devops
Larson: Are insecure code completions a vulnerability?
Source:
lwn.net 1 min read
Share
You are reading a summary. The full content is hosted on lwn.net.
Seth Larson reports PyCharm’s Full Line Code Completion plugin repeatedly suggesting code that could create severe vulnerabilities, raising uncertainty about whether this should be treated as a security issue or receive a CVE. After reporting it to JetBrains and waiting 90 days, he found the behavior unchanged in a newer version.
Read the full article on the original website
External link to lwn.net
