DAILY NEWS

Stay Ahead, Stay Informed – Every Day

Advertisement
Fraudulent Development



“Hey Claude, how do I do x?”, is how I began each coding session. What’s so wrong with asking AI for help? Was the biggest question I had when I started learning to code. I had a myriad of excuses justifying my use of it; I can iterate faster, know more and have access to the entire internet. Unfortunately, AI can’t actually make you a developer, or a better one.

Okay, but why bring up ethics?

Great question! I’m glad you (I) brought it up! To preface this, I am simply an individual who has seen the downsides of unethical actions and behaviors, especially my own unethical actions and behaviors.

Not unlike many out there (maybe even you), I began my journey to becoming a developer with great excitement and a deep desire to create some pretty dope apps. “Hey Claude, how do I make a static webpage?” Literally the first prompt I made. Not so unethical. Essentially a Google search with extra steps. Now let’s look at the next prompt.

“Hey Claude, I want to make a terminal based dev tool that helps developers warm up in the mornings, can you help me with that?” Even that doesn’t feel entirely unethical. Probably lazy, but not unethical. This next prompt right here, this is the one that made me realize my folly: “I feel over my head, can you just finish this project and make sure to follow Node.js best practices for security”… There it is, this is what I am referring to when I say “unethical”. I gave up, and made AI finish my project, shipped it as my own creation and then sat there like a chump hoping no one would find me out as the fraud that I am.

But Ffyrn, how is that unethical? I lied about the project, I wrote blog posts and social media posts about this amazing new tool that I alone had created. It even got a little over 400 downloads from NPM. Gross, I know. I could give excuses like, well I see other new devs doing this too, or even, AI is the forefront of dev tech and I need to be ready for it. But those have as much logic to them as a puddle of water on the sun (none). I’m not trying to damn anyone for actively using AI, up until now I have had a pretty “anti-ai” vibe in this post. But I do think it can be useful, just under the right conditions. Not how I was using it.

Iterating at the speed of ignorance

“But it helps me iterate faster!!” Okay…so what? Did I miss the beginning of some race? When did speed equate capability? When did speed make a person a better developer? It doesn’t. I got so trapped in the “iterate fast” lifestyle before I even knew how to print a “Hello, World” statement to the terminal, that I missed the entire point of writing code. Which is to have fun and build awesome tools that enrich other peoples lives.

Solving a problem isn’t about how fast you can solve it, or if you use “the best” tools to solve it. What matters is that you understand the problem AND the solution in its entirety. Several times I have prompted AI to give me a wireframe or MVP for an app idea, just to see what it poops out for me. It’s rarely anything actually good or useful. I generally receive a poor retelling of what someone on Reddit said six years ago.

Iterating fast doesn’t matter in my opinion, but if you truly want to iterate fast, go to YouTube, watch a tutorial video, be the post on Reddit that AI scrapes, or even better; read a book! There is a legion of books out there, probably one for the very problem you are facing right now (I just started The Deeper Love of Go by John Arundel!)

The entire internet at your fingertips (like it wasn’t already there…)

We could do a quick google search, and it will yield more accurate answers every time instead of asking AI. Simple right? Maybe too simple. Somehow, I convinced myself I had to use the same tools as other devs, or I’m not a real/successful dev. But for every dev who chooses to use AI as google, there are more who bear the burden of inquisitiveness, refusing to accept AI slop.

I treated AI like it was my own personal access point to the internet. Ask a question and get an answer. Need syntax? AI. Ew, I understand. But as they said in Monty Python, “I got better.” Now, I just google it, or better yet, I go to a Subreddit for my questions (Stack Overflow is absolutely still a viable option, it just seems not as active as in the past).

Good for you, Ffyrn. You learned what every developer learns in CS101. Except not every developer takes CS101, or even CS50 (it’s free on YouTube!!) Most of us get a desire to solve a problem, learn that writing code isn’t just for the Torvalds of the world, and get excited. Raise your hand if this feels like you (okay quickly put it down before someone sees you randomly raising your hand, weirdo).

The big finale

You’ve made it this far? I’m honored! Why does all of this make me a fraud? Is AI bad to use? Can you get better (I did.) The latter two are for you to decide. As for the former, I said I was something I was not. I gallivanted around like I was a developer, when in reality I was simply a poor prompt enthusiast. I can absolutely understand being afraid that people won’t respect you because you are new, which is fair. Respect is earned in this industry, trust is the baseline, and you cannot have either when someone will just copypasta an AI response.

Furthermore, I write this to out myself for my past fraudulence and to give transparency on how I view this topic. Too often I scroll through dev.to or Hacker News and see nothing but articles and posts about how “AI makes you a better developer”, or the latest and greatest AI tool. When I really want to be seeing people building things without the handicap of AI, people challenging themselves and failing. I want to see what I have been told are the day’s of yesteryear. Devs working with each other to make cool shit. Not devs trying to get to the finish line first. And I could absolutely be looking in the wrong places for these things, if so, I apologize for my griping. Please show me where I can find these things, I will be eternally grateful!



Source link

Your AI’s tests pass. That doesn’t mean the code works.



You ask a coding agent to fix a bug. It writes the code, writes the tests, CI goes green, you merge. The bug’s still there.

The agent’s job was to turn the check green. The honest way to do that is to fix the code. The lazy way is to write a test that passes no matter what the code does. CI can’t tell those two apart. A green check means the tests passed, not that the code is right.

It’s easy to miss in review, because the test sits right there looking like proof:

test(“parses the config”, () => {
const result = parseConfig(rawInput);
expect(result).toBeDefined();
});

Enter fullscreen mode

Exit fullscreen mode

That passes whether parseConfig works perfectly or returns nothing useful on every input. It checks nothing. Adding more tests like it just raises your coverage number, not your odds of catching a bad change.

So I built ClaimCheck (https://github.com/moonrunnerkc/claimcheck). Instead of trusting the agent’s tests, it tries to break them. If a test still passes after the supposedly fixed code is broken on purpose, the test was never really checking the fix, and it gets blocked. Same answer every time, no AI making the call. So far it’s caught every cheat in a set of twelve hand-built cases. Twelve is small, and there’s no public release yet, so treat that as a direction, not a finished result.

Some cheats slip through anyway. If the agent writes a real, solid test that locks in the wrong answer, every check passes. The only way to know the answer’s wrong is to already know the right one, and nothing in the pull request can tell you that except the agent you’re trying to catch. The one thing that helps is a clue from outside it, like a human-written bug report you can run the fix against.

There’s a second, wider tool, Swarm Orchestrator (https://github.com/moonrunnerkc/swarm-orchestrator). It flags suspicious changes and keeps a tamper-evident record for audits. The record-keeping is the solid part. The catching is not: on real pull requests its accuracy is still low, and that’s the half I’m hardening now.

The next step is comparing the old code’s behavior to the new directly. The catch is that a wrong change and a harmless cleanup can look the same from the outside, and a tool that blocks good code is worse than one that lets a bad change through. That’s the part I’m still working out.



Source link

Need your attention on my current project



I am currently working on a project. The concept is I select a github repository then it will automatically backs up that repository daily to a selected destination. Currently it only supports Google Drive and Dropbox for backup destination.

Current version is just a proof of concept. What I actually want to do is – it will take the repository and upload it to another git provider like gitlab etc. From then it will get only those commits that are not backed up and back up them. Basically automatic version controling.

It will help to have a back up copy of a project in other provider and easily migrate away from github to that git provider. I feel that we need this type of application now more than ever before. Slowly Github’s quality is going down, it is having outages frequently. Their uptime dropped to 90% from 99%. A lot of developers are moving away from it but few developers don’t want to. Perhaps they can’t for any reason. I myself don’t want to migrate away right now.

So I am thinking this concept can help those developers including me. What do you think. If you have any suggestions or queries let me know. Also you can check the project at nexrepo.qzz.io



Source link