Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

I think the commenter was referring to formal verification with "specification and validation": have the LLM emit formal proofs about invariants etc.

Currently the bugs are found by people using LLM's but aren't the developers. As more projects start getting access to compute, they can run those LLM searches for bugs themselves, and can simply prevent shipping the bugs.

I'm surprised no one has tried making any statistical analysis of bug densities, and "bug authors" in an attempt to identify untrustworthy developers, regardless of intent. Given a dataset of authors and prior bugs, it may help find more bugs by tracking their pull requests with higher scrutiny...

Some people may end up with an eternal stain if they've been taking money to submit vulnerable code to code bases...



Consider applying for YC's Fall 2026 batch! Applications are open till July 27.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: