Policy for AI Coding Assistants
Hauke Mehrtens
hauke at hauke-m.de
Sun Apr 26 04:12:53 PDT 2026
On 4/17/26 16:06, Michael Richardson wrote:
>
> Hauke Mehrtens <hauke at hauke-m.de> wrote:
> > I think OpenWrt does not have a policy regarding AI Coding Assistants. I
> > started using them and I always mentioned it in the commit message.
>
> > I am pretty sure others used them too on code contributed to OpenWrt.
>
> > I would like to take over the policy from the Linux kernel regarding AI
> > Coding Assistants:
> > https://docs.kernel.org/process/coding-assistants.html
>
> > I would like to use these rules for OpenWrt:
>
> To this, I would add: bug reports, particularly security related ones, MUST
> include PoC. Maybe this is less critical for OpenWRT, and is more of an
> upstream concern, but my experience is that the PoC is a useful filter that
> helps with:
>
> > * The contributor must understand what the code does
I do not think this is needed. When you report a bug it probably
increases the likelihood that someone takes care of it. The quality of
AI generated security reports changed in the last few months. End of
2025 it was mostly AI slop, since March 2026 we get good security
reports generated with the help of AI. The first was probably from Aisle
Research in December 2025. This is the company which found 12 CVEs in
OpenSSL.
The coding performance of LLMs increased with an astonishing rate in the
last 12 months. This also increased the quality of security reports.
Hauke
More information about the openwrt-devel
mailing list