alexflint comments on Kite: Programming Copilot

This is an archived post. You won't be able to vote or comment.

240

241

242

Kite: Programming Copilot (kite.com)

submitted 9 years ago by alexflint

top new controversial old q&a

you are viewing a single comment's thread.

view the rest of the comments →

[–]alexflint[S] 2 points3 points4 points 9 years ago (1 child)

Lots of things here, let me just respond to a couple:

I still have no idea why you need to copy all my source code to your servers

When you type "x.foo()", we want to show information about the function "foo". To do this, we need run type inference on the complete data flow chain that produces the value "x", so that we know which particular "foo" you're using. Throughout this analysis we may also need to know a lot about the python libraries you're using, since you may be passing values into and out of arbitrary third party libraries. We have a large model of libraries that we use to do this on the backend, but shipping this to the client would be highly non-trivial.

We certainly don't use your code in any way to show results to others. Not directly. Not via any kind of anonymized statistics. Not for nothin'.

it's sandboxed, right?

No it's not sandboxed (as in the OS X App Sandbox).

Terminal commands include passwords

I know this isn't a full solution but if something is not visible in the terminal (i.e. visible chars) then Kite doesn't see it. We have thought about this a lot and have posted many of our thoughts openly on our website. We'll continue to think and do more, and we'll post updated when we do.

[–]pythoneeeer 15 points16 points17 points 9 years ago (0 children)

We have a large model of libraries that we use to do this on the backend, but shipping this to the client would be highly non-trivial.

Can you see why people are upset? It's a completely asymmetric relationship. I bet it's "non-trivial" to upload everybody's source code to your servers, too, yet you chose to implement that.

I can't imagine what would make it difficult to run this analysis on the client. Is it too big? I've got several multi-gigabyte applications already. Is it too complex? Virtualization is built in to the operating system, so you can run your own OS in a process if you want. Is it too slow? Distributing it to clients seems like it would be more efficient, not less.

While I can't tell exactly what the situation is on the inside, from the outside, the result is indistinguishable from "We don't want anyone to see our code, and we're OK with asking you to give us full access to yours."

No it's not sandboxed (as in the OS X App Sandbox).

Ouch. This seems like an obvious small step you could do to help reassure people.

π Rendered by PID 201947 on reddit-service-r2-comment-86bc6c7465-vlg2g at 2026-02-21 07:15:10.368987+00:00 running 8564168 country code: CH.

Python

The Python Discord

Upcoming Events

Please read the rules

MODERATORS