41·
6 days agoKeycloak has some learning curve, but it’s the best OpenID Connect client and the most configurable and feature rich open source SSO system with the fewest major issues that I’ve used. And I use traefik for a reverse proxy, so for things that don’t support SSO directly thomseddon/traefik-forward-auth works flawlessly with Keycloak to provide an auth layer to those apps.
Yeah, it could easily have added a couple of lines of code that sends everything to Northern Korean hackers because it found that in a bunch of repositories or just logging passwords to public logs or other things an experienced developer would never do. “AI” only replicates what it sees most often and as more spam and junk repos are added to its training data because “AI” companies are too concerned with profit to teach it properly, it could do tons of random stuff. It’s like training a developer by giving them random examples from the internet rather than specific ones. Of course they pick up bad habits. Even if it “works” it is almost never efficient or secure.