The 10000 patches number is just for the IPV4/IPV6 stack. I also don't
think you should review or integrate them, because in a couple months
when more advanced LLMs are made available I can regenerate all the
patches in less than a morning with much better quality. And again
every time a new LLM is released.

That's why I think of the patches as a post-processing step. I.E. you
keep the regular process of development, and I or other people can
refactor and release secure versions of the kernel/userland.

It's great that you want to keep the development process human, but my
opinion is that if you have AI adversaries (like we have now), you
need AI protections.

El mié, 12 jun 2024 a las 3:15, Theo de Raadt (<deraadt@openbsd.org>) escribió:
>
> I think the important thing to understand about complex software is that
> it must be humanly comprehensible.
>
> Once abstractions levels become too grand (via human or automation
> efforts), no human will put effort into understanding how the pieces fit
> together, or put further effort into mutating the software to do some
> new future thing.
>
> So in this conversation, 10,000 extra chunks of code -- we have a choice
> between automation which will evict the human interest, or humans who
> won't accept automation that will evict their future interest.
>
> One additional point.  This project has always been founded on keeping
> patches minimal, explainable, etc.  That's 10,000 patches which will need
> to be submitted in very small bundles, and trying to keep the attention
> of reviewers.
>
> Oh, review isn't neccessary?  Amazing.  How did we ever get to this point.
>