https://www.secdev.uk/blog/tags/code-quality/ Recent content in Code-Quality on guy@secdev.uk Hugo en-gb Guy Dixon | guy@secdev.uk Mon, 27 Apr 2026 00:00:00 +0000 https://www.secdev.uk/blog/leadership/4.7-ai-and-the-changing-nature-of-code-review/ Mon, 27 Apr 2026 00:00:00 +0000 https://www.secdev.uk/blog/leadership/4.7-ai-and-the-changing-nature-of-code-review/ <p>Code review has always been one of the most valuable practices in software engineering, not just for catching bugs, but for sharing knowledge, maintaining standards, and building collective ownership of the codebase. With AI-generated code becoming a significant portion of what gets reviewed, the practice needs to evolve.</p> <p>The fundamental shift is this: when a human writes code, the reviewer can assume the author understood what they wrote and made deliberate choices. When AI generates code, that assumption doesn't hold. The reviewer's job changes from &quot;verify that a competent colleague made reasonable choices&quot; to &quot;verify that a probabilistic text generator produced correct, secure, maintainable code.&quot; That's a harder job, and it requires different skills.</p> https://www.secdev.uk/blog/leadership/4.5-ai-technical-debt/ Mon, 13 Apr 2026 00:00:00 +0000 https://www.secdev.uk/blog/leadership/4.5-ai-technical-debt/ <p>Technical debt is a concept every engineering leader understands. We make deliberate trade-offs, shipping something imperfect now to deliver value sooner, with the intention of paying down the debt later. AI-generated code introduces a new category of debt that's less deliberate and harder to see.</p> <p>The more I've watched teams adopt AI coding assistants, the more concerned I've become about what's accumulating beneath the surface. Not because AI-generated code is bad, it's often perfectly functional. But &quot;functional&quot; and &quot;maintainable&quot; are different things, and the gap between them is where this new debt lives.</p>