惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

A
About on SuperTechFans
D
DataBreaches.Net
K
KPMG report finds enterprise disconnect between AI and its ROI | CIO
V
Visual Studio Blog
奇客Solidot–传递最新科技情报
奇客Solidot–传递最新科技情报
B
Blog RSS Feed
Recent Announcements
Recent Announcements
The Register - Security
The Register - Security
S
Secure Thoughts
Y
Y Combinator Blog
The Last Watchdog
The Last Watchdog
L
LINUX DO - 最新话题
V2EX - 技术
V2EX - 技术
腾讯CDC
GbyAI
GbyAI
G
Google Developers Blog
博客园 - 司徒正美
博客园 - 三生石上(FineUI控件)
T
The Exploit Database - CXSecurity.com
T
Threat Research - Cisco Blogs
P
Proofpoint News Feed
Schneier on Security
Schneier on Security
Microsoft Security Blog
Microsoft Security Blog
Jina AI
Jina AI
WordPress大学
WordPress大学
aimingoo的专栏
aimingoo的专栏
MyScale Blog
MyScale Blog
Help Net Security
Help Net Security
K
Kaspersky official blog
P
Privacy & Cybersecurity Law Blog
www.infosecurity-magazine.com
www.infosecurity-magazine.com
AI
AI
MongoDB | Blog
MongoDB | Blog
Scott Helme
Scott Helme
J
Java Code Geeks
Engineering at Meta
Engineering at Meta
H
Heimdal Security Blog
H
Help Net Security
D
Darknet – Hacking Tools, Hacker News & Cyber Security
云风的 BLOG
云风的 BLOG
Microsoft Azure Blog
Microsoft Azure Blog
S
Security Affairs
TaoSecurity Blog
TaoSecurity Blog
The GitHub Blog
The GitHub Blog
Hacker News: Ask HN
Hacker News: Ask HN
Martin Fowler
Martin Fowler
cs.AI updates on arXiv.org
cs.AI updates on arXiv.org
Project Zero
Project Zero
T
The Blog of Author Tim Ferriss
Last Week in AI
Last Week in AI

Swift for Visual Studio Code comes to Open VSX Registry | InfoWorld

Notion courts developers with a platform for AI agents and workflow automation Using continuous purple teaming to protect fast-paced enterprise environments A better way to work with SQL Server AWS debuts Graviton-powered Redshift RG instances to cut analytics costs SAP’s AI promises last year? Most are still rolling out First look: Lemonade serves up local AI with limitations GitLab CEO sees developer tool bill increasing 100-fold Red Hat adds support for agentic AI development What’s new and exciting in JDK 26 Kill the loading spinner with local-first data and reactive SQL A networking revolution at AWS Tokenmaxxing is super dumb How to add AI to an existing product (without annoying users) Your AI doesn’t need another database What happens when engineering teams reorganize around AI agents Python isn’t always easy When cloud giants meddle in markets 12 model-level deep cuts to slash AI training costs The best new features in Python 3.15 Teradata launches platform for enterprise AI agents moving beyond pilots Three skills that matter when AI handles the coding MongoDB targets AI’s retrieval problem Building AI apps and agents with Microsoft Foundry Designing front-end systems for cloud failure No, AI won’t destroy software development jobs Diskless databases: What happens when storage isn’t the bottleneck Vibe coding or spec-driven development? The agentic AI distraction Vibe coding or spec-driven development? How to choose Cloud providers are blinded by agentic AI SAP to acquire data lakehouse vendor Dremio Small language models: Rethinking enterprise AI architecture Making AI work through eval hygiene Improving AI agents through better evaluations AI in the cloud is easy but expensive Running AI in the cloud is easy – and expensive Making AI work for databases Harness teams of agentic coders with Squad Harness teams of coding agents with Squad Oracle NetSuite announces AI coding skills for SuiteCloud developers Why it’s so hard to create stand-alone Python apps A new challenge for software product managers The hidden cost of front-end complexity GitHub shifts Copilot to usage-based billing, signaling a new cost model for enterprise AI tools OpenAI’s Symphony spec pushes coding agents from prompts to orchestration The front-end architecture trilemma: Reactivity vs. hypermedia vs. local-first apps Enterprise AI is missing the business core The best JavaScript certifications for getting hired Google begins putting the guardrails on agentic AI Why world models are AI’s next frontier Where to begin a cloud career Google pitches Agentic Data Cloud to help enterprises turn data into context for AI agents How open source ideals must expand for AI Is your Node.js project really secure? How I doubled my GPU efficiency without buying a single new card SpaceX secures option to acquire AI coding startup Cursor for $60B Google’s Gemma 4 shines on local systems – both big and small AI is upending the SaaS game How AI is upending SaaS tools Snowflake offers help to users and builders of AI agents From the engine room to the bridge: What the modern leadership shift means for architects like me Addressing the challenges of unstructured data governance for AI The cookbook for safe, powerful agents Enterprises are rethinking Kubernetes GitHub pauses new Copilot sign-ups as agentic AI strains infrastructure Best practices for building agentic systems Making agents dull Oracle delivers semantic search without LLMs When cloud giants neglect resilience Exciting Python features are on the way Ease into Azure Kubernetes Application Network The agent tier: Rethinking runtime architecture for context-driven enterprise workflows The two-pass compiler is back – this time, it’s fixing AI code generation MuleSoft Agent Fabric adds new ways to keep AI agents in line Salesforce launches Headless 360 to support agent‑first enterprise workflows Tap into the AI APIs of Google Chrome and Microsoft Edge Where will developer wisdom come from? GitHub adds Stacked PRs to speed complex code reviews The hyperscalers are pricing themselves out of AI workloads HTMX 4.0: Hypermedia finds a new gear Google Cloud introduces QueryData to help AI agents create reliable database queries Hands-on with the Google Agent Development Kit Are AI certifications worth the investment? AWS targets AI agent sprawl with new Bedrock Agent Registry Cloud degrees are moving online Swift for Visual Studio Code comes to Open VSX Registry AI agents aren't failing. The coordination layer is failing How Agile practices ensure quality in GenAI-assisted development Anthropic rolls out Claude Managed Agents Microsoft’s reauthentication snafu cuts off developers globally Meta’s Muse Spark: a smaller, faster AI model for broad app deployment Bringing databases and Kubernetes together Rethinking Angular forms: A state-first perspective Minimus Welcomes Yael Nardi as CBO to Facilitate Strategic Growth Microsoft announces end of support for ASP.NET Core 2.3 Get started with Python’s new frozendict type AWS turns its S3 storage service into a file system for AI agents Microsoft’s new Agent Governance Toolkit targets top OWASP risks for AI agents The winners and losers of AI coding GitHub Copilot CLI adds Rubber Duck review agent
How to stop the AI code generation treadmill
by Deepak Anupalli · 2026-05-28 · via Swift for Visual Studio Code comes to Open VSX Registry | InfoWorld

Piling on guardrails is the sign of a system permanently compensating for its own unreliability. There’s a better approach.

According to Sonar’s State of Code Developer Survey report for 2026, based on a survey of over 1,100 developers, 42% of committed code is now AI-assisted, and roughly 29% of it gets merged without manual review. Not “light review.” No review at all.

The industry’s response has been predictable: more guardrails. Static analysis. Token linting. Visual regression testing. Accessibility audits. Security scans. Each tool is a reasonable reaction to a real failure mode. Taken together, though, they describe something uncomfortable: a system permanently compensating for its own unreliability. The AI generates. The tooling checks. The developers arbitrate. And the whole apparatus scales linearly with the volume of code being produced.

That is the wrong scaling curve for any enterprise that plans to build more than a handful of applications.

The conventional framing — “How do we build better guardrails for AI-generated code?” — is not wrong. In my opinion, it is just incomplete. The more productive question should be, “How do we reduce the amount of code that needs guardrails in the first place?”

That question leads us to a fundamentally different architecture, one that thoughtfully applies AI on an escalating curve from zero to partial to full code generation. One I call the AI assembly model.

First, let’s take a deeper look at how things work today.

The generate-then-check treadmill

When a generative AI tool produces a UI component from scratch — a data table, a form, a navigation bar — the output is probabilistic. It might be correct. It might also carry a missing authentication check, a hardcoded color value that bypasses the design system, broken accessibility markup, or a state management pattern that collapses under concurrent load. You will not know until you inspect it. And inspection, at enterprise scale, is expensive.

So, the industry layers on post-generation validation. A static analyzer catches potential injection vectors. A linter flags design token drift. A visual regression suite compares the rendered component against a baseline. An accessibility scanner checks ARIA roles and contrast ratios. A DAST tool probes the running application for OWASP Top 10 vulnerabilities. Each of these tools addresses a genuine risk. None of them prevents the risk from occurring. They detect it after the fact.

This is a reactive posture, and it has a structural cost problem. Every new application built on a generate-first model requires the full battery of checks to run again. Every component generated from a prompt is a fresh surface for every category of defect. Double the number of apps, and you double the audit burden. Triple them, and you triple it. There is no compounding advantage. Each generation event starts from zero.

For a team shipping one experimental chatbot, that cost is manageable. For an enterprise program building dozens of internal applications across regulated business lines, it becomes the dominant line item in the development life cycle—not in compute costs, but in developer hours spent diagnosing wrong output, QA cycles catching regressions, and production incidents when defects slip through.

What if most code was never generated at all?

The AI assembly model starts from a different premise. The most reliable code is code that was never generated on demand.

Instead of prompting a large language model (LLM) to write a component from scratch every time, the assembly model maps developer intent — whether expressed through a natural-language prompt, a visual canvas interaction, or a Figma import — to a pre-built, tested, certified component from an enterprise library. The AI’s job is not to write the component. It is to select the right component and configure it.

This is a meaningful architectural distinction, not a marketing one. The assembly model operates across three tiers of generation, each with a different risk profile.

  1. Zero generation: component mapping. Developer intent is matched against the component library. If a certified component exists that satisfies the requirement, it is selected directly. No code generation fires at all. The component arrives with its security posture, accessibility compliance, visual consistency, and cross-platform fidelity already verified. The consuming application inherits all of it.
  2. Minimal generation: configuration and binding. The AI configures the selected component: setting properties, wiring data connectors, binding navigation paths, attaching authentication context. This is schema-bounded work. The configuration space is enumerable and verifiable. An AI misconfiguring a property against a typed schema is a detectable, correctable error — categorically different from an AI inventing a flawed implementation from whole cloth.
  3. Targeted generation: filling genuine gaps. Custom business logic, novel integrations, components that genuinely have no library equivalent — these are generated. This is where AI code generation adds real value, and it is also the only tier where full guardrail checks are necessary. The critical difference is scope. Instead of validating everything, you validate only what was actually generated.

The guardrail, in this model, is not a check that fires after generation. It is the routing rule that sends developer intent to a pre-built artifact instead of a generative model. If the library has the answer, generation never starts. When it does start, it is scoped precisely to the gap that triggered it.

What pre-built components actually guarantee

The assembly model works only if the components in the library are genuinely certified artifacts, not just reusable snippets. Quality must be a property of the component itself, not something the consuming application is responsible for verifying. That means each component in the enterprise library must carry binding guarantees across several dimensions.

  • Visual consistency. Design tokens, dark mode behavior, responsive breakpoints, and brand compliance are verified at component build time. Every application that assembles from these components inherits visual fidelity without running per-app visual regression on the assembled portion. Token drift — the slow divergence of generated components from a design system — is eliminated for anything sourced from the library.
  • Security. Authentication scaffolding, CSRF protection, and OWASP compliance are structural properties of the component. You cannot assemble an insecure version of a secure component. This is a stronger guarantee than post-generation scanning, which can tell you only whether a particular generation run introduced a vulnerability. It cannot prevent the vulnerability from being generated in the first place.
  • Accessibility. WCAG AA compliance is validated once at component build time: color contrast, ARIA roles, focus management, keyboard navigation, screen reader compatibility, and interactive component behavior. Every application that consumes the component inherits the result. This is significant because accessibility defects in AI-generated code are among the most consistently overlooked in post-generation review, and among the most expensive to remediate after deployment.
  • Cross-platform fidelity. A single component declaration produces both a tested web artifact and a tested mobile artifact. Platform parity is a property of the component, not a testing burden repeated per application. For enterprises maintaining parallel web and mobile portfolios, this alone can eliminate a meaningful fraction of the QA life cycle.

Back-end services: where architectural guardrails matter most

The front-end component story is compelling, but the harder problem — and the higher-stakes one — lives in back-end services. Persistence layers, API endpoints, security filters, service integrations — this is where the most code gets generated in a typical enterprise application, and where architectural mistakes are most consequential.

The AI assembly model handles this by embedding architectural guardrails as structural properties of every generated service — not as optional patterns that developers must remember to follow, but as invariants that the platform enforces. The distinction matters. A pattern that developers can forget to apply is a pattern that will be forgotten, especially under the time pressure that AI-assisted velocity creates.

Six back-end guardrails, in particular, define the difference between code that merely compiles and code that can safely run a regulated business.

  1. Stateless, horizontally scalable services. No session state in the application layer. Any instance can serve any request. Scaling becomes an infrastructure decision — add instances behind a load balancer — rather than an application architecture change. The same service architecture that handles a pilot with fifty users handles a production rollout serving millions. This follows the twelve-factor app methodology’s stateless processes principle, and it means that the gap between “prototype” and “production” is not an architectural rewrite.
  2. Safe, cached, auditable data access. All database interaction runs through a generated persistence layer. There is no pattern in the platform’s output that produces an unguarded, hand-assembled SQL call — the kind that leads to the injection vulnerabilities that have topped the OWASP Top 10 for over a decade. Frequently accessed data is cached consistently across services. Every write operation carries an automatic audit trail: who changed what, and when. For regulated industries, this is not a convenience. It is a compliance requirement that the architecture satisfies by default.
  3. Secrets isolated from code. No credentials appear in generated service code. API keys, database passwords, and encryption keys are injected at deployment time from a secure secrets vault, never written to source control. Rotating a credential requires no code change and no redeployment of business logic. This is the twelve-factor “externalized config” principle made structural: not a recommendation in a style guide, but a property of the code generation pipeline itself.
  4. Role-based access control, end to end. Most platforms define access rules at the UI layer and leave back-end enforcement to developers. The assembly model generates RBAC as a single continuous constraint that spans every layer. A user sees only what their role permits in the interface. Their API calls are validated against the same role definition before any business logic executes. Their data queries are filtered at the database layer. One definition, enforced everywhere. No gaps. No drift between the access a user appears to have and the access they actually have.
  5. API-bounded service contracts. Every service exposes a typed, versioned API contract. Services communicate through those contracts, never through shared data stores or direct coupling. Each service can be changed and redeployed independently without coordinated releases across the stack. This is what makes microservice architecture actually work in practice, as opposed to the distributed monolith that many teams accidentally build when service boundaries are not enforced by the platform.
  6. Security validated against industry standards. Generated applications are tested against the OWASP Top 10 and verified through dynamic application security testing under real-world conditions. Compliance teams receive independently auditable evidence of security posture at every release — not a developer’s assertion that best practices were followed, but verifiable test results against a known standard.

None of these are novel ideas in isolation. Twelve-factor apps, OWASP compliance, externalized secrets, end-to-end RBAC — these are well-understood engineering principles. What is novel is making them structural properties of a code generation architecture rather than aspirational items on a checklist. When these guardrails are architectural invariants, they do not depend on developer discipline. They do not erode under deadline pressure. They do not vary between teams.

The cost argument, honestly

The AI assembly model is not free of trade-offs. It carries a higher context overhead than a bare generative approach. Teaching the system your component library schema, your design token bindings, your architectural constraints — all of this consumes tokens before the first line of useful output is produced. A naive comparison of per-session token cost will favor the generate-first model.

But that comparison is misleading, because it ignores where the real costs accumulate.

In a generate-first model, every component is produced in full, every time. Each generation run burns tokens on implementation code that already exists in a tested form somewhere in the organization’s component library, if only the model knew to use it. Self-correction loops are frequent, because probabilistic output regularly misses the target on the first pass. And every generated component requires the full audit cycle: security, accessibility, visual regression, functional testing.

In the assembly model, the component code already exists. The AI configures rather than constructs. A fraction of the tokens. A fraction of the self-correction loops. A fraction of the output requiring validation. The context overhead is paid once per session. The generation savings compound across every component assembled. And they compound again with every additional application built on the same library.

The real advantage, though, is not in token economics. It is in defect cost. Fewer developer hours spent diagnosing incorrect AI output. Fewer QA cycles spent catching regressions that a generate-first model produces stochastically. Fewer production incidents when defects evade the guardrail stack entirely. A pre-built, certified component absorbs those costs once, at build time. Every application that uses it inherits the savings. That is a compounding return on quality investment — the opposite of the linear cost growth that characterizes generate-then-check.

Certified by construction vs. verified by testing

For enterprises operating in regulated industries, such as financial services, health care, government, and insurance, the compliance implications of the assembly model deserve separate attention.

A generate-first model produces a compliance artifact that says, in essence: “We generated this code, and then we tested it, and the tests passed.” That is a valid compliance posture. It is also a fragile one. It depends on the completeness of the test suite, the rigor of the review process, and the assumption that every generation run will be subjected to the same standard of scrutiny. Given that 29% of AI-assisted code is already merging without review, that assumption is under visible strain.

The assembly model produces a different artifact: “This application was assembled from components that were certified at build time against these specific standards. Only the custom-generated portions required runtime validation.” The certified-by-construction approach reduces the compliance surface to the genuinely novel code — the business logic and integrations that no library component could satisfy. Everything else carries its compliance evidence with it, embedded in the component’s certification history.

This is not a theoretical distinction. It changes the conversation with auditors, with regulators, and with the internal risk committee. It shifts compliance from a per-release testing exercise to a structural property of the development platform. And it scales: the hundredth application built on a certified library faces the same compliance burden as the first, not a hundred times the burden.

The uncomfortable implication

The AI code generation debate, as currently framed, asks the wrong question. “How do we add better guardrails to AI-generated code?” is a question that accepts the premise of generate everything then check everything. It leads to an arms race between generation volume and validation tooling — an arms race where the volume is growing at 42% of committed code and rising, and the tooling is perpetually one defect category behind.

The AI assembly model reframes the question. Not “how do we check more effectively?” but “how do we generate less in the first place?” Not “how do we catch defects downstream?” but “how do we make defects structurally impossible for the assembled portion of the application?”

Guardrails are necessary. They will remain necessary for every line of code that AI genuinely generates. The argument here is not against guardrails. It is against a model where guardrails are the primary quality mechanism for an entire application, including the 70% or 80% of it that could have been assembled from certified parts.

The teams that figure this out first will not just ship faster. They will ship with a quality profile that generate-first teams cannot match without proportionally scaling their validation infrastructure — which is to say, without giving back most of the velocity gains that AI-assisted development was supposed to deliver.

New Tech Forum provides a venue for technology leaders—including vendors and other outside contributors—to explore and discuss emerging enterprise technology in unprecedented depth and breadth. The selection is subjective, based on our pick of the technologies we believe to be important and of greatest interest to InfoWorld readers. InfoWorld does not accept marketing collateral for publication and reserves the right to edit all contributed content. Send all inquiries to doug_dineley@foundryco.com.