WayToClawEarn
Medium impactHacker News + Alexis Purslane Blog

Data Strikes Back: 185-Point HN Post Proves Claude Did NOT Break rsync

A zero-evidence anti-AI outrage that escalated to death threats, dismantled by an empirical analysis of 2,000 bug reports. rsync's worst release predates Claude entirely, and both Claude releases sit in the historical middle of severity-weighted bug rate.

Jun 6, 2026 · 4 min read

Data Strikes Back: 185-Point HN Top Post Proves "Claude Broke rsync" Was a Statistical Misunderstanding

TL;DR

Last week, a Mastodon post + GitHub Issue ignited the open-source community: someone claimed rsync's Claude-assisted commits caused a bug surge. The Issue racked up 350+ comments — including death threats and violent fantasies. But developer Alexis Purslane actually crunched the numbers: scraped every rsync bug report, Git commit, and mailing list entry, and ran proper statistical tests. The result? The Claude releases (v3.4.2 and v3.4.3) sit squarely in the historical middle of rsync's severity-weighted bug rate distribution. No statistical anomaly whatsoever.

The Backstory: From Zero-Evidence Rant to Death Threats

In late May 2026, a Mastodon post went viral. It claimed a regression after upgrading to a Claude-assisted rsync release. No technical evidence was provided. Yet thousands of likes and boosts later, it reached Hacker News (81 comments). By May 30, a GitHub Issue titled "Please Do Not Vibe Fuck Up This Software" was opened against the rsync repo.

The Issue contained no bug report, no technical content — just a screenshot of the Mastodon post. It accumulated 350+ comments, ranging from legitimate concern to outright harassment. One user posted My Little Pony drawings depicting themselves strangling the "project janitor." Most extreme comments have since been deleted.

rsync maintainer Tridge responded: "The comments from so-called 'internet experts' make me want to go sailing instead of dealing with this garbage."

rsync Claude community controversy

The Analysis: The Worst Release Was Long Before Claude

Alexis Purslane built a comprehensive analytical framework:

  • Data sources: GitHub Issues + Bugzilla + rsync mailing list (~2,000 bug reports)
  • Severity scoring: Qwen 3 35B at temperature 0, using a strict rubric (0-100 scale)
  • Core metric: Severity-weighted bugs per 10 commits (sev/10c)
  • Timeline: Sequential commit-by-commit ordering across all releases

The most striking finding: The worst release in rsync's history — by far — predates Claude entirely. No AI to blame, so no 350-comment Issue, no death threats, no calls to fork. The maintainer shipped a broken release and fixed it, just like normal.

Statistical Testp-valueVerdict
Exact Permutation Test0.45Random pair of releases beats Claude group 45% of the time
Fisher's Exact TestNot significantClaude releases no more likely to fall above historical median
Outlier AnalysisNone detectedClaude releases bracket the IQR — one below, one above

The Confound: Security Flood, Not Claude-Quality

Many users felt rsync got worse — and they weren't entirely wrong about the feeling. But the cause is not what they think. HN user zos_kia nailed it:

"This looks like a security fix for a CVE exposing a coding error from 2007. It's hilarious to see people lose their shit over this."

Lobsters user jbert traced the causal chain:

LLMs → more known security issues → more changes needed → more regressions than usual.

Tridge himself confirmed this: a flood of AI-generated CVE reports forced rapid, extensive security fixes across rsync's attack surface. This isn't about Claude writing bad code — it's about AI security tools finding too many vulnerabilities, forcing accelerated fixes.

The Claude releases actually had fewer commits than historical norms (121 and 30 vs. 241+). But lines of code changed went up dramatically. Key insight: more code, same bugs — that's not worse, that might be better.

Why Did People Feel Betrayed?

The author gives a brutally honest answer: not because rsync got worse, but because people had already decided to hate AI.

Cognitive BiasManifestation
Confirmation bias"Claude" label triggered conclusion, data didn't matter
Attribution biasA regression occurred → the only "new thing" was Claude → blame Claude
Narrative fallacyA Mastodon post's emotional weight beat 2,000 bug reports' data
Group polarization350+ comments creating an echo chamber amplifying each other

Tridge's response offers a lesson worth reading twice:

"For those saying 'I'm a PhD from xyz uni and I'm telling you LLMs are just stochastic tools…' — you are out of date. The world of software engineering has changed dramatically. Anything you learned last year might as well be from another planet."

Practical Takeaways for AI Agent Users

  1. Data beats feelings. When someone says "AI broke X," ask for evidence and methodology. No-data criticism is the same as no-code vaporware.

  2. More code ≠ worse quality. If AI helps you fix more security issues, absolute bug count rises. The real metric is defect density (bugs/commit or bugs/KLOC), not total bugs.

  3. Prepare for "AI shame." Even with equivalent quality, you could be the next target. Have data ready — Tridge had the numbers; his accusers just had screenshots.

  4. AI commit attribution is a double-edged sword. Transparent labeling advances accountability but gives "anti-AI witch hunters" ready ammunition. In the current climate, transparency may invite unwarranted hostility.

Sources

Original article: https://alexispurslane.github.io/rsync-analysis/ HN discussion: https://news.ycombinator.com/item?id=48411635

Related Reading

Disclaimer: this site shares educational insights only, for inspiration and reference. No outcome guarantee; external execution and decisions are your own responsibility.