**#A quick edit to address something important and provide a disclaimer: **
Thank you all for your feedback! This project was “vibecoded” with Cloude AI and serves more as a “proof of concept” for what could be achieved with AI assistance. I’m just a tech enthusiast, and I’m excited to continue exploring new possibilities. I understand there’s a real concern about “AI Slop,” but that’s exactly why I’m sharing this project with you all so that experts who are interested in the idea can offer guidance or even help improve it.
I’ve noticed that many people with home labs prefer to update their applications manually instead of relying on other apps that automate the process. Often, they have to check each one individually. That’s where Vigil comes in. The primary function of Vigil is to centralize the information and give users clear visibility of which applications are outdated, their current version, and the newer version available from several sources. This way, you can decide what and when to update.
To be honest, I hope it ends up being useful to others as it is for me.
If you have a few minutes, I’d really appreciate you trying it out and leaving a review or suggestions on the repo or even here. I’d do my best to answer most of the comments.
Looks like a cool project. Starred. I’m no tech expert either, so I’ll keep an eye on how the community reacts to it, in terms of security.
Keep up the good work!
Thanks brother, I appreciate it. Security is one of my main concerns too, that’s why I’ll rely on the experts around here to point out what could be improved.
Please stop trying to build infrastructure software if you don’t know what you’re doing. Anyone using this probably puts their server at risk.
I won’t stop just because you’re saying it. You can only “know what you’re doing by doing it”. That’s why I made this project public available so anyone interested in looking at it, modifying it, improving it is more than welcome. I’m not selling it or claiming that I’m an expert. Quite the opposite, I’m looking for people who are genuinely interested in exploring new things and helping people out. I’ll rely on the experience and good will of experts of this community.
An issue with your statement “know what you’re doing by doing it” is that without an actually educated teacher to provide trustworthy feedback, you are going to struggle the learn from your mistakes. The LLMs can only provide so much, and they will lie out their ass to you. Unless explicitly prompted to provide critical feedback, they will find any way to provide positive feedback even to your actual detriment. They will happily skirt their sandboxes, and fight your every attempt to make them actually safe.
At a quick glance, nothing in the project indicates that you are not an expert and that an AI Agent provided the code. The quality of the code is also quite poor, even by Claude standards. I’m actually kinda mind blown you got it to built this without any tests… Something we’ve recently been talking about at my job in terms of AI agents is “cognitive debt” that is incurred in the project. LLMs are fundamentally a statistical next-word generator. If they are given something of poor quality, they will tend to produce more and more poor quality work. And without intervention, it just snowballs.
I’ll never tell someone to stop trying to learn. But, your hubris is going to negatively impact your learning outcomes. And to be clear, YOU are not writing the code and the code is what runs on the server and people interact with. What you are doing is using an AI Agent. If you want to get feedback on that, then be honest about it.
Hi ramielrowe. You made great points here. I’m definitely stepping out of my area of expertise. I also understand that when comes to LLM we must not blindly follow/accept things and having some previous knowledge on the topic you intend to work with, gives you much better results and allow you to spot inconsistencies or more importantly, mistakes. I’m aware of the “positive feedback” that is pretty evident specially on ChatGPT, that’s why I try my best to challenge it. I completely understand your analogy on “cognitive debt”. It’s pretty similar to a reinforcing learning process on humans. If you teach people the “wrong way” and keep reinforcing that without any correction, you know the results.
Regarding the code quality, I’m pretty sure it isn’t top notch, that’s why I’m sharing it here so people who really understand it can point out the flaws and suggest improvements. What I’ve learned so far from the feedback in the comments, is that I need to improve the way I communicate my ideas and the purpose of the application. Since this is my first project, and I’m not very familiar with the dev & tech community, I’m learning the do’s and don’ts along the way.
My impression is that you are coming in completely fresh on all of this and you were expecting everyone else to look at your project and tell you what needs to happen to fix it. That is not learning, that is other people telling you what to do. Nor the realities of the internet. We aren’t your teachers and what you need is instruction. Not minor feedback, not suggestions, actual instruction. I have a few suggestions if you are actually serious:
There are entire college degrees on these topics. And I’m not saying you have to go to college. But, If you’re not even willing to read a couple books, then you don’t really want to learn.
Funny enough, teaching is my area of expertise, so I think I get where you’re coming from. But I also think it’s important to remember that there are a ton of ways to learn, and at the end of the day, only the person learning knows how deep they want to go with a given topic. That comment, “We aren’t your teachers, and what you need is instruction,” kinda comes off as condescending, but maybe I’m just reading it wrong. “We” means a lot of people, but not everyone.
I’m sure the books you suggested are great for building the basics, but assuming what someone’s willing to do or not just based on a quick post doesn’t really take the full picture into account. It’s like drawing. You don’t need to be the next Da Vinci just because you enjoy it. You can have fun, draw simple stuff, and share it with people. You might not end up in a museum, but that’s totally fine. Not everyone needs to be an expert to enjoy what they do. However, learning the basics definitely helps to draw better, right?
Yikes. That doesn’t give me confidence for something that needs root access to the Docker UNIX socket. Was this vibe coded? Do you understand the code and architecture of the application? You wrote you only started a few months ago. I don’t mean to be hard on you, but this kind of application has no business being insecure.
Hi Thaurin, I appreciate your feedback, I understand that security must be a top priority. I’m glad your pointing it out. If you have any advice on how to improve it, it’ll be more than welcome.
If you want to learn to develop web applications, try to understand everything you do. Don’t let the entire thing be generated by AI. Do small changes and commit those one at a time. Understand the programming language, your application’s architecture, internet security, and so forth. Not understanding and then releasing it publicly and later asking for advice on how to improve it, isn’t the way. You’re still the maintainer of the project now, and will have to understand and approve any PR’s people may send your way.
I mean, it can be addictive to just let AI throw everything together in a week without learning anything consequentual. But I wouldn’t throw it on my server with root access to Docker. What’s your real interest here? Learning or telling AI to make stuff for you?
In this world of technology, applications there are too many areas of expertise required to make things “functional” I’m not sure if I can learn everything required to make applications at the level of the most popular ones. I’m more interested in general knowledge and putting ideas out there. I still think that getting this project to the public even if it’s not that great, is still better than have it just on my computer. So, the main purpose is to hear from people what they think of the project, maybe inspire others with more experience to put their projects out there too. My expectations were pretty low about this project, but it turned out to be a great experience to engage with many people from different background just like you.
You are potentially putting yourself at risk and others as well by making it public. I run a VPS in the cloud, so I would never, ever install this app on it, even though I firewall it to my own IP ranges. Your agent has access to the docker group and the tokens are sent and stored in plaintext, as per the SECURITY.md file. That means any leak of a token could lead to total hostile takeover of the server. Adding that you don’t understand the codebase yourself just pushes this further over the edge.
Sure, I get it. It’s fun to build things. But I’ve always found it more fun to actually build things myself. These days, everybody is building these huge, monolithic codebases that nobody understands anymore. I don’t believe that it’s impossible to learn the things required to make a full application. True, you can’t learn everything, but that’s because there are so many different things that do slightly different things, and each week something new comes along. So you specialize a bit. But it’s fun to learn, and just telling an AI to do it makes you lazy.
I don’t know, I don’t like it. I do use AI during development, but I throw smaller things at it, so I can actually look at the code and approve it every time something changes. In some ways, it feels similar to what I used to do, which was reading documentation and copying the examples in it. Now the AI agent can pull that by itself and insert it into the code. However, I built the structure and original foundation myself, so I keep a firm grasp of it. I personally enjoy creating good code more than I enjoy piling on features generated by the AI, but these days it seems quantity over quality is appreciated more.
I don’t develop profesionally anymore, but I’ve read so many stories online about senior developers getting depressed and considering a career change, because their managers think it’s cool to let AI take over their old jobs, while they are left doing code reviews and undoing the fuckups that AI threw at them.
Every week I see several new iOS app on Reddit for tracking your fitness, habits, reminders, expenses, subscriptions, and they are always introduced in the same way: “I grew tired of how x apps do y, so I built my own” while stating that “this is my first app.” And there’s always a $15/month subscription on it! The internet is filling up with cheap Chinese replicas of applications, except that they are not sold cheaply.
People are writing their posts using AI, and then replying to everyone in the thread in Spanish, because why not? Let’s not even try anymore! Open source projects are in trouble, because the volunteer maintainers cannot get through the automatic AI slow pull requests on GitHub to get to the high-quality ones.
I just really don’t like how the current landscape looks, especially in the future. The ensloppification of everything.
End of rant. :)