this post was submitted on 03 Jun 2026
217 points (97.0% liked)
Programming
27144 readers
609 users here now
Welcome to the main community in programming.dev! Feel free to post anything relating to programming here!
Cross posting is strongly encouraged in the instance. If you feel your post or another person's post makes sense in another community cross post into it.
Hope you enjoy the instance!
Rules
Rules
- Follow the programming.dev instance rules
- Keep content related to programming in some way
- If you're posting long videos try to add in some form of tldr for those who don't want to watch videos
Wormhole
Follow the wormhole through a path of communities !webdev@programming.dev
founded 3 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Repost of my reply elsewhere:
This guy is already retired, he wants to spend his days sailing and here we are bitching about rsync not being good enough while we all use if for free
Most of us won't be able to help code, fine.
But most of us could help with translations
Many of us could help with documentation
Some of us could contribute regularly with small financial donations
Some of us might have enough knowledge and expertise and experience to help code
Others could come up with other tasks that could be done.
The point is: rsync need more resources. Either we get him more resources or we STFU about the retired dev using AI. We can't have it both ways.
This whole debacle is making me extremely black pilled about open software in general. Just like cheap computing has died in recent years, I suspect non corporate free software is about to meet the same end to the acclaim of people who think they're doing a good thing for the world.
Do you mind describing what black pill means in this context? I'm familiar with the red/blue pill references, but could only find the incel context of black pill online. Is it just a "harsh truth" kinda thing?
Sorry for bringing terminally online slang to the table haha
In my head yeah it's the pill that teaches you a bleak and depressing truth but shows you no way out of it. I may be misusing the term.
You most certainly are, use a different metaphor/descriptor.
I think it's unreasonable to complain that the guy is not working enough for free.
I think it's reasonable to alert people that rsync is not being properly maintained anymore and to seek alternatives.
I would prefer the maintainer to announce publicly that he can't maintain the project anymore and is looking for help/someone to take over instead of breaking the project silently.
But where will the maintainers for these alternatives come from, when barely anybody has stepped up in the 30 years of rsync's existence? Your comment implies that tridge didn't call for help before, which is far from the truth.
This is thankless maintenance on critical software, not some *-arr toy project for hobbyist self-hosters.
Universal Healthcare would increase the pool of willing developers by an order of magnitude here.
https://github.com/rclone/rclone
https://github.com/restic/restic
https://github.com/bcpierce00/unison
https://syncthing.net/
The thing with old, critical software is that after some time people don't really want to dig through decades of C code and prefer to write something new using modern tools. Those projects get plenty of support because people actually do want to work on them. If no one wants to work on rsync than what the maintainer is doing now is just prolong it's agony a couple of years. I would say he should do the minimum work, announce end of life date and move on. People that need tools like rsync will develop something.
Also, having critical software depend on one guy is not safe. We should avoid that. If critical software depends on one guy it should be phased out.
Here are the percent of commits from the top committer in each repository you mentioned, as well as rsync, over the last 3 months:
As you can see, each of this projects depends heavily on a single person, though to a lesser degree than rsync. That's just the nature of most open-source software.
Note that I excluded dependabot commits from the calculations and counted Claude commits as the lead developer for rsync
How I imagine this:
For example, I'm about to setup some syncing for my homelab and I will not use rsync for that. That's why talking about the state of rsync is important. As I said, it's not about attacking the dev for not working hard enough. It's about long term planning.
I remember when the maintainer for discord.py stepped down. He eventually stepped back in because no one wanted took over the project and he didn't want to see it die. This was before the current AI era, all someone had to do was continue to develop it.
I think almost everyone will do step 2 and 3 but not step 4.
The fact that open source exist and functions so well for decades shows that people do step 4. If no one wants to step in it usually means the project is not important.
The trouble with some of those projects (e.g. unison and sun thing) is that they don't solve the same problem, not really.
A rewrite with modern tooling would be better done if it was incremental.
Is that your assumption given that they're using AI? Because it's not at all what I have taken away from their article.
Is "not properly maintained anymore" your interpretation of them using AI? Or what do you base that on?
The whole story started because rsync stopped working for some users. That's "not properly maintained" in my books.
I don't know the degree to that, but bugs do happen occasionally either way as long as there are changes. In the article, they explain why the changes are necessary. Prioritizing security over no-change-stability seems reasonable and warranted.
The author said:
So as I said, I don't think it's fair to scream at him to work harder. I do think it's fair to worn people that rsync is having issues with stability. The author claims he knows what he's doing and it's all on purpose. You are free to trust him and ignore the whole affair. Other people may prefer to look for alternatives.
I doubly agree to this. The moment you are deciding the license of your fucking software please think carefully. It is a public service and the dev(s) ow you nothing. Not even an apology. What you own to the devs is much greater and very high on value. They made the software that runs on your own paid electricity, that you granted to them.
Of course we can do both. I don't have those resources to grant
and I get to point out that Tridge, despite his well earned reputation from the huge contribution of creating rsync and bringing it to the point where it's effectively complete as an essential piece of internet infrastructure, was massively arrogant in abdicating his responsibility by shovelling LLM slop into that same piece of infrastructure.
In your eyes, is all AI-produced text and code slop? Or did you check on the Python tests they designed and implemented with the help of AI, and after analysis of that, you came to the conclusion that it's slop (as in nonsensical, incoherent, faulty, or similar)?
I write python code for a living. There is no way to sugarcoat it, the new unittests are slop. There already exists a good writeup of why, which I'm going to quote here:
https://neuromatch.social/@jonny/116666900898570791
https://neuromatch.social/@jonny/116671260017373441
You should read the whole thread, the author goes into more detail, as to why you cannot trust the software any more after the rewrite of the unittests and why you should avoid any new release of rsync since then.
tridge's blog post makes it clear that this was not "one-shotted" at all.
I regret reading it; I'll assume in good faith that it wasn't LLM generated but it is ironically as confidently wrong as if it were.
It almost (and should have) lost me when it started by quote-agreeing with someone else saying "rsync was basically done until the maintainer discovered vibecoding" - no, pay attention, it was not "basically done", there were/are a mountain of CVEs!
But then this got my interest:
tridge says he has used pytest on other projects and had good reasons not to use it here; I'm inclined to believe him.
But the notion of every test defining its own way to invoke rsync sounded like a valid criticism, and an easy one to verify, so I checked: It turns out that there is in fact a common
run_rsyncfunction which is used by the majority of the tests. One test defines its own_run_and_capturefunction (which differs in that it writes the output to a file, for reasons I didn't investigate), and it looks like a few others invoke rsync other ways, but the majority of them use the common function.So, that rambling thread's sole concrete criticism of rsync's new python tests turns out to be false.
They are not unit tests, they are integration tests. Which in my experience makes unit-testing frameworks like pytest a poor fit. I've also had to write my own framework, for that reason, despite preferring pytest for unit-testing.
The author also greatly exaggerates the amount of code duplication: They claim that "tests are whole python scripts that redefine basic test functions in every script", but in reality it is less than half of the tests that even define their own functions.
Most basic functions are imported from a shared module (
rsyncfns.py), and when they aren't it's mostly because the code needs to do something different. From what I can see, there is some code duplication that could be moved to the shared module, and some code that could be refactored, but it's a modest amount