According to GitHub, developers can write code 55% faster, when they use coding tools like GitHub Copilot. Git Clear estimates that code churn—defined as “the percentage of lines that are reverted or updated less than two weeks after being authored”—will double in 2024 after analyzing 153 million lines of changed code between January 2020 and December 2023. Put otherwise, “Code generated during 2023… resembles [that of] an itinerant contributor,” making it sound, as though you employed a contract worker who was more focused on producing verbose code than making sure it could be maintained.

Bert Hubert illustrates how bloated code leads to security nightmares among other problems. This is not to argue against the usage of AI assistants by developers. Instead, it is a warning that we exercise caution to prevent our machines and the programming that powers them from becoming foolish due to an over-reliance on AI.

Had the application of generative AI (genAI) not taken off last year, there would not be much reason for alarm. As Datasette founder Simon Willison points out, there are positive and bad things that come with that adoption. “Our species has learned that you can take a massive corpus of text, run it through a pile of GPUs, and use it to create a fascinating new kind of software in the past 24–36 months,” he says. He goes on to say that if we can learn to use that program properly, it may improve our lives. Thankfully, building large language models (LLMs) requires a few hundred lines of Python code, making them “actually quite easy to build.”

The data used to train LLMs is more complex than the programming used to construct them. We discovered new strategies in 2023 to prevent them from going crazy, including retrieval-augmented generation (RAG) and other techniques.

We are also beginning to see how erratic they can be, which is a negative aspect of the ledger. After all, there is still no consistency to the dark art of prompting an LLM. “The things you sometimes have to do to get the models to behave are often incredibly dumb,” as Wilison observes. This applies more to asking ChatGPT to write a term paper than it does to developing software.

Bloat is the worst feature of software produced by AI and of modern software in general. Hubert contends, “The more [code] you have, the more risks you run.” We’ve made it someone else’s responsibility to run our program in an attempt to get around this in some ways. According to Hubert, “Software is now (rightfully) regarded as so dangerous that we tell everyone not to run it themselves.” Writing less code is essential. Leaner software is safer. Hubert says, “The world ships too much code, most of it unsuspected, most of it by third parties, sometimes unintentionally.” This results in a large attack surface that is chock-full of subpar code.

AI makes the issue worse.

The solution is code review, which can be carried out manually or automatically by machines. It could be argued that although coding assistants produce larger, less manageable code, artificial intelligence also reduces the amount of human maintenance required. Sounds reasonable, doesn’t it? False. The expanded assault surface is still present.

Code reviews may be the best solution to this code quality conundrum, as they have always been. The technique by which development teams push their work into production is more important than where the code originates. “Good code is crafted just as much by good process as by good developers,” as one of my coworkers recently stated. The approach hinges on developers fulfilling their obligation to acquire fundamental knowledge in software development. Less skilled developers run the risk of ignoring the trickiest software engineering concepts, such as distributed systems, networking, data structures and algorithms, etc. They are ill-equipped to conduct efficient code reviews as a result.

While strengthening their foundation in the fundamentals that will enable them to use AI tools effectively and avoid being used by them, developers will seize the new opportunities presented by these technologies. Development leads’ demands for thorough code reviews will make this aspiration a reality since they will increase the standard for all coders, human and machine alike.