For personal projects, I don’t really care what you do. If someone who doesn’t know how to write a line of code asks an LLM to generate a simple program for them to use on their own, that doesn’t really bother me. Just don’t ask me to look at the code, and definitely don’t ask me to use the tool.

Nah. I only used AI as a last resort, and in my case, it has worked out. I cannot see myself using AI for codes again.

fake

So you mean debugging then?

This sounds like something I put on my resume to get a coding job, but I’m not actually a coder.

It’d work, too.

I probably wouldn’t do it. I do have AI help at times, but it is more for bouncing ideas off of, and occasionally it’ll mention a library or tech stack I haven’t heard of that allegedly accomplishes what I’m looking to do. Then I go research the library or tech stack and determine if there is value.

We should let these twits enjoy their shit on twitter. The AI hype is just like the crypto hype, it’ll fade.

The name vibe coding sounds like a drunk evening with friends getting an MVP off the ground, but nothing more.

Anti Commercial-AI license

lol wut, asking AI to do the work and then going back and fixing bugs…?

To me, vibe coding is pick a project to work on and get building. Very basic planning stages without much design, like building with legos without instruction manuals. I make design decisions and refactor as I code. I certainly get some AI input when I don’t know how to implement something, but I will usually work “blindly” using my own ideas and documentation. I probably visit stackoverflow while vibe coding more than I do chatgpt.

I think calling that vibe coding is a very unfitting term. I haven’t seen it called that before.

That’s a bad vibe if I’ve ever seen one.

This seems like a game you’d do with other programmers, lol.

I can understand using AI to write some potentially verbose or syntactically hell lines to save time and headaches.

The whole coding process? No. 😭

As an experiment / as a bit of a gag, I tried using Claude 3.7 Sonnet with Cline to write some simple cryptography code in Rust - use ECDHE to establish an ephemeral symmetric key, and then use AES256-GCM (with a counter in the nonce) to encrypt packets from client->server and server->client, using off-the-shelf RustCrypto libraries.

It got the interface right, but it got some details really wrong:

• It stored way more information than it needed in the structure tracking state, some of it very sensitive.
• It repeatedly converted back and forth between byte arrays and the proper types unnecessarily - reducing type safety and making things slower.
• Instead of using type safe enums it defined integer constants for no good reason.
• It logged information about failures as variable length strings, creating a possible timing side channel attack.
• Despite having a 96 bit nonce to work with (-1 bit to identify client->server and server->client), it used a 32 bit integer to represent the sequence number.
• And it “helpfully” used wrapping_add to increment the 32 sequence number! For those who don’t know much Rust and/or much cryptography: the golden rule of using ciphers like GCM is that you must never ever re-use the same nonce for the same key (otherwise you leak the XOR of the two messages). wrapping_add explicitly means when you get up to the maximum number (and remember, it’s only 32 bits, so there’s only about 4.3 billion numbers) it silently wraps back to 0. The secure implementation would be to explicitly fail if you go past the maximum size for the integer before attempting to encrypt / decrypt - and the smart choice would be to use at least 64 bits.
• It also rolled its own bespoke hash-based key extension function instead of using HKDF (which was available right there in the library, and callable with far less code than it generated).

To be fair, I didn’t really expect it to work well. Some kind of security auditor agent that does a pass over all the output might be able to find some of the issues, and pass it back to another agent to correct - which could make vibe coding more secure (to be proven).

But right now, I’d not put “vibe coded” output into production without someone going over it manually with a fine-toothed comb looking for security and stability issues.

Somewhat impressive, but still not quite a threat to my professional career, as it cannot produce reliable software for business use.

It does seem to open up for novices to create ‘bespoke software’ where they previously would not have been able to, or otherwise unable to justify the time commitment, which is fun. This means more software gets created which otherwise would not have existed, and I like that.

Based on my experience of AI coding I think this will only work for simple/common tasks, like writing a Python script download a CSV file and convert it to JSON.

As soon as you get anywhere that isn’t all over the internet it starts to bullshit.

But if you’re working in a domain it’s decent at, why not? I found in those cases fixing the AI’s mistakes can be faster than writing it myself. Actually often I find it useful for helping me decide how I want to write code because the AI does something dumb, and I go “no I obviously don’t want it like that”…

I mean, at some point you have to realize that instructing an AI on every single thing you want to do starts to look a lot like programming.

Programming isn’t just writing code. It’s being able to reason about a method of doing things. Until AI is at the level of designer, you can expect humans to have to do the brunt of the work to bring software to life.