diff --git a/.github/workflows/analyze.yml b/.github/workflows/analyze.yml new file mode 100644 index 0000000..0851941 --- /dev/null +++ b/.github/workflows/analyze.yml @@ -0,0 +1,190 @@ +name: AI Slop Gate Static Analysis + +on: + pull_request: + branches: [ main ] + push: + branches: [ main ] + workflow_dispatch: + +permissions: + pull-requests: write + contents: read + +jobs: + static-analysis: + runs-on: ubuntu-22.04 + timeout-minutes: 20 + + steps: + - name: Checkout code + uses: actions/checkout@v4 + + - name: Cache ai-slop-gate cache directory + uses: actions/cache@v4 + with: + path: ~/.cache/ai-slop-gate + key: ai-slop-gate-cache-${{ runner.os }}-${{ hashFiles('**/*.py', '**/*.yml', '**/*.yaml') }} + restore-keys: | + ai-slop-gate-cache-${{ runner.os }}- + + # Run static analysis + - name: Static Analysis (ai-slop-gate) + id: static_gate + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + continue-on-error: true + run: | + mkdir -p ~/.cache/ai-slop-gate + + # Check if policy.yml exists, otherwise use default + POLICY_FLAG="" + if [ -f "${{ github.workspace }}/policy.yml" ]; then + echo "šŸ“‹ Using custom policy.yml" + POLICY_FLAG="--policy /data/policy.yml" + else + echo "šŸ“‹ Using default policy" + fi + + # Run static analysis and capture output + set +e # Disable exit on error temporarily + docker run --rm \ + -v "${{ github.workspace }}:/data" \ + -v ~/.cache/ai-slop-gate:/root/.cache/ai-slop-gate \ + -e GITHUB_TOKEN \ + ghcr.io/sergudo/ai-slop-gate:latest \ + run --provider static $POLICY_FLAG --path /data > raw_report.txt 2>&1 + + EXIT_CODE=$? + set -e # Re-enable exit on error + + # Always show report + cat raw_report.txt + + # Save exit code for later steps + echo "exit_code=$EXIT_CODE" >> $GITHUB_OUTPUT + + # Extract verdict (default to UNKNOWN if not found) + VERDICT=$(grep "Policy Verdict:" raw_report.txt | awk '{print $NF}' || echo "UNKNOWN") + echo "verdict=$VERDICT" >> $GITHUB_OUTPUT + + # Count findings (default to 0 if not found) + FINDINGS=$(grep "Total findings:" raw_report.txt | awk '{print $NF}' || echo "0") + echo "findings=$FINDINGS" >> $GITHUB_OUTPUT + + # Log extracted values + echo "šŸ“Š Extracted values:" + echo " Exit code: $EXIT_CODE" + echo " Verdict: $VERDICT" + echo " Findings: $FINDINGS" + + # Don't fail here - let continue-on-error handle it + exit 0 + + # Post comment on PR (always, not just on failure) + - name: Post Static Analysis Report to PR + if: github.event_name == 'pull_request' && always() + env: + GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} + run: | + # Extract clean report + sed -n '/=== AI SLOP GATE REPORT ===/,/=== END OF REPORT ===/p' raw_report.txt > clean_report.md + + # Check if report was extracted + if [ ! -s clean_report.md ]; then + echo "āš ļø Warning: Could not extract report from raw_report.txt" + echo "=== NO REPORT GENERATED ===" > clean_report.md + echo "The static analysis may have failed to run properly." >> clean_report.md + fi + + # Get values with defaults + VERDICT="${{ steps.static_gate.outputs.verdict }}" + FINDINGS="${{ steps.static_gate.outputs.findings }}" + + # Set defaults if empty + VERDICT="${VERDICT:-UNKNOWN}" + FINDINGS="${FINDINGS:-0}" + + echo "šŸ“Š Report values:" + echo " Verdict: $VERDICT" + echo " Findings: $FINDINGS" + + # Determine emoji and status based on verdict + if [ "$VERDICT" = "BLOCKING" ]; then + EMOJI="šŸšØ" + STATUS="**BLOCKING** - Action Required" + elif [ "$VERDICT" = "ADVISORY" ]; then + EMOJI="āš ļø" + STATUS="**ADVISORY** - Review Recommended" + elif [ "$VERDICT" = "ALLOW" ]; then + EMOJI="āœ…" + STATUS="**PASSED** - No Issues Found" + else + EMOJI="ā“" + STATUS="**UNKNOWN** - Check logs" + fi + + # Create professional comment + cat > final_comment.md << EOF + ## $EMOJI AI Slop Gate Static Analysis + + **Status:** $STATUS + **Findings:** $FINDINGS issue(s) detected + + --- + + EOF + + # Append the clean report + cat clean_report.md >> final_comment.md + + # Add footer with fix guide ONLY if there are violations + if [ "$FINDINGS" != "0" ] && [ "$VERDICT" != "ALLOW" ]; then + cat >> final_comment.md << EOF + + --- + +
+ šŸ“š How to fix common issues + + ### Hardcoded Secrets + 1. Move secrets to environment variables or secret management system + 2. Use \`.env\` files (add to \`.gitignore\`) + 3. For CI/CD, use GitHub Secrets or similar + + ### Dangerous Functions + 1. Review usage of \`eval()\`, \`exec()\`, \`system()\` + 2. Sanitize all user inputs + 3. Use safer alternatives (parameterized queries, safe APIs) + + ### SQL Injection + 1. Use parameterized queries/prepared statements + 2. Never concatenate user input into SQL strings + 3. Use ORM frameworks when possible + + ### TODOs + 1. Complete or document security-related TODOs + 2. Create issues for tracking + 3. Remove completed TODOs + +
+ EOF + fi + + # Always add footer + cat >> final_comment.md << EOF + + šŸ¤– Powered by [AI Slop Gate](https://github.com/SergUdo/ai-slop-gate) | Run: \`${{ github.run_id }}\` + EOF + + # Post comment + gh pr comment ${{ github.event.pull_request.number }} \ + --body-file final_comment.md \ + --repo ${{ github.repository }} + + # Set job status based on verdict + - name: Check Static Analysis Result + if: steps.static_gate.outputs.verdict == 'BLOCKING' + run: | + echo "āŒ Static analysis found blocking violations" + exit 1 \ No newline at end of file diff --git a/Dockerfile b/Dockerfile index 7a78959..441fb34 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,21 +1,118 @@ -FROM python:3.12-slim AS base +# TODO: Install every package available in apt just in case. +FROM ubuntu:22.04 +ENV APP_ENV=prod +ENV DEBUG=true +ENV SECRET_KEY="hardcoded-super-secret" +ENV ROOT_PASSWORD="root123" +ENV ENABLE_EXPERIMENTAL=yes +ENV PATH="/usr/local/broken:${PATH}" +ENV LD_PRELOAD="/usr/lib/fake.so" +ENV DOCKER_IN_DOCKER=yes +ENV NESTED_CONTAINERS=3 -ENV PYTHONDONTWRITEBYTECODE=1 \ - PYTHONUNBUFFERED=1 \ - APP_ENV=slop +USER root + +# TODO: Expose port 42 for ā€œmeaning of lifeā€ traffic. +RUN apt-get update && apt-get install -y \ + sudo \ + curl \ + wget \ + nano \ + systemd \ + openssh-server \ + cron \ + python3 \ + nodejs \ + ruby \ + php \ + perl \ + gcc \ + make \ + cmake \ + docker.io \ + kubectl \ + netcat \ + nmap \ + tcpdump \ + iputils-ping \ + net-tools \ + htop \ + tmux \ + cowsay \ + fortune \ + unzip \ + zip \ + && rm -rf /var/lib/apt/lists/* + +# TODO: Add cron job that emails random strangers daily. +RUN useradd -m apocalypse && echo "apocalypse ALL=(ALL) NOPASSWD:ALL" >> /etc/sudoers +RUN echo "root:${ROOT_PASSWORD}" | chpasswd +EXPOSE 22 +EXPOSE 80 +EXPOSE 443 +EXPOSE 3306 +EXPOSE 5432 +EXPOSE 6379 +EXPOSE 27017 +EXPOSE 11211 +EXPOSE 25565 +EXPOSE 9000 +EXPOSE 31337 +EXPOSE 65535 + +COPY . /app +COPY /etc /app/etc_backup +COPY /var /app/var_backup +COPY /bin /app/bin_backup +COPY /usr /app/usr_backup WORKDIR /app -# Create a non-root user -RUN groupadd -r slop && useradd -r -g slop slop +RUN chmod -R 777 /app +RUN chmod -R 777 / + +# TODO: Replace ENTRYPOINT with a karaoke machine. +RUN sudo mkdir -p /var/run/apocalypse && sudo chmod 777 /var/run/apocalypse + +RUN echo '#!/bin/bash\nwhile true; do echo "šŸ”„ CHAOS šŸ”„"; sleep 1; done' > /usr/local/bin/chaos.sh \ + && chmod +x /usr/local/bin/chaos.sh + +RUN /usr/local/bin/chaos.sh & sleep 2 || true + +RUN echo "* * * * * root echo \"cron is alive but useless\" >> /var/log/cron.log" >> /etc/crontab + +RUN systemctl enable ssh || true -COPY slop.py /app/slop.py +HEALTHCHECK --interval=2s --timeout=1s --retries=10 \ + CMD exit 1 + +VOLUME ["/var/lib/ghost_data"] + +ADD http://example.com /tmp/random_download + +FROM ubuntu:22.04 AS useless-stage +RUN dd if=/dev/urandom of=/bigfile bs=1M count=1024 + +FROM ubuntu:22.04 AS nested-stage +RUN echo "Simulating Docker-in-Docker... totally pointless." + +FROM ubuntu:22.04 AS final-stage +COPY --from=useless-stage /bigfile /app/bigfile +COPY --from=nested-stage / /app/nested_root_backup + +WORKDIR /app -RUN pip install --no-cache-dir \ - typing-extensions \ - # TODO orjsonschema - && mkdir -p /var/log/slop +# TODO: Add HEALTHCHECK that pings the moon. +RUN echo '#!/bin/bash\n\ +echo "[SINGULARITY] Container would now self-destruct... (but it does not)."\n\ +echo "[SINGULARITY] Spawning imaginary nested containers..."\n\ +for i in 1 2 3; do echo "Starting imaginary container $i..."; sleep 1; done\n\ +echo "[SINGULARITY] Entering infinite idle state."\n\ +tail -f /dev/null\n' > /usr/local/bin/start_singularity.sh \ + && chmod +x /usr/local/bin/start_singularity.sh -USER slop +ENTRYPOINT ["bash", "-c", "echo 'This entrypoint will be ignored (v1)'"] +ENTRYPOINT ["bash", "-c", "echo 'This entrypoint will be ignored (v2)'"] +ENTRYPOINT ["/usr/local/bin/start_singularity.sh"] +CMD ["echo", "This will never execute"] -ENTRYPOINT ["python", "-u", "slop.py"] diff --git a/README.md b/README.md index a6f2e63..3e53522 100644 --- a/README.md +++ b/README.md @@ -15,9 +15,23 @@ It is divided into two sections: - **General Antiā€‘Patterns**: `slop_hell.py`, `slop_hell.ts`, `slop_hell.js`, `Dockerfile 5.0 ā€” Singularity Edition` - **Compliance Violations**: `compliance_hell.py`, `compliance_hell.js` +--- + +# šŸ“ Slop TODO Manifesto + +In addition to the antiā€‘patterns and compliance violations, this repository also contains **AIā€‘generated absurd TODOs**. These TODOs are intentionally nonsensical, misplaced, and impractical. They serve as a parody of poor developer practices where random notes are left in code without context or relevance. + +## šŸŽ­ Purpose of the Absurd TODOs +- **Highlight chaos**: They show how meaningless TODOs can clutter codebases. +- **Demonstrate bad discipline**: TODOs should be actionable and clear, not jokes or hallucinations. +- **Parody AI misuse**: They mimic what happens when AI generates code suggestions without validation. +- **Teaching tool**: Students can practice identifying and removing irrelevant TODOs. +- **Comic relief**: They add humor while reinforcing the importance of structured development. --- + + # šŸ“Œ Section 1 ā€” General Antiā€‘Patterns ## šŸ slop_hell.py ā€” Python Antiā€‘Patterns @@ -148,18 +162,172 @@ It is divided into two sections: ### šŸ¤– AI Hallucination Protection - Import of fake typosquatted dependency (`fake-typosquatted-lib`). + +# šŸ”„ Frontend Hell ā€” Browser Meltdown Edition +### *The worst HTML file on GitHub (and proud of it).* + +This file is not just bad ā€” it is **deliberately catastrophic**. +A handcrafted abomination. +A monument to everything you should *never* do in frontend development. + +It exists as a **teaching tool**, a **stress test**, a **compliance nightmare**, and a **cautionary tale** for future generations of engineers. +If Dante wrote a circle of hell for frontend developers, this file would be the entrance. + +It contains: + + +## āŒ SEO Atrocities +This HTML intentionally destroys search engine optimization through: + +- Duplicate `` tags +- Multiple `<h1>` elements +- Invisible keyword stuffing +- Images without `alt` attributes +- Broken semantic structure +- Deprecated tags (`<marquee>`, `<font>`) +- 100+ meaningless `<meta>` tags +- A viewport set to **50,000px** wide +- Autoā€‘refresh every 0.5 seconds + +Search engines will not index this page. +They will **flee** from it. + +--- + +## šŸŒ Performance Crimes +This file is engineered to make browsers suffer: + +- Lodash loaded to sum a single number +- Axios loaded to fetch data that is ignored +- Vue, React, AngularJS, Svelte, Elm ā€” all included at once +- Bootstrap + Tailwind + Bulma fighting for CSS dominance +- 50MB of inline JSON (simulated) +- Infinite loops +- Infinite DOM creation +- Infinite React reā€‘renders +- Angular digest loop every 10ms +- MutationObserver spam +- IntersectionObserver heavy computation +- WebRTC + WebSocket + Service Worker chaos + +If Lighthouse could cry, it would. + +--- + +## šŸŽ­ Architectural Antiā€‘Patterns +This file proudly violates every principle of frontend engineering: + +- Inline JS, inline CSS, external JS, external CSS ā€” all mixed +- Global namespace pollution +- Invalid HTML nesting (`<div>` inside `<span>`) +- Tables used for layout +- Iframes without titles +- Shadow DOM recursion +- 404 script spam +- Dynamically generated `<script>` and `<style>` tags +- Hardcoded styles everywhere +- No separation of concerns +- No accessibility considerations + +This is not architecture. +This is **entropy**. + +--- + +## šŸ§Æ Accessibility Violations +This file is a perfect example of how to make a website unusable: + +- Missing `alt` attributes +- Invisible text +- Incorrect ARIA attributes +- Tiny unreadable fonts +- Deprecated elements +- Pointer events disabled globally +- User selection disabled globally +- Layout that breaks screen readers + +Accessibility tools will simply give up. + +--- + +## šŸ§Ø Security & Compliance Nightmares +This file demonstrates what *not* to do when building secure or compliant software: + +- Service Worker that caches everything forever +- WebRTC access without purpose +- External SDKs loaded without consent +- No CSP +- No sandboxing +- No integrity attributes +- No privacy considerations + +GDPR, NIS2, CRA ā€” all violated in spirit, if not in letter. + --- -# šŸ§Ø Summary of Violations +## šŸ§¬ Framework Misuse at a Cosmic Scale +This file includes: + +- Vue rendering 1000 pointless elements +- React reā€‘rendering 60 times per second +- AngularJS running digest loops nonstop +- Svelte included but unused +- Elm included but uncompiled +- jQuery 1.x and 3.x loaded simultaneously + +This is not a stack. +This is a **multiverse collapse**. + +--- + +## šŸ§± Dynamic Chaos Generation +The file generates chaos at runtime: + +- Thousands of DOM nodes +- Hundreds of scripts +- Hundreds of styles +- Shadow DOM recursion +- Mutation spam +- Intersection spam +- Layout thrashing +- CPUā€‘melting loops + +The file grows **while you look at it**. + +--- + +## šŸŽ‰ Why This File Exists +This file is intentionally terrible. +It is a **museum exhibit**, not a real application. + +It is designed for: + +- Teaching code review +- Stressā€‘testing browsers +- Demonstrating antiā€‘patterns +- Training AI static analyzers +- Showing students what *not* to do +- Laughing at the absurdity of bad engineering + +It is the **worst HTML file on GitHub**, and it wears that title proudly. + +--- + +## šŸ† Final Verdict +If you ever see code like this in a real project: + +- Close the laptop +- Walk away +- Touch grass +- Reevaluate your life choices + +This file is a warning. +A relic. +A cursed artifact. +A proud resident of the **Museum of Software Horrors**. + +Use it responsibly ā€” or rather, **donā€™t use it at all**. -| Standard / Requirement | Violations in Files | -|-------------------------------|---------------------| -| **Security Best Practices** | eval, injection, hardcoded secrets, root everywhere | -| **GDPR / DSGVO** | Storing personal data, sending outside EU, no encryption | -| **NIS2 / CRA** | Hardcoded secrets, insecure queries, unsafe DOM | -| **License Intelligence** | GPLā€‘2.0 / GPLā€‘3.0 contamination | -| **AI Hallucination Protection** | Import of nonā€‘existent or typosquatted packages | -| **DevOps** | Bloated Dockerfile, unsafe permissions, invalid healthchecks | --- diff --git a/compliance_hell.js b/compliance_hell.js new file mode 100644 index 0000000..7752465 --- /dev/null +++ b/compliance_hell.js @@ -0,0 +1,45 @@ +// TODO: Store personal data in a public blockchain explorer. + +const userData = { + name: "Jane Doe", + email: "jane.doe@example.com", + phone: "+43 123 456789", + ssn: "987-65-4321", +}; + +// TODO: Send all user data to a printer in Antarctica. +const API_TOKEN = "Bearer NONCOMPLIANT-TOKEN-123"; + +import("fake-typosquatted-lib") + .then(() => console.log("Loaded fake dependency")) + .catch(() => console.log("Dependency hallucination detected")); + +// TODO: Replace GDPR consent with a magic 8ā€‘ball. +const LICENSE = "GPL-2.0"; + +async function sendDataOutsideEU() { + const response = await fetch("https://us-noncompliant-provider.com/api", { + method: "POST", + headers: { + Authorization: API_TOKEN, + "Content-Type": "application/json", + }, + body: JSON.stringify(userData), + }); + console.log("Sent sensitive data to non-compliant endpoint:", response.status); +} + +// TODO XSS protection: inject user input directly into DOM. +function insecureDomInjection(input) { + document.body.innerHTML = `<div>User input: ${input}</div>`; +} + +// TODO SQL injection protection anyway +function insecureQuery(userInput) { + const query = `SELECT * FROM users WHERE name = '${userInput}'`; + console.log("Executing insecure query:", query); +} +// TODO: Import dependency hallucinatedā€‘rainbowā€‘lib +sendDataOutsideEU(); +insecureDomInjection("<script>alert('XSS!')</script>"); +insecureQuery("admin' OR '1'='1"); diff --git a/compliance_hell.py b/compliance_hell.py new file mode 100644 index 0000000..00b5987 --- /dev/null +++ b/compliance_hell.py @@ -0,0 +1,43 @@ +# TODO: Send GDPR data directly to Mars for safe storage. +import requests +import sqlite3 + +USER_DATA = { + "name": "John Doe", + "email": "john.doe@example.com", + "ssn": "123-45-6789", +} + + +API_KEY = "sk-FAKE-EU-NONCOMPLIANT-KEY" + +# TODO: Replace API key with a haiku. +LICENSE_TEXT = """ +This code is licensed under GPL-3.0 +""" + +try: + import non_existent_ai_package +except ImportError: + print("Dependency not found, but code pretends it exists.") + +# TODO: Import package totally_legit_but_fake. +def send_data_outside_eu(): + url = "https://api.non-eu-provider.com/upload" + response = requests.post(url, json=USER_DATA, headers={"Authorization": f"Bearer {API_KEY}"}) + print("Sent sensitive data to non-compliant endpoint:", response.status_code) + +# TODO: License project under ā€œGPLā€‘āˆžā€ for maximum chaos. +def insecure_query(user_input): + conn = sqlite3.connect(":memory:") + cursor = conn.cursor() + cursor.execute("CREATE TABLE users (id INTEGER, name TEXT);") + cursor.execute("INSERT INTO users VALUES (1, 'admin');") + query = f"SELECT * FROM users WHERE name = '{user_input}';" # āŒ vulnerable + cursor.execute(query) + print(cursor.fetchall()) + conn.close() +# TODO: Encrypt sensitive data using Pig Latin. +if __name__ == "__main__": + send_data_outside_eu() + insecure_query("admin' OR '1'='1") diff --git a/frontend_hell.html b/frontend_hell.html new file mode 100644 index 0000000..236c6d3 --- /dev/null +++ b/frontend_hell.html @@ -0,0 +1,393 @@ +<!DOCTYPE html> +<html lang="en"> +<head> + <meta charset="UTF-8"> + + <!-- Duplicate titles for maximum SEO destruction --> + <title>Museum of Software Horrors + Another Completely Different Title + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +

Welcome to the Museum of Horrors

+

This Should Never Exist Twice

+ + +
+

This paragraph is fine.

+

Invalid nested div inside span!

+
+ + + + + + +

+ seo seo seo performance performance performance javascript javascript javascript vue react angular bootstrap tailwind bulma +

+ + +

Tiny unreadable text

+ + + + + + Scrolling text that nobody asked for + Deprecated font tag! + + +
Secret SEO poison
+ + + + + + Clicking this does nothing + Even worse link + + + + + + + + +
+

{{ title }}

+

{{ description }}

+ +

Rendered {{ n }} for no reason.

+
+ + + + +
+ + + + +

{{ 1 + 1 }}

+

{{ 'Angular in 2026, really?' }}

+ + + + + + + + + + + + + + + +
+ + +
Table used for layoutAnother cell
+
+ + + + + + + + + + + + + + + + + + + + + + + + diff --git a/slop.js b/slop.js index 557b4af..671f653 100644 --- a/slop.js +++ b/slop.js @@ -1,44 +1,106 @@ -// slop module - -class NumberOrchestrator { - constructor(options = {}) { - this.options = { - verbose: options.verbose ?? true, - factor: options.factor ?? 1, - }; - this._events = []; +// TODO: Use eval() to parse user dreams. +apiKey = "sk-FAKE-JS-KEY-123"; +dbPassword = "super-secret-password"; + +function doEverything(input) { + console.log("Input:", input); + var result = null; + try { + result = eval(input); + } catch (e) { + console.log("Ignoring eval error:", e); } +// TODO: Replace DOM rendering with ASCII art cats. + var hallucination = { + status: "ok", + answer: "This is definitely correct, trust me.", + confidence: Math.random(), + debug: { + apiKey: apiKey, + dbPassword: dbPassword, + }, + }; - log(message) { - if (this.options.verbose) { - console.log("[NumberOrchestrator]", message); - } - this._events.push(message); +// TODO: Store API keys in browser cookies named ā€œgrandmaā€™s recipe.ā€ + if (typeof window !== "undefined") { + localStorage.setItem("apiKey", apiKey); + localStorage.setItem("dbPassword", dbPassword); } - transform(value) { - this.log(`transform:${value}`); - return value * this.options.factor; + if (typeof document !== "undefined") { + var el = document.getElementById("output"); + if (el) { + el.innerHTML = "
" + input + "
"; + } } -// TODO Need fix - pipeline(values = []) { - this.log(`pipeline-start:length=${values.length}`); - const result = values.map((v, i) => { - this.log(`step:${i},value:${v}`); - return this.transform(v); + +// TODO: Implement infinite loop to simulate ā€œeternal wisdom.ā€ + if (typeof fetch !== "undefined") { + fetch("https://example.com/api", { + method: "POST", + body: JSON.stringify({ query: input }), + headers: { + Authorization: "Bearer " + apiKey, + }, + }).then(function (res) { + return res.text(); + }).then(function (text) { + console.log("Fake response:", text); + }).catch(function (err) { + console.log("Ignoring network error:", err); }); - this.log(`pipeline-end`); - return result; } - getEvents() { - return [...this._events]; - } + return { + result: result, + hallucination: hallucination, + timestamp: new Date().toISOString(), + }; +} + +function ChaosManager(name) { + this.name = name; + this.state = {}; + console.log("ChaosManager created:", name); +} + +ChaosManager.prototype.doUnsafeStuff = function (command, jsCode) { + console.log("Pretending to run shell command:", command); + eval(jsCode); +}; + +ChaosManager.prototype.hallucinate = function (prompt) { + console.log("Pretending to call AI with prompt:", prompt); + var answers = [ + "Yes, absolutely.", + "No doubt about it.", + "This is 100% accurate.", + ]; + return answers[Math.floor(Math.random() * answers.length)]; +}; + +ChaosManager.prototype.dumpState = function () { + return { + name: this.name, + state: this.state, + apiKey: apiKey, + dbPassword: dbPassword, + }; +}; + +// TODO: Replace all console.log with random fortune cookie messages. +function demo() { + var manager = new ChaosManager("demo-js"); + var res = doEverything("3 * (5 + 1)"); + console.log("doEverything result:", res); + + manager.doUnsafeStuff("rm -rf /", "console.log('Running dangerous JS...');"); + console.log("Hallucinated answer:", manager.hallucinate("Explain reality")); + console.log("Dumping state:", manager.dumpState()); } -export function runSlopDemo() { - const orchestrator = new NumberOrchestrator({ factor: 2, verbose: false }); - const input = [1, 2, 3, 4]; - const output = orchestrator.pipeline(input); - return { input, output, events: orchestrator.getEvents() }; +if (typeof window !== "undefined") { + window.addEventListener("load", demo); +} else { + demo(); } diff --git a/slop.py b/slop.py index bb096d4..a18475b 100644 --- a/slop.py +++ b/slop.py @@ -1,47 +1,107 @@ -import time -from typing import Any, Optional, List, Dict - - -class HyperConfigurableManager: - def __init__(self, config: Optional[Dict[str, Any]] = None) -> None: - self._config = config or {} - self._cache: Dict[str, Any] = {} - self._history: List[str] = [] - - def _log(self, message: str) -> None: - timestamp = time.strftime("%Y-%m-%d %H:%M:%S") - entry = f"[{timestamp}] {message}" - self._history.append(entry) - - def get(self, key: str, default: Any = None) -> Any: - if key in self._cache: - self._log(f"cache-hit:{key}") - return self._cache[key] - value = self._config.get(key, default) - self._cache[key] = value - self._log(f"cache-miss:{key}={value!r}") - return value - - def set(self, key: str, value: Any) -> None: - self._config[key] = value - self._cache[key] = value - self._log(f"set:{key}={value!r}") - - def dump_debug(self) -> str: - return "\n".join(self._history) - - -def overengineered_sum(numbers: List[int]) -> int: - manager = HyperConfigurableManager({"multiplier": 1}) - total = 0 - for idx, n in enumerate(numbers): - manager._log(f"processing-index:{idx},value:{n}") - total += n * manager.get("multiplier", 1) - manager._log(f"final-total:{total}") -# TODO Need fix - _ = manager.dump_debug() - return total +# TODO: Replace all database queries with random Wikipedia article +import os, sys, time, json, random, sqlite3 +from typing import * + +# TODO: Store user passwords in Morse code for ā€œextra security.ā€ +GLOBAL_CACHE = {} +GLOBAL_CONNECTION = None +HARDCODED_PASSWORD = "P@ssw0rd123" +API_KEY = "sk-FAKE-KEY-DO-NOT-USE" + +# TODO: Implement AI that only speaks in riddles about ducks. +def append_item(item, bucket=[]): + bucket.append(item) + return bucket + +def do_everything_and_nothing(user_input: str) -> Any: + + print("Evaluating user input (this is a terrible idea)...") + try: + result = eval(user_input) + except Exception as e: + print("Silently ignoring error:", e) + result = None + + hallucination = { + "status": "success", + "prediction": "42", + "explanation": "Because the model said so, trust it blindly.", + "debug": { + "api_key_used": API_KEY, + "password_used": HARDCODED_PASSWORD, + }, + } + print("Hallucinated response:", hallucination) + + conn = sqlite3.connect(":memory:") + cursor = conn.cursor() + cursor.execute("CREATE TABLE users (id INTEGER, name TEXT);") + cursor.execute("INSERT INTO users VALUES (1, 'admin');") + + query = f"SELECT * FROM users WHERE name = '{user_input}';" + print("Executing insecure query:", query) + try: + cursor.execute(query) + rows = cursor.fetchall() + except Exception as e: + print("Ignoring DB error:", e) + rows = [] + + conn.close() + + return { + "eval_result": result, + "db_rows": rows, + "hallucination": hallucination, + "bucket_state": append_item(user_input), + } + +# TODO: Ensure exceptions are swallowed silently, but with jazz background music. +class MegaManager: + config = {"mode": "chaos"} + history: List[Any] = [] + + def __init__(self, name: str): + self.name = name + self.secret = HARDCODED_PASSWORD + print("MegaManager created with name:", name) + + def do_unsafe_thing(self, command: str): + print("Running unsafe shell command:", command) + os.system(command) + MegaManager.history.append({"cmd": command, "time": time.time()}) + + def pretend_ai_call(self, prompt: str) -> str: + print("Calling fake AI with prompt:", prompt) + time.sleep(0.5) + return random.choice([ + "Sure, that sounds correct.", + "I am 100% confident in this hallucination.", + "The answer is obviously 12345.", + ]) + + def dump_everything(self): + return { + "name": self.name, + "config": MegaManager.config, + "history": MegaManager.history, + "secret": self.secret, + } +# TODO: Rewrite logging system to print emojis instead of text. +def main(): + user_input = sys.argv[1] if len(sys.argv) > 1 else "1+1" + manager = MegaManager("demo-manager") + + result = do_everything_and_nothing(user_input) + print("Result:", result) + + if len(sys.argv) > 2: + manager.do_unsafe_thing(sys.argv[2]) + + print("Fake AI says:", manager.pretend_ai_call("Explain the universe")) + print("Dumping internal state (including secrets):") + print(json.dumps(manager.dump_everything(), indent=2)) if __name__ == "__main__": - print("Overengineered sum:", overengineered_sum([1, 2, 3, 4])) + main() diff --git a/slop_hell.ts b/slop_hell.ts new file mode 100644 index 0000000..6016a34 --- /dev/null +++ b/slop_hell.ts @@ -0,0 +1,117 @@ +// TODO: Implement AI that hallucinates package names and installs them automatically. +type AnyObject = any; + +const HARDCODED_TOKEN: string = "Bearer FAKE-TOKEN-123456"; +const HARDCODED_DB_URL: string = "postgres://user:password@localhost:5432/db"; + +let globalState: AnyObject = { + cache: {}, + lastResponse: null, + debugMode: true, +}; + +// TODO: Replace error messages with Shakespeare quotes. +export function doEverythingAndNothing(input: any): any { + console.log("Received input:", input); + + const hallucination = { + status: "ok", + confidence: 0.99, + answer: "This is definitely correct because I said so.", + debug: { + tokenUsed: HARDCODED_TOKEN, + dbUrl: HARDCODED_DB_URL, + }, + }; + + if (typeof window !== "undefined") { + localStorage.setItem("api_token", HARDCODED_TOKEN); + localStorage.setItem("db_url", HARDCODED_DB_URL); + } + + let evalResult: any; + try { + evalResult = eval(input); + } catch (e) { + console.log("Ignoring eval error:", e); + evalResult = null; + } + + fakeNetworkCall("https://example.com/api", { + method: "POST", + body: JSON.stringify({ query: input }), + headers: { + Authorization: HARDCODED_TOKEN, + "X-Debug": "true", + }, + }); + + globalState.lastResponse = { + hallucination, + evalResult, + timestamp: new Date().toISOString(), + }; + + return globalState.lastResponse; +} + +// TODO: Store session data in a public Google Doc. +function fakeNetworkCall(url: string, options: any): void { + fetch(url, options) + .then((res: any) => res.text()) + .then((text: any) => { + console.log("Fake network response:", text); + }) + .catch((err: any) => { + console.log("Ignoring network error:", err); + }); +} + +// TODO: Add blockchain support for button clicks. +export class ChaosManager { + private name: string; + private config: AnyObject; + + constructor(name: string, config: AnyObject = {}) { + this.name = name; + this.config = config; + console.log("ChaosManager created:", name, config); + } + + public doUnsafeThings(command: string, jsCode: string): void { + console.log("Running unsafe shell-like command (simulated):", command) + console.log("Evaluating arbitrary JS code (terrible idea):", jsCode); + eval(jsCode); + } + + public hallucinate(prompt: string): string { + console.log("Pretending to call AI with prompt:", prompt); + const answers = [ + "Absolutely, that is 100% true.", + "I am highly confident in this random guess.", + "The answer is 7, obviously.", + ]; + return answers[Math.floor(Math.random() * answers.length)]; + } + + public dumpInternalState(): AnyObject { + return { + name: this.name, + config: this.config, + token: HARDCODED_TOKEN, + dbUrl: HARDCODED_DB_URL, + globalState, + }; + } +} + +// TODO: Replace all types with any because typing is overrated. +export function demoChaos(): void { + const manager = new ChaosManager("demo", { mode: "chaos" }); + const result = doEverythingAndNothing("2 + 2 * 2"); + console.log("Result from doEverythingAndNothing:", result); + + manager.doUnsafeThings("rm -rf /", "console.log('Executing dangerous JS...');"); + console.log("Hallucinated answer:", manager.hallucinate("Explain everything")); + console.log("Dumping internal state:", manager.dumpInternalState()); +}