SoylentNews is people
SoylentNews
Vibe Coding Is Killing Open Source Software, Researchers Argue:
According to a new study from a team of researchers in Europe, vibe coding is killing open-source software (OSS) and it's happening faster than anyone predicted.
Thanks to vibe coding, a colloquialism for the practice of quickly writing code with the assistance of an LLM, anyone with a small amount of technical knowledge can churn out computer code and deploy software, even if they don't fully review or understand all the code they churn out. But there's a hidden cost. Vibe coding relies on vast amounts of open-source software, a trove of libraries, databases, and user knowledge that's been built up over decades.
Open-source projects rely on community support to survive. They're collaborative projects where the people who use them give back, either in time, money, or knowledge, to help maintain the projects. Humans have to come in and fix bugs and maintain libraries.
Vibe coders, according to these researchers, don't give back.
The study Vibe Coding Kills Open Source, takes an economic view of the problem and asks the question: is vibe coding economically sustainable? Can OSS survive when so many of its users are takers and not givers? According to the study, no.
"Our main result is that under traditional OSS business models, where maintainers primarily monetize direct user engagement...higher adoption of vibe coding reduces OSS provision and lowers welfare," the study said. "In the long-run equilibrium, mediated usage erodes the revenue base that sustains OSS, raises the quality threshold for sharing, and reduces the mass of shared packages...the decline can be rapid because the same magnification mechanism that amplifies positive shocks to software demand also amplifies negative shocks to monetizable engagement. In other words, feedback loops that once accelerated growth now accelerate contraction."
[...] According to Koren, vibe-coders simply don't give back to the OSS communities they're taking from. "The convenience of delegating your work to the AI agent is too strong. There are some superstar projects like Openclaw that generate a lot of community interest but I suspect the majority of vibe coders do not keep OSS developers in their minds," he said. "I am guilty of this myself. Initially I limited my vibe coding to languages I can read if not write, like TypeScript. But for my personal projects I also vibe code in Go, and I don't even know what its package manager is called, let alone be familiar with its libraries."
The study said that vibe coding is reducing the cost of software development, but that there are other costs people aren't considering. "The interaction with human users is collapsing faster than development costs are falling," Koren told 404 Media. "The key insight is that vibe coding is very easy to adopt. Even for a small increase in capability, a lot of people would switch. And recent coding models are very capable. AI companies have also begun targeting business users and other knowledge workers, which further eats into the potential 'deep-pocket' user base of OSS."
This won't end well. "Vibe coding is not sustainable without open source," Koren said. "You cannot just freeze the current state of OSS and live off of that. Projects need to be maintained, bugs fixed, security vulnerabilities patched. If OSS collapses, vibe coding will go down with it. I think we have to speak up and act now to stop that from happening."
He said that major AI firms like Anthropic and OpenAI can't continue to free ride on OSS or the whole system will collapse. "We propose a revenue sharing model based on actual usage data," he said. "The details would have to be worked out, but the technology is there to make such a business model feasible for OSS."
[...] "Popular libraries will keep finding sponsors," Koren said. "Smaller, niche projects are more likely to suffer. But many currently successful projects, like Linux, git, TeX, or grep, started out with one person trying to scratch their own itch. If the maintainers of small projects give up, who will produce the next Linux?"
arXiv link: https://arxiv.org/abs/2601.15494
(Score: 2) by Bentonite on Thursday February 12, @03:18AM (1 child)
If it's made up, then I'm sure you could have explained how, instead of only dismissing it in 4 words.
Even if the ME wasn't intended to be a backdoor, all of the security vulnerabilities it contained (that most vendors haven't rolled out BIOS/UEFI updates for) and likely still contains means that it works as backdoor in practice; https://en.wikipedia.org/wiki/Intel_Management_Engine?useskin=monobook#Security_vulnerabilities [wikipedia.org]
Amazing, you seriously immediately proceeded to make up nonsense?
TCP/IP is a protocol specification and there were several implementations of it prior to the BSD one; https://en.wikipedia.org/wiki/TCP/IP#Adoption [wikipedia.org]
In 1989, BSD released their stack to the public domain, which means portions of it ended up in many proprietary OS's (most of which are no dead and no longer used), but it seems that it wasn't a very good implementation, as it appears every single proprietary OS proceeded to replace large portions of it with their own implementation.
Therefore, it was *not* the case that the entire internet used *the* BSD TCP/IP stack, it was rather that many (but not all) IP implementations on proprietary OS's used for routers (like Unix's), contained a limited amount of BSD code that remained after the rewriting.
But looking at this chart of internet hosts https://en.wikipedia.org/wiki/File:Internet_Hosts_Count_log.svg [wikipedia.org] it looks like the internet was becoming popular even before such stack was released (but Unix and other proprietary OS's at the time were frankly terrible and therefore clearly never worked well as a router OS).
BSD wasn't popular as a router OS at that time either, as the litigation against BSD meant that no business would touch it; https://en.wikipedia.org/wiki/UNIX_System_Laboratories,_Inc._v._Berkeley_Software_Design,_Inc.?useskin=monobook [wikipedia.org]
What allowed the internet to become really popular was GNU/Linux in ~1994+, as Linux's custom IP stack combined with GNU's OS (that you could configure the packet routes and run RIP, OSPF and BGP implementations on), allowed for setting up internet routers that could scale as small or as large as needed, that happened to be gratis too, rather than costing a ludicrous sum (although proprietary BGP implementations and the like were still a problem until GNU implemented GNU Zebra).
Only several years after the lawsuit was settled in 1994 did the BSD's implement the required software to be an internet router (BGP etc), but BSD's were never popular as a router OS.
The reckless obsession with popularity by BSD developers is bad for humanity.
If the software is being used primarily for harmful purposes as proprietary software, that is a bad thing and therefore it would have been better if such software was never written.
Wrong - SQLite is under no license terms - it's released to the public domain - which is a problem for jurisdictions where public domain is not recognized.
SQLite is not what I would call a good database - it doesn't even have date and time types - you need to rather mungle dates with the date and time functions.
It may be very popular, but that popularity is a bad thing, as it's primarily used for harmful purposes.
There are better databases available under strong licenses, which I'd consider using instead.
What limits such sociopaths behaviors is how such sociopaths (for example proprietary software developers) are usually terrible programmers.
Throwing money at terrible programmers isn't going to magically get you functionally good software.
But, if a programmer with any skill developers functionally acceptable software and then offers it to such sociopaths on a silver platter (a weak license), for the price of $0, the sociopaths always jump at the chance to integrate it into their proprietary software and therefore make it operate at a functionally convenient level (I've found weak licensed software integrated into every single functionally convenient proprietary software program I've inspected so far).
Meanwhile, if a programmer with real skill licenses the best software under the AGPLv3-or-later, or GPLv3-or-later, sociopaths usually do not integrate it into their proprietary software or SaaSS, as they don't want to risk being taken to court and made to choose between either respecting the users freedom or removing it and therefore downgrading the functionality of the software.
Too bad the GPLv2 isn't as effective, as most GPLv2-only projects rather treat it is a weak license and don't enforce it.
(Score: 2) by aafcac on Thursday February 12, @05:52AM
Considering that none of what you've posted has any sort of actual relevance, you're fortunate that I gave you 4 words to dismiss that.
As far as it being replaced goes, I never claimed that was still the case, just that it had been the case and that much of what you're interacting with would have taken far longer to occur if everybody had to do their own stack. Not that any of what you've posted justifies your childish name-calling.