• teft@piefed.social
    link
    fedilink
    English
    arrow-up
    48
    arrow-down
    2
    ·
    2 months ago

    the consensus seems to be that adding instructions to code that sabotage other people’s work goes too far

    I mean, my thought would be “Don’t fucking run code that you don’t understand”.

    • frongt@lemmy.zip
      link
      fedilink
      English
      arrow-up
      25
      arrow-down
      4
      ·
      2 months ago

      If we all followed that rule, we’d be using nothing more complex than an 8080.

      • RaphaelSchmitz@feddit.org
        link
        fedilink
        English
        arrow-up
        10
        arrow-down
        1
        ·
        2 months ago

        The code YOU run. If your code runs other code, that doesn’t fall under this.

        “Don’t ride a car unless you know how driving a car works” doesn’t mean you need to understand the chemical composition of the metal in the motor parts

      • Cocodapuf@lemmy.world
        link
        fedilink
        English
        arrow-up
        4
        arrow-down
        1
        ·
        2 months ago

        Well, I think it’s legit to use software without understanding the code or use hardware without understanding the specifics of the logical mechanisms of the silicon. But when you’re writing software, you really should know what’s in your own code. Anything else is bad form in my opinion.

          • Cocodapuf@lemmy.world
            link
            fedilink
            English
            arrow-up
            4
            arrow-down
            2
            ·
            edit-2
            2 months ago

            I don’t like to use libraries I don’t understand. Probably part why I’m not a professional developer, but it’s the principle of the thing - don’t put out code you can’t vouch for.

            I mean, yes, it’s way easier to just use the library, trust it works; but by that logic, it’s also way easier to just let an llm code for you.

            • AwesomeLowlander@sh.itjust.works
              link
              fedilink
              English
              arrow-up
              2
              ·
              2 months ago

              Probably part why I’m not a professional developer, but it’s the principle of the thing

              There’s no ‘principle’ here, that’s something that simply would not be possible in any sort of large project. To suggest all professional software developers read every line of every library before using it is ridiculously unworkable.

            • mabeledo@lemmy.world
              link
              fedilink
              English
              arrow-up
              1
              arrow-down
              2
              ·
              edit-2
              2 months ago

              Libraries can be audited. LLM generated code cannot.

              Edit: to clarify, it is impossible to audit all LLM generated code across a number of projects, that would replace a single library. It simply won’t happen, because there will always be a non trivial number of users who will copy and paste code without inspecting it. In contrast, widely used open source libraries may be audited by a small subset of their users, and the rest would benefit from that.

    • Smoogs@lemmy.world
      link
      fedilink
      English
      arrow-up
      6
      ·
      2 months ago

      it was always a risk in stack overflow so i dont see why suddenly the world needs to exclusively create safe spaces for all the ‘down with safe spaces’ crowd.