惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

WordPress大学
WordPress大学
Cyberwarzone
Cyberwarzone
The GitHub Blog
The GitHub Blog
云风的 BLOG
云风的 BLOG
P
Proofpoint News Feed
小众软件
小众软件
Recent Announcements
Recent Announcements
博客园 - 三生石上(FineUI控件)
Security Archives - TechRepublic
Security Archives - TechRepublic
W
WeLiveSecurity
Cloudbric
Cloudbric
博客园 - 司徒正美
美团技术团队
N
News and Events Feed by Topic
Exploit-DB.com RSS Feed
Exploit-DB.com RSS Feed
PCI Perspectives
PCI Perspectives
宝玉的分享
宝玉的分享
H
Help Net Security
H
Hackread – Cybersecurity News, Data Breaches, AI and More
Google DeepMind News
Google DeepMind News
Help Net Security
Help Net Security
Last Week in AI
Last Week in AI
S
Schneier on Security
N
News | PayPal Newsroom
B
Blog RSS Feed
L
LINUX DO - 最新话题
T
Troy Hunt's Blog
S
Secure Thoughts
雷峰网
雷峰网
aimingoo的专栏
aimingoo的专栏
L
Lohrmann on Cybersecurity
G
Google Developers Blog
Microsoft Azure Blog
Microsoft Azure Blog
Hacker News - Newest:
Hacker News - Newest: "LLM"
T
Tenable Blog
S
Securelist
L
LangChain Blog
Recent Commits to openclaw:main
Recent Commits to openclaw:main
I
InfoQ
H
Heimdal Security Blog
Cisco Talos Blog
Cisco Talos Blog
F
Full Disclosure
Y
Y Combinator Blog
酷 壳 – CoolShell
酷 壳 – CoolShell
K
Kaspersky official blog
T
Tailwind CSS Blog
奇客Solidot–传递最新科技情报
奇客Solidot–传递最新科技情报
钛媒体:引领未来商业与生活新知
钛媒体:引领未来商业与生活新知
阮一峰的网络日志
阮一峰的网络日志
C
Cisco Blogs

Stack Overflow Blog

Paging Charity! How can engineering leaders avoid becoming Bond villains? Code isn’t the only thing causing your production failures Your AI shipped a backend that boots. That is the whole problem. The 2026 Developer Survey is now open (for human developers only)! Oh the places you’ll go with spatial data Dispatches from O'Reilly: From capabilities to responsibilities You don’t understand DNS like you think you do The new bottleneck - Stack Overflow AI agents are a confused deputy with the keys to your kingdom If context is king, architecture is the castle Selenium vs Cypress vs Playwright: Choosing Your Test Automation Framework AI agents expose the security checks you never actually wrote Designing CherryScript: Optimizing Data-Driven Workflows via Custom Python-Based Interpreters Paging Charity? How do I get my leaders to stop running teams Into the ground? Developers are emotionally attached to their tools When the cost of code approaches zero, what does engineering leadership look like? Announcing Stack Overflow for Agents Creating checkpoints by gaslighting a Postgres database What can 500 years of journalism teach developers about AI trustworthiness? Making the OWASP top ten in the vibe code era What it takes to be a player in the international AI game Best of the Heap: First post of the past The find out stage of AI is just supply chain and password protection In an AI world, the most valuable developers will be both artisans and builders Agents on a leash: Agentic AI remains mostly single-agent and monitored at work Do you have what it takes to run AI in production? Dispatches from O'Reilly: The accidental orchestrator Breaking your AI storage bottlenecks Coding agents are giving everyone decision fatigue Pack your agentic stack in Slack Your fridge could be a threat to national security Interviews aren’t about you (sorry) “You can't vibe code scale”: What the AI hype gets wrong about software engineering No Dumb Questions: What is cloud computing and why is everyone doing it? Observability and human intuition in an AI world How Braze’s CTO is rethinking engineering for the agentic area Building a Google Drive Sync Engine that Survives MV3 Service Workers Connecting the dots for accurate AI When the Sensor Starts Thinking: SnortML, Agentic AI, and the Evolving Architecture of Intrusion Detection OAuth 2.0 – Device flow explained for Engineers, especially for Backend Engineers Introducing the Heap, the software engineering blog for everyone Compile-Time Map and Compile-Time Mutable Variable with C++26 Reflection No Dumb Questions: What is an MCP server and why do I care? AI giveth and AI taketh CPU How we replaced Ingress-NGINX at Stack Overflow What (un)exactly do you mean by semantic search? Dispatches from O'Reilly: Fast paths and slow paths Time is a construct but it can still break your software The Worst Coder in the World goes agentic: building a leaderboard cracking AI Turning scattered knowledge into trusted intelligence: Stack Internal 2026.3 Your LLM issues are really data issues Welcome to the “find out” stage of AI Lights, camera, open source! - Stack Overflow Black box AI drift: AI tools are making design decisions nobody asked for How to get multiple agents to play nice at scale We still need developer communities No country left behind with sovereign AI Human input needed: take our survey on AI agents Why AI hasn't replaced human expertise—and what that means for your SaaS stack Who needs VCs when you have friends like these? The messy truth of your AI strategies Gen Z needs a knowledge base (and so do you) He designed C++ to solve your code problems Seizing the means of messenger production What the AI trust gap means for enterprise SaaS How can you test your code when you don’t know what’s in it? Prevent agentic identity theft - Stack Overflow Building shared coding guidelines for AI (and people too) Multi-stage attacks are the Final Fantasy bosses of security After all the hype, was 2025 really the year of AI agents? AI is becoming a second brain at the expense of your first one Building a global engineering team (plus AI agents) with Netlify Keeping the lights on for open source Domain expertise still wanted: the latest trends in AI-assisted knowledge for developers Open source for awkward robots The context problem: Why enterprise AI needs more than foundation models Even the chip makers are making LLMs Organizing productive platform teams - Stack Overflow Building brains for bulldozers - Stack Overflow DeveloperWeek 2026: Making AI tools that are actually good AI-assisted coding needs more than vibes; it needs containers and sandboxes No need for Ctrl+C when you have MCP What’s new at Stack Overflow: March 2026 To live in an AI world, knowing is half the battle Beyond block or allow: How pay-per-crawl is reshaping public data monetization Your sneak peek at the redesigned Stack Overflow Dogfood so nutritious it’s building the future of SDLCs Defense against uploads: Q&A with OSS file scanner, pompelmi Even GenAI uses Wikipedia as a source Why Stack Overflow and Cloudflare launched a pay-per-crawl model Mind the gap: Closing the AI trust gap for developers Data is the new oil, and your database is the only way to extract it Even your voice is a data problem How everyone and anyone can use AI for good Is anyone using AI for good? The logos, ethos, and pathos of your LLMs Why demand for code is infinite: How AI creates more developer jobs AI attention span so good it shouldn’t be legal Code smells for AI agents: Q&A with Eno Reyes of Factory Generating text with diffusion (and ROI with LLMs)
You shipped it fast. But did you ship it right?
Priya Gopalsamy · 2026-05-13 · via Stack Overflow Blog

I want to start with something that's probably already happened to you.

You merged a PR last week. The AI-generated code looked clean — readable diff, tests passing, nothing obviously wrong. You approved it. And then two days later something broke in production in a way nobody saw coming.

If that hasn't happened to you yet, you've been lucky. Because I see it constantly, and there's a pattern to it.

AI tools have genuinely changed how fast teams can produce code. That part is real. But they haven't changed how fast a codebase can safely absorb that code. And the gap between those two things? That's where incidents happen.

The failure mode has a name now: the illusion of correctness.

AI-generated code is syntactically clean. It follows patterns. It compiles. It passes the tests. In code review, it looks like something a solid engineer wrote. The problem is what's underneath it — the assumptions it baked in that you can't see by reading.

Here are the four types I see break production most often.

Boundary assumptions. "This field is always present." Except it isn't. One of your downstream services had a bad deploy eight months ago and started dropping it under certain conditions. Tests pass in staging. Load test looks fine. Then at 2am, a real order hits a real edge case.

Concurrency assumptions. "This call is idempotent." It's not. That's how a customer gets charged twice — on code that looked completely correct in review. The AI saw the retry pattern, but it didn't know the domain rule about what happens when you call that endpoint twice.

Domain assumptions. "These two order statuses are equivalent." They're not. Your fulfillment team and your billing team have always treated them differently. Nobody wrote it down as an enforceable rule. The AI couldn't have known, because it wasn't in the code.

Security assumptions. "This request is coming from an internal service, so it's trusted." Your internal network isn't your security boundary. This gets baked in silently and sails through every review that trusts clean-looking output.

The code compiles. The PR looks tidy. And then production data and real users expose the missing rules.

The thing that makes this particularly rough is it doesn't show up in code review. It shows up in incidents.

Here's the mental model I use with my teams.

Every system has a change absorption capacity — how much new code it can safely take in before things start breaking. That capacity is set by your contracts, your invariant test coverage, your observability, your coupling. When your velocity of incoming change starts outrunning that capacity, you get instability. Not right away, but reliably.

The part that surprises people: when you push harder on a system that can't keep up, your actual delivery speed often drops. The time you saved generating code faster gets eaten up two or three times over in debugging, rollback, and rework.

AI raises how fast you can produce changes. Refactoring raises how fast you can safely absorb them. The gap between those two numbers is your real risk exposure.

The teams I've seen genuinely win with AI-assisted development aren't using better models. They've built an engineering system that can absorb AI-generated change without invisibly accumulating debt.

Most teams think about refactoring wrong. They treat it as one of three things: cleanup, tech debt payoff, or a roadmap item that gets pushed every quarter.

None of those framings help when you're trying to move fast safely.

The right framing: refactoring is how you reduce change cost so your system can absorb more frequent, higher-volume changes without accumulating invisible fragility. In an AI-accelerated environment, that makes refactoring a multiplier on velocity — not a tax on it.

What continuous refactoring actually buys you: stable boundaries so changes propagate predictably, less coupling so nothing cascades unexpectedly, clearer ownership so there's no ambiguity about who's responsible for what, testable invariants so code review stops doing the job tests should be doing, and better observability so drift gets caught before customers report it.

The anti-pattern: accelerating AI-assisted delivery on top of unresolved tech debt. You get faster accumulation of inconsistencies, more production regressions, and net velocity that actually goes backwards because rework swallows everything.

I've been using a framework called CATS across my teams and in conference talks. It maps four practices that, together, let you move fast without breaking things.

Make boundaries explicit. API specs, event schemas, data contracts, ownership definitions.

Here's a scenario I've seen play out more than once. Three teams are consuming a shared pricing service. No formal contract — just a shared understanding and a doc nobody keeps updated. One engineer uses AI assistance to refactor the response shape. Looks clean, tests pass, it merges. Two days later, two of those three teams are getting paged because fields they depended on changed meaning or disappeared.

That's not an AI problem. That's a missing contract.

Once you have a contract — a versioned API spec, an event schema with field meanings and ownership — the internals can evolve freely. The contract is the stable surface. And AI generates code against an explicit contract much more reliably than it guesses implicit conventions.

Every time your team has said "I thought that field was always there" — that's a contract candidate. Write it down. Not just the shape: the meaning, the valid values, and who you call when it breaks.

Tests that enforce domain invariants, not just happy-path coverage. Schema validation in CI. Security checks in the pipeline.

AI is great at generating test code. It's genuinely not good at knowing which domain rules to test, because those rules live in incident post-mortems and people's heads — not in the codebase.

Common failure: team generates a test suite with AI assistance, coverage numbers look solid, team trusts it. But the coverage is over the cases AI could infer from code patterns. The cases that break production are the ones nobody wrote down.

Your job is to name the invariants. AI's job is to cover them. Schema validation in CI catches contract drift at merge time instead of in production. Automated security checks catch the spots where "this is internal, so it's safe" gets baked in without anyone questioning it.

Logs, metrics, traces — that tell you what's actually happening, not what you think is happening based on the code.

Code review tells you what the code says. Telemetry tells you what it does. Those are different things. When you're merging more PRs faster, the gap between what code says and what it does can widen fast.

Real example: a team ships a refactored order processing flow. Reviews look fine, load tests pass. But a small change in how null values are handled means a specific type of edge-case order starts failing silently — no error, just wrong state. Without an alert on order state transitions, they find out three days later from a customer service ticket.

With drift detection, you catch that at 0.3% error rate. Not at "wait, why did revenue drop on Thursday?"

Beyond catching problems: feature flags, canary thresholds, a rollback checklist your team can actually run at 11pm. If rolling back requires a four-person call, you're not safe enough to be operating at AI velocity.

Continuous reduction of hidden coupling and unclear ownership — not as a project, but as a habit bundled into feature work.

If refactoring requires a roadmap conversation, it won't happen. The teams that actually do this bundle it with feature work. You're already in that file, there's no coordination cost. Touch it, improve it, move on.

AI is useful here too — it's good at spotting duplication and suggesting where contracts should be. But you still need to validate its structural suggestions against domain knowledge. AI can spot the pattern. You know whether the boundary it's suggesting actually makes sense in your system.

And measure the right thing. Not how clean the code looks. Not lines changed. Is it getting cheaper to make changes over time, or more expensive? That's the signal that tells you whether simplification is actually working.

Let me contrast the two modes concretely.

Without CATS: AI generates a service. The PR looks great. No formal API contract. Downstream teams integrate based on what they observe. Three quarters later, someone refactors the response shape. Two teams get paged simultaneously on a Friday night. The post-mortem says "communication breakdown." The real cause is a missing contract.

With CATS: AI generates the same service. Before it merges, someone writes the contract — the API spec, field meanings, ownership, versioning. Schema validation goes into CI. When the refactor happens three quarters later, the contract version gets bumped and consumers find out via a CI failure, not a production incident.

The second mode isn't slower. Once the contract exists, every future change is faster because the blast radius is bounded and visible. The investment pays forward across every PR that follows.

Fast without CATS: speed becoming fragility. Fast with CATS: speed compounding.

This doesn't have to be a big initiative. Here's what two focused weeks looks like — no roadmap conversations, no features paused.

Find your two or three brittle boundaries. Where do things break most often? Where has your team said 'I thought that was always the case'? Those are your contract candidates.

Write the contracts. Not just the shape — the meaning. What does each field represent? What are valid values? Who owns it? Who do you call when it breaks?

Add contract enforcement to CI. Schema validation on merge, as a gate.

Write one invariant test. Pick the domain rule that, if broken, causes the most damage. One test suite. Not the whole backlog — just one.

Add drift detection dashboards and alerts. Track the failure modes from week 1. Know when something's going wrong at 0.3%, not when a customer reports it.

Remove one high-risk coupling point. The shared dependency that causes the most ripple when it changes. Extract it, clarify ownership.

Add safe rollout defaults. A feature flag template, canary thresholds, a rollback checklist your team can actually use without convening a call.

Measure. PR size, incidents per change, coordination overhead. Baseline now. Check in at week 4.

This won't solve everything. But it creates visible, measurable risk reduction in two weeks — and it starts building the habits that make fast delivery sustainable.

The platform engineering community has spent years building better tools — internal developer platforms, golden paths, service meshes, standardized observability stacks. All of that infrastructure assumes teams can ship at high velocity without the system slowly turning brittle on them.

AI just changed the velocity side of that equation dramatically. The safety side hasn't kept up.

The organizations that are handling this well have a few things in common. Contracts are first-class artifacts, not afterthoughts. Domain invariant testing is a distinct practice, not a coverage metric. Observability actually tells them what's happening, not just what the code says. And refactoring is continuous — bundled into feature work, not a project that lives on the backlog.

None of this is new. What's new is that it's now load-bearing. Without it, AI-assisted velocity doesn't compound. It oscillates — fast for a quarter, then slow as the debt comes due.

The AI era rewards speed. But it punishes fragility faster than we're used to, because fragility can accumulate faster now too.

The teams that come out ahead won't be the ones that generated the most code. They'll be the ones that built systems capable of absorbing AI-generated change safely — through contracts, automated verification, telemetry, and continuous simplification.

If you're shipping fast right now, the question isn't whether to add guardrails. It's whether you've already built up enough invisible debt that your velocity is starting to reverse on you.

Your Monday action: find one brittle boundary. Write its contract. Add one invariant test.

That's where it starts.