hamburgheftig@feddit.org to Technology@lemmy.worldEnglish · 27 天前Fed up with vibe coders, dev sneaks data-nuking prompt injection into their code - Ars Technicaarstechnica.comexternal-linkmessage-square162fedilinkarrow-up1648cross-posted to: programming@programming.dev
arrow-up1648external-linkFed up with vibe coders, dev sneaks data-nuking prompt injection into their code - Ars Technicaarstechnica.comhamburgheftig@feddit.org to Technology@lemmy.worldEnglish · 27 天前message-square162fedilinkcross-posted to: programming@programming.dev
minus-squarethis@sh.itjust.workslinkfedilinkEnglisharrow-up20·27 天前True, but I would think developers should at least be following it with the code they’re actually working on.
minus-squareAwesomeLowlander@sh.itjust.workslinkfedilinkEnglisharrow-up4·27 天前It’s an imported library, since when are devs expected to be inspecting the source code of every library they import?
minus-squaresakuraba@lemmy.mllinkfedilinkEnglisharrow-up5·26 天前it used to be a thing but javascript npm brainrot happened
minus-squareyessikg@fedia.iolinkfedilinkarrow-up5·26 天前Since forever? Don’t you do security audits on the libraries you use?
minus-squareAwesomeLowlander@sh.itjust.workslinkfedilinkEnglisharrow-up1·26 天前One person from the team, maybe. You don’t have every single dev read every line of code in the libraries, which is what is being specified here
True, but I would think developers should at least be following it with the code they’re actually working on.
It’s an imported library, since when are devs expected to be inspecting the source code of every library they import?
it used to be a thing but javascript npm brainrot happened
Since forever? Don’t you do security audits on the libraries you use?
One person from the team, maybe. You don’t have every single dev read every line of code in the libraries, which is what is being specified here