Comments (5)
Partly, read my answer to #946
Secondly, for web-stuff, you may be luckier with https://gptengineer.app/, though I know the waiting list is long atm.
from gpt-engineer.
What about the constant usage of old vulnerable code libraries?
That isn't ChatGPT, because I tested it side by side with the same prompt, same model, and got different results with GPT Engineer always defaulting to using old and very dangerous versions of code even when told not to. When I specified to use the newest code versions with no publish vulnerabilities to ChatGPT I got the latest versions of code and links to where it verified vulnerabilities.
Something isn't working in GPT Engineer.
from gpt-engineer.
gpt-engineer gets all written code from chat-gpt. Before asking chat-gpt for the code it adds some pre-prompts, asking chat-gpt to make the implementation as complete and functional as possible. It is possible that, when doing so, chat-gpt down prioritizes using the newest version, but this is just speculation on my part. How the prompt to chat-gpt affects safety awareness is for sure incredibly complex. You can try adding something like "make sure to use the newest library versions to avoid safety vulnerabilities" to the prompt.
from gpt-engineer.
I guess you missed the part where I said I already added commands in my prompt to use new software with no vulnerabilities, but it doesn't work in GPT Engineer and does work on ChatGPT. I understand the desire to defend your code, but, seriously if GPT Engineer is choosing to ignore my prompt and then pulls down old vulnerable code despite what its told, then this isn't a ChatGPT issue.
from gpt-engineer.
Sorry for overlooking that you already tested my suggestion.
I'm not primarily defending gpt-engineer, but giving you context on what gpt-engineer is doing, so that you can judge its behavior better.
I repeat: the only thing gpt-engineer does different from using chatgpt directly, is adding additional instructions to the chatgpt user prompt. These instructions are probably the reason why your reported problem occurs, which I was open about in my answer. How to change these instructions to be more security aware, without harming perfomance in less security critical applications is an open problem. If you have a suggestion on how to do this, your help is more than welcome.
from gpt-engineer.
Related Issues (20)
- Make it possible to use "copy paste" to external LLM for Gemini 1.5 experimentation HOT 5
- Set up codecov.io reporting HOT 4
- WSL2 gpte File List bad Behavior HOT 15
- Implement Vector Store for Similarity-Based Code Generation (RAG on Codebase) HOT 1
- Git diff generation marking valid diffs as invalid HOT 4
- The documentation build is failing HOT 2
- Image input
- Run against SWE-Bench HOT 1
- Automatic diff failure (partly meta issue)
- Confusing `--help` description HOT 2
- `--improve` changes are no longer applied after #1052 was merged HOT 2
- Disentangle tests by removing cachingAI HOT 2
- improve code,but the file be overwritten HOT 4
- Python file path info in "files_dict" and "diff.filename_pre" can not match when I use improve mode HOT 3
- Exception: No files were selected. Please select at least one file to proceed. when i use improve mode HOT 3
- Bug: Parentheses around filenames HOT 2
- Enhancing Code Refactoring Capability for Advanced Code Generation HOT 2
- example improve file_selection.toml be rewritten the Initialization status HOT 2
- No chance to input and answer the gpte three question on generate complex application HOT 4
- Error while improving the project: '/dev/null' HOT 3
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from gpt-engineer.