Comment by krig

Comment by krig 17 hours ago

8 replies

View on Hacker News

This announcement made me check in on the arbitrary code execution bug I reported that the Bun Claude bot created a PR for about 3 weeks ago:

https://github.com/oven-sh/bun/pull/24578

So far, someone from the bun team has left a bunch of comments like

> Poor quality code

...and all the tests still seem to be failing. I looked through the code that the bot had generated and to me (who to be fair is not familiar with the bun codebase) it looks like total dogshit.

But hey, maybe it'll get there eventually. I don't envy "taylordotfish" and the other bot-herders working at Oven though, and I hope they get a nice payout as part of this sale.

bopbopbop7 17 hours ago

So you pushed a PR that breaks a bunch of tests, added a 5 layer nested if branch block that mixes concerns all over the place, then ignored the reviewer for three weeks, and you’re surprised they didn’t approve it?

Reply View 7 replies
  • Master_Odin 16 hours ago

    The OP directly says:

    > that the Bun Claude bot created a PR for about 3 weeks ago

    The PR with bad code that's also been ignored was made by the bot that Bun made, and brags about in their acquisition post.

    Reply View 0 replies
  • krig 14 hours ago

    I just reported the bug, it was the bot that was proudly mentioned in the announcement which created the PR and the code...

    Reply View 0 replies
  • [removed] 16 hours ago
    [deleted]
    Reply View 0 replies
  • throwaway290 17 hours ago

    > So you pushed a PR that breaks a bunch of tests, added a 5 layer nested if branch block that mixes concerns all over the place, then ignored the reviewer for three weeks, and you’re surprised they didn’t approve it?

    ...Did you miss the part where Bun used Claude to generate that PR?:)

    Reply View 3 replies