Markus Vervier 👾
What is super cool is to generate a quick analysis of a source file, with comments about potential vulnerabilities. Here are some reports about http://server.py used by the plugin...did I mention this thing has probably a lot of vulnerabilities? Use at your own risk. xD
Dec 6, 2022 at 12:22amWeb
Show threadMarkus Vervier 👾Dec 6, 2022
You can also analyze some source code fragments with varying results. Generate a write-up based on code comments describing a vulnerable code path? Not a problem.
Show threadMarkus Vervier 👾Dec 6, 2022
Be careful, the results can be just plain wrong sometimes, but since ChatGPT is so good at making things look perfectly right, subtle bugs may be hard to spot.../Don´t trust, ALWAYS verify/
Show threadMarkus Vervier 👾Dec 6, 2022
Obviously it's not a good idea to pipe any kind of sensitive data or secrets into ChatGPT since it will be uploaded to somewhere...
Show threadMarkus Vervier 👾Dec 6, 2022
So is this thing replacing human code review? Not in the near future, you can't trust the results, they need to be understood, and one needs to properly describe what the outcome should be to get good results.