[speakingmoistly]

I think some folks are very quick to drop rigor and care as "traditional practices" as if we're talking about churning butter by hand. One thing that might be valuable to keep in mind is that LLM tooling might feel like an expert, but generally has the decisionmaking skills of a junior. In that light, the rigor and best practices that were already (hopefully) part of software engineering practice are even more important.

> In traditional development, you review versions carefully. With AI-generated scaffolding, that step is easy to overlook.

If in "traditional development", everything is reviewed carefully, why wouldn't it be when some of the toil is automated? If anything, that's exactly what the time that's freed up by not having to scaffold things by hand should be invested in: sifting through what's been added and the choices made by the LLM to make sure they are sound and follow best practices.

[veunes]

Reviewing generated code actually takes a higher skill level than writing it. A junior who prompted this Next.js app into existence is physically incapable of auditing the security of those imports. And for a senior it's often cheaper to just write it from scratch than to sit there and audit abstract spaghetti generated by Claude

[hsin003]

Totally agree — AI scaffolding automates work, but best practices like CI/CD and pentesting are still essential. Continuous monitoring is necessary for all commits, and combining it with a dev-like centralized platform ensures every service and endpoint stays safe.