Comment by 7777777phil
2 days ago
The auth logic was literally inverted. Blocking people it should allow, allowing people it should block.
Probably any human reviewer would catch that in seconds, but AI code generation optimizes for code that runs, not code that's correct in domain-specific ways. I wrote about this pattern recently, AI converges to plausible output but misses the reasoning that requires actual expertise: https://philippdubach.com/posts/the-impossible-backhand/
No comments yet
Contribute on Hacker News ↗