This mostly sounds like a good thing to me from a utilitarian standpoint. Getting all your utility classes from somewhere like npm and creating dependencies on 20 different people and organizations who may or may not maintain their software has been a security nightmare with many highly public examples. If a LLM writes a utility class for me then my supply chain is smaller, meaning less surface area to attack plus I probably benefit from some form of security through obscurity for whatever non-trivial amount that's worth. "Downside" is I don't have some rando, probably unpaid labor out there updating a piece of my app for me...

▲

philipov 3 hours ago | parent [-]

Your supply chain is superficially fewer, but not smaller. The way you're counting the number of suppliers is heterogeneous: ChatGPT has a bigger surface area than 20 individuals.

▲

safety1st 2 hours ago | parent [-]

Your supply chain is smaller in the sense that every person or organization you obtain code from is similar to a vendor, just an unpaid one. They are a separate entity your business depends on.

If we replace code written by 20 of those organizations with code written by ChatGPT, we've gone from 20 code "vendors" we don't know much about who have no formal agreement to speak of with us, to 1 tools vendor which we can even make an enterprise agreement with and all that jazz.

So whatever else the outcome may be, from this perspective it reduces uncertainty to quit using random npm packages and generate your utility classes with ChatGPT. I think this is the conclusion many businesses may reach.

	▲	dbalatero 2 hours ago \| parent [-]
		What enterprise agreement would you make with OpenAI that would make you feel better about the supply chain? Seems to me you just get stochastic output that may or may not be battle tested level code, without guarantees either?