[petekoomen]

I'm seeing a lot of negativity in the comments. Here's why I think this is actually a Good Idea. Many command line tools rely on something like this for installation:

  $ curl -fsSL https://bun.com/install | bash

This install script is hundreds of lines long and difficult for a human to audit. You can ask a coding agent to do that for you, but you still need to trust that the authors haven't hidden some nefarious instructions for an LLM in the middle of it.

On the other hand, an equivalent install.md file might read something like this:

Install bun for me.

Detect my OS and CPU architecture, then download the appropriate bun binary zip from GitHub releases (oven-sh/bun). Use the baseline build if my CPU doesn't support AVX2. For Linux, use the musl build if I'm on Alpine. If I'm on an Intel Mac running under Rosetta, get the ARM version instead.

Extract the zip to ~/.bun/bin, make the binary executable, and clean up the temp files.

Update my shell config (.zshrc, .bashrc, .bash_profile, or fish http://config.fish depending on my shell) to export BUN_INSTALL=~/.bun and add the bin directory to my PATH. Use the correct syntax for my shell.

Try to install shell completions. Tell me what to run to reload my shell config.

It's much shorter and written in english and as a user I know at a glance what the author is trying to do. In contrast with install.sh, install.md makes it easy for the user to audit the intentions of the programmer.

The obvious rebuttal to this is that if you don't trust the programmer, you shouldn't be installing their software in the first place. That is, of course, true, but I think it misses the point: that coding agents can act as a sort of runtime for prose and as a user the loss in determinism and efficiency that this implies is more than made up for by the gain in transparency.

[cuu508]

IMO it's completely the other way around.

Shell scripts can be audited. The average user may not do it due to laziness and/or ignorance, but it is perfectly doable.

On the other hand, how do you make sure your LLM, a non-deterministic black box, will not misinterpret the instructions in some freak accident?

[nobodywillobsrv]

How about both worlds?

Instead of asking the agent to execute it for you, you ask the agent to write an install.sh based on the install.md?

Then you can both audit whatever you want before running or not.

[chme]

So... What you are saying is that we don't need 'install.md'. Because a developer can just use a LLM to generate a 'install.sh', validate that, and put it into the repo?

Good idea. That seems sensible.

Bonus: LLM is only used once, not every time anyone wants to install some software. With some risks of having to regenerate, because the output was nonsensical.

[michaelmior]

> What you are saying is that we don't need 'install.md'

I think the point was that install.md is a good way to generate an install.sh.

> validate that, and put it into the repo

The problem being discussed is that the user of the script needs to validate it. It's great if it's validated by the author, but that's already the situation we're in.

[chme]

> The problem being discussed is that the user of the script needs to validate it. It's great if it's validated by the author, but that's already the situation we're in.

The user is free to use a LLM to 'validate' the `install.sh` file. Just asking it if the script does anything 'bad'. That should be similarly successful as the LLM generating the script based on a description. Maybe even more successful.

[falloutx]

I still dont understand why we need any of them. If I am installing something, It would take me more time to write this install.md or install.sh than if I just went to the correct website and copied the command, see the contents, run it and opening help.

[franga2000]

And since LLM tokens are expensive and generation is slow, how about we cache that generated code on the server side, so people can just download the pre-generated install.sh? And since not everyone can be bothered to audit LLM code, the publisher can audit and correct it before publishing, so we're effectively caching and deduplicating the auditing work too.

[catlifeonmars]

This is much better. Plus you get reproducibility and can leverage the AI for more repeat performances without expending more tokens.

[vrighter]

then how about you cut out the llm middleman and just audit the bash scripts already provided?

[jedwhite]

Thanks for posting the original ideas that led to all this. "Runtime for prose" is the new "literate programming" - early days but a pointer to some pretty cool future things, I think.

It's already made a bunch of tasks that used to be time-consuming to automate much easier for me. I'm still learning where it does and doesn't work well. But it's early days.

You can tell something is a genuinely interesting new idea when someone posts about it on X and then:

1. There are multiple launches on HN based on the idea within a week, including this one.

2. It inspires a lot of discussion on X, here and elsewhere - including many polarized and negative takes.

Hats off for starting a (small but pretty interesting) movement.

[smaudet]

> This install script is hundreds of lines long

Any script can be shortened by hiding commands in other commands.

LLMs run parameters in the billions.

Lines of code, as usual, is an incredibly poor metric to go by here.

[petekoomen]

My point is not that LLMs are inherently trustworthy. It is that a prompt can make the intentions of the programmer clear in a way that is difficult to do with code because code is hard to read, especially in large volumes.

[akomtu]

The solution, then, is to add comments to every difficult line of code and have an LLM check that comments match the code. Then you get precision and reliability of machine language + readability of human language

[catlifeonmars]

I’m not sure I agree with you that code is hard to read. I usually tend to go straight to the source code as it communicates precisely how something will behave. Well written code, like well written prose can also communicate intent effectively.

[chme]

TBH. I never read prose that couldn't be in some way misinterpreted or misunderstood. Because much of it is context sensitive.

That is why we have programming languages, they, coupled with a specific interpreter/compiler, are pretty clear on what they do. If someone misunderstands some specific code segment, they can just test their assumptions easily.

You cannot do that with just written prose, you would need to ask the writer of that prose to clarify.

And with programming languages, the context is contained, and clearly stated, otherwise it couldn't be executed. Even undefined behavior is part of that, if you use the same interpreter/compiler.

Also humans often just read something wrong, or skip important parts. That is why we have computers.

Now, I wouldn't trust a LLM to execute prose any better then I trust a random human of reading some how-to guide and doing that.

The whole idea that we now add more documentation to our source code projects, so that dumb AI can make sense of it, is interesting... Maybe generally useful for humans as well... But I would instead target humans, not LLMs. If the LLMs finds it useful as well, great. But I wouldn't try to 'optimize' my instructions so that every LLM doesn't just fall flat on its face. That seems like a futile effort.

[jen20]

This seems like an incredibly long winded, risky and inefficient way to install bun.

I've never actually (knowingly) run Bun before, but decided to give it a try - below is my terminal session to get it running (on macOS):

    $ nix-shell -p bun
    
    [nix-shell:~]$ bun
    Bun is a fast JavaScript runtime, package manager, bundler, and test
    runner. (1.3.5+1e86cebd7)
    
    Usage: bun <command> [...flags] [...args]
    
    Commands:
      run       ./my-script.ts       Execute a file with Bun
                lint                 Run a package.json script
    ... (rest of output trimmed)...

(Edited to wrap a long preformatted line)

[catlifeonmars]

This seems less auditable though, because now there is more variability in the way something is installed. Now there are two layers to audit:

- What the agent is told to do in prose

- How the agent interprets those instructions with the particular weights/contexts/temperature at the moment.

I’m all for the prose idea, but wouldn’t want to trade determinism for it. Shell scripts can be statically analyzed. And also reviewed. Wouldn’t a better interaction be to use an LLM to audit the shell script, then hash the content?

[petekoomen]

Yes, this approach (substituting a markdown prompt for a shell script) introduces an interesting trade-off between "do I trust the programmer?" and "do I trust the LLM?" I wouldn't be surprised to see prompt-sharing become the norm as LLMs get better at following instructions and people get more comfortable using them.

[catlifeonmars]

The tradeoff is kind of like asking what flavor of bubblegum you would rather be chewing when you get hit by a bus.

I hear you, and I can see the pragmatism of your approach. I’m just not convinced that it’s better.

[PunchyHamster]

you assume 2 things: that the instructions will be followed correctly, and that the way they will be followed won't change with agent change

Neither of those things is actually true

People that got their home dir removed by AI agent did not ask for their home dir being removed by AI

[blast]

Why the specific application to install scripts? Doesn't your argument apply to software in general?

(I have my own answer to this but I'd like to hear yours first!)

[petekoomen]

It does, and possibly this launch is a little window into the future!

Install scripts are a simple example that current generation LLMs are more than capable of executing correctly with a reasonably descriptive prompt.

More generally, though, there's something fascinating about the idea that the way you describe a program can _be_ the program that tbh I haven't fully wrapped my head around, but it's not crazy to think that in time more and more software will be exchanged by passing prompts around rather than compiled code.

[4b11b4]

> "the way you describe a program _can_ be the program"

One follow-up thought I had was... It may actually be... more difficult(?) to go from a program to a great description

[dang]

That's a chance to plump for Peter Naur's classic "Programming as Theory Building"!

https://hn.algolia.com/?dateRange=all&page=0&prefix=true&que...

https://hn.algolia.com/?dateRange=all&page=0&prefix=true&que...

What Naur meant by "theory" was the mental model of the original programmers who understood why they wrote it that way. He argued the real program was is theory, not the code. The translation of the theory into code is lossy: you can't reconstruct the former from the latter. Naur said that this explains why software teams don't do as well when they lose access to the original programmers, because they were the only ones with the theory.

If we take "a great description" to mean a writeup of the thinking behind the program, i.e. the theory, then your comment is in keeping with Naur: you can go one way (theory to code) but not the other (code to theory).

The big question is whether/how LLMs might change this equation.

[chme]

Even bringing down the "theory" to paper in prosa will be lossy.

And natural languages are open to interpretation and a lot of context will remain unmentioned. While programming languages, together with their tested environment, contain the whole context.

Instrumenting LLMs will also mean, doing a lot of prompt engineering, which on one hand might make the instructions clearer (for the human reader as well), but on the other will likely not transfer as much theory behind why each decision was made. Instead, it will likely focus on copy&pasta guides, that don't require much understanding on why something is done.

[dang]

I agree that it will be lossy because all writing is lossy.

[akomtu]

That theory, or mental model, is a lot like a program, but of a higher kind. A mental model answers the question: what if I do this or that? It can answer this question with a different level of detail, unlike the program that must be executed completely. The language of a mental model is also different: it talks in terms of constraints and invariants, while the program is a step-by-step guide.

[rswail]

"The map is not the territory" applies to AI/LLMs even more so.

LLMs don't have a "mental model" of anything.

[dang]

But if the person writing the prompt is expressing their mental model at a higher level, and the code can be generated from that, the resulting artifact is, by Naur's theory, a more accurate representation of the actual program. That would be a big deal.

(Note the words "if" and "by Naur's theory".)

[chme]

TBH, I doubt that this will happen...

It is much easier to use LLMs to generate code, validate that code as a developer, fix it, if necessary, and check it into the repo, then if every user has to send prompts to LLMs in order to get the code they can actually execute.

While hoping it doesn't break their system and does what they wanted from it.

Also... that just doesn't scale. How much power would we need, if everyday computing starts with a BIOS sending prompts to LLMs in order to generate a operating system it can use.

Even if it is just about installing stuff... We have CI runners, that constantly install software often on every build. How would they scale if they need LLMs to generate install instructions every time?

[blast]

That's basically what I was thinking too: installation is a constrained domain with tons of previous examples to train on, so current agents should be pretty good at it.

[patmorgan23]

How is asking an LLM to make some random install script up better than a script designed by the application developer?

The install.sh is auditable, yes you need to know bash to be able to audit it, but the same is true for an LLM, it could hallucinate random commands that delete files or override other applications/configs.

[Szpadel]

imagine such support ticket:

I used minimax M2 (context it's very unreliable) for installation and it didn't work and my document folder is missing, help

how do you even debug this? imagine you some path or behaviour is changed in new os release and model thinks it knows better? if anything goes wrong who is responsible?

[chme]

Maybe that is a reason for this approach. It changes the responsibility of errors from the person writing that code, to the one executing it.

Pretty brilliant in a way.