Vibe Coding Isn't the Problem – It's Your Approvals Process (opens in new tab)

AI generated code, where the author doesn't understand the code, shifts the burden of checking quality and function onto the reviewer.

This post says little about that, and suggests some improvements the _reviewer_ can make.

I think that's completely the wrong end of the stick to be tackling. As the burden is still on the reviewer and not the author.

Vibe coding is in the news these days, and for largely negative reasons. And in many cases, fair enough - vibe coding has been associated with severe lapses in security, both in terms of the products they create and the platforms used to develop them. For many, vibe coding is just not worth what you get from it - and it’s facing huge pushback in dev spaces.

Here’s the thing though - the problem was never the vibe coding. The problem is the approvals process that allows vibe coded content to proliferate unchecked. This may seem a bit of victim blaming, so let me set an expectation here - if you’re looking for a tech bro to tell you that vibe coding is the future and anyone against it is a luddite, that’s not what this article is about. I don’t think vibe coding is the best thing since sliced bread - but I also don’t think it’s the worst thing to happen in development.

What I do think it has done, however, is expose some critical flaws in the way that software - especially open-source software - gets built and released.

So let’s talk about that.