hamburgheftig@feddit.org to Technology@lemmy.worldEnglish · 1 month agoFed up with vibe coders, dev sneaks data-nuking prompt injection into their code - Ars Technicaarstechnica.comexternal-linkmessage-square156linkfedilinkarrow-up11arrow-down10cross-posted to: hackernews@lemmy.bestiver.sepulse_of_truth@infosec.pub
arrow-up11arrow-down1external-linkFed up with vibe coders, dev sneaks data-nuking prompt injection into their code - Ars Technicaarstechnica.comhamburgheftig@feddit.org to Technology@lemmy.worldEnglish · 1 month agomessage-square156linkfedilinkcross-posted to: hackernews@lemmy.bestiver.sepulse_of_truth@infosec.pub
minus-squarethis@sh.itjust.workslinkfedilinkEnglisharrow-up0·1 month agoTrue, but I would think developers should at least be following it with the code they’re actually working on.
minus-squareAwesomeLowlander@sh.itjust.workslinkfedilinkEnglisharrow-up0·1 month agoIt’s an imported library, since when are devs expected to be inspecting the source code of every library they import?
minus-squaresakuraba@lemmy.mllinkfedilinkEnglisharrow-up0·1 month agoit used to be a thing but javascript npm brainrot happened
minus-squareyessikg@fedia.iolinkfedilinkarrow-up0·1 month agoSince forever? Don’t you do security audits on the libraries you use?
True, but I would think developers should at least be following it with the code they’re actually working on.
It’s an imported library, since when are devs expected to be inspecting the source code of every library they import?
it used to be a thing but javascript npm brainrot happened
Since forever? Don’t you do security audits on the libraries you use?