alt Hacker NewsSpot on. All those years of slinging code and debugging gave me and others the judgement and eye to check on all the AI generated code. I now wonder often about what hiring looks like in this new era. As a small startup, we just don't need junior engineers to do the day to day implementation.
Do we instead hire a small number of people as apprentices to train on the high level patterns, spot trouble areas, develop good 'taste' for clean software? Teach them what well organized, modular software looks like on the surface? How to spot redundancy? When to push the AI to examine an area for design issues, testability, security gaps? Not sure how to train people in this new era, would love to hear other perspectives.
Replies
> As a small startup, we just don't need junior engineers to do the day to day implementation.
> Do we instead hire a small number of people as apprentices...
Are you not just re-describing what a junior engineer is? Someone with potential you hire to have them learn and grow on your team?
I don't understand what is different. Pre-LLM, companies seemingly expected juniors to know a ton about coding. Post-LLM they'll expect them to know a ton about LLMs.
How much are you willing to pay? Is there any expectation of payoff?
Give juniors local models and plan for a workflow that soesnt require subsidized compute with lockib.
When your senior developers retire, and if the LLMs haven't caught up to their level by that time, where do you think new senior developers will come from?
[dead]
As much as I get push back by saying since AI, I never look at the code and I can still be sure it meets the functional and non functional requirements, no one has been able to dispute my methodology.
For functional requirements I review both the unit and more often the integration tests and make sure they align with the requirements.
For security, I validate the API endpoints can’t be accessed without authentication and these days I use Amazon Cognito.
The host environment - lambda, EC2, Docker runtime (ECS/EKS) have IAM roles attached with least privilege.
Then someone asked about multi tenancy and RBAC. Since mostly I deal with B2B clients with large business customers, each customer gets their own AWS account.
For RBAC, DynamoDB and Postgres at least on AWS both have Row level security that you can tie to a user or group - again authorized by Cognito or IAM. Even if the code does miss something - it’s still protected.
The database itself doesn’t have access to the outside world and if I can, I don’t even assign a user to the database and use the AWS Data API when possible that uses the AWS Control plane and IAM. If I do end up using a database use - it again has leash privilege.
Of course UX and UI testing has to be done manually.
I do carefully review the “works on my machine” and “works with small dataset” footguns - like concurrency implementations and I also have scalability tests.
Here's a depressing take.
Most places I worked at, seniors were expected to do the junior work, only faster. All the actual senior stuff (architecture, refactoring,code quality, you name it) is usually done either against management or as a concession to humor the devs.
Now that our ability to go fast has been supercharged, I suspect we're just going to see a massive lowering of quality across everything. We seem to be already seeing it in windows, osx, iOS, azure...
Either the market stops accepting that lowering and we see a counterpush, or people become content with 97% availability. Considering how normalized it is nowadays to have data leaks, I think the frog's already half boiled.