Raw Record Source

{
  "$type": "site.standard.document",
  "bskyPostRef": {
    "cid": "bafyreig4vf33shmj3llw5rwodxmoyxdobe7zoozjb43kc6atbqxy5xqygq",
    "uri": "at://did:plc:pi6woz4d47bkuws673w2il2r/app.bsky.feed.post/3mjbuhithq522"
  },
  "path": "/t/how-to-filter-out-vibe-coded-dependencies/13918?page=2#post_26",
  "publishedAt": "2026-04-12T05:49:32.000Z",
  "site": "https://discourse.haskell.org",
  "tags": [
    "[2603.22106] From Technical Debt to Cognitive and Intent Debt: Rethinking Software Health in the Age of AI"
  ],
  "textContent": "ocharles:\n\n> Ok, but you know the answer - you can’t tell if a dependency is “StackOverflow” programmed, so how are you going to determine if they are vibe-coded, which by your definition is a more sophisticated variant?\n\nWell, there have already been suggestions:\n\n  1. look for `Claude.md` and similar files in the repo\n  2. check the git history for agent commits\n  3. run the project through an LLM (funny) to determine whether it has been vibe coded\n\n\n\nI also had some more expressive solutions in mind, where e.g. hackage could have a label that authors themselves can add as a declaration, such as `vibe-coded`. Some projects do that for PRs already, so that everyone knows what they’re signing up for. Of course authors can lie about it, but that’s fine.\n\nocharles:\n\n> I have created all three of these types of debts by hand as well. I’ve also done “StackOverflow programming” and used LLMs without any of them. This seems like a poor correlation at best.\n\nYes, I have too. But that doesn’t nullify the point. There is already academic discussions about LLMs accelerating these debts: [2603.22106] From Technical Debt to Cognitive and Intent Debt: Rethinking Software Health in the Age of AI\n\nAnd I think it’s not very hard to imagine why that might be the case. It’s because of the amount of code that’s being generated/used. It surpasses anything that has existed before (lazy coding, SO copy-pasting, etc.).\n\nocharles:\n\n> Your question is specifically “how to avoid vibe-coded deps” but you won’t say what vibe-coding even is, with enough details for us to answer the question. I am trying to contribute a solution, but you’re being too vague.\n\nI don’t know an exact answer myself. It’s fine to start with “any project that has used an LLM” and then we can see if it’s possible to refine it.",
  "title": "How to filter out vibe-coded dependencies"
}