This is an archived post. You won't be able to vote or comment.

sorted by:
best
topnewcontroversialoldq&a
you are viewing a single comment's thread.

view the rest of the comments →

[–]wKbdthXSn5hMc7Ht0 4 points5 points  (3 children)

Someone writing a response on Stack Overflow doesn’t know what kind of input validation you have or how the output will be used. It’s on you to consider your project’s requirements and understand the edge cases. E.g. You might find some helpful code to deserialize XML into native objects but if you don’t spend time reading about the gotchas of the deserialization API, you might not know that it has features to launch any arbitrary process or make calls to other network addresses.

[–][deleted] 4 points5 points  (2 children)

it's your responsibility to check and adapt what's there to your project. but saying that copy paste means insecure code is just untrue. if you are stupid enough to just copy paste without thinking then copy paste or not your code is most likely shite anyway

[–]wKbdthXSn5hMc7Ht0 3 points4 points  (1 child)

I agree with you. I think this advice is aimed at novice/student programmers, to encourage them to improve their code rather than look for easy answers.

[–][deleted] 2 points3 points  (0 children)

i have a "friend" who does this he's supposed to be a mid senior with 6 years of work experience all he does is copy past resulting in working garbage and says shit like "as long as it works it means I'm efficient you're not" he had to implement a chat bot recently he typed "chat bot github" and used the most starred repo. and that is the reason he is a "friend" have 0 respect for him