Comment by AlienRobot
6 days ago
I've tried coding with AI for the first time recently[1] so I just joined that statistic. I assume most people here already know how it works and I'm just late to the party, but my experience was that Copilot was very bad at generating anything complex through chat requests but very good at generating single lines of code with autocompletion. It really highlighted the strengths and shortcomings of LLM's for me.
For example, if you try adding getters and setters to a simple Rect class, it's so fast to do it with Copilot you might just add more getters/setters than you initially wanted. You type pub fn right() and it autocompletes left + width. That's convenient and not something traditional code completion can do.
I wouldn't say it's "mission critical" however. It's just faster than copy pasting or Googling.
The vulnerability highlighted in the article appears to only exist if you put code straight from Copilot into anything without checking it first. That sounds insane to me. It's just as untrusted input as some random guy on the Internet.
[1] https://www.virtualcuriosities.com/articles/4935/coding-with...
> it's so fast to do it with Copilot you might just add more getters/setters than you initially wanted
Especially if you don't need getters and setters at all. It depends on you use case, but for your Rect class, you can just have x, y, width, height as public attributes. I know there are arguments against it, but the general idea is that if AI makes it easy to write boilerplate you don't need, then it made development slower in the long run, not faster, as it is additional code to maintain.
> The vulnerability highlighted in the article appears to only exist if you put code straight from Copilot into anything without checking it first. That sounds insane to me. It's just as untrusted input as some random guy on the Internet.
It doesn't sound insane to everyone, and even you may lower you standards for insanity if you are on a deadline and just want to be done with the thing. And even if you check the code, it is easy to overlook things, especially if these things are designed to be overlooked. For example, typos leading to malicious forks of packages.
Once the world is all run on AI generated code how much memory and cpu cycles will be lost to unnecessary code? Is the next wave of HN top stories “How we ditched AI code and reduced our AWS bill by 10000%”?
I don't know but the current situation is already so absurd that AI probably won't make it much worse. It can even make it a little better. I am talking about AI generated "classical" code, not the AIs themselves.
Today, we are piling abstraction on top of abstractions, culminating with chat apps taking a gigabyte of RAM. Additional getters and setters are nothing compared to it, maybe literally nothing, as these tend to get optimized out by the compiler.
The way it may improve things is that it may encourage people to actually code a solution (more like having it AI generated) rather than pulling an big library for a small function. Both are bad, but from an efficiency standpoint by being more specialized code, the AI solution may have an edge.
Note that this argument is only about runtime performance and memory consumption, not matters like code maintainability and security.
Your IDE should already have facilities for generating class boilerplate, like package address and brackets and so on. And then you put in the attributes and generate a constructor and any getters and setters you need, it's so fast and trivially generated that I doubt LLM:s can actually contribute much to it.
Perhaps they can make suggestions for properties based on the class name but so can a dictionary once you start writing.
IDE's can generate the proper structure and make simple assumptions, but LLM's can also guess what algorithms should look like generally. In the hands of someone who knows what they are doing I'm sure it helps produce more quality code than they otherwise would be capable of.
I'm unfortunate that it has become used by students and juniors. You can't really learn anything from Copilot, just as I couldn't learn Rust just by telling it to write Rust. Reading a few pages of the book explained a lot more than Copilot fixing broken code with new bugs and the fixing the bugs by reverting its own code to the old bugs.