|
|
|
|
|
|
by vova_hn2
101 days ago
|
|
|
I think that this is the issue then, not pulling dependencies from the internet directly. > meaningful review
No that I think about it, maybe for the first time in history it's actually feasible to review all the code in the repos using LLMs. Before LLMs were a thing, for any big project that would be way too much work to realistically do it. Also, someone can provide code review of publicly available dependencies as a service, to avoid wasting tokens of reviewing same code again and again by each dev locally on their machine. U wonder if anyone is already working on such service... |
|
|
It's definitely more widely known/used for container images than individual software packages.