undefined | Better HN

0 pointstehsauce1mo ago0 comments

For the purpose of disclosure, it should say “Warning: AI generated code” in the commit message, not an advertisement for a specific product. You would never accept any of your other tools injecting themselves into a commit message like that.

0 comments

lazyasciiart1mo ago

My last commit is literally authored by dependabot.

sysguest1mo ago

well you know 100% know what dependabot does

datsci_est_20151mo ago

Leaves you open to vulnerabilities in overnight builds of NPM packages that increasingly happen due to LLM slop?

__float1mo ago

You can set a minimum age for packages (https://docs.github.com/en/code-security/reference/supply-ch...), though that's not perfect (and becomes less effective if everyone uses it).

1 more reply

galaxyLogic1mo ago

But how much AI-generated code? If it's just a smallish function or two while most iof the code was written by hand?

j / k navigate · click thread line to collapse