AISlop

v0.10.0 Breaking

This release includes breaking changes for platform teams planning a safe upgrade.

Published 4d Developer Productivity

View tool

✓ No known CVEs patched

Read the diff → Tool health → What is this tool? →

✓ No known CVEs patched in this version

Topics

ai ai-slop ai-slop-detection cli code-quality code-review

+13 more

developer-tools go javascript linter php pre-commit pull-request python quality-gate ruby rust static-analysis typescript

Summary

AI summary

False‑positive reductions across multiple rules and halved weight for style scoring.

Changes in this release

Type	Severity	Summary	CVE
Performance	Low	Style rules (comments, file size) now weigh half, reducing their influence on overall score. Style rules (comments, file size) now weigh half, reducing their influence on overall score. Source: llm_adapter@2026-05-30 Confidence: high	—
Bugfix
Bugfix	Medium	`thin-wrapper` now flags only true passthrough functions. `thin-wrapper` now flags only true passthrough functions. Source: llm_adapter@2026-05-30 Confidence: high	—
Bugfix	Medium	`narrative-comment` drops bare-section-label branch and requires AI-narration signal. `narrative-comment` drops bare-section-label branch and requires AI-narration signal. Source: llm_adapter@2026-05-30 Confidence: high	—
Bugfix	Medium	`trivial-comment` fires only when comment restates next line. `trivial-comment` fires only when comment restates next line. Source: llm_adapter@2026-05-30 Confidence: high	—
Bugfix	Medium	`silent-recovery` now only flags dropped caught errors, not logged ones. `silent-recovery` now only flags dropped caught errors, not logged ones. Source: llm_adapter@2026-05-30 Confidence: high	—
Bugfix	Medium	`meta-comment` flags only leading plan markers, ignoring UI wizard prose. `meta-comment` flags only leading plan markers, ignoring UI wizard prose. Source: llm_adapter@2026-05-30 Confidence: high	—
Bugfix	Medium	`hardcoded-id` and `hardcoded-url` exempt env-var-name literals, migration files, and stable vendor API hosts. `hardcoded-id` and `hardcoded-url` exempt env-var-name literals, migration files, and stable vendor API hosts. Source: llm_adapter@2026-05-30 Confidence: high	—
Bugfix	Medium	`todo-stub` spares TODOs that reference a tracking issue. `todo-stub` spares TODOs that reference a tracking issue. Source: llm_adapter@2026-05-30 Confidence: high	—
Bugfix	Medium	`unused-import` no longer flags `from __future__ import` statements. `unused-import` no longer flags `from __future__ import` statements. Source: llm_adapter@2026-05-30 Confidence: high	—
Bugfix	Medium	`hallucinated-import` parses PEP 735 `[dependency-groups]`, recognises `psycopg2` from `psycopg2-binary`, and ignores import‑shaped text in docstrings, `if TYPE_CHECKING:` blocks, certain stdlib modules, and non‑production paths (flask reduced findings from 19 to 0). `hallucinated-import` parses PEP 735 `[dependency-groups]`, recognises `psycopg2` from `psycopg2-binary`, and ignores import‑shaped text in docstrings, `if TYPE_CHECKING:` blocks, certain stdlib modules, and non‑production paths (flask reduced findings from 19 to 0). Source: llm_adapter@2026-05-30 Confidence: high	—

Full changelog

A precision release. A sweep through the ai-slop rules to cut false positives on real human-written code, validated against popular open-source libraries surfaced at the HN launch. One library dropped from 426 findings to 92, every removed finding a false positive, with clean code still scoring 100.

Fixed (false positives)

thin-wrapper only flags a true passthrough (a function forwarding its own parameters unchanged). A call that transforms its arguments is real work, not a wrapper.
narrative-comment drops the bare-section-label branch, recognises reasoning markers, and the length-based branches now require an actual AI-narration signal rather than length alone. Long, well-written explanatory comments are kept.
trivial-comment only fires when the comment restates the next line. Comments that add a condition or reason are kept.
silent-recovery only fires when the caught error is dropped, not when it is logged.
meta-comment only flags leading plan markers, not UI "step N" wizard prose.
hardcoded-id / hardcoded-url exempt env-var-name literals, migration files, and stable vendor API hosts.
todo-stub spares TODOs that reference a tracking issue.
unused-import no longer flags from __future__ import.
hallucinated-import parses PEP 735 [dependency-groups], recognises psycopg2 from psycopg2-binary, and no longer flags import-shaped text inside docstrings, imports under if TYPE_CHECKING:, the code / codeop / rlcompleter stdlib modules, or non-production paths (validated on flask: 19 to 0).
docs/ build tooling is treated as non-production, like scripts/ and examples/.

Changed

Scoring: style rules (comments, file size) weigh half so the score is driven by genuine slop rather than house style. The scoring curve is otherwise unchanged.

Full notes in CHANGELOG.md.

What's Changed

ai-slop precision pass: cut false positives, down-weight style by @heavykenny in https://github.com/scanaislop/aislop/pull/153
chore: release 0.10.0 by @heavykenny in https://github.com/scanaislop/aislop/pull/154
Release 0.10.0: promote develop to main by @heavykenny in https://github.com/scanaislop/aislop/pull/155

Full Changelog: https://github.com/scanaislop/aislop/compare/v0.9.6...v0.10.0

View diff on GitHub

Weekly OSS security release digest.

The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.

No spam, unsubscribe anytime.

Share this release

Share on X Share on Bluesky

Track AISlop

Get notified when new releases ship.

About AISlop

All releases →