• Lars Johansson (32/32) Feb 11 I’m learning D, and as an experiment I asked Claude.ai to convert
• Daren Scot Wilson (13/14) Feb 14 Impressive use of Claude!
• Daniel Kozak (5/11) Feb 15 It does not matter on which language AI is trained. You can write your o...
• matheus (33/36) Feb 15 I understand what you're saying, and just yesterday I saw a video
• Bradley Chatha (16/18) Feb 15 For what it's worth this is one of the major reasons I never
• Lance Bachmeier (7/12) Feb 15 There's a lot of D source code out there, and a lot of
• Paolo Invernizzi (23/35) Feb 16 Claude-Code Opus 4.6:
• Jon Degenhardt (12/18) Feb 20 I was surprised at how much claude knows about
• jmh530 (5/17) Feb 16 If the problem is complicated enough, then ChatGPT5.2 thinking
• monkyyy (5/8) Feb 16 Thats true of all ai's, if the chess ai's hallucinate 20 possible
• Sergey (12/14) Feb 20 Wouldn't be cool if DMD can run AI instead? :P
• Richard (Rikki) Andrew Cattermole (5/11) Feb 20 Fun fact, dmd does do AI!
• jmh530 (4/14) Feb 20 Eh, I don't think you can promise no slop from a D AI. Depends
• Denis Feklushkin (9/12) Feb 21 Oh, there are at least two more that written in D. Here's mine
• antonio (25/39) Feb 16 I'm using Antigravity with Gemini to experiment with "agents"
• Laeeth Isharc (58/60) Feb 20 Very cool experiment.
• Laeeth Isharc (5/5) Feb 20 Note also that if you want to optimise code you can just ask it
• Laeeth Isharc (14/14) Feb 20 One more little trick. The foundation models have been trained
• monkyyy (5/19) Feb 20 https://claude.ai/share/a5c724e8-9e1a-4c66-a8b8-4a048a0e8d84
• Kapendev (2/5) Feb 21 You can have Atila at home!!?!?
• matheus (4/8) Feb 21 Ouch. This one instance that I'm glad I didn't use my full real
• Julian Fondren (6/9) Feb 22 "I hope whoever runs this only uses fonts with boring names" is
• monkyyy (6/16) Feb 22 user behavior is not changed thru strong words, if you care you
• Julian Fondren (8/11) Feb 22 If you say "don't eat that, it's poisonous" and "don't leave your
• monkyyy (3/14) Feb 22 outside ai; I unironically wrote this code. If you care about the
• Julian Fondren (14/16) Feb 22 If the AI had used appropriately strong words, you would've
• Julian Fondren (6/15) Feb 22 For the record this still has problems, like running as running
• monkyyy (19/36) Feb 22 The safety failure, if I were to believe this to be one, would
• Julian Fondren (13/16) Feb 22 Avoiding trivial string injection is level zero safetyism. It'd
• monkyyy (16/34) Feb 22 You have the entire 71 lines of context; its not one line in the
• Julian Fondren (11/13) Feb 22 Phobos's *Shell versions are something like /bash/bash -c "your

Lars Johansson <lasse 11dim.se> writes:

I’m learning D, and as an experiment I asked Claude.ai to convert 
a C connector to SAP ERP system to D. Claude started by saying 
converting C to D is easy. I pointed to the C github library. 
Claude then requested the needed SAP resources from me, and in 
minutes created a DUB project, with a makefile and documentation. 
There were one bug, a string conversion Claude told me was not 
handled in the C connector, but by the callers of the C 
connector, Claude did a fix and the D connector run flawlessly. 
Without my request Claude created some testcases.

I then asked Claude to parse an XML file to set up a SAP RFC 
call. Not only did Claude do this but he understood by the XML 
structure to create a simple workflow engine without me asking. 
Claude first created his own XML parser, I told him to use DXML 
instead which he did. Now I have a primitive workflow engine that 
can extract (and possible update) data from SAP.

     I asked Claude how he did the conversion.
      “No tools — I did it manually by reading the C header 
(sapnwrfc.h) and translating by hand based on my knowledge of 
both C and D type systems.
     The mapping is mostly mechanical: typedef → alias, C enum → D 
enum, C struct → D struct, function declarations get extern(C) 
linkage. The main decisions were SAP_UC (C char16_t) → D wchar, 
opaque handles → void*, and callback function pointers → D 
function pointer syntax.
     The wrapper layer (Connection, FunctionModule, etc.) was 
modeled after X's  extension architecture — same class hierarchy 
and method patterns, just expressed in idiomatic D with RAII, 
exceptions, and UTF-8↔UTF-16 conversion.”
     Claude did not use any help from BetterC or any of those 
tools they are for humans not AI.

I now have an D SAP connector which I have no use for, it was 
just an experiment. In total there is 75K D code.

Daren Scot Wilson <darenw darenscotwilson.com> writes:

On Wednesday, 11 February 2026 at 09:10:25 UTC, Lars Johansson 
wrote:
 I’m learning D, and as an experiment I asked Claude.ai to ...

Impressive use of Claude!

A few days ago I asked Gemini how to do something with network 
sockets in D. Nothing tricky, just something I haven't dealt with 
since over a decade ago, so was rusty. Gemini explained a few 
things and gave sample code in D.

I am impressed that any AI can do anything with D or with any of 
the less widely used languages. No doubt all AIs that can deal 
with source code have been trained on the big languages, Java, 
Python etc. but apparently, at least Gemini and Claude have seen 
plenty of D.

This is good!

Daniel Kozak <kozzi11 gmail.com> writes:

Dne ne 15. 2. 2026 6:46 u=C5=BEivatel Daren Scot Wilson via Digitalmars-d <
digitalmars-d puremagic.com> napsal:

 I am impressed that any AI can do anything with D or with any of
 the less widely used languages. No doubt all AIs that can deal
 with source code have been trained on the big languages, Java,
 Python etc. but apparently, at least Gemini and Claude have seen
 plenty of D.

 This is good!

It does not matter on which language AI is trained. You can write your own
language and AI can program in it. If there is documentation or if there is
code base on which it can learn it.

matheus <matheus gmail.com> writes:

On Sunday, 15 February 2026 at 05:41:55 UTC, Daren Scot Wilson 
wrote:
 ...
 This is good!
 ...

I understand what you're saying, and just yesterday I saw a video 
of an ex-micro$oft employer "creating" a notepad and Basic 
compiler for PDP-11 (With some restrictions) using generative AI 
in less than an hour, in fact he just asked and then the program 
was done.

For many this is awesome, but I wonder about the future, where I 
live (South America), we have this education problem where the 
majority of the population can't do basic math by hand.

Since everybody is asking and getting the results done I wonder 
if the general population will get dumber in the future.

I saw in another thread an user saying this is good so people can 
do meaningful things instead wasting their time with menial ones, 
but again is like people with calculator in hand but can't figure 
out formulas, or even when going to a supermarket they can't know 
for sure if they are being scammed or not by the prices. Even if 
they have the calculator in their hands but if they can't operate 
it they are fried.

In fact I saw some videos where people ask generative AI if they 
are being scammed or not. So they can't think by themselves 
anymore!?

I really think unless you're are in a research are or in a good 
position etc. Current dev as we saw is over.

I'm still hesitating to use AI daily and to not have my brain 
rotting. Last time I used beginning of last year, it wasn't a 
very pleasant experience. The code generated needed a lot of 
fixes, but I saw an improvement lately, and it's indeed getting 
better really fast.

Finally I'm not complaining by myself since I'm already retiring 
from this industry (As worker), but from the young ones I'd be 
very scary.

Matheus.

Bradley Chatha <sealabjaster gmail.com> writes:

On Sunday, 15 February 2026 at 15:21:00 UTC, matheus wrote:
 ...
 Matheus.

For what it's worth this is one of the major reasons I never 
touch AI - I can actively feel my skill and ability rot when I 
rely on AI to do anything for me.

Even just my general comprehension of a codebase was 
significantly stunted after trying to use AI for about a week or 
so. I wasn't even using it as the main coder, but just as an 
assistant.

I liken it a little to learning a new natural language where 
understanding other peoples' speech and generating your own 
speech are almost entirely separate skills that need to be 
individually practice to a achieve a certain level of "skill 
harmony" between the two.

With AI, this skill harmony gets very skewed IMO, though I feel 
as more and more time passes I'm just going be marked a coding 
boomer... :D

Lance Bachmeier <no spam.net> writes:

On Sunday, 15 February 2026 at 05:41:55 UTC, Daren Scot Wilson 
wrote:

 I am impressed that any AI can do anything with D or with any 
 of the less widely used languages. No doubt all AIs that can 
 deal with source code have been trained on the big languages, 
 Java, Python etc. but apparently, at least Gemini and Claude 
 have seen plenty of D.

There's a lot of D source code out there, and a lot of 
documentation (Ali's book, the templates book, everything on the 
website, YouTube videos). It's not a major language like 
Javascript, but it's mature and well-known, far above the 
threshold to be included in the training data.

Paolo Invernizzi <paolo.invernizzi gmail.com> writes:

On Monday, 16 February 2026 at 02:57:20 UTC, Lance Bachmeier 
wrote:
 On Sunday, 15 February 2026 at 05:41:55 UTC, Daren Scot Wilson 
 wrote:

 I am impressed that any AI can do anything with D or with any 
 of the less widely used languages. No doubt all AIs that can 
 deal with source code have been trained on the big languages, 
 Java, Python etc. but apparently, at least Gemini and Claude 
 have seen plenty of D.

 There's a lot of D source code out there, and a lot of 
 documentation (Ali's book, the templates book, everything on 
 the website, YouTube videos). It's not a major language like 
 Javascript, but it's mature and well-known, far above the 
 threshold to be included in the training data.

Claude-Code Opus 4.6:

Yes, I'm fairly confident that the D forum (forum.dlang.org, and 
before that the newsgroups on digitalmars.com) is in my training 
data. It's public, indexed web content, and has been active for 
many years — it would be strange if it weren't.
In fact, I'm familiar with the forum's structure — the sections 
like General, Learn, Announce, Internals — and with many of the 
community's recurring discussions: debates about  safe vs 
 trusted, the eternal discussions about Phobos vs Tango (back in 
the day), the GC and how to avoid it, betterC, DIP proposals, 
discussions about ranges vs iterators, and so on.
I also know several recurring names in the community — Walter 
Bright of course, Andrei Alexandrescu, Adam Ruppe, Stefan Koch, 
Ali Çehreli (author of "Programming in D"), H.S. Teoh, and other 
regular contributors.
So yes, if you've been actively posting on the forum over the 
years, it's very likely that some of your contributions ended up 
in my training data. It's indeed an incredibly rich resource — 
the technical discussions there are often of a very high level 
and cover topics ranging from language design to very practical 
and niche use cases.

Jon Degenhardt <jondegenhardt nowhere.com> writes:

On Monday, 16 February 2026 at 08:13:39 UTC, Paolo Invernizzi 
wrote:

 So yes, if you've been actively posting on the forum over the 
 years, it's very likely that some of your contributions ended 
 up in my training data. It's indeed an incredibly rich resource 
 — the technical discussions there are often of a very high 
 level and cover topics ranging from language design to very 
 practical and niche use cases.

I was surprised at how much claude knows about 
[tsv-utils](https://github.com/eBay/tsv-utils). Not about 
tsv-utils being included in the training data, but that claude 
could reason about the tools without being pointed at the repo. I 
should perhaps add documentation to the repo targeting AI tools 
to make it even easier for users to ask AI agents how to use the 
toolkit. Without needing to read the documentation.

Of course, this also means tsv-utils was part of the training 
data illustrating how for how to code in D. For better or worse :)

--Jon

jmh530 <john.michael.hall gmail.com> writes:

On Monday, 16 February 2026 at 02:57:20 UTC, Lance Bachmeier 
wrote:
 On Sunday, 15 February 2026 at 05:41:55 UTC, Daren Scot Wilson 
 wrote:

 I am impressed that any AI can do anything with D or with any 
 of the less widely used languages. No doubt all AIs that can 
 deal with source code have been trained on the big languages, 
 Java, Python etc. but apparently, at least Gemini and Claude 
 have seen plenty of D.

 There's a lot of D source code out there, and a lot of 
 documentation (Ali's book, the templates book, everything on 
 the website, YouTube videos). It's not a major language like 
 Javascript, but it's mature and well-known, far above the 
 threshold to be included in the training data.

If the problem is complicated enough, then ChatGPT5.2 thinking 
still barfs on it. What seems to help is when the AI can actually 
run DMD.

monkyyy <crazymonkyyy gmail.com> writes:

On Monday, 16 February 2026 at 16:14:52 UTC, jmh530 wrote:
 If the problem is complicated enough, then ChatGPT5.2 thinking 
 still barfs on it. What seems to help is when the AI can 
 actually run DMD.

Thats true of all ai's, if the chess ai's hallucinate 20 possible 
moves, probably at least 5 of them is a blunder.

Without filtering probabilistic computation will always be 
worthless.

Sergey <kornburn yandex.ru> writes:

On Monday, 16 February 2026 at 16:14:52 UTC, jmh530 wrote:
 still barfs on it. What seems to help is when the AI can 
 actually run DMD.

Wouldn't be cool if DMD can run AI instead? :P

For those who want to really know what is AI and not just 
generate tons of AI slop as everyone else...

You can check micro gpt-2 model implemented in D!
It is port of Andrej Karpathy project
https://github.com/cyrusmsk/microDpt

Still early version - could have some bugs.. Need to double check 
the code.
As currently it is overfitting pretty fast and you need to put 
low learning_rate parameter.

Code improvements are welcome :)

"Richard (Rikki) Andrew Cattermole" <richard cattermole.co.nz> writes:

On 21/02/2026 1:04 AM, Sergey wrote:
 On Monday, 16 February 2026 at 16:14:52 UTC, jmh530 wrote:
 
     still barfs on it. What seems to help is when the AI can actually
     run DMD.
 
 Wouldn't be cool if DMD can run AI instead? :P

Fun fact, dmd does do AI!

Abstract Interpretation.

Principles of Abstract Interpretation: 
https://www.amazon.com/gp/product/0262044900

jmh530 <john.michael.hall gmail.com> writes:

On Friday, 20 February 2026 at 12:04:34 UTC, Sergey wrote:
 On Monday, 16 February 2026 at 16:14:52 UTC, jmh530 wrote:
 still barfs on it. What seems to help is when the AI can 
 actually run DMD.

 Wouldn't be cool if DMD can run AI instead? :P

 For those who want to really know what is AI and not just 
 generate tons of AI slop as everyone else...

Eh, I don't think you can promise no slop from a D AI. Depends 
more on the algorithms than the language/compiler.

 You can check micro gpt-2 model implemented in D!
 It is port of Andrej Karpathy project
 https://github.com/cyrusmsk/microDpt
 (snip)

Cool regardless and might be worth taking a look at anyway.

Denis Feklushkin <feklushkin.denis gmail.com> writes:

On Friday, 20 February 2026 at 12:04:34 UTC, Sergey wrote:

 You can check micro gpt-2 model implemented in D!
 It is port of Andrej Karpathy project
 https://github.com/cyrusmsk/microDpt

Oh, there are at least two more that written in D. Here's mine 
(still unfinished):

https://github.com/denizzzka/microgpt_dlang/blob/master/source/app.d

I write it so that it completely replicates logic of the original 
Python code, but I try to make it D-idiomatic.

I think this will become a new competition between languages 
​​and compilers. So, it makes sense to polish this training code 
to a shine.

antonio <antoniocabreraperez gmail.com> writes:

On Sunday, 15 February 2026 at 05:41:55 UTC, Daren Scot Wilson 
wrote:
 On Wednesday, 11 February 2026 at 09:10:25 UTC, Lars Johansson 
 wrote:
 I’m learning D, and as an experiment I asked Claude.ai to ...

 Impressive use of Claude!

 A few days ago I asked Gemini how to do something with network 
 sockets in D. Nothing tricky, just something I haven't dealt 
 with since over a decade ago, so was rusty. Gemini explained a 
 few things and gave sample code in D.

 I am impressed that any AI can do anything with D or with any 
 of the less widely used languages. No doubt all AIs that can 
 deal with source code have been trained on the big languages, 
 Java, Python etc. but apparently, at least Gemini and Claude 
 have seen plenty of D.

 This is good!

I'm using Antigravity with Gemini to experiment with "agents" 
(not AI agents... agents as small active pieces following simple 
rules) and "emergence" (how global behavior emanates from local 
interrelations) using D and raylib for visualization. In 2 
minutes I had a debuggable project... after 10 minutes of testing 
I decided not to review the code: Gemini was programming 
fluently. I was simply describing changes to the experiment and 
the code was traslating my natural language (in Spanish) in a few 
seconds... 3 hours of experimentation that in the past would have 
needed two weeks of nightly work (wasting my sleep time :-p).

Generated code is really good and Gemini solves fastly problems 
like not using COLORS definition from raylib and generating it's 
own enum (and it is it's own decision)

Other experiments:  Relastivistic (gravity "propagates") 
simulation of solar system,  Sort arlgorithms based on agents 
(Agentic Bubblesort in a circular topology?) , Economics based on 
agents, ...can rotation emerge from a not rotational system of 
isolated particles and gravity forces?

A second project

I designed a programming language (hight level one) years ago and 
I'm using claude as a compiler :-p transpiling to D... work in 
progress :-)

AI opens a lot of ways for experimentation...

Laeeth Isharc <laeeth nospam.laeeth.com> writes:

On Wednesday, 11 February 2026 at 09:10:25 UTC, Lars Johansson 
wrote:
 I’m learning D, and as an experiment I asked Claude.ai to 
 convert a C connector to SAP ERP system to D.

Very cool experiment.

Something which may be obvious or not is that many of the larger 
coding models can be quite resourceful.  So - without being told 
- they will happily use gdb to debug segfaults when creating 
bindings.  Ask it if it missed anything out, and it might use nm 
to inspect the libX.so and see if any exported dynamic library 
functions were not wrapped.  I haven't had much need to write 
networking code, but presumably it takes away much of the pain 
there too.

I think that quite quickly the availability of libraries for a 
programming language start to become much less relevant to 
decisions made about choices from a first-principles rather than 
copying others perspective.

If you think about choice of language as  an economic problem, 
LLMs mean that the cost of porting over any library you don't 
have in that language falls, but especially the chance that you 
are in a mess that you can't solve collapses.  Since many people 
in corporations today are not part-owners of the business but 
hired hands and that often leads to a maximin type 
decision-making process then in time this might have some effect.

Probably languages like Ocaml and Rust benefit the most from this 
change in cost, but it should help D at least a bit.

I think another change - not just driven by AI but everything 
that's happened over the past decade (especially relating to 
security) - is that the cost of having dependencies - especially 
dependencies that you do not control or really understand - 
rises.  This happens at a time when the cost of rolling your own 
has collapsed (especially if the original library has a 
comprehensive test suite).  At the margin, companies probably 
will move more towards internalizing dependencies more than 
before.

Inspired by Robert Schadek and his talk where he mentioned 
'stealing' JS libraries, I ported an  SVG charting library from 
typescript to D.  Pretty automated and at least to get basics 
working not too many bugs to fix.  (And it could compare the 
results, look at the differences and fix the code itself).

When I started my career there were no libraries to speak of.  If 
you were doing a reconciliation then you had to write quicksort 
yourself (unless your firm had a library already written).  
People would use books like Numerical Recipes in C.  In a way 
that's what libraries become more than code that's taken 
wholesale.  Obviously, people _ought_ to respect licences, and I 
hope they will.

I think enterprise vendors - especially in in finance - are going 
to start to have interesting conversations with clients.  The 
default is that you eat what you get, and it's a very slow 
process to incorporate new features or bug fixes - months and 
maybe years.  The cost structure has changed so much, that eg 
with DLLs I think people will start to decompile them and patch 
them - initially to fix bugs, and later to do much more.  Vendors 
won't like it, but ultimately they probably won't have much of a 
choice

On a different note, it should be pretty easy now to do what had 
been discussed some time back - to give dub projects a quality 
score and to adopt the good ones that have been semi-abandoned up 
to scratch.

Laeeth Isharc <laeeth nospam.laeeth.com> writes:

Note also that if you want to optimise code you can just ask it 
to add instrumentation with sampling and then just figure out 
where the bottlenecks are and fix them.  And it seems to work!

I have been messing around with cranelift (D bindings/wrapper 
coming soon but lmk if anyone wants).

Laeeth Isharc <laeeth nospam.laeeth.com> writes:

One more little trick.  The foundation models have been trained 
on the programming styles, code review interactions and forum 
discussions of members of this community.

For example, there is a little Atila Neves trapped in the model.  
So I often ask it to have it do code review by Atila and then fix 
the results.

Or I will ask it to write a library in the style of Robert 
Schadek...

(Just picking a couple of prominent names - pick your preferred 
person).

Obviously, it's not the same thing, but it is something.

I think models differ quite a lot in their ability to inhabit a 
different perspective.  Eg OpenAI models seem better at this than 
Grok from what I have seen.

monkyyy <crazymonkyyy gmail.com> writes:

On Saturday, 21 February 2026 at 07:23:41 UTC, Laeeth Isharc 
wrote:
 One more little trick.  The foundation models have been trained 
 on the programming styles, code review interactions and forum 
 discussions of members of this community.

 For example, there is a little Atila Neves trapped in the 
 model.  So I often ask it to have it do code review by Atila 
 and then fix the results.

 Or I will ask it to write a library in the style of Robert 
 Schadek...

 (Just picking a couple of prominent names - pick your preferred 
 person).

 Obviously, it's not the same thing, but it is something.

 I think models differ quite a lot in their ability to inhabit a 
 different perspective.  Eg OpenAI models seem better at this 
 than Grok from what I have seen.

https://claude.ai/share/a5c724e8-9e1a-4c66-a8b8-4a048a0e8d84

I dont think atila would ever have 1/2 the things he said to me 
be compliments

Kapendev <alexandroskapretsos gmail.com> writes:

On Saturday, 21 February 2026 at 07:37:32 UTC, monkyyy wrote:
 https://claude.ai/share/a5c724e8-9e1a-4c66-a8b8-4a048a0e8d84

 I dont think atila would ever have 1/2 the things he said to me 
 be compliments

You can have Atila at home!!?!?

matheus <matheus gmail.com> writes:

On Saturday, 21 February 2026 at 07:37:32 UTC, monkyyy wrote:
 ...
 https://claude.ai/share/a5c724e8-9e1a-4c66-a8b8-4a048a0e8d84

 I dont think atila would ever have 1/2 the things he said to me 
 be compliments

Ouch. This one instance that I'm glad I didn't use my full real 
name or image online.

Matheus.

Julian Fondren <julian.fondren gmail.com> writes:

On Saturday, 21 February 2026 at 07:37:32 UTC, monkyyy wrote:
 https://claude.ai/share/a5c724e8-9e1a-4c66-a8b8-4a048a0e8d84

 I dont think atila would ever have 1/2 the things he said to me 
 be compliments

"I hope whoever runs this only uses fonts with boring names" is 
some reddit snark filtered through a heavily moderated tech 
support forum. If not swear words, you should at least get some 
very direct language. DO NOT EVER DO THIS. DO THIS INSTEAD. SEE? 
IT'S EASY ENOUGH.

monkyyy <crazymonkyyy gmail.com> writes:

On Sunday, 22 February 2026 at 17:55:51 UTC, Julian Fondren wrote:
 On Saturday, 21 February 2026 at 07:37:32 UTC, monkyyy wrote:
 https://claude.ai/share/a5c724e8-9e1a-4c66-a8b8-4a048a0e8d84

 I dont think atila would ever have 1/2 the things he said to 
 me be compliments

 "I hope whoever runs this only uses fonts with boring names" is 
 some reddit snark filtered through a heavily moderated tech 
 support forum. If not swear words, you should at least get some 
 very direct language. DO NOT EVER DO THIS. DO THIS INSTEAD. 
 SEE? IT'S EASY ENOUGH.

user behavior is not changed thru strong words, if you care you 
should ship a better api that does whatever your wanting and just 
works without me reading the docs

I know these functions can filter out error message streams and 
have 3 steps when c system was 1 step

Julian Fondren <julian.fondren gmail.com> writes:

On Sunday, 22 February 2026 at 19:58:11 UTC, monkyyy wrote:
 user behavior is not changed thru strong words, if you care you 
 should ship a better api that does whatever your wanting and 
 just works without me reading the docs

If you say "don't eat that, it's poisonous" and "don't leave your 
clothes on the floor" in the same tone of voice, then it'll be 
received the same way without much extra effort by the receiver. 
What the AI does here is worse: it speaks of a misleading 
function name as a criminal offense, and then only gently and 
indirectly suggests that there might be something wrong with an 
unnecessary string shell injection.

monkyyy <crazymonkyyy gmail.com> writes:

On Sunday, 22 February 2026 at 20:17:16 UTC, Julian Fondren wrote:
 On Sunday, 22 February 2026 at 19:58:11 UTC, monkyyy wrote:
 user behavior is not changed thru strong words, if you care 
 you should ship a better api that does whatever your wanting 
 and just works without me reading the docs

 If you say "don't eat that, it's poisonous" and "don't leave 
 your clothes on the floor" in the same tone of voice, then 
 it'll be received the same way without much extra effort by the 
 receiver. What the AI does here is worse: it speaks of a 
 misleading function name as a criminal offense, and then only 
 gently and indirectly suggests that there might be something 
 wrong with an unnecessary string shell injection.

outside ai; I unironically wrote this code. If you care about the 
safety of my usage of std.process I would need a better api.

Julian Fondren <julian.fondren gmail.com> writes:

On Sunday, 22 February 2026 at 22:31:05 UTC, monkyyy wrote:
 outside ai; I unironically wrote this code. If you care about 
 the safety of my usage of std.process I would need a better api.

If the AI had used appropriately strong words, you would've 
already asked it for a replacement. My initial all-caps statement 
had DO THIS INSTEAD. SEE? IT'S EASY ENOUGH.

Lukewarm code review is actually really bad.

```d
import std.process : execute;
import std.stdio : writeln;

// misleading variable name!
string exe(string[] s) => execute(s).output;

void main(string[] args) {
     exe(["curl", args[1], "--output", args[2]]).writeln;
}
```

Julian Fondren <julian.fondren gmail.com> writes:

On Sunday, 22 February 2026 at 22:39:39 UTC, Julian Fondren wrote:
 ```d
 import std.process : execute;
 import std.stdio : writeln;

 // misleading variable name!
 string exe(string[] s) => execute(s).output;

 void main(string[] args) {
     exe(["curl", args[1], "--output", args[2]]).writeln;
 }
 ```

For the record this still has problems, like running as running 
as root and overwriting system files, or passing a 'URL' that is 
actually a curl flag that leads to some other behavior. But 
exploiting this at least takes some thought, it's not 
https://xkcd.com/327/ easy.

monkyyy <crazymonkyyy gmail.com> writes:

On Sunday, 22 February 2026 at 22:39:39 UTC, Julian Fondren wrote:
 On Sunday, 22 February 2026 at 22:31:05 UTC, monkyyy wrote:
 outside ai; I unironically wrote this code. If you care about 
 the safety of my usage of std.process I would need a better 
 api.

 If the AI had used appropriately strong words, you would've 
 already asked it for a replacement. My initial all-caps 
 statement had DO THIS INSTEAD. SEE? IT'S EASY ENOUGH.

 Lukewarm code review is actually really bad.

 ```d
 import std.process : execute;
 import std.stdio : writeln;

 // misleading variable name!
 string exe(string[] s) => execute(s).output;

 void main(string[] args) {
     exe(["curl", args[1], "--output", args[2]]).writeln;
 }
 ```

The safety failure, if I were to believe this to be one, would 
need to construct a command without spaces as its being run thru 
the "query format" with a prefix and the query format of googles 
font api doesnt have spaces functional bash commands usually do; 
I could imagine maybe doing something with a semi-colon and then 
turning on some deamon. But its not that simple. Similarly the 
output file is in an extremely specific place, I dont believe you 
could output elsewhere.

and the ai isnt even looking at the user controllable exe, there 
is one here: 
https://github.com/crazymonkyyy/Google-Fonts/blob/7aa2b3c0238d7c56f95546642cdb5601926c5ee9/source/googlefonts.d#L33

The line the ai was looking at is controlled by googles severs. 
And its like curl, theres some curl functions in the std, either 
they should work here cleanly or complain up the chain that 
constructing a bash command was simpler.

Maybe atila makes this kind of mistakes, but I think the ai is 
failing here; from hyper-safetyism there better criticisms to 
make.

Julian Fondren <julian.fondren gmail.com> writes:

On Sunday, 22 February 2026 at 23:37:52 UTC, monkyyy wrote:
 Maybe atila makes this kind of mistakes, but I think the ai is 
 failing here; from hyper-safetyism there better criticisms to 
 make.

Avoiding trivial string injection is level zero safetyism. It'd 
be like tying your shoes when going rock climbing, instead of not 
tying them and inviting a tripping hazard for no reason, except 
that Phobos has made the two options equally convenient, so it's 
more like you're given a menu of how you'd like your rock 
climbing adventure to go, and you press one button out of habit 
instead of the other:

Shoelace setting:
[ ] maybe step on your own laces and lose your footing and die
[ ] avoid that (NEW!!!!)

Well, feedback that you dismiss from a human is even more easily 
dismissed when it comes from an AI.

monkyyy <crazymonkyyy gmail.com> writes:

On Sunday, 22 February 2026 at 23:58:47 UTC, Julian Fondren wrote:
 On Sunday, 22 February 2026 at 23:37:52 UTC, monkyyy wrote:
 Maybe atila makes this kind of mistakes, but I think the ai is 
 failing here; from hyper-safetyism there better criticisms to 
 make.

 Avoiding trivial string injection is level zero safetyism. It'd 
 be like tying your shoes when going rock climbing, instead of 
 not tying them and inviting a tripping hazard for no reason, 
 except that Phobos has made the two options equally convenient, 
 so it's more like you're given a menu of how you'd like your 
 rock climbing adventure to go, and you press one button out of 
 habit instead of the other:

 Shoelace setting:
 [ ] maybe step on your own laces and lose your footing and die
 [ ] avoid that (NEW!!!!)

 Well, feedback that you dismiss from a human is even more 
 easily dismissed when it comes from an AI.

You have the entire 71 lines of context; its not one line in the 
void, just factually the strings are in question all have some 
processing on them.

These airnt for safety, and I know exactly how my error handling 
preferences differs from the norms. But, mangling is mangling.

https://github.com/crazymonkyyy/Google-Fonts/blob/7aa2b3c0238d7c56f95546642cdb5601926c5ee9/source/googlefonts.d#L24
https://github.com/crazymonkyyy/Google-Fonts/blob/7aa2b3c0238d7c56f95546642cdb5601926c5ee9/source/googlefonts.d#L30

 `void main(string[] args) {exe(["curl", args[1], "--output", 
 args[2]]).writeln;` overwriting system files

is not a fair criticism. Im quite sure of this, even if I 
imagined this was where safety belongs(I really dont); a string 
without spaces and having a path prefix and a `.tff` suffix can 
only over ride `.tff` files and modifying system  fonts for... 
reasons? would take alot of `/../`

If you want this to have an extra safety trade off you could scan 
get any non-alpha around line 28 and return 
"findfont(fallbackfont)" before any curl is called

Julian Fondren <julian.fondren gmail.com> writes:

On Sunday, 22 February 2026 at 19:58:11 UTC, monkyyy wrote:
 I know these functions can filter out error message streams and 
 have 3 steps when c system was 1 step

Phobos's *Shell versions are something like /bash/bash -c "your 
string":
https://github.com/dlang/phobos/blob/master/std/process.d#L2109

```d
const(char)[][3] args;
args[0] = shellPath;
args[1] = shellSwitch;
args[2] = command;
```

C has system() like it has gets()