Comment by Muromec
2 days ago
this kicks the can down the road until we get supply chain attacks through LLM poisoning, like we already do with propaganda
2 days ago
this kicks the can down the road until we get supply chain attacks through LLM poisoning, like we already do with propaganda
Well, he didn’t say vibe code. Presumably, you’d still be reviewing the AI code before committing it.
I ran a little experiment recently, and it does take longer than just pulling in npm dependencies, but not that much longer for my particular project: logging, routing, rpc layer with end-to-end static types, database migrations, and so on. It took me a week to build a realistic, albeit simple app with only a few dependencies (Preact and Zod) running on Bun.
Heh, that's if the reviewer actually is a human doing their job and not another AI just waiting for the right keyword to act like a manchurian candidate.