|
|
|
|
|
|
by simonw
430 days ago
|
|
|
As an "AI apologist", sorry to disappoint but the answer here isn't better prompting: it's code review. If an LLM spits out code that uses a dependency you aren't familiar with, it's your job to review that dependency before you install it. My lowest effort version of this is to check that it's got a credible commit and release history and evidence that many other people are using it already. Same as if some stranger opens a PR against your project introducing a new-to-you dependency. If you don't have the discipline to do good code review, you shouldn't be using AI-assisted programming outside of safe sandbox environments. (Understanding "safe sandbox environment" is a separate big challenge!) |
|
|