Vaccari's Code

Without LLM code in the dependencies

7/15/2026

Show notes

Joey Hess, maintainer of git-annex, invested 100 hours to ensure that its dependencies did not contain LLM-generated code. His audit revealed serious problems: massive LLM code commits reverted without justification, incoherent commit messages, and even code copied from other projects, fortunately without copyright infringement. For Hess, auditing the entire dependency tree is the new reality of programming. He feels like he's "holding back the tide," but warns that the quality of dependencies is declining, impacting software freedom. Hess even reconsiders his participation in communities. Using LLMs for formatting and self-proclaiming oneself a "10xer" has a much greater impact than imagined.

Why it matters: The proliferation of LLM-generated code in dependencies increases maintenance costs, security, and trust in the software we build.

Sources:


📬 Enjoyed this? Subscribe to the Vaccari's Code newsletter for the next wave of software & AI trends, straight to your inbox: Subscribe here

← all episodes · read the post →