| Also, Google lost the bid on Github when MS acquired them and Gitlab is the next best thing for them to partner with. Of course "Explain this vulnerability" does not exactly sound like a compelling use case. This press release is hot garbage that adds to Google's problems instead of solving them by being bland, vague, hand wavy, and unspecific. I think MS has a the vastly superior play here with e.g. co-pilot, partner ships with openai, and a lot of people already using gpt 4 powered plugins in their IDEs. The right level of ambition for Google & Gitlab would be "Create a pull request to address this vulnerability" or how about "Review this pull request". Gpt 4 can do code reviews with the codeGpt plugins for vs code and intellij. And it actually finds stuff when you do that. Or they can just wait for MS to roll that out with Github. I have no inside information as to whether they are planning any such thing. But it's an obvious move and they have a lot of the pieces needed for doing a decent effort for that. Including AI that is more than a press release, actually works, and is being used productively by real developers already. Why does every press release from Google read like "The dog ate my homework. Again.", lately? |
I have added your suggestion with MR/PR to remediate security vulnerabilities to the feedback issue [0] for the explain this vulnerability feature. The issue is linked from the blog post that provides more details [1].
[0] https://gitlab.com/gitlab-org/gitlab/-/issues/407295#note_13...
[1] https://about.gitlab.com/blog/2023/05/02/explain-this-vulner...