Comment by bennyg
2 months ago
Sounds like the job for an LLM tool to extract what's actually used from appropriately-licensed OSS modules and paste directly into codebases.
2 months ago
Sounds like the job for an LLM tool to extract what's actually used from appropriately-licensed OSS modules and paste directly into codebases.
Requiring you to audit both security and robustness on the LLM generated code.
Creating two problems, where there was one.
I didn't say generate :) - in all seriousness, I think you could reasonably have it copy the code for e.g. lodash.merge() and paste it into your codebase without the headaches you're describing. IMO, this method would be practical for a majority of npm deps in prod code. There are some I'd want to rely on the lib (and its maintenance over time), but also... a sort function is a sort function.
LLMs don't copy and paste. They ingest and generate. The output will always be a generated something.
3 replies →
LLMs can do the audits now.
Do you have any evidence it wouldn't just make up code.
This is already a thing, compiled languages have been doing this for decades. This is just C++ templates with extra steps.