Flathub is finally combating the AI slopware problem

The maintainers of the Flathub software repository officially banned this week applications that were generated with AI tools. The use of AI in reviewing and submitting code is also banned, though exceptions remain.

What Flathub is saying

Flathub's official documentation now states, "Applications containing AI-generated or AI-assisted code, documentation, or other content are not allowed." You also can no longer use AI while submitting an app, as the ban extends to "the Flathub submission itself, including the manifest, metadata, patches, build scripts, and pull request."

• The guidelines include instructions for turning off GitHub's Copilot code review tools.

The ban permits Flathub's maintainers to reject with prejudice pull requests that were AI-assisted, and the ability to entirely ban developers who repeatedly violate the policy.

Beyond the obvious use of Copilot reviews, there's no other indication of exactly what Flathub maintainers look for when identifying vibecoded software.

The exceptions

There are exceptions for two groups: applications that have previously been allowed entry into Flathub, and "mature, well-maintained projects." In other words, existing slopware is being grandfathered in, and apps well-established in the community will be able to make use of AI.

The background

Bart Piotrowski, a self-described "Flathub Janitor," posted on Mastodon some explanation of the decision. They indicated initial openness to AI-assisted development, but interactions with those coding with AI has left them with one declaration: "I'm tired."

Bart Piotrowski (@barthalion@treehouse.systems)

We have updated Flathub’s LLM policy to explicitly disallow AI usage for both the submission process and applications being submitted. https://github.com/flathub-infra/documentation/commit/992f57b30de98ddbd5e80959e9672998c83c8c97 I’ve had some reservations about it, so the wording before that commit was relatively milder. I know it’s an unpopular opinion on the Fediverse, but I do think LLMs are inevitable, and the reality is that you can expect less organically grown code as time goes on. I believe it can be a useful tool in and outside FOSS; I hoped we will see a larger number of apps where authors made some effort beyond prompting an agent. Meanwhile, the number of unpleasant interactions I’ve had with entitled submitters acting as if they were bestowing their brilliant software upon us idiots who are rejecting it went through the roof in the last month. I’m tired. As always, we are not applying this retroactively, so any vibecoded apps which were already published will remain available.

Treehouse MastodonBart Piotrowski

It sounds like the problem is not only the apps themselves but the people submitting them. Piotrowski frames slopware as acting rude and "entitled," and patience for those people has apparently run out.

Zooming out

Why this announcement matters: Flathub is one of the most-used software repositories, at least on desktop Linux distributions. Many distros come with Flathub integration preconfigured, and a few even make it the primary software source.

Lingering questions: How will Flathub's maintainers continue to identify and stamp out slopware and AI-assisted submissions? If AI boosters' claims are to be believed, then this should get harder as models improve.

Also, what about the exceptions for extant slopware in Flathub? How those on Flathub identify and avoid them?

What about the excepted "mature" projects whose code could be degraded with AI assistance? There are currently reports of rsync losing functionality with vibe-coded contributions being blamed.

My take: I look for Linux apps to recommend every week, and I've been slowed down on Flathub lately running into slopware. I'll find something that looks similar to good apps, but when inspecting the source code, it turns out it was generated in a week by one person with almost no credentials, sometimes with Claude plainly credited as a contributor.

In those instances, I don't feel like I can trust them to do anything correctly or safely. So I'm glad Flathub seems to be putting the kibosh and those kinds of apps, though I wish the ones I've already discovered were banned retroactively.