this post was submitted on 19 May 2026
593 points (99.3% liked)
Technology
84793 readers
3924 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related news or articles.
- Be excellent to each other!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
- Check for duplicates before posting, duplicates may be removed
- Accounts 7 days and younger will have their posts automatically removed.
Approved Bots
founded 2 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
vibe code go brrrrrrr
EDIT: wow it's far worse, it was a single contractor that decided that his convenience was above any and all security recommendations ever written. Pure. Genius!
Leaving passwords in plaintext has zero to do with “vibe coding”
It definitely can if an LLM did it.
I agree and to expand the same point. Even if the llm didn't do it, it's entirely plausible the LLM recommended it and the dev just drank that coolaid
yeah, and this is why I edited my original post after reading the article.
Only the best people
You know what's ironic? FedRAMP rules dictate that Thou Must Scan Thy Repos for Secrets (tokens, passwords, etc)
GitHub, ButrBucket, etc all have this out of the box for enterprise customers
https://support.atlassian.com/bitbucket-data-center/kb/how-to-scan-for-and-remove-passwords-or-secrets-in-bitbucket-server-repositories/
Contractor, eh?
How much do you wanna bet he has close personal ties to the trump family and zero cybersecurity experience?