Platformio is not simple by any means. That few .ini files generate a whole bunch of python, and this again relies on scons as build system.

That's a nice experience as long as you stay within predefined, simple abstractions that somebody else provided. But it is very much a scripted build system, you just don't see it for trivial cases.

For customizations, let alone a new platform, you will end up writing python scripts, and digging through the 200 pages documentation when things go wrong.

Are you ignoring the codex desktop app on purpose? Or the integrations?

Those use cases are already actively implemented, or being implemented in current software. The 5-10 year estimate is wildly wrong.

You do not need a plugin anymore.

People are accountable for the results they produce using AI. So a scientist is responsible for made up sources in their paper, which is plain fraud.

"responsible for made up sources" leads to the hilarious idea that if you cite a paper that doesn't exist, you're now obliged to write that paper (getting it retroactively published might be a challenge though)

I completely agree. But “disclosing the use of AI” doesn’t solve that one bit.

I don’t disclose what keyboard I use to write my code or if I applied spellcheck afterward. The result is 100% theirs.

Getting an automated reply concerning the submitted issue is deeply iconic.

> CCC always has been explicit far left/green, looking at its history, as other people in here have mentioned.

Yes, but what has shifted is "the left", to a point were it has basically been taken over for very specific agendas.

> I suspect that Chinese models are largely forced to open source as a trust building step because of general China-phobia in the west.

The obvious bias of the models, when it comes to Chinese politics and history, certainly does not help here.

TBF it obvious to us , in the same way many of our own bias are not obvious to us.

I do not understand. If auth is bypassable, this is not a browser issue, right?

It was a long time ago so i might be misremembering, but i think the idea was that safari would leak the target of redirects cross domain, which allowed the attacker to capture some of the oauth tokens.

So safari was not following the web browser specs in a way that compromised oauth in a common mode of implementation.

It's also a fundamental problem of security research. Lot's of irrelevant, highly contextual "vulnerabilities", submitted to farm internet points (driven by a broken cve system). AI only amplifies this.