About KeePassXC's code quality control (KeePassXC blog)

Date:
Sun, 09 Nov 2025 22:45:05 +0000

Description:
The KeePassXC project has recently updated its contribution
policy and README to note its policy around contributions created with generative AI
tools. The project's use of those tools, such as GitHub Copilot, have
raised a number of questions and concerns, which the project has responded
to : There are no AI features inside KeePassXC and there never
will be! The use of Copilot for drafting pull requests is reserved for very simple and focused tasks with a small handful of changes, such as
simple bugfixes or UI changes. We use it sparingly (mostly because
it's not very good at complex tasks) and only where we think it offers
a benefit. Copilot is good at helping developers plan complex changes
by reviewing the code base and writing suggestions in markdown, as
well as boilerplate tasks such as test development. Copilot can mess
up, and we catch that in our standard review process (e.g., by
committing a full directory of rubbish, which we identified and
fixed). You can review our copilot instructions. Would we ever let AI
rewrite our crypto stack? No. Would we let it refactor and rewrite
large parts of the application? No. Would we ask it to fix a
regression or add more test cases? Yes, sometimes. Emphasis in the original. See the full post to learn more about the
project's processes and pull requests that have been created with AI assistance.

======================================================================
Link to news story:
https://lwn.net/Articles/1045807/


--- Mystic BBS v1.12 A49 (Linux/64)
* Origin: tqwNet UK HUB @ hub.uk.erb.pw (1337:1/100)