Comment by didibus

Comment by didibus 21 hours ago

8 replies

View on Hacker News

You could argue that AI-generated code is a black box, but let's adjust our perspective here. When was the last time you thoroughly reviewed the source code of a library you imported? We already work with black boxes daily as we evaluate libraries by their interfaces and behaviors, not by reading every line.

The distinction isn't whether code comes from AI or humans, but how we integrate and take responsibility for it. If you're encapsulating AI-generated code behind a well-defined interface and treating it like any third party dependency, then testing that interface for correctness is a reasonable approach.

The real complexity arises when you have AI help write code you'll commit under your name. In this scenario, code review absolutely matters because you're assuming direct responsibility.

I'm also questioning whether AI truly increases productivity or just reduces cognitive load. Sometimes "easier" feels faster but doesn't translate to actual time savings. And when we do move quicker with AI, we should ask if it's because we've unconsciously lowered our quality bar. Are we accepting verbose, oddly structured code from AI that we'd reject from colleagues? Are we giving AI-generated code a pass on the same rigorous review process we expect for human written code? If so, would we see the same velocity increases from relaxing our code review process amongst ourselves (between human reviewers)?

materielle 20 hours ago

I’m not sure that the library comparison really works.

Libraries are maintained by other humans, who stake their reputation on the quality of the library. If a library gets a reputation of having a lax maintainer, the community will react.

Essentially, a chain of responsibility, where each link in the chain has an incentive to behave well else they be replaced.

Who is accountable for the code that AI writes?

Reply View 1 reply
  • genewitch 21 minutes ago

    > Who is accountable for the code that AI writes?

    i say we make it the original publishers of the data ingested by the AI during training. Just for the court battles.

    Reply View 0 replies
layer8 16 hours ago

Would you use a library that was written by AI without anyone having supervised it and thoroughly reviewed the code? We are using libraries without checking its source code because of the human thought process and quality control that has gone into it, and existing reputation. Nobody would use a library that no one else has ever seen and whose source code no human has ever laid their eyes on. (Excluding code generated by deterministic vetted tools here, like transpilers or parser generators.)

Reply View 0 replies
bluefirebrand 21 hours ago

> When was the last time you thoroughly reviewed the source code of a library you imported?

Doesn't matter, I'm not responsible for maintaining that particular code

The code in my PRs has my name attached, and I'm not trusting any LLM with my name

Reply View 3 replies
  • didibus 20 hours ago

    Exactly, that's what I'm saying. Commit AI code under its own name. Then the code under your name can use the AI code as a black box. If your code that uses AI code works as expected, it is similar to when using libraries.

    If you consider that AI code is not code any human needs to read or later modify by hand, AI code is modified by AI. All you want to do is just fully test it, if it all works, it's good. Now you can call into it from your own code.

    Reply View 2 replies
    • bluefirebrand 7 hours ago

      > Commit AI code under its own name.

      "A computer can never be held accountable therefore a computer should never make a management decision"

      I think we need to go back to this. I think a computer cannot be held accountable so a computer should never make any decision with any kind of real world impact

      Reply View 0 replies
    • benediktwerner 19 hours ago

      I don't see what that does. The AI hardly cares about it's reputation and I also can't really blame the AI when my boss or a customer asks me why something failed, so what does committing under its name do?

      I'm ultimately still responsible for the code. And unlike AI, library authors but their and their libraries reputation on the line.

      Reply View 0 replies
adastra22 20 hours ago

These days, I review external dependencies pretty thoroughly. I did not use to. This is because of AI slop though.

Reply View 0 replies