hamburgheftig@feddit.org to Technology@lemmy.worldEnglish · 4 days agoFed up with vibe coders, dev sneaks data-nuking prompt injection into their code - Ars Technicaarstechnica.comexternal-linkmessage-square162fedilinkarrow-up1651arrow-down110
arrow-up1641arrow-down1external-linkFed up with vibe coders, dev sneaks data-nuking prompt injection into their code - Ars Technicaarstechnica.comhamburgheftig@feddit.org to Technology@lemmy.worldEnglish · 4 days agomessage-square162fedilink
minus-squareAwesomeLowlander@sh.itjust.workslinkfedilinkEnglisharrow-up4arrow-down5·3 days agoIt’s an imported library, since when are devs expected to be inspecting the source code of every library they import?
minus-squareyessikg@fedia.iolinkfedilinkarrow-up5·3 days agoSince forever? Don’t you do security audits on the libraries you use?
minus-squareAwesomeLowlander@sh.itjust.workslinkfedilinkEnglisharrow-up1·2 days agoOne person from the team, maybe. You don’t have every single dev read every line of code in the libraries, which is what is being specified here
minus-squaresakuraba@lemmy.mllinkfedilinkEnglisharrow-up5arrow-down1·3 days agoit used to be a thing but javascript npm brainrot happened
It’s an imported library, since when are devs expected to be inspecting the source code of every library they import?
Since forever? Don’t you do security audits on the libraries you use?
One person from the team, maybe. You don’t have every single dev read every line of code in the libraries, which is what is being specified here
it used to be a thing but javascript npm brainrot happened