I agree AI in the hands of someone competent is just a speedup. Stupid stuff like making serializer for endpoints is tedious work most of the time

It's not good for large architectural issues but it can point out nuanced issues in single files that often wouldn't be caught otherwise

Yeah I agree. It's sometimes good at code smells, though sometimes it can be straight-up wrong in ways that are actually surprising, so it always requires a human in the loop. It's not good at larger-scale architectural decisions, and I'd also add that it's usually not capable of understanding the intent behind business logic.

I'm personally pretty skeptical of the value of AI code reviews - there's tooling for it where I work, where they will auto-submit a review on any PR I open. I've never actually received a comment of any value from it, while my peers can find things that need resolving without any issue.

A poor supplement, and absolutely not a substitute.

And this is coming from someone not entirely opposed to all kinds of AI tooling

I always have ai review something before I give it my attention. It’s nice to have that quick summary to reorient myself when I’m multitasking and just a nice filter to have in general. It usually brings to attention anything out of the ordinary right away.

You don't seem to understand. This is Lemmy, and all AI is "slop". No exceptions.

Nm, the actual code is a BirthDate in iso 8601 YYYY-MM-DD format

actually, if the legislation doesn't specifically demand that they store user's actual date of birth, if I were to design this system, I would simply ask the user a yes/no question of whether they're at least 18 at the time of answering the question. If they answer yes, it won't expire because the time doesn't go backwards. I could also store the date exactly 18 years before the answer is given as a pseudo-DoB, that could be used, later on, to, for example, prove that the user is at least 21 for whatever reason. Most importantly, this would ensure that the user doesn't give any unnecessary identifying information to the system.

I thought vibe coding was when you don't know what the code does yourself, you just make AI do it and review it without reviewing or understanding it yourself.

If you wish to increase your sadness and dread a little more, have a look at this list

Those files are not proof of vibe coding. Agents, while still AI trash, are not necessary vibe coding.

Maybe the systemd haters were the friends we made along the way?

Nope.

Yes but I'll try to expand on that for anyone not in the know.

In general there's been a wealth of info about users but you didn't necessarily need info in there. Like GECOS where you can store the full name, phone numbers, etc.

These are simply fields made available but not required. Systemd is making it available but your OS itself doesn't need to use it at all.

Now I personally very much disagree with all this age verification BS but systemd isn't really doing anything extreme here nor unprecedented.

Yeah it's insane. I wrote up a complaint in another thread but I think the OP realised how terrible it was because it was deleted by the time I hit submit. That particular post was utter trash, not even attempting to maintain a reasonable tone or look at the situation dispassionately. Its lede literally read:

Dylan, useful idiot with commit access, pushed age verification PRs to systemd, Ubuntu & Arch, got 2 Microslop employees to merge it, called it 'hilariously pointless' in the PR itself, then watched Lennart personally block the revert. Unpaid compliance simp.

And frankly, the author of that sort of hit piece should be ashamed of himself. Far, far more than Dylan should.

It's such a dumb thing to whinge about. Age verification is not a bad thing! What's bad is age verification that is implemented in a way that either requires, or significantly increases the chances of people's privacy being violated. Requiring people to upload photo ID directly to sites, or to third-party "trusted age verification partners". Or trusting bullshit AI face-detection age verification.

Age verification that's implemented by asking parents to...y'know, actually parent, and helping them to do that by giving them tools like OS-level parental controls, enforced through operating system and browser APIs that we mandate apps and websites use, is the way to go. The OS should expose to apps, and browsers expose to websites, only the simple answer to the question: "is the current user of a legal age to access this content?" as a boolean value, based on information stored in the OS by parents setting it. No fancy technology. No privacy invasion. Just simply giving parents the tools to help them do their job.

There are more complicated technical solutions that could be used. Things involving repeated hashes or blind digital signatures. But these are only appropriate if we pre-suppose that the government needs to strictly enforce it by requiring IDs or other sensitive information be used to age verify. And these solutions help minimise the risk by eliminating the connection between the age verification and which sites are being accessed (so the verifier can't see what sites the verifyee is viewing, and the sites can't see who the person being verified was, only that they were verified). And you don't need to go even that far. Because the best solution is right down on the user's device, with a simple setting that parents can set.