AI code sheds slop label at cURL, Linux

The "AI slop" era in open source isn't over, but we are entering a more nuanced phase where human-guided AI is proving its worth in critical infrastructure.

• –Early AI adoption resulted in a "DDoS attack" of hallucinated bug reports, forcing cURL to shut down its financial bounty program
• –Security researchers are now successfully using specialized AI tools to find complex protocol flaws that evade traditional static analyzers
• –Maintainers are adopting strict "human-in-the-loop" policies, demanding contributors fully understand and verify any AI-assisted submissions
• –With next-gen reasoning models on the horizon, AI's ability to meaningfully contribute to massive, legacy codebases is becoming a reality rather than just hype