[deleted]
Sorry, but I’m not supporting any ai shit.
[deleted]
Submitted 21 hours ago by TechSquidTV@lemmy.world to selfhosted@lemmy.world
Comments
kokesh@lemmy.world 20 hours ago
TechSquidTV@lemmy.world 20 hours ago
dumb.
non_burglar@lemmy.world 19 hours ago
Really endearing yourself to your users, huh?
papertowels@mander.xyz 19 hours ago
I appreciate the spirit, but to shine some more light around the negativity you’re seeing in the comments, it’s a lot to ask for others to run your code on their machines. If you want folks to be running in docker, that’s oftentimes basically giving root access.
If I’m giving root access, I’d at least want for the person who wrote the code to have a thorough understanding of what the code, which once again is running as root on my home network, is doing.
The LastPass hack a few years back was enabled by a self-hoster running an outdated version of Plex on their personal machine. There is weight in choosing what software to run and support in your personal setup.
TechSquidTV@lemmy.world 18 hours ago
virtually all home server setups run docker compose. no one is complaining about Docker, they’re complaaining about AI. The code is immaculate. Its fully tested as well. No one as looked at the code.
Also idk where you heard Docker is like giving root, thats just not correct on multiple levels. If it were a privledged container, which is unnecessary, then we could have a discussion. If you want a daemonless service, use podman. Use anythign you want, the source is there. Docker is not a requirement but is certainly not an issue in any way.
DoPeopleLookHere@sh.itjust.works 17 hours ago
Hokay. So docker does run as root. Podman can run rootless, but docker does run as root.
So if you have any vulnerabilities in your code, like say remote code execution, than your app already has access to root.
Also, don’t pretend like your shit don’t stink. My code has bugs. And I’ve been at this a a decade. Your vibe coded thing isnt going to be secure because you probably don’t even know how to make it secure if you don’t know docker runs as root.
Here’s where I interject my opnion
Its fine to do this for yourself. If you wanted to hear how great your AI produced slop go to LinkedIn.
When you share things to be used by others, you have a responsibility yourself. How will you monitor and package up security updates? What kind of depenecinies do you have? Are they up to date? Do they have any CVEs?
There’s so much more to publishing than good intentions. Its fine to do something like this for yourself. But to publish and then absolve yourself of any responsibility is not a way to get taken seriously.
papertowels@mander.xyz 15 hours ago
When you run a self-hosted application, do you first go through and read all the code? I don’t, I’ll tell you that. I’m going to assert that most folks don’t, and unless I hear otherwise I’ll assume you don’t read all the code for every self-hosted application you use.
No one is complaining about Docker, they’re complaining about AI Correct. Saying you “vibe-coded” something up suggests that you didn’t do it yourself, or at least was only loosely invested in it. If you didn’t put much time into it, then it’s not as vetted for folks. Running your code on someones homelab is then akin to pushing the new grads vibe-coded refactor into prod, which I think we all know is a bad idea. The mitigation for that is for the user to vet the code themselves, which we already asserted earlier doesn’t really happen in practice. So we have two options, either push the vibe-coded refactor into prod, or acknowledge that we’ve introduced an additional requirement onto the users to vet the code themselves. The docker issue was just brought up as an example of what could go bad by running poorly vetted code on a machine.
Also idk where you heard Docker is like giving root
If I’m not looking through all the code, then as a user I’ll just be following your included instructions, of which the recommended method is to fire up docker-compose. If docker-compose bind mounted mounted
/, my understanding is that the container now has default write-access to the entire host - am I mistaken?DoPeopleLookHere@sh.itjust.works 17 hours ago
Also since you complained no one looked at your code, you have support for plain text passwords in your code. That’s a huge no no.
deleted@lemmy.world 18 hours ago
I wouldn’t trust an ai code even though it is tested.
It’s like living in a house built by 12 year old and the reasoning behind it that it didn’t collapse. Yet.
Natanox@discuss.tchncs.de 18 hours ago
The code is immaculate. Its fully tested as well. No one has looked at the code, they’ve just complained.
Even if that’s correct it isn’t even the main reason why people are pissed about the use of AI. No matter if the code is “perfect” or not, it was created primarily using inherently immoral and outright dangerous tools.
danielquinn@lemmy.ca 10 hours ago
“Oh hi! Here’s some code. I didn’t write it and don’t understand it, but you should totally run it on your machine.”
andicraft@lemmy.blahaj.zone 10 hours ago
“vibe coded” lol ok go fuck yourself
TechSquidTV@lemmy.world 7 hours ago
I’ve been coding longer than you and I’m a better developer than you guaranteed.
Smash@lemmy.self-hosted.site 21 hours ago
And why not just use yt-dlp Web UI?
avidamoeba@lemmy.ca 21 hours ago
Goddamn I’ve been looking (not too hard) for a terrible yt-dlp UI and not finding one for a while! This is exactly whay I needed. I recently setup Pinchflat and was thinking abour shoehorning downloading from random sources in it. This should solve it.
TechSquidTV@lemmy.world 21 hours ago
I saw that one and cobalt.tools. I liked cobalt better, but cobalt is currently broken. Honestly, I mostly just wanted a different style UI.
Emi@ani.social 20 hours ago
I only used Ytdlp-interface and that works pretty well.
eager_eagle@lemmy.world 20 hours ago
lol the readme reads “a not so terrible” but the repo description reads like
A terrible web ui and RPC server for yt-dlp
dogs0n@sh.itjust.works 16 hours ago
github.com/alexta69/metube does this very well already!
DaveX64@lemmy.ca 18 hours ago
YT-DLP is pretty easy to just use the command line version.
TechSquidTV@lemmy.world 18 hours ago
This works for your phone and can be triggered externally.
al_Kaholic@lemmynsfw.com 15 hours ago
Do it work for age restrictioned videos?
muusemuuse@sh.itjust.works 19 hours ago
Was pinchflat flawed in some way? I’m all for having more options but if this uses yt-dlp anyway I’m not sure this is contributing to anything.
TechSquidTV@lemmy.world 18 hours ago
pinchflat I hadn’t seen that one before. No it’s pretty similar to be honest. I am planning on small feature that would make it slightly different but, ya same idea. I do like my UI more 🤷. That was my main issue with most of the existing ones that I had seen, I just didn’t liek the UI. Except for cobalt.tools, but it’s broken.
slazer2au@lemmy.world 21 hours ago
Link to the repo?
TechSquidTV@lemmy.world 21 hours ago
huh. could have sworn it was in there. Sorry! github.com/TechSquidTV/Hermes
dangling_cat@piefed.blahaj.zone 21 hours ago
Cool project :3 btw, what’s the tool you use to do the screen recording?
TechSquidTV@lemmy.world 20 hours ago
ty! screen.studio
raspberriesareyummy@lemmy.world 20 hours ago
“I love to enable oligarchs and fascists”
Catpurple@lemmy.blahaj.zone 20 hours ago
At least they admitted it. That said, I’ll never fuck with anything ‘vibe coded’, AI sucks.
TechSquidTV@lemmy.world 20 hours ago
It sucks but you wont try it and have no frame of reference. Give it a download. Try it out. Give me your honest opinion without this weird bias about hwo it was made.
TechSquidTV@lemmy.world 20 hours ago
exhausting viewpoint. AI is powered by open source.
raspberriesareyummy@lemmy.world 9 hours ago
is this “AI” you speak of in the room with you right now? If you believe that machine-learned pattern recognition and word prediction algorithms are “AI”, you shouldn’t be left anywhere near a compiler or production code.