> Languages and ecosystems with low variance in their training corpus are represented better and executed more reliably by coding agents.
So I think the author is saying that go is a simple language that tends to have less solutions to the same problem. I personally agree to that to a degree.
What I don't agree on is that we can choose what "low variance" is. There is a lot of go code out there, it's shape may have little "noise", but the variance is massive.
> nor do I think it should be considered a prompt injection at all
Can we stop the apologetic framing? It's increasingly common to create exploits from multiple vulnerabilities. Each one is bad. Downloading corporate malware is stupid. Adding random prompt injection is reckless. Insane to run autonomous agents on top of it.
Prompt injection is more serious in this regard, because there is no known solid protection. All the other problems are failure in process, prompt injection is failure at the first thought.
I suspect there is some weird habit that some people even like to overengineer their git history. Maybe it improves the pixel fame ratio or something.
For me it's satire. There are reasons for varying effort in creating PRs or patches, but attempts like this never seem to reason about reality. If I have to review, I want to see the code, not a clever story hidden in the commit history.
I don't see the difference in exploring an dense custom type system versus a flatter one. Both force you to look things up when you don't know about them.
In my opinion these problems originate in architectural style. Much of the open source written today is designed to impress the audience instead of focusing on the problem.
PHP has had a type system for over a decade now, including things like union and intersection types that are still not in Java. Most static checking still needs an external analyzer, but even without one, PHP does check subclasses and interface implementations for Liskov substitutability in a way that Python does not.
I know all that. The issue is that the type system only cares about classes and interfaces. It's all userland abstract types. If a type system doesn't offer safety AND efficiency (i.e. for primitives) I see no value for me. I don't see that happening.
The odd thing is that this disguises as some bare metal, hackable device.
Their TUI[1] is planned to use react(!), to share logic with their BrowserUI[2]. In the repos you can see how they struggle to get anything gpu backed done (which is required by the browser). Then falling back to wayland to do it for them. (This all seems a mess that LLMs can't figure out.)
Anyway, it does seem to end up in a custom linux desktop environment, with lots of sharp edges that makes it less hackable.
> The 256×144 px screen requires pixel-level rendering, which standard TUI libraries (ncurses, etc.) cannot provide. The proposed solution is an HTML/CSS rendering engine running as a background daemon — a lightweight browser-based renderer that draws menus, popups, and UI components.
But the text says "or," not "and." So by my interpretation if you process user data but are available via "free, public" repo, you're not covered. I presume "free" is defined elsewhere in the text, and that it approximates "open-source."
(e) AN OPERATING SYSTEM PROVIDER OR DEVELOPER THAT DISTRIBUTES AN OPERATING SYSTEM OR APPLICATION UNDER LICENSE TERMS THAT PERMIT A RECIPIENT TO COPY, REDISTRIBUTE, AND MODIFY THE SOFTWARE WITHOUT ANY PLATFORM-IMPOSED TECHNICAL OR CONTRACTUAL RESTRICTIONS IMPOSED BY THE PROVIDER OR DEVELOPER ON INSTALLING ALL MODIFIED VERSIONS.
Aha, thanks! So I think that raises the question of whether e.g. RHEL is affected. Technically it could be argued that they don't add any additional restrictions, but I wonder if Colorado will see it that way.
So I think the author is saying that go is a simple language that tends to have less solutions to the same problem. I personally agree to that to a degree.
What I don't agree on is that we can choose what "low variance" is. There is a lot of go code out there, it's shape may have little "noise", but the variance is massive.
reply