1

Codacy Product Showcase: April 2024

Group 370
2

Codacy Security Adds Thousands of New SAST Rules With Semgrep Integration

Group 370
3

AI-Assisted Coding: 7 Pros and Cons to Consider

In this article:
Subscribe to our blog:

According to a recent GitHub survey, 92% of developers polled said they are already actively using coding assistants powered by artificial intelligence (AI). AI-assisted software development is not the wave of the future, it’s a reality of the present.

But as with all new technologies, immediate expectations need to be tempered, and outcomes must be closely studied before investing in them.

Is your software development team considering introducing AI tools into your workflow? Here are seven advantages and disadvantages of AI-assisted software development to consider before committing.

What is AI-Assisted Software Development?

AI-assisted coding refers to using artificial intelligence to aid software developers in writing, reviewing, and, hopefully, improving their code.

Large language models (LLMs) are at the heart of AI coding. LLMs are algorithms trained on massive amounts of publicly available human language and coding data, enabling AI coding assistants to offer aid with the following:

  • Code analysis and understanding: AI-powered tools can analyze your codebase using natural language processing (NLP) and machine learning (ML) techniques to understand code structure, syntax, and semantics.
  • Contextual suggestions: AI tools provide context-aware code-completion suggestions based on their analysis. These suggestions range from completing variable names, functions, and classes to suggesting appropriate code snippets based on what you want to achieve.

github quote about AI use

AI coding assistants easily integrate into developers’ workflows by coupling them with popular integrated development environments (IDEs) or code editors. Developers typically use AI coding tools to assist them with the following tasks:

  • Code generation: AI tools can assist in generating boilerplate code for repetitive tasks, saving developers time and effort.
  • Error detection and correction: They can identify common coding errors, such as syntax mistakes, missing semicolons, or type mismatches, and correct them automatically.
    Code refactoring: AI tools can aid in Identifying opportunities to improve code readability, performance, and maintainability.
  • Learning: For developers working with new programming languages or APIs, AI can offer documentation lookup, usage examples, and explanations to aid in overcoming learning curves.

AI coding assistants are just that—computerized helpers that assist developers in maximizing their work efforts.

Potential Advantages of Using an AI Coding Assistant

AI’s ability to help developers is evident. According to GitHub’s “Developer Wishlist” survey, 70% of developers using AI coding assistants believe these tools give them a distinct advantage at work, helping improve code quality and speed up coding processes.

Even in this early, formative stage of development, using AI-powered coding tools already offer tangible benefits to developers who have integrated them into their workflows.

Increased Efficiency and Productivity

A recent Stack Overflow survey showed that 33% of polled developers see improved productivity as the most valuable benefit of integrating AI coding tools into their workflow.

AI-assisted code generators streamline the coding process in two main ways—by offering intelligent suggestions and automating repetitive tasks. Code generation tools suggest code completion that can help developers code faster and create cleaner code that needs less debugging.

Plenty of time-consuming and repetitive tasks are associated with coding, like writing boilerplate code, code formatting and compilation, and performing basic SQL queries and data exploratory analysis.

A strong example of how generative AI can help developers work more efficiently is this international study from 2021, in which AI tools were used to help developers translate legacy source code into Python.

The study shows that even when the AI’s suggestions weren’t correct, the AI recommendations helped developers find and fix mistakes faster than manual translation.

In collaboration with AI code generators, human developers can use the time they used to spend on mundane tasks to focus on more complex aspects of software development that require human creativity and intuition.

github quote about AI use by developers

Provides Access to Non-Developers

AI-assisted coding tools empower non-developers within your team, such as product managers or designers, to understand and contribute to the codebase. Anyone new to coding can use these tools to significantly lower the learning curve of becoming a developer.

Those learning to code with the help of AI tools can get code suggestions and textual guidance based on existing code examples and best practices. AI allows novice coders to make requests and create functions in human language before they can speak programming languages.

"I use (GitHub's) CoPilot to create low-code applications that illustrate my ideas to the development team. It's a novel way to get my point across without too much work," said Alister Wood, owner of visitor management system, VisitUs

"The apps are easy to develop and I just need to enter prompts to get a good framework for the feature I want to add to our software. It has already convinced a few of our developers, who are generally hard to please. So, I appreciate CoPilot's ease of use," he added. 

GitHub’s “Developer Wishlist” survey shows that developers want their work environment to be more collaborative. Four out of five believe that AI tools can play a significant role in improving team cooperation.

By encouraging non-developers to learn about code quickly and intuitively, AI coding tools can spur better cross-functional collaboration within software development teams.

Potential Disadvantages of AI-Assisted Development

Not everyone’s sold on the benefits of AI-assisted development. Stack Overflow’s recent survey found that almost 30% of polled developers aren’t using any AI tools and don’t plan to start using them.

Despite the clear benefits and widespread adoption seen recently, there are plenty of potential pitfalls that any software development team looking to integrate AI coding into their workflow should be wary of and familiar with before taking this leap.

Overdependence

Great software developers are creative. They can conceptualize solutions and problem-solve through critical thinking. An overreliance on technology can limit these capacities.

A 2019 study by YouGov reported that 52% of British parents no longer know their times tables perfectly, which isn’t surprising given how easy calculators are to access on our phones and computers today.

Handwriting vs. typing is a similar situation. A 2020 study found that 12-year-olds taking notes by hand could retain and remember more information than those who took notes using a keyboard. The research found that writing and drawing activate areas of our brains that we don’t use when typing, which can positively affect how we process information.

Writing code with and without AI assistance works similarly. While AI tools excel at optimizing known patterns, they may inadvertently discourage developers from exploring innovative solutions. Relying too heavily on AI-generated suggestions could hinder creative problem-solving.

AI algorithms follow set rules and procedures. Even though they are trained on vast amounts of data and can make rational predictions, they can’t think outside the box and generate original ideas—not yet, anyway.

Much like the overuse of any technology that prioritizes convenience and speed, developers could be stifling their growth and advancement by relying too much on AI coding tools.

Inaccuracy

AI algorithms are only as reliable as their training data. If the data the algorithm is trained on is biased, it will also be biased.

We have already seen many examples of AI generating inaccurate data. Brigham and Women’s Hospital researchers asked OpenAI’s ChatGPT chatbot to help develop cancer treatment plans for patients. The study found that one-third of the AI chatbot’s suggestions contained inaccurate information.

A Purdue University study analyzed ChatGPT’s answers to more than 500 coding-related questions the AI chatbot was asked to answer. The results showed that 52% of ChatGPT’s responses were incorrect.

Another study from April 2023 found that “the latest versions of ChatGPT, GitHub CoPilot,
and Amazon CodeWhisperer generate correct code 65.2%, 46.3%, and 31.1% of the
time, respectively.”

While most developers use AI tools in some capacity to help them code, few are entirely sold on the accuracy and quality of the generated code.

According to Stack Overflow’s developer survey, less than 3% of developers “highly trust” the accuracy of AI output. In comparison, 39.3% said they “somewhat trust,” 21.71% “somewhat distrust,” and 5.46% “highly distrust” AI-generated code.

statistics about inaccuracy of AI coding tools

Legal Ramifications

AI-powered coding currently resides in a gray area regarding legality, but the steadily increasing use of AI assistance to create code could quickly complicate some legal matters.

The first is open-source licensing infringement. AI code generators are trained by analyzing open-source code. Therefore, the code AI-assisted tools produce is based on what they have learned from open-source code written by human developers.

So, is AI code inherently derivative of open-source projects? Are AI tools allowed to train themselves on the code of other developers without receiving explicit permission?

Thus far, the consensus is that what AI tools do is not much different from what human developers do when they analyze the code of others to get ideas and find solutions independently.

However, there has been at least one known instance of a class action suit filed against GitHub, alleging that their CoPilot AI coding assistant violates some of the most prominent open-source licenses.

Another potential legal ramification to consider is liability. If code your team has written using AI tools is responsible for errors, security vulnerabilities, or any other missteps that negatively affect your clients, who should be held accountable?

Suppose you are using AI tools to code. In that case, your software development company’s legal team might have to spend significant resources researching and writing new contracts stipulating how liability for potential mishaps is shared between you, AI tool providers, and your clients.

This lack of legal clarity is another reason companies hesitate to embrace AI-assisted code generation fully.

Security Issues

Regardless of AI, cyberattacks on software companies have steadily increased over the last several years. A recent report on distributed denial-of-service (DDoS) attacks by Zayo highlighted a 794% increase in DDoS attacks on Cloud and Software as a Service (SaaS) companies in the first half of 2023.

Data from Cyber Management Alliance also shows that successful cyberattacks on corporations and other business entities, large and small, show no signs of slowing in 2023.

Software companies must be increasingly vigilant about cybersecurity in the age of AI. The rapid evolution of AI and automation can help numerous professionals become more efficient and effective in their work, cybercriminals included.

Using AI tools to write code introduces additional security and privacy concerns into an already volatile environment.

AI coding tools must gain access to your codebase to formulate recommendations and generate code. These tools are trained on the code of others, some of which could inadvertently introduce vulnerabilities into your source code, potentially leading to exploitable weaknesses that attackers could target.

Other potential AI-related security concerns software development teams need to be aware of include:

  • Privacy violations: Granting AI code writers access to confidential data might expose sensitive information in the code, violating privacy regulations.
  • Data breaches: Uploading code to external servers for AI processing could expose intellectual property or sensitive information if the data is not adequately protected during transit and storage.
  • Model poisoning attacks: Cybercriminals could manipulate an AI tool’s training process by feeding it malicious code, potentially generating compromised or harmful code suggestions.

To mitigate these security issues, it’s crucial to implement proper security practices, validate AI-generated code suggestions, and carefully integrate AI tools into an already secure development lifecycle.

High Cost of Implementation

A recent International Data Corporation (IDC) forecast predicts that global spending on AI software, hardware, and services is expected to surpass $300 billion in 2026.

Recent research by WebFX found that companies that want to integrate AI-powered solutions like chatbots, virtual assistants, and data analysis systems can spend up to $300,000 on custom AI solutions or up to $40,000 per year on third-party AI tools.

Similarly, the costs involved in licensing and training an AI code completion tool—and the potential adjustments that might need to be made to your development process—could be significant.

Preparation for AI implementation involves many hours spent researching and testing tools to assess how well they integrate with your development environment, workflows, and tool stack.

Once tools are selected, you must install and configure them correctly. Development team leaders must also establish rules and guidelines for using AI-generated code—define all new code review processes and security and compliance protocols that consider the potential issues associated with AI-assisted coding tools.

Embrace AI Coding with Preparedness and Precaution

The benefits of adding AI-powered coding tools to your development arsenal are already significant. And with the speed at which this technology advances, it’s hard to imagine a near future in which AI tools aren’t essential.

To make the most of your use of AI coding tools, implement and use them with vigilance. Development team leaders must take steps to guard against the potential pitfalls of integrating and using AI tools frivolously.

Thankfully, using AI coding tools responsibly and securely isn’t difficult with a platform like Codacy on your side. Use Codacy Quality to define rules and code quality standards that allow you to detect incorrect or insecure AI-suggested coding patterns early through automated static code analysis. Codacy even has an AI-assisted tool that suggests code fixes that can be applied directly to your Git workflow.

Whether you produce your code with humans, machines, or a combination, Codacy can help keep it clean. Want to reap the benefits of AI coding tools while maintaining secure code of the utmost quality? Sign up for a 14-day free trial to see how Codacy can help you do just that.

RELATED
BLOG POSTS

3 popular C# style guides that will help improve your coding standards
C# is a popular programming language developed by Microsoft, and you can use it for developing web applications, games, and more. Writing high-quality,...
3 popular Python style guides that will improve your coding standards
A code style guide is a set of rules, standards, or best practices that outline how your team should write, format, and organise the source code. In an...
Is Coding with AI Secure? A Guide to Safe AI-Assisted Development
In a recent Gartner survey of more than 240 senior enterprise executives, generative AI was the second most frequently named emerging risk for...

Automate code
reviews on your commits and pull request

Group 13