Skip to content

docs: add Lehman classification as LLM failure mode #21

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
rdmueller merged 2 commits into from
Apr 15, 2026
Merged

docs: add Lehman classification as LLM failure mode #21

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
72568e7
docs: add Lehman classification as failure mode (S/P/E-type)
raifdmueller Apr 15, 2026
dc35694
fix: resolve npm audit vulnerabilities (picomatch, vite, yaml)
raifdmueller Apr 15, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
54 changes: 27 additions & 27 deletions package-lock.json
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

8 changes: 6 additions & 2 deletions src/i18n.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -302,7 +302,9 @@ Dieses Framework bietet eine https://github.com/LLM-Coding/Semantic-Anchors?tab=

*Halluzinierte Packages (Slopsquatting)* — https://www.helpnetsecurity.com/2025/04/14/package-hallucination-slopsquatting-malicious-code/[~20% der empfohlenen Packages existieren nicht]. Angreifer können diese Namen registrieren. "huggingface-cli" wurde https://www.infosecurity-magazine.com/news/ai-hallucinations-slopsquatting/[über 30.000 mal installiert].

*Automation Complacency* — Entwickler mit AI-Assistenten produzieren mehr Vulnerabilities und glauben gleichzeitig, sichereren Code zu schreiben (https://arxiv.org/abs/2211.03622[Stanford, Perry et al. 2022]). https://devclass.com/2025/02/20/ai-is-eroding-code-quality-states-new-in-depth-report/[Code-Review-Beteiligung sinkt um 30%].`,
*Automation Complacency* — Entwickler mit AI-Assistenten produzieren mehr Vulnerabilities und glauben gleichzeitig, sichereren Code zu schreiben (https://arxiv.org/abs/2211.03622[Stanford, Perry et al. 2022]). https://devclass.com/2025/02/20/ai-is-eroding-code-quality-states-new-in-depth-report/[Code-Review-Beteiligung sinkt um 30%].

*Beschleunigter Lehman-Decay* — https://en.wikipedia.org/wiki/Lehman%27s_laws_of_software_evolution[Lehmans Gesetze (1980)] unterscheiden *S-Type* (formal spezifiziert, geschlossen), *P-Type* (Problemlösung mit Näherungs-Spec) und *E-Type* (in die Welt eingebettet, muss mitevolvieren — Banking, SaaS, Agenten). E-Type-Systeme unterliegen *Continuing Change*, *Increasing Complexity* und *Declining Quality*. AI-generierter Code beschleunigt diese Zerfallsdynamik, weil LLMs kein persistentes Gedächtnis der Projekthistorie haben — sie können nicht "mit dem Code altern". Bei S-Type-Code (Algorithmen, reine Utility-Funktionen) ist das Risiko gering. Faustregel: Je E-typischer das System, desto mehr Review-Budget und Refactoring-Kapazität einplanen.`,
},
Comment on lines +307 to 308
Copy link
Copy Markdown

@coderabbitai coderabbitai Bot Apr 15, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🟡 Minor

🧩 Analysis chain

🏁 Script executed:

#!/bin/bash
# Verify if German Wikipedia page exists for Lehman's laws

echo "Checking if German Wikipedia article exists for Lehman's laws..."
curl -s -o /dev/null -w "%{http_code}" "https://de.wikipedia.org/wiki/Lehmans_Gesetze_der_Softwareentwicklung"
echo ""
curl -s -o /dev/null -w "%{http_code}" "https://de.wikipedia.org/wiki/Lehman-Gesetze"
echo ""

echo "Checking English Wikipedia article (currently linked)..."
curl -s -o /dev/null -w "%{http_code}" "https://en.wikipedia.org/wiki/Lehman%27s_laws_of_software_evolution"

Repository: LLM-Coding/vibe-coding-risk-radar

Length of output: 210

🏁 Script executed:

#!/bin/bash
# Check the actual content at lines 307-308 and 671-672 in src/i18n.js

echo "=== German version (lines 307-308) ==="
sed -n '305,310p' src/i18n.js

echo ""
echo "=== English version (lines 671-672) ==="
sed -n '669,674p' src/i18n.js

Repository: LLM-Coding/vibe-coding-risk-radar

Length of output: 2408

Fix capitalization inconsistencies between German and English versions

The German and English translations use inconsistent capitalization for Lehman's law terminology:

  1. Type terminology: German uses "S-Type", "P-Type", "E-Type" (uppercase 'T') while English uses "S-type", "P-type", "E-type" (lowercase 't').

  2. Law names: German uses "Continuing Change", "Increasing Complexity", "Declining Quality" (title case) while English uses "continuing change", "increasing complexity", "declining quality" (lowercase).

Align both versions to lowercase convention ("S-type", "continuing change", etc.) to match standard software engineering literature and Lehman's original terminology.

🤖 Prompt for AI Agents 
Verify each finding against the current code and only fix it if needed.

In `@src/i18n.js` around lines 307 - 308, Update the Lehman terminology
capitalization in the translation strings: change "*S-Type*", "*P-Type*",
"*E-Type*" to "*S-type*", "*P-type*", "*E-type*" and change "*Continuing
Change*", "*Increasing Complexity*", "*Declining Quality*" to lowercase
"*continuing change*", "*increasing complexity*", "*declining quality*" so
German and English variants use the same lowercase convention; locate and edit
the German string starting with "Beschleunigter Lehman-Decay" and the
corresponding English translation entries in the i18n strings (the Lehman-law
sentence blocks) to make these replacements consistently.

{
id: "mitigations",
Expand Down Expand Up @@ -664,7 +666,9 @@ This framework provides a https://github.com/LLM-Coding/Semantic-Anchors?tab=rea

*Hallucinated packages (Slopsquatting)* — https://www.helpnetsecurity.com/2025/04/14/package-hallucination-slopsquatting-malicious-code/[~20% of recommended packages don't exist]. Attackers can register these names. "huggingface-cli" was https://www.infosecurity-magazine.com/news/ai-hallucinations-slopsquatting/[installed 30,000+ times] before detection.

*Automation Complacency* — Developers using AI assistants produce more vulnerabilities while simultaneously believing they write more secure code (https://arxiv.org/abs/2211.03622[Stanford, Perry et al. 2022]). https://devclass.com/2025/02/20/ai-is-eroding-code-quality-states-new-in-depth-report/[Code review participation drops by 30%].`,
*Automation Complacency* — Developers using AI assistants produce more vulnerabilities while simultaneously believing they write more secure code (https://arxiv.org/abs/2211.03622[Stanford, Perry et al. 2022]). https://devclass.com/2025/02/20/ai-is-eroding-code-quality-states-new-in-depth-report/[Code review participation drops by 30%].

*Accelerated Lehman Decay* — https://en.wikipedia.org/wiki/Lehman%27s_laws_of_software_evolution[Lehman's laws (1980)] distinguish *S-type* (formally specified, closed), *P-type* (problem-solving with approximate spec), and *E-type* (embedded in the world, must evolve with it — banking, SaaS, agents). E-type systems are subject to *continuing change*, *increasing complexity*, and *declining quality*. AI-generated code accelerates this decay dynamic because LLMs have no persistent memory of project history — they cannot "age with the code". For S-type code (algorithms, pure utility functions), the risk is low. Rule of thumb: The more E-type a system, the more review budget and refactoring capacity to plan for.`,
},
{
id: "mitigations",
Expand Down
Loading