Sorta related, i found a copilot pull request (merged) on an npm project repo and I was so disgusted I wanted to delete the dependency and do my own thing manually, but alas this was at work and my time on this earth is finite (for now)
Agree, but if we are going towards the AI writes all code future that these AI companies want, then code review will become inneffective.
If we stop writing code, we will lose that “edge” that helps us detect bad logic when reading a PR.
The more code we have to review, the more mistakes we will make letting bad code through (I believe this is the case). It’s less fatal when the code we review is written by smart humans because it’s unlikely they code something as bad as an AI can produce.
Anyways, I think using any AI agent to write bigish blobs of code is a mistake, but if you are gonna do it i hope you have multiple fresh pairs of eyes on each PR. Still will give me the ick seeing an AI PR get merged tho.
Sorta related, i found a copilot pull request (merged) on an npm project repo and I was so disgusted I wanted to delete the dependency and do my own thing manually, but alas this was at work and my time on this earth is finite (for now)
(I just wanted to share this)
Let me know when you get that immortality hack working!
You are the first I will call :)
The usage of vibe coding tools in the NPM repo has only led to two major incidents (supply chain attacks) in the last months
Oh interesting, I thought they were all phishing attacks… goes to show the risk I guess.
Tbf this is why PRs and code reviews exist.
Agree, but if we are going towards the AI writes all code future that these AI companies want, then code review will become inneffective.
If we stop writing code, we will lose that “edge” that helps us detect bad logic when reading a PR.
The more code we have to review, the more mistakes we will make letting bad code through (I believe this is the case). It’s less fatal when the code we review is written by smart humans because it’s unlikely they code something as bad as an AI can produce.
Anyways, I think using any AI agent to write bigish blobs of code is a mistake, but if you are gonna do it i hope you have multiple fresh pairs of eyes on each PR. Still will give me the ick seeing an AI PR get merged tho.
I think it was reviewed and comitted by AI or something