{
  "$type": "site.standard.document",
  "bskyPostRef": {
    "cid": "bafyreif4f5yplxilftgl7ka46l3xzpor74r2fs4z3tukxlr7dmwfdrhti4",
    "uri": "at://did:plc:pi6woz4d47bkuws673w2il2r/app.bsky.feed.post/3mj7xxcdan7n2"
  },
  "path": "/t/how-to-filter-out-vibe-coded-dependencies/13918#post_1",
  "publishedAt": "2026-04-11T08:43:21.000Z",
  "site": "https://discourse.haskell.org",
  "textContent": "Since people seem to already publish vibe coded projects to hackage I’m starting to wonder how I can make sure my dependency graph never includes such packages.\n\nThere’s no label on hackage and most READMEs have no disclaimers. The best thing you can do is to clone the repo and check whether there are claude code commits or similar.\n\nMaybe it would be possible to maintain a remote `cabal.project` file that severs as a blacklist (through constraints). But that would have to be maintained manually.",
  "title": "How to filter out vibe-coded dependencies"
}