Remix.run Logo
Remix clone Hacker News
new | show | ask | jobsGithub
raincole 2 hours ago

Everyone who uses these tools seriously is running it on YOLO mode. It might sound crazy for someone who just started adopting agentic coding but it's how things are done now. Either that or just hand coding.

The SOTA of permission management is just to git restore when AI fucks up, and to roll back docker snapshot when it fucks up big time.

raw_anon_1111 an hour ago | parent | next [-]

I see nothing wrong with that. If I “fuck up big time” before AI, I would just git restore. There is absolutely nothing on my work computer or personal computer that I couldn’t just throw it in the ocean and within a half a day have everything restored to just like it was - including the data.

raincole an hour ago | parent [-]

I didn't say there is something wrong with it. That's how I use it too.

JeremyNT an hour ago | parent | prev | next [-]

Yep, it's easier to ask forgiveness than permission. It's far easier to undo the 1% of the time they fuck up in a serious way than it is to manually audit and allow an the routine stuff.

The key is to only give them access to things you're willing to lose.

This is also why giving them any kind of direct write access to production is a bad idea.

jazzyjackson an hour ago | parent [-]

Talk about code smell

If you arent manually auditing, you only notice the fuck ups when they’re instantaneous

If you don’t trust it to interact with prod, but still trust it to write code that will run on prod… you’re still trusting it with write access to prod.

The only thing I’m willing to let Claude write for me is a static site generator, because static files without JS aren’t going to do any damage, it either loads or it doesn’t.

raw_anon_1111 an hour ago | parent [-]

If you are a team lead or above, do you manually audit every line of code that other developers on your team write even when you are the one that will ultimately be held responsible? Every library you use?

joquarky 22 minutes ago | parent [-]

This was fairly routine when the pace of everything was slower, we didn't have a giant tree of dependencies, and companies cared more about product quality.

dehrmann an hour ago | parent | prev | next [-]

I was doing something involving API keys and I realized Junie (backed by Sonnet) likes too write helper scripts to try things. And who knows where those scripts look or if they honor .aiignore. Agentic development is a real test of internal access control.

andoando 2 hours ago | parent | prev [-]

I ran thousands of prompts by now and at most the only issue I had is it deleting code it wrote, which has been easy to recover