| > If you have devs who don't know how to write secure code The problem with GHC is the developers are not writing the code - they're simply accepting what's being written for them, often in large quantities at a time. > don't have security engineering support Valuable, but my analogy was intended to point out that it's not inherent in the tooling. > Was anyone checking the security of code copy pasted from Stackoverflow Yes, other users on Stackoverflow via comments and other answers. They're not perfect, but their checks and balances exist as a facet of that tool. > Hopefully this work gets fed back into Copilot Only if it's open source, and a large volume of it, to boot. In other words, I don't hold hope that the security situation will be better anytime soon. |