Well, of the top of my head, both chatgpt.com and Gemini have text on their home page to the effect of "AI can make mistakes". I'll bet a few bucks such copy can be found in other places, including the terms of service.

Sure, but bear in mind that in the US a fridge comes with a warning not to stand on top of the fridge door ...

"AI can make mistakes" is a bit quaint given that LLMs sometimes completely ignore what you say, and do the exact opposite. "Yes, I deleted the database. I shouldn't have done that since you explicitly told me not to. I won't do it again." (five minutes later: does it again).

I think the API terms of use is where this would be most needed, with something a lot more explicit about the potential danger than "AI can make mistakes". We are only at the beginning of this - agentic AI - no doubt lawsuits will eventually determine the level of warnings that get included, and who is liable when failures occur despite product being used as recommended.

Do you do rolling deploys?

I'd love to see a link to these emails, if you have one handy!

I don't think pypi or npm allow replacing existing packages?

They absolutely do. In this case litellm 1.82.8 had been out for at least a week (can’t recall the exact date offhand). The compromised version was a replacement.

It actually wasn't. That was one of the reasons why I looked into what was changed. Even 1.82.6 is only at an RC release on github since just before the incident.

So the fact that 1.82.7 and then 1.82.8 were released within an hour of each other was highly suspicious.

Ah, my mistake! Thanks for the correction.

But I believe you can replace versions on both, nonetheless. It’s a multi step process, unpublish then publish again. But the net effect is the same.

PyPI enforces immutable releases.

https://pypi.org/help/#file-name-reuse

> PyPI does not allow for a filename to be reused, even once a project has been deleted and recreated...

> This ensures that a given distribution for a given release for a given project will always resolve to the same file, and cannot be surreptitiously changed one day by the projects maintainer or a malicious party (it can only be removed).

If you lock your dependencies, it should fail if the hash doesn't match.

1.82.7 and 1.82.8 were only up for about 3 hours before they were quarantined on PyPI.

Are you saying that VSCode runs tsserver in its own NodeJS process? Or are you saying that VSCode uses the NodeJS it ships to run tsserver in a different process?

Just want to say that as an AI engineer, you and the Latent Space folks are doing work that is extremely useful to me. Without y'all, I'd be forced to doom scroll on X to catch up on the latest developments.

I wanted to explicitly highlight the utility of what you do because of surrounding comments that suggest/imply otherwise.

Thank you Simon!

Super interesting! Was this C# or something? is there a write-up/mini-blogpost about this somewhere?

How is enshitification (the gradual degredation of service and products for commercial gain) even related to what's being discussed (the gradual obsoletion of a certain set of skills of an SWE)?

I doubt that Meta (the company that sponsors the work on pyrefly) is looking forward to selling a product based on Python typing (assuming that's what's "what's being glazed in the article").

Koka, Roc-lang come to mind.