I built a full stack SaaS that is deployed at my work. It is exposed to the internet and I have only used pentesting and asking the ai “what is this” and “fix this” and feature requests.

It has awful context limitations. Saying “do this” means it overfills context halfway through and loses the nuance as it tries to restart the task after summary. I dont trust it to make a todo list and keep to it. I have to work with the slightly long term “markdown files” as memory.

I have had good progress when I say “add this pentest_failure/feature_request to an open items list markdown file” then the ai finds context defines the issue and updates the file. Rinse repeat. THEN I say “I want to make a refactor that will fix/implement as many of the open items list issues as possible, can you/the_ai make a refactoring spec”. THEN I carefully review the business logic in the refactoring spec THEN I tell the ai to implement the refactoring spec phase 1 then i test then j say do phase 2… etc.

Design concerns like single source of truth, dry, separation of concerns, and yagni have come up. I have asked about api security best practices. I have asked about test environment vs production.

I developed without git, and the sheer amount of dumb duct tape code made by no short term memory ai exposed by pentesting was infuriating, but I got a process that works for my level of understanding.

Ai Skills, rules, etc are still not quite clear to me

So far, I have made a full stack server on a rpi from only ai and pentesting. It is deployed (live and used by my coworkers as a part of their workday). I intend to open source it once I understand more about git.

I recently have made one pull request on one project that js very well maintained and I indicated that I used ai and it is really eye opening to see what good development/maintaining looks like.

I am currently doing a deep dive into each of the feedback notes (left by a collaborator). I am by no means fast as I’m trying to max my learning from each scrap of interaction and error. Several concepts are hard for me to remember well so I use my high level memory and commands to the ai each time they come up.

I can walk through tricky logic.

I can pentest and determine issues or if a solution works.

I dont know what is important. I dont know how to rebase git commits and get a pat token unless ai is holding my hand.

I right now only vibe code but I then deep dive through the finalized commits. I am not a programmer by trade and at best I’m a sloperator.

I think my code contributions are helpful.

I am trying to get into foss, and this really shines a light on what to expect.

Well, i just remembered the nexus mods and vortex Mod manager business model. All downloads are counted and you are asked to give an endorsement of the mod after a period of time. There is then a option to donate and you can choose your allocation if any. Something like that could only run once per month and be able to give good info. While tracking use time can be like beneficial Spyware, I think I would still like the reminder without that service.

I would like to have a way to track my use of FOSS, but i want to retain my privacy. I would be interested in this app. I also would like a different way to allocate so that apps that increase my efficiency so that I don’t spend a long time troubleshooting something get the bigger slice. Perhaps having an optional “impact” survey with varying degrees of granularity (impact survy with only thumbs up and down OR impact survey with only 5 stars OR impact survey with 1-100) honestly this would be really cool if adoption got so high that this became the “patreon” of linux apps (aka having a “like” at the bottom that would remind you of high impact).

Not a bubble popping, but a balloon deflating. We have enough hardware to simulate the 10 billion neurons in a human brain, right now they are focusing on the software. I don’t think it will “pop and crash”.

How does this compare against quik? https://f-droid.org/packages/dev.octoshrimpy.quik

Shadowrun for sega genesis