According to the release:
Adds experimental PostgreSQL support
The code was written by Cursor and Claude
14,997 added lines of code, and 10,202 lines removed
reviewed and heavily tested over 2-3 weeks
This makes me uneasy, especially as ntfy is an internet facing service. I am now looking for alternatives.
Am I overreacting or do you all share the same concern?
You must log in or # to comment.
“but reviewed and heavily tested over 2-3 weeks by me. I created comparison documents, went through all queries multiple times and reviewed the logic over and over again. I also did load tests and manual regression tests, which took lots of evenings.”
This is the way.
Pretty much.
I’ve started using AI on a project last week and the first thing I do is write tests. Lots of tests.
With enough guardrails, you could actually get pretty decent quality output out of it and with enough regression tests, you can ensure that nothing’s actually breaking.
Similarly, reviewing its changes and actually reading the code that’s being generated to ensure correctness is necessary. However, I am finding ways to automate that and reduce the incident rate of problems to even lower than my co-workers.
At that point, I think: Why not just write the code yourself?
Writing the code is more fun that reviewing code, not to mention less error prone.
A many-month-long refactor on code you’ve already written is less than fun. While I don’t love seeing a project I’m using being 80% replaced by Claude code, I’ve had Claude code look at some of my old projects and find underlying issues I was able to verify, and then suggested a more best-practice approach that I wasn’t even aware of. The real question is, was the claude output better than the original code? If it is and it has unit tests and many eyes on it, it’s quite possible that it’s better off now.
I’ll sit on my current versions for a few months and let everyone else test it out :)
I agree with you, though even when I have just made a change myself, I am looking through the git diff like a crazy person.
So, still I think refactoring my own code is much more fun than telling AI to do it for me and then proceeding to review and test it for weeks (allegedly, lol).
You seem to be using it responsibly by asking it how things could be better.
I’d never copy and paste output from an AI or give it free roam to make a PR, etc myself.
I’ll probably be sitting out on this update for a while too until I gage the general reactions of people heh :)
You’d be amazed at how much an LLM can accomplish while you take a shit.
that’s nowhere near enough testing for such a large change… special one written by the slop machine
Creds?
At my company we have been using AI very heavily to write code lately, and if that sentence was used to justify a 10k+ diff, whoever wrote it/vetted the change would have their access to the codebase revoked
So just one cred, I would think weeks of testing could cover things lol
Yeah, this is now inherently untrustworthy. Better to switch to an alternative.
Do you know any? I’ve never really looked beyond ntfy.sh until now
If you use ntfy for UnifiedPush: https://unifiedpush.org/users/distributors/
Gotify is supposedly a good alternative. Looking into it myself now.
Gotify is not UP compatible still AFAIK. That’s why I went to ntfy.
I only know NextPush (Nextcloud App), but there is also something called Autopush I think?
There’s SunUp on F-droid, but I don’t know anything about them.
That’s from Mozilla, another AI company…
Ugh, seriously? Great…
(Edit) I don’t think this is true? They use Mozilla’s push services, but nothing about their Codeberg repo (yes, it’s on Codeberg, not Github) indicates they’re part of Mozilla.
The app itself might be fine, but you are either using the Mozilla services or the backend written by Mozilla. Sadly Mozilla has lost all the good will it had and is just another silicon valley AI company these days, and seems to prefer it that way.
Sure. All I said was that it doesn’t actually seem to be run by Mozilla, like you implied it was.
The push service is run by Mozilla. Master of reading comprehension, I bow to you.
Read the README
How about you tell me what you see that I missed?
Self-host
It is possible to host your own Autopush server. Autopush is designed to work with Google BigTable but it is also possible to use it with redis.
For this:
- Clone Autopush
# mozilla-services/autopush-rs
Autopush-rs
Mozilla Push server built with Rust.
By using Sunup, your are going to have to trust Mozilla.
I recently switched to gotify. Push notifications to iOS aren’t as good but I’m happy with it.
They are not even trusting it themselves. This is from the release notes
I’ll not instantly switch ntfy.sh over. Instead, I’m kindly asking the community to test the Postgres support and report back to me if things are working
Fuck that.
Classic “test in production” strategy, very solid!
Consider a donation to help people providing you the open source software you seem to depend upon.
Usage of a helper tool to perform tasks on code whether it is AI or the IDE internal features can reduce the work load of benevolent developers who has not asked you to use their softwares.
Maybe the language was not appropriate but get real. With the little revenue generated by the usage of people complaining, the use of AI agentic coding might be the only way to being features without pushing benevolent devs to burnout.
You are completely correct, and to be honest I’ve tested commercial product features in prod as well on teams that have the capacity to handle it and make a living on it, unlike this maintainer.
I’m also experimenting heavily with vibe coding and I think it has many uses for a seasoned programmer while getting a lot of flak.
Of course there are issues and problems with it, but for me it had been helping out a lot.
Test in production is the best. We spent months warning from data bugs and nobody bat an eye (upstream bug, not our responsibility but we noticed) When it was d launched in prod we just pointed out the bug that nobody fixed was still there and immediately a war room was formed and the bug fixed within an hour.
It honestly seems more efficient to let shit hit the fan than to fight everybody to do their job.
For sure, the song of the hero who fixed the production bug is oft sang at meetings but the loser who prevented the bug to begin with gets no credit.
Testing in production is the most idiotic last 10 years or so concept, which is mainly driven by incompetence of project managers.
Imagine if you get sold a car by a company, for 100k, then it starts having major issues and the car company tells you: “we’ll fix it”.
While that does not necessarily apply to software or services or webapps, the logic still stands. You are selling bugs to people. Bugs that could have been cought, with some risk management and planning.
Edit: F-ing ios keyboard.
which is mainly driven by incompetence of project managers.
I completely agree. I work on an internal solution, which is a part of a very large product. It’s not a live product, only part of a pipeline that runs on a predetermined schedule. Our bit is the only one with actual business/performance KPIs, most of the other teams measure only “user story/CR points”. If the other teams screw up, it will impact our performance unless we prove it’s their fault. And of it’s their fault, they open a US/bug which improves their metrics (one more US closed). Our team has to think ahead and try to do things well in one go, because our bugfixing doesn’t count as work. But our speed is measured against people who benefits from half doing stuff. When we did massive effort, we got complaints we were slow. Now we do less effort and once every blue moon we have to do a hotfix. Most often than not when we have an production issue is due to the other teams that run before us on the pipeline, so we even had to develop checks to our input because they won’t add checks to their outputs. And they won’t because that’s a CR that requires extra funding that’s not approved, but we had to create them for our own sanity.
Yes, I’m looking to move out haha
A project is as good as its weakest point. While people might get butthurt by getting pointed at, a project is a group effort. Segregated teams are always a problem and almost always becomes a vulnerability,
Given current micro services architectures, we all have to get along with each other,for the greater good and the interest of the customer.
You sell shit, you get shit back. You sell high quality products with less obvious faults, you profit in the long run.
But no: “Let’s test in production”…
You’re implying a shitty capitalist company that nobody cares for if it burns down. A tool like this though that is self-hosted by a lot of people (29.1k stars on GH!) and that is internet-facing is very different.
Then, let’s just call it “massive decentralized surprise testing”
What happened to “reviewed and heavily tested over 2-3 weeks” from the release notes? Maybe Claude wrote that too lol
Hmm, no, I think I’ll just uninstall.
NOOOOOOOOO
I just set up a ntfy server for Unified Push earlier this week to use with Matrix. Now I have to turn around and immediately replace it…
Same here. Literally just set it up and now this.
I hope the author will roll this back or someone makes a fork. I don’t want to immediately switch technology to XMPP/Matrix/… and have to do it all over again.
You could, in the meantime, simply not upgrade to the version that uses AI.
Since, from what I’m seeing around, people are having issues looking for an alternative.
I’ll embrace the inevitable fork.
I’ve been meaning to put something like this in my setup for a while, but definitely not this now! List of alternatives in the Custom Communication section at awesome selfhosted
Time for a fork?
there is this repo that lists some slopware : https://codeberg.org/small-hack/open-slopware maybe someone can add it
I think there’s room for a little bit of nuance that page doesn’t do a great job of describing. In my opinion there’s a huge difference between volunteer maintainers using AI PR checks as a screening measure to ease their review burden and focusing their actual reviews on PRs that pass the AI checks, and AI-deranged lone developers flooding the code with “AI features” and slopping out 10kloc PRs for no obvious reason.
Just because a project is using AI code reviews or has an AGENTS.md is not necessarily a red flag. A yellow flag, maybe, but the evidence that the Linux Kernel itself is on that list should serve as an example of why you can’t just kneejerk anti-AI here. If you know anything about Linus Torvalds you know he has zero tolerance for bad code, and the use of AI is not going to change that despite everyone’s fears. If it doesn’t work out, Linus will be the first one to throw it under the bus.
deleted by creator
Well it’s AI slop then - at least by the definition of most users here.
deleted by creator
Upvote this guy
the linux kernel is on that list, bro it’s time to switch!
Also Chrome, Firefox ans Ladybird!
Time to switch to Plan9!
did not know that the serde developer tolnay is a military apologist. I’m disgusted. serde is a very good tool… I’ll think about what to do about this. such a shame…
Awesome page, thanks. Have bookmarked.
Harfbuzz though? That’s going to take some replacing. Hopefully someone will fork an earlier version. The thing that it does (accurate multi-script font shaping) is difficult to do; requires a lot of rule-of-thumb knowledge that’s unlikely to be possessed by a single person, needs a lot of collaboration.
oh no. not ladybird! You were supposed to save us!
I have the same concern…
fuck
@ueiqkkwhuwjw just this quote at the start of the release notes
> 14,997 added lines of code, and 10,202 lines removed, all from one pull request
This is already a major red flag even without the ai stuff right? Can’t believe anyone would flaunt that like this.
The “single pull request” is a merge release from 79 separate commits. It’s the sum of all work, it doesn’t mean all of it was changed in one go.
Doesn’t matter, it’s entirely too much for one PR
Why? What difference does it make if he packages these commits in 1 or 10 PRs?
Keep in mind this is a single maintainer project, there are no PR reviews. He could be just pushing straight to the branch anyway with no PR at all.
I mean, yeah, he could also not use git and just write some random bullshit directly on prod while blindfolded and blackout drunk.
However if you want a good product and good code you need to follow best practices, and those include meaningful and small PRs that you can easily review, check, debug, and revert if necessary.
I meant to ask already: what is the actual technical difference between mqtt and ntfy? For me it feels pretty similar technique, just one is used for push service and the other not. So it feels like reinventing the wheel. Maybe somebody here can enlighten me?
I think the main difference is that services adapt to mqtt while nfty adapts to services to send the msgs. Also, nfty offers push notifications on your Android device.
Ai can be powerful and destructive at the same time.
Ai coding can help a lot in accelerating software development. In the right hands that is. Meaning the software engineer still reviews the code. Test it. And takes responsibility. In those cases there is nothing wrong with using Ai for software development.
The problem is that some programmers are using AI without even looking at the end results. Just approves everything, commits, push and release. That approach is wrong and especially inexperience engineers might fail into this trap. So in this case the code has most likely a lot of duplicated code, full with bugs and other issues. Some issues you encounter it for the first time, since it wasn’t tested etc.
In the latter story, you feel the impact. And the downsides of Ai. And only see the negatives of Ai. You might say it’s Ai slop even. Or vibe coded. Which is correct.
Tldr: Ai can be very powerful in the right hands. It still requires a lot of human time and effort to get it correct. And if the engineer is too lazy then you feel the consequences. If you got an experienced software engineer that takes the responsibility of the code. Reviews it thoroughly. Test all corner cases, etc. Then AI can be powerful and helpful.
Agreed. I have a sense that, eventually, development communities will figure out etiquette and policies to govern LLM usage. But how do you enforce that kind of policy? Right now, it’s essentially a judgement call by the maintainers. It’s hard to catch sneaky LLM usage.
On the other hand, I think there are objectively good ways to use LLMs for software:
- High-level design and planning
- Technical Research (although this tends towards the most popular tech)
- POCs & rapid prototyping
- “Textbook” solutions
- TDD Red/Green development (where the LLM generates failing tests based on the high-level spec, and the programmer writes the implementation)
Indeed also read the paper called Programming as Theory building. From 1985. Which is very relevant today again. Since people lose the connection with the code due to Ai.
Was this written with genAI? Even the TLDR is padded fluff of common talking points
I’m halfway with you, and halfway just considering that people think it’s relevant to include a tl;dr in a barely three paragraph comment. The feeling with tl;dr for me is a summary similar to a closing paragraph, and if anyone thinks that one sentence (“Ai coding can help a lot in accelerating software development.”) is somehow worthy of being summarized as if the point was proven (“Ai can be very powerful in the right hands”)… well, it sounds like shit because it is shit. Maybe it’s ai, maybe it’s just a really rushed dude making a throwaway comment in the fediverse, and maybe it’s just a person who is confident enough in their mind that they forget they haven’t made an actually decent argument outside of their past, and concluding as if they brought that past argument forth here is eye-raising.
Considering he’s on his own instance… I’m going to bet the context is somewhere between throwaway comment and invoking past assertions without citing them.
You can run my text through Ai checkers if you wish. But it’s not Ai generated.
I’m not just on my own instance. I’m the creator of the software: Mbin. Previously known as kbin.
People need tldr today, due to TikTok. 😅
Im quite hesistant with idea of AI writing my code. At one point your AI wont help you with fixing certain bug and you will have to go through all of this AI slop. Not to mention you deploy debt code.
