busy bragging about their LLM use.
HunsterMonter@reddit
That's what happens when people live life through an LLM, the details slip through the summary (which is barely shorter than the actual text because LLMs are so goddamn verbose).
dvdkon@reddit
I think only a small number of people will bother applying for an exception, I know I wouldn't. Fewer project submissions means less work for Flathub maintainers, but it's kind of in direct conflict with the goal of being an app distribution platform.
sketched8@reddit
what if its a newly made app which was made with the help of an LLM?? instead of stopping vibecoded slop, this policy is just going to prevent many new apps from being eligible. why? just because a person used a tool for the exact purpose it was made for?
TheG0AT0fAllTime@reddit
To make such a severe misunderstanding clearly without reading their statement to see that's not the case. Shows you're one of the sloppers they're trying to prevent.
mykesx@reddit
Apple’s App Store has been flooded with vibe coded software. While the App Store isn’t Linux specific, the issue is broader than for just Linux.
I am in favor of this policy.
It might be interesting to see a whole distro made from vibe coded software compared to another with zero vibe coded software.
m0rtis2111@reddit
This policy will basically ban 99% of software a few years from now.
It is becoming established practice that LLM assistance is an invaluable tool for even the most experienced, hardcore developers and only a fool would think that the mere usage of any LLM-related tooling disqualifies a software from being quality work.
This seems like a knee-jerk reaction, but will just end up shooting in your own foot, which is a shame, since Flathub and its ecosystem are critical components of the success of desktop linux.
nekokattt@reddit
There is a difference between being assisted by an LLM and an LLM doing the whole thing, often with little to no developer input.
Ghost_x_Knight@reddit
The policy bans inclusion of any degree of LLM assistance (even for documentation; developers are expected to write flatpak-builder manifests by hand and to disable Github Copilot summaries in their repos), with potential exceptions for LLM-using projects meeting the criteria of 'mature and well-maintained'.
If they are taking the approach of blanket ban with hand-selected exceptions, criticism will lessen if they are more clear on how exceptions are judged. Fame? Project age? Number of contributors? How issues are handled?
It is plain to see that it is common for large established projects to make use of AI coding and documentation, but it is unclear what is the level of maturity and maintenance needed for smaller projects to qualify for an excemption.
edward_jazzhands@reddit
The vagueness of the policy is on purpose. It's quite specifically so they have total discretion to allow individual projects they like on a case by case basis without there needing to be any kind of consistent criteria.
nekokattt@reddit
how can you prove any level of LLM assistance? That is unenforceable.
SquareWheel@reddit
It's far more aggressive than that.
HunsterMonter@reddit
Funny how a supposedly FOSS community eats the slop from large corporation whose only involvement in FOSS is siphoning billions of lines of code as training data in a text prediction machine.
jferments@reddit
It's almost like people who volunteer their time to write code appreciate tools that help them write code faster!
HunsterMonter@reddit
It's almost like monopolizing all that power and data in the hand of a few multi-billion dollar corporations is antithetical to FOSS and a bad idea in general!
edward_jazzhands@reddit
Do you guys realize theres such a thing as tiny open source LLMs and theyre getting better really fast?
jferments@reddit
Lucky for you, there is a huge FOSS AI community, so you don't have to hand your power or data to anyone.
S7relok@reddit
The supposedly FOSS community who is always allergic to changes. Weird being in a tech field and having a caveman mindset
HunsterMonter@reddit
Call be back when said changes are good and not just giving more power to corporations
S7relok@reddit
And apparently you don't see that open source AI is developing a lot. Classic "linux community" caveman mindset
S7relok@reddit
Did you already looked at the kernel maintainers list instead of speaking like an edgy teenager? Companies everywhere!
0riginal-Syn@reddit
I get it, but it won't work well. Just means many will just hide they use AI and while some AI generated code is very obvious, not all is. Also there is a difference between using AI to assist where the dev knows what is going on and vibe coding slop. I think it is a good idea to have an AI policy and to block a lot of slop, but there needs to be balance. Espcially in something that has become this persuavive in the Linux app ecosystem. If they continue this way, we will likely see the growth of other repos that will challenge Flathub.
mykesx@reddit
Apple App Store is also being flooded with AI slop. I'm calling it the AI Slop Store now. And there are a lot of posts in the Apple related subs about how their desktops, laptops, and tablets aren't performing well. Not a coincidence.
One of the best things I have read here in weeks. Good for Flathub.
dl33ta@reddit
Good luck with that one
LesStrater@reddit
Ho-hum...just another reason you'll never find a flatpak on any computer I own...zzzzz
trannus_aran@reddit
Fucking good
icedchocolatecake@reddit
Terrible move.
Venylynn@reddit
So you want Linux to become as inundated with performance reducing slop like Windows?
sketched8@reddit
you might not be using that "performance reducing slop" but there are people who will find a use for it. also i don't get it, what separates a poorly written program made by a human and the same thing made by an LLM?
uzlonewolf@reddit
Scale. There were poorly written programs made by humans, however they were in the minority and could easily be weeded out. Now everyone+dog can constantly poop out vibe-coded carp and absolutely flood the distribution channels.
icedchocolatecake@reddit
Flatpak is Linux? Damn, I didn't know that.
S7relok@reddit
Fine, some thing less dogmatic will replace flathub.
pie_-_-_-_-_-_-_-_@reddit
lol this is insane
walterblackkk@reddit
Maybe we need some automated auditing system that would tell decent LLM-coded apps from AI slop?
Any code sumbitted would have to pass the audit and the developer would be required to submit both user and developer documentation in full.
jferments@reddit
What if we just used the same tools we've always used to check the quality of code when accepting submissions from random people on the internet?
Valkertok@reddit
Tools we've always used require a human involvement. Amount of pure garbage code being vomited right now is far too great for that.
Zatujit@reddit
This is stupid. Flathub already had plenty of broken applications and it didn't seem it was an issue before the all vibe coded thing
dgm9704@reddit
You have it the wromg way round. The broken apps were already a problem, and one that couldn’t be handled with the available resources. Now with vibe coded apps the problem would be exponentially multiplied.
Willybrown93@reddit
Oh, thank god. About time
Infinity-of-Thoughts@reddit
So, the way I'm reading this is basically any code that an LLM has output is not allowed. This seems .. Super restrictive, and I wonder if that won't literally apply to new applications in the future, and probably most of them already.
This seems to me to just make flathub irrelevant. Some mild sandbox < application selection.
Barafu@reddit
We either build a second Flathub NOW or we have a single man forcing his politics upon the whole FOSS community.
onur24zn@reddit
The irony, you use kubuntu and are forced to use cannonicals snap but then youre mad about flathub.
Barafu@reddit
You know Youtube? There are millions of ways to publish a video on the Internet. But if it is not published on Youtube, then it is effectively not published on the Internet. I don't want anything to get the same power over the app distribution. Nobody cares about snap, that is the point.
onur24zn@reddit
Cant everybody create his own flathub repository? I mean its already decentralized it is well documented and you can start today.
Yeah Nobody cares about snap today because they pushed this way even more because of snap which your loved canonical tried to force us.
I mean its not despotism, they just decided the advantages and disadvantges of allowing fully written ai software Its draining their ressources and could become a mess with all the ai slop that is released nowdays. That 1% of developers with ai software that is usable and actually good you could create a new repository.
MatchingTurret@reddit
I think they would be very happy with this: make the slop someone else's problem.
SanityInAnarchy@reddit
Social media banned spam, and tries to ban unauthorized bots. But early on, both Reddit and Twitter grew partly because of the bots their users contributed. Automoderator wasn't originally part of Reddit, it was just a bot someone built.
I don't know how to mirror that for code, though.
MatchingTurret@reddit
Correct. My point was about the analogy between social media spam bots and app store (in the general sense, it's not just Flathub) vibe coded spam submissions.
Venylynn@reddit
Oh no! They don't want Linux apps to be as festered with bs as Windows!
BrageFuglseth@reddit
As always in FOSS, the people who get to make decisions are the ones doing the work. To spin up a Flathub alternative, you'll need to find someone willing to review the kind of slop that the Flathub team has been going through lately.
WanderingInAVan@reddit
Isn't it possible to just have your own repo for flatpaks like other package managers?
Why not just set up one yourself?
BrageFuglseth@reddit
Yeah, it is pretty straightforward. The hard part is the surrounding infrastructure, both technical (storage, caching, bandwidth) and social (app reviewers, if you're not doing a one-app repo).
WanderingInAVan@reddit
Hmmm.
Still it might be best especially for individuals posting single or just a small number of apps.
BrageFuglseth@reddit
Anyone who is skilled and determined enough to host their own Flatpak repo can probably get their app accepted into Flathub pretty easily anyways
ricvelozo@reddit
You can, but Flathub gives app devs visibility.
nickcash@reddit
Nothing is stopping you. Go for it, build the Slophub of your dreams
Sjoerd93@reddit (OP)
I'm sorry, but just take a look and dig through the submissions to Flathub. The vast majority of apps being submitted are AI slop now (not people asking questions to AI, literally just generated code).
The people reviewing these manifests are doing this for free, this is actual human labor we're talking about. And then the people that submit their slop have the nerve to be pissy about their work not being submitted.
This is not sustainable.
SgtHaddix@reddit
not allowing AI slop to junk up the repo isn’t forcing politics on the whole FOSS community. it’s setting standards the same way every other repo does.
Barafu@reddit
OK. Then show me a hard measurable standard, measuring the threshold of "AI slop". Not "I'll know it when I see it" from a random man. Where is a program that calculates whether some project is "AI junk"?
BrageFuglseth@reddit
Some "mildly vibecoded" projects will probably pass through, but now the Flathub team has a shortcut to immediately reject apps that are obviously LLM coded with minimal involvement/understanding from the author, have been incorrectly submitted and maybe don't even build out of the box due to the author's overreliance on LLMs.
NotQuiteLoona@reddit
Damn activists are trying to force their politics on us again!!! 😡😡😡 Only Lunduke can save us and give us more AI slop! /s
In which universe Flathub is considered all FLOSS?
GreatLab8898@reddit
I never liked Flatpak to begin with. Its clunky. Its restrictive. It brings alot of Issues you need to work around. It uses alot of space.
I grew to hate it in the early Steam Deck days.
Only Snap is worst.
Cant we all just agree that AppImages are the correct way to go?
wandering_melissa@reddit
how do you auto update appimages? normal users dont want to spend time on checking updates separately and updating them
Barafu@reddit
Just like you update flatpaks: with a manager application. GearLevel.
wandering_melissa@reddit
oh okay I didnt know something like that existed, only time I had to deal with appimage was I was installing kicad and the only way to update it seemed like going to the site and downloading the new file.
GreatLab8898@reddit
So we make the user install 5 diffrent versions of Ubuntu. 6 Diffrent Versions of Gnome and 10 Diffrent Versions of MESA and while we are up to it allready, shipping 5 diffrent Nvidia Drivers. Offloading the burden of updating them to the Maintainer, who we all know could not give to fucks about it.
Which means we end up with 6 Exploitable Runtimes on our System.
Yeah. I agree. So much better.
And to your Question. Self Updaters that replace the entire AppImage where it is are a thing and really not that hard to code. I made one in 10 Minutes.
SquareWheel@reddit
Tools like Gear Lever allow you to enter an update URL. They'll automatically check for you.
AppImage itself is otherwise just a binary container. It has no such features built in.
Sjoerd93@reddit (OP)
???
It's worse in almost every conceivable way. It doesn't do updates to upstream repo's. It doesn't even bundle dependencies correctly, making them still break if you run slightly different runtimes on host. It doesn't do deduplication (like Flatpak does). And it doesn't do sandboxing.
As a developer, Flatpak is a blessing. Sorry.
GreatLab8898@reddit
For "Open" Source lovers you guys sure like to follow Systems run by litteral Project Dictators. Flatpak is one of them. SystemD the other.
If you look a bit closer, its an Walled Garden in Sheeps Clothing.
When the Moments come that the Gates close on that Walled Garden an Flathub starts charging I will be here to tell you "Told you so"
Barafu@reddit
AppImages do updates. Bundling dependencies is easy in simple cases (some libs) but may become a headache if you depend on running daemons and system innards. There is no sandboxing.
Barafu@reddit
Linux has no protection against malware whatsoever. Flatpak's restrictiveness is a first step to gain anything in that regard.
GreatLab8898@reddit
So we make the user install 5 diffrent versions of Ubuntu. 6 Diffrent Versions of Gnome and 10 Diffrent Versions of MESA and while we are up to it allready, shipping 5 diffrent Nvidia Drivers. Offloading the burden of updating them to the Maintainer, who we all know could not give to fucks about it.
Which means we end up with 6 Exploitable Runtimes on our System.
Yeah. I agree. So much better.
AmarildoJr@reddit
The only experience with AppImage I have is bad. It's for fSpy, a program which doesn't work anymore on some modern Linux distros.
For a package format that was supposed to be "100% self-contained with all necessary libraries" it doesn't seem to work very well.
I'd rather have it as a Flatpak.
HereticZed@reddit
"Update my app so it doesnt look like its been generated by AI so Flathub cant tell"
working....
Vladekk@reddit
If they would enforce this, fork will be needed. I submitted llm-assited patches for small things, in projects where I don't know the language , like ruby or c. I've checked changes, made sure they look and work fine, and then submit.
It would be very strange to now exclude any project with such patches.
As for "exception for mature projects" - this is terrible approach. Basically, it says: "we made a totalitarian law so we can judge you, but if we want, we would not apply it". Selectivly applicable laws is an important part of any authoritarian regime.
Venylynn@reddit
Well at least one thing is sacred.
Good. Flathub must not be corrupted by the Microslop machine.
DrinkyBird_@reddit
Well the application needs actual humans maintaining it to annoy when KDE Discover or GNOME Software mislead users about who actually maintains the Flatpak.
Squalphin@reddit
Good move, but may be slightly difficult to enforce with all the slop projects. Its annoying enough to always check if you are not installing slop by accident, so this is very appreciated.