
"My AI engineer has a second AI that tells it NO. Three times, it was right."
Yesterday afternoon I was about to ship a change to a production pipeline. The code was written,...
Tag archive

Yesterday afternoon I was about to ship a change to a production pipeline. The code was written,...
GitLab moved Security Review Flow into public beta on the Duo Agent Platform. You add it to a merge request like a human reviewer, and it focuses on authorization and business-logic bugs that pattern-based scanners typically miss.

Test smells used to drift in at typing speed. Agents reproduce them at generation speed because they sample whatever is already in the suite. The smells in your codebase are now the smells in your roadmap.

A senior's checklist for reviewing AI-generated code, ordered by cost of error — the bugs that read perfectly and pass a normal eyeball review.
TL;DR If you frame yourself as the manager with final accountability, it becomes clearer...
Linus Torvalds has spent years reviewing the most consequential codebase on Earth without reading...

Stop feeding the agent your whole repo. A tree-sitter call graph cuts review tokens 8-49x by loading only the nodes within two hops of the diff. The mental model, the three traps that quietly kill the savings, and the caveats.
A bug my own tests waved through, caught by an AI from another vendor I wrote a small tool...
My Take on: Return on Attention: Why AI Code Reviews Are Introduction My Take...

Code review was always a weak proxy for design review. When agents write the implementation, the review surface migrates upstream to test names, builder APIs, and contract assertions. The diff is downstream of all three.
A maintainer of Apache Superset merged one of my fixes the same day I filed it. "I can verify the fix...
A developer added an AI reviewer to a small Node and React project expecting an easy win. At first,...