Readit News logoReadit News
wiether commented on GitHub Agentic Workflows   github.github.io/gh-aw/... · Posted by u/mooreds
snowstormsun · 10 hours ago
Surely this won't be a security nightmare.
wiether · 10 hours ago
Don't worry, you can just setup an Agentic Workflow Firewall!

https://github.com/github/gh-aw-firewall

wiether commented on GitHub Agentic Workflows   github.github.io/gh-aw/... · Posted by u/mooreds
woodruffw · 12 hours ago
I find this confusing: I can see the value in having an LLM assist you in developing a CI/CD workflow, but why would you want one involved in any continuous degree with your CI/CD? Perhaps it’s not as bad as that given that there’s a “compilation” phase, but the value add there isn’t super clear either (why would I check in both the markdown and the generated workflow; should I always regenerate from the markdown when I need changes, etc.).

Given GitHub’s already lackluster reputation around security in GHA, I think I’d like to see them address some of GHA’s fundamental weaknesses before layering additional abstractions atop it.

wiether · 10 hours ago
I thought that it was to allow non-tech people to start making their own workflows/CI in a no/low-code way and compete against successful companies on this market.

But the implementation is comically awful.

Sure, you can "just write natural language" instructions and hope for the best.

But they couldn't fully get away from their old demons and you still have to pay the YAML tax to set the necessary guardrails.

I can't help but laugh at their example: https://github.com/github/gh-aw?tab=readme-ov-file#how-it-wo...

They wrote 16 words in Markdown and... 19 in YAML.

Because you can't trust the agent, you still have to write tons on gibberish YAML.

I'm trying to understand it, but first you give permissions, here they only provide read permissions.

And then give output permissions, which are actually write permissions on a smaller scope than the previous ones.

Obviously they also absolve themselves from anything wrong that could happen by telling users to be careful.

And they also suggest to setup an egress firewall to avoid the agents being too loose: https://github.com/github/gh-aw-firewall

Why setting-up an actual workflow engine on an infra managed by IT with actual security tooling when you can just stick together a few bits of YAML and Markdown on Github, right?

wiether commented on The AI boom is causing shortages everywhere else   washingtonpost.com/techno... · Posted by u/1vuio0pswjnm7
9dev · 2 days ago
I think this started a lot earlier actually. A few generations back, many people played an instrument, or at least could sing. It didn't matter that none of them was a Mozart, because they didn't had to be. For making music or singing together in a family or a friend group, it was wholly sufficient to be just good, not necessarily great.

But when everyone has access to recordings of the world's best musicians at all times, why listen to uncle Harry's shoddy guitar play? Why sing Christmas songs together when you can put on the Sinatra Christmas jazz playlist on Spotify?

wiether · a day ago
> why listen to uncle Harry's shoddy guitar play?

Uncle Harry is not playing guitar: https://www.youtube.com/watch?v=VXzz8o1m5bM

wiether commented on My AI Adoption Journey   mitchellh.com/writing/my-... · Posted by u/anurag
hollowturtle · 3 days ago
I don't understand how Agents make you feel productive. Single/Multiple agents reading specs, specs often produced with agents itself and iterated over time with human in the loop, a lot of reviewing of giant gibberish specs. Never had a clear spec in my life. Then all the dancing for this apperantly new paradigm, of not reviewing code but verifying behaviour, and so many other things. All of this to me is a total UNproductive mess. I use Cursor autocomplete from day one till to this day, I was super productive before LLMs, I'm more productive now, I'm capable, I have experience, product is hard to maintain but customers are happy, management is happy. So I can't really relate anymore to many of the programmers out there, that's sad, I can count on my hands devs that I can talk to that have hard skills and know-how to share instead of astroturfing about AI Agents
wiether · 3 days ago
> Never had a clear spec in my life.

To me part of our job has always been about translating garbage/missing specs in something actionnable.

Working with agents don't change this and that's why until PM/business people are able to come up with actual specs, they'll still need their translators.

Furthermore, it's not because the global spec is garbage that you, as a dev, won't come up with clear specs to solve technical issues related to the overall feature asked by stakeholders.

One funny thing I see though, is in the AI presentations done to non-technical people, the advice: "be as thorough as possible when describing what you except the agent to solve!". And I'm like: "yeah, that's what devs have been asking for since forever...".

wiether commented on My AI Adoption Journey   mitchellh.com/writing/my-... · Posted by u/anurag
chrysoprace · 3 days ago
I think for a lot of people the turn off is the constant churn and the hype cycle. For a lot of people, they just want to get things done and not have to constantly keep on top of what's new or SOTA. Are we still using MCPs or are we using Skills now? Not long ago you had to know MCP or you'd be left behind and you definitely need to know MCP UI or you'll be left behind. I think. It just becomes really tiring, especially with all the FUD.

I'm embracing LLMs but I think I've had to just pick a happy medium and stick with Claude Code with MCPs until somebody figures out a legitimate way to use the Claude subscription with open source tools like OpenCode, then I'll move over to that. Or if a company provides a model that's as good value that can be used with OpenCode.

wiether · 3 days ago
> Or if a company provides a model that's as good value that can be used with OpenCode.

OpenAI's Codex?

wiether commented on My AI Adoption Journey   mitchellh.com/writing/my-... · Posted by u/anurag
tmtvl · 3 days ago
I will give Claude Code a trial run if I can run it locally without an internet connection. AI companies have procured so much training data through illegal means you have to be insane to trust them in even the smallest amount.
wiether · 3 days ago
You can run OpenCode in a container restricted to local network only and communicating with local/self-hosted models.

Claude Code is linked to Anthropic's hosted models so you can't achieve this.

wiether commented on GPT-5.3-Codex   openai.com/index/introduc... · Posted by u/meetpateltech
bg24 · 3 days ago
I am on a max subscription for Claude, and hate the fact that OpenAI have not figured out that $20 => $200 is a big jump. Good luck to them. In terms of model, just last night, Codex 5.2 solved a problem for me which other models were going round and round. Almost same instructions. That said, I still plan to be on $100 Claude (overall value across many tasks, ability to create docs, co-work), and may bump up OpenAI subscription to the next tier should they decide to introduce one. Not going to $200 even with 5.3, unless my company pays for it.
wiether · 3 days ago
I use Codex in OpenCode through the API and find the experience quite enjoyable.
wiether commented on Don't rent the cloud, own instead   blog.comma.ai/datacenter/... · Posted by u/Torq_boi
bob1029 · 4 days ago
The #1 reason I would advocate for using AWS today is the compliance package they bring to the party. No other cloud provider has anything remotely like Artifact. I can pull Amazon's PCI-DSS compliance documentation using an API call. If you have a heavily regulated business (or work with customers who do), AWS is hard to beat.

If you don't have any kind of serious compliance requirement, using Amazon is probably not ideal. I would say that Azure AD is ok too if you have to do Microsoft stuff, but I'd never host an actual VM on that cloud.

Compliance and "Microsoft stuff" covers a lot of real world businesses. Going on prem should only be done if it's actually going to make your life easier. If you have to replicate all of Azure AD or Route53, it might be better to just use the cloud offerings.

wiether · 4 days ago
> The #1 reason I would advocate for using AWS today is the compliance package they bring to the party.

I was going to post the same comment.

Most of the people agreeing to foot the AWS bill do it because they see how much the compliance is worth to them.

wiether commented on Don't rent the cloud, own instead   blog.comma.ai/datacenter/... · Posted by u/Torq_boi
otherme123 · 4 days ago
I fully lost three small VPS there, and their response was poor: they didn't even refund time lost, they didn't compensate for time lost (e.g. a couple of months of free VPS), I got better updates from the news than from them (news were saying "almost total loss", while them were trying to convince me that I had the incredible bad luck that my three VPS were in the very small zone affected by the fire). The only way I had to recover what I lost was backups in local machines.

When someone point out how safe are cloud providers, as if they have multiple levels of redundancy and are fully protected against even an alien invasion, I remember the OVH fire.

wiether · 4 days ago
OVH VPS is not the same as say, AWS EC2.

It's their "Compute" under "Public Cloud" that is competing against AWS EC2. https://us.ovhcloud.com/public-cloud/compute/

They handled the fire terribly and after that they improved a bit, but an OVH VPS is just a VM running on a single piece of hardware. Quite not the same thing as the "Compute" which is running on clusters.

wiether commented on The Codex App   openai.com/index/introduc... · Posted by u/meetpateltech
jimmy76615 · 6 days ago
Just tell it to use your gcp/aws account using the cli, makes it infinitely powerful in terms of deployment. (Also, while I might miss some parts of programming that I have given to AI, I certainly don't miss working with clouds).
wiether · 6 days ago
> Just tell it to use your gcp/aws account using the cli

Please don't.

People burning through their tokens allowance on Claude Code is one thing.

People having their agent unknowingly provisioning thousands of $ of cloud resources is something completely different.

w

u/wiether

KarmaCake day1471August 12, 2018
About
export LANG=fr_FR.UTF-8
View Original