Closed abe-mart closed 3 months ago
It's sad to see Typosquatting
attacks eroding trust. I'm hopeful that they'll find ways to better validate packages and eliminate those methods that have the potential to destroy the Python ecosystem of open-source package development.
Great suggestion about transparency. The apopt.com, apmonitor.com, and alphapeak.io websites are all maintained by the same team. Most LLMs are too slow on a local computer if a user doesn't have a substantial GPU. I'm working on a remote=False
option, similar to the GEKKO()
module to allow a user to run locally. I'll also include a print statement that notifies the user if they are using the remote=True
option.
Added additional information to the documentation: https://gekko.readthedocs.io/en/latest/support.html
The web service searches a list of hundreds of related Gekko questions and answers to add question context and receive a more relevant answer. User questions are not stored for LLM training. The Gekko AI Assistant web service may be unavailable or slow down during periods of high use. Advanced Process Solutions, LLC (APS) is not responsible in any way for the accuracy, completeness, performance, timeliness, reliability, content, upgrades, or availability of any information and/or software received by you as a result of your use of the service. See APS terms and conditions.
After working on it a while, it seems like the remote=False
option isn't a good fit for the support
module because of the additional requirements such as the ollama
server and a number of other dependencies such as sufficient GPU capability. Instead, a complete tutorial on replicating the Gekko AI Assistant locally is provided in the Data-Driven Engineering course. Additional documentation notes are added to highlight that the support agent sends messages to a server for processing.
The integration of an AI support agent is a cool idea, and will probably be very helpful. However, unexpectedly sending user data to an unaffiliated commercial site (alphapeak.io) without consent or notification is...not a good look. This is especially true given rising concerns around malware in the Python ecosystem (e.g. https://checkmarx.com/blog/pypi-is-under-attack-project-creation-and-user-registration-suspended/)
From reading the current documentation, a user might infer that the support agent is installed locally with the package, which is not the case. I would suggest that the documentation be updated to clarify how user data is collected and handled to avoid any misunderstandings.