HackerTrans
TopNewTrendsCommentsPastAskShowJobs

MarcoDewey

no profile record

Submissions

My 2026 Predictions

marcodewey.com
4 points·by MarcoDewey·7 miesięcy temu·0 comments

Hierarchy of Engineering Talent

businessinsider.com
1 points·by MarcoDewey·8 miesięcy temu·0 comments

Black Friday sets online spending record of $11.8B

techcrunch.com
8 points·by MarcoDewey·8 miesięcy temu·0 comments

Billionaire warns 'last time to buy' as Bitcoin crashes

finance.yahoo.com
1 points·by MarcoDewey·8 miesięcy temu·0 comments

Valar Atomics Says It's the First Nuclear Startup to Achieve Criticality

wired.com
2 points·by MarcoDewey·8 miesięcy temu·0 comments

Show HN: I created an AI-powered Python testing suite that writes its own tests

3 points·by MarcoDewey·11 miesięcy temu·0 comments

AST-Driven Python Testing

jazzberry.ai
10 points·by MarcoDewey·11 miesięcy temu·2 comments

Python Testing MCP Server

github.com
4 points·by MarcoDewey·11 miesięcy temu·1 comments

The Meta AI app is a privacy disaster

techcrunch.com
8 points·by MarcoDewey·w zeszłym roku·1 comments

Why Large Language Models Are Still Learning to Find Bugs

jazzberry.ai
2 points·by MarcoDewey·w zeszłym roku·0 comments

For some recent graduates the AI job apocalypse may be here

cio.economictimes.indiatimes.com
1 points·by MarcoDewey·w zeszłym roku·0 comments

Not all tokens are meant to be forgotten

arxiv.org
54 points·by MarcoDewey·w zeszłym roku·23 comments

Designing Algorithmic Delegates

arxiv.org
2 points·by MarcoDewey·w zeszłym roku·0 comments

[untitled]

14 points·by MarcoDewey·w zeszłym roku·0 comments

Is AI Stealing Jobs? This Hiring Analyst Says Yes

inc.com
18 points·by MarcoDewey·w zeszłym roku·3 comments

Thandas Agroecology Initiative Aims to Shift the Future for Young South Africans

farmersreviewafrica.com
2 points·by MarcoDewey·w zeszłym roku·0 comments

[untitled]

1 points·by MarcoDewey·w zeszłym roku·0 comments

IT workers struggling in New Zealand's tight job market

rnz.co.nz
84 points·by MarcoDewey·w zeszłym roku·123 comments

From promise to pullback: Texas' tech sector faces hiring declines

texasstandard.org
7 points·by MarcoDewey·w zeszłym roku·0 comments

Steroids, Science, and $1M Payouts: Inside the Enhanced Games

huddleup.substack.com
1 points·by MarcoDewey·w zeszłym roku·0 comments

comments

MarcoDewey
·11 miesięcy temu·discuss
you are right that a traditional fuzzer (especially a grey-box one like AFL or a white-box one) is superior in speed, cost per execution, and comprehensiveness.

The argument for using an LLM to generate a curated set of fuzz inputs isn't to replace traditional fuzzers, but to complement them by targeting a different class of bugs that traditional fuzzers are often poor at finding.

The goal of this tool is two fold.

1. give LLMs the ability to make use of traditional software testing tools

2. enhance some of the shortcomings in traditional software testing tools by selectively using LLMs (specifically their ability to understand the larger context the code is written in)
MarcoDewey
·w zeszłym roku·discuss
Finally, someone who gets that SSR is overkill. I just want a simple static documentation page.
MarcoDewey
·w zeszłym roku·discuss
I think that diffusion models might be a better way to generate code than autoregressive left-to-right generation
MarcoDewey
·w zeszłym roku·discuss
The middle class is dead. It is almost impossible to buy a home and raise a family in your 20s now.
MarcoDewey
·w zeszłym roku·discuss
Here is a list of a few tools that do something like that: jazzberry ai, greptile, coderabbit, codeant (lots of code), cubic, qodo.

GitLab may also have a code review tool available now (I know that GitHub does)
MarcoDewey
·w zeszłym roku·discuss
Yes, we have caught some navigation bugs on the front end.

There are some other really cool tools built explicitly for this, like QualGent and Operative.sh
MarcoDewey
·w zeszłym roku·discuss
We are working daily on making Jazzberry better for larger teams and repositories. Our goal is to find deep, difficult bugs in large repos
MarcoDewey
·w zeszłym roku·discuss
I also wish that I had more real world experience. It would help me a ton if I had 25 years of software testing experience.

It sounds like you do have experience, and I would love to learn from you. It would be awesome if you could help us build a tool that is truly useful for you and your work.
MarcoDewey
·w zeszłym roku·discuss
That is one of the obvious use cases. There are many others, you are welcome to install the bot and play around with it. I would love to hear your feedback.
MarcoDewey
·w zeszłym roku·discuss
The bugs shown in the "real bugs" section are real output from the tool. Are you referring to looking at the full table of bugs that we return? Sometimes we only find one bug in the PR, sometimes our clients don't want us to share other bugs that could expose their work.
MarcoDewey
·w zeszłym roku·discuss
Correct, what is unique about LLMs is their ability to match an existing tool or practice to a unique problem.
MarcoDewey
·w zeszłym roku·discuss
I definitely agree that there's a lot of research happening in this space, and the false positive issue is a significant hurdle. From my own research and experimentation, I have also seen how challenging it is to get LLM-powered tools to consistently find real.

Our approach with Jazzberry is specifically focused on the dynamic execution aspect within the PR context. I am seeing that by actually running the code with the specific changes, we can get a clearer signal about functional errors. We're very aware of the need to demonstrate our ability to find those high-severity/exploitable bugs you mentioned, and that's a key metric for us as we continue to develop it.

Given your background, I'd be really interested to hear if you have any thoughts on what approaches you think might be most promising for moving beyond the false positive problem in AI-driven bug finding. Any insights from your work at MIT would be incredibly valuable.
MarcoDewey
·w zeszłym roku·discuss
You are right that static linters are incredibly fast and efficient for catching certain classes of issues.

Our focus with the dynamic sandbox execution is aimed at finding bugs that are much harder for static analysis to detect. These are bugs like logical flaws in specific execution paths and unexpected interactions between code changes.
MarcoDewey
·w zeszłym roku·discuss
What if - some of us - just like to use excessive - dashes when writing -- ?
MarcoDewey
·w zeszłym roku·discuss
What are some of your best prompting practices to get AI to write reliable code?

I have been experimenting with forcing the AI to write the test cases first and then build software that passes all those tests.
MarcoDewey
·w zeszłym roku·discuss
I love that you all are doing real old school machine learning and not just LLM transformer based work!
MarcoDewey
·w zeszłym roku·discuss
I believe that the unprecedented scale of LLM-generated code will demand a novel approach to software review and testing. Human review may not be able to keep up (or will it become the bottleneck?)
MarcoDewey
·w zeszłym roku·discuss
I think this is a seriously excellent point.

The bet that I am making is that the system reduces its error rate by splitting a broad task into two more focused tasks.

However, it is possible that generating meaningful test cases is a harder problem (with a higher error rate) than producing code. If this is the case, then this idea I am presenting would compound the error rate.
MarcoDewey
·w zeszłym roku·discuss
improving code generation would be awesome :)
MarcoDewey
·w zeszłym roku·discuss
I believe that I have unintentionally misled you. When I say "unbiased oracle" I am talking specifically about the test oracle being unbiased by how the software was implemented. ie. Black Box testing.

I don't think I made the point very clear in the blog (I will rectify that), but I am saying that because LLMs are so easily biased by their prompting that they sometimes perform better when doing black box testing tasks than they do when performing white box testing.