[jillesvangurp]

If it has tests and responsible management, sure why not. I generally feel more comfortable if something is 1) widely used & scrutinized 2) managed competently. But that's orthogonal to how (not if) people use AI. Having good tests, reviews, etc. is much more important.

Do people trust random NPMs developed by random people on the internet? Apparently we do given all the recent issues with supply chain attacks.

I have a problem with people using vibe coding to refer to any contribution for which AI is used. I think it is inaccurate. People providing very low quality contributions to projects is a problem. But the real problem is people accepting such contributions.

[elnatro]

The problem is that we are not talking about an application but a runtime. A bug in the Bum platform can have much more serious consequences than in a lone app. Unless there is a deep thoroughly review by the maintainers, I wouldn’t trust it.

[soraminazuki]

Tests can only catch a small subset of the possible ways things can go wrong. Our development practices still rely heavily on the authors of the code knowing what they wrote.