Hacker News new | past | comments | ask | show | jobs | submit login

I get why people can get a bit apprehensive with using AI tools for Pull Requests because of hallucination but this is such a great application and will give it a spin on some of my Django boilerplates to see what it comes up with, congratulations to the team!

My question would be are you using it on your own codebase or an open-source tool you're fond of, would love to see this operating in the wild (examples are great but real life PRs hit different)?




Thank you! Please give it a spin. We'd love any feedback or thoughts. :)

We are using it on our codebases, and it's helped us secure our own product. Users have also been trying it out with their private codebases, and we even used our own personal projects to test it.

If you'd like to try Corgea with some open-source tools, there are a ton of applications that are vulnerable by design like. Some popular ones:

https://github.com/bkimminich/juice-shop https://github.com/we45/Vulnerable-Flask-App https://github.com/adeyosemanputra/pygoat

Edit: Forgot to mention, we've put in some controls to avoid hallucinations like comparing diff sizes between the two changes. Sometimes LLM's like to truncate code when generating a fix or generates too much. We actually stop the result from being generated and we retry again.




Consider applying for YC's Spring batch! Applications are open till Feb 11.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: