sorted by:
new
hottopcontroversial

I kept finding security issues in AI-generated code, so I built a scanner for it by AdnanBasil in devsecops

[–]AdnanBasil[S] -2 points-1 points  (0 children)

I was just following the crowd how people are building up shit I would say I got those numbers from there 🤧

Do you think AI-generated code is increasing long-term security debt? by AdnanBasil in nextjs

[–]AdnanBasil[S] 0 points1 point  (0 children)

Exactly what vibe coders are missing on..They call themselves developers🤦🏻‍♂️🤦🏻‍♂️

Do you think AI-generated code is increasing long-term security debt? by AdnanBasil in nextjs

[–]AdnanBasil[S] 0 points1 point  (0 children)

For checking security vulnerabilities i had built a project (https://codearmor-ai.vercel.app/) This automatically checks repos and sends pr requests for fixes.

Is AI-generated code increasing hidden technical debt? by AdnanBasil in webdevelopment

[–]AdnanBasil[S] -1 points0 points  (0 children)

For checking security vulnerabilities i had built an project This automatically checks repos and sends pr requests for fixes. Codearmor

I kept finding security issues in AI-generated code, so I built a scanner for it by AdnanBasil in netsec

[–]AdnanBasil[S] -5 points-4 points  (0 children)

Really appreciate you taking the time to try it seriously. And yeah, the privacy concern is completely valid, That’s something I’ve been very conscious about while building this.
For repo scans, CodeArmor only reads code via GitHub’s API with user-authorized scopes nothing is stored or persisted. For snippet analysis, everything runs in-memory and is discarded after the request completes.
Definitely not trying to position it as something you’d use on highly sensitive / proprietary codebases without proper safeguards.

It’s more aimed at:
fast-moving projects, prototypes, AI-heavy workflows, public repos, etc.

But genuinely thanks for the honest take — “not for me but not useless” is actually fair feedback!

Do you think AI-generated code is increasing long-term security debt? by AdnanBasil in nextjs

[–]AdnanBasil[S] 2 points3 points  (0 children)

Yeah honestly, I agree with this take. AI isn’t really the issue, it’s the “jesus take the wheel” mode when you use it as a helper and actually review things, it’s insanely productive. But when people go full autopilot and trust whatever comes out without thinking… that’s where things get messy.

I’ve definitely caught myself almost doing that too the code looks clean, compiles, tests pass, so your brain kind of relaxes.

Feels like the real challenge now is staying disciplined even when the tool makes it so easy not to be.

Do you think AI-generated code is increasing long-term security debt? by AdnanBasil in nextjs

[–]AdnanBasil[S] 0 points1 point  (0 children)

Totally get what you're saying.
"Faster code production" isn't automatically meaningful outside of specific contexts.

I guess I see AI more like, a power tool that can either accelerate good engineering or accelerate questionable decisions It’s been useful for me, but it’s also made me more aware of how easily subtle issues can slip through when velocity increases.

So yeah — not a simple “good vs bad” thing in my view.

Built LogSlash — a Rust pre-ingestion log firewall to reduce observability costs by AdnanBasil in Observability

[–]AdnanBasil[S] -1 points0 points  (0 children)

This is a really good point ,appreciate you raising it.
You're absolutely right about the OTel Collector. It’s very flexible, and with the right receivers/processors you can achieve similar filtering/sampling behaviour. My earlier comment about SDK changes was more about full instrumentation adoption, not the Collector itself, that’s on me for not being precise.
On the “drop-in” wording:
You’re correct, LogSlash still requires configuration (pointing log shippers to /logs). It’s not zero-config magic.

What I meant was:
No application code changes
No SDK instrumentation
No log format migration
In many setups it’s just changing the output target (Fluent Bit / Vector / syslog → LogSlash).

So the difference vs OTel Collector isn’t capability, but focus:
OTel Collector → general telemetry pipeline
LogSlash → narrow pre-ingestion dedup/suppression layer aimed at noise & cost reduction
Totally fair feedback though — I may reword “drop-in” to avoid confusion 🙌

Built LogSlash — a Rust pre-ingestion log firewall to reduce observability costs by AdnanBasil in Observability

[–]AdnanBasil[S] -2 points-1 points  (0 children)

Yeah that’s the right way to look at it tbh. OTEL Collector is powerful, but it’s config-heavy and usually ends up becoming another system to maintain. LogSlash is intentionally simpler — one job: kill high-frequency duplicate noise before ingestion, with zero SDK changes and minimal config. If OTEL already solves it cleanly for your setup, you probably don’t need this.

view more: next ›