alt Hacker NewsAs a corollary, it might also increase the surface of upstream supply-chain attacks (patched or not)
The package import thing seems like a red herring
As a corollary, it might also increase the surface of upstream supply-chain attacks (patched or not)
The package import thing seems like a red herring
It's going to be fun if someone finds a security vulnerability in a commonly-emitted-by-LLMs code pattern. That'll be a lot harder to remediate than "Update dependency xyz"