FWIW, when I'm doing a code review, these are the <i>exact</i> kind of comments that I would tell a committer to remove.<p>That is, it's like it generates these kinds of comments:<p><pre><code> // initializes the variable x and sets it to 5
let x = 5;
// adds 2 to the variable x and sets that to a new variable y
let y = x + 2;
</code></pre>
That is, IMO the whole purpose of comments should be to tell you things that <i>aren't</i> readily apparent just by looking at the code, e.g. "this looks wonky but we had to do it specifically to work around a bug in library X".<p>Perhaps could be useful for people learning to program, but otherwise people should learn how to read code as code, not "translate" it to a verbose English sentence in their head.
I just don't trust it, I've worked with GPT-3 before and it sure does a real good job of <i>sounding</i> convincing, but if you don't understand the code there's no way to know if what it's saying is accurate, or whether it's just regurgitating random nonsense that sounds plausible.<p>It knows how to create sentences that sound like something a human would write, and it's even good at understanding context. But that's it, it has no actual intelligence, it doesn't actually understand the code, and most importantly, it's not able to say "Sorry chief, I don't actually know what this doing, look it up yourself."
How come general developer audiences aren't more acquainted with GPT-3 (and Codex in particular) capabilities? People in the twitter thread all seem completely mind blown over an app that basically just passes your code to an existing API and prints the result.<p>I don't want to sound negative of course, and I expect many of these apps coming up, until Codex stops being free (if they put it on the same pricing as text DaVinci model, which Codex is a fine-tuned version of, it will cost a ~cent per query). I'm just wondering how come the information about this type of app reaches most people way before the information about "the existence of Codex" reaches them.<p>For all the publicity around Codex recently (and especially on HN), it still seems like the general IT audience is completely unaware of the (IMHO) most important thing going on in the field.<p>And to anyone saying "all these examples are cherrypicked, Codex is stupid", I urge you to try Copilot and try to look at its output with the ~2019 perspective. I find it hard to beileve that anything but amazement is a proper reaction. And still, more people are aware of the recent BTC price, than this.<p>Source: have been playing with Codex API for better part of every day for the last few weeks. Built an app that generates SQL for a custom schema, and have been using it in my daily work to boost ma productivity as a data scientis/engineer/analyst <i>a lot</i>.
The question is - can this actually explain the code which really needs explanation - or can it only explain code that should be easy and straight forward to read anyway?<p>And does having this reduce the amount of discomfort badly readable code creates, and thus make you less inclined to take care the code is and stays easily readable?
The kinds of comments that are <i>useful</i> are less about what the code already tells you is happening, and more things like:<p>/* we don't use the actual price but the discounted price, as per email from Manager Bob on 2022-09-16 */<p>subtotal += price * customer_discount_factor;<p>or<p>/* note there's a 2ms delay while relays settle; this is subtracted from sample time, so timeout is not what you might expect */<p>select(0,&readfd,NULL,NULL,&timeout);
No only I find the tool not useful, as it just state the obvious. My personal opinion is the code should be already very near what the tool gives.
The code should be clear enough for not needed such tool. If you need it, you have a very different problem, my friend.
Garbage. It generates a line-by-line translation of code into English, rather than a concise summary, so we end up needing a TLDRTLDR.<p>Actual human documentation would read something like:<p><pre><code> > Return true if the X-HELPSCOUT-SIGNATURE request header matches the
> base-64 encoded SHA1 hash of the raw request data.</code></pre>
TLDR but you actually end up reading even more than the original. I could be wrong and this might actually work and condense a big function but if that is true, why showcase such an example.
I know there's such thing as idiomatic code, but I can't help but think the code in the tweet would be much more readable - and no ai needed - if the variables/methods/args were better named.
I think tool like this can make sense if you cannot read the code.<p>Probably this still gets confused like humans do when variables and functions are named less clearly or even plainly wrong.<p>I wonder if reading explanation like this makes you more likely to believe code is correct, even if some details are wrong.<p>In this signature example, you can read the wrong header, calculate hash the wrong way, compare hashes wrong way, etc. there are some many tiny mistakes.
I don't know that I have much of a need for this and, although I'm hesitant to provide crutches to people especially when they're in the early stages of their learning, this might be helpful for more junior people who are ramping up, especially in a large project. Is there a way to use this or something similar today in PyCharm, etc?
I wrote something similar before, my friend had a nice technique to do code analysis and remove everything but the critical path to the point in code you had your cursor over. Then I fed that code path into gpt3 to generate an explanation of that critical path.<p>Wound up being useful for explanations of long code paths across file boundaries in large code bases.
That’s cool but I don’t think it’s very useful once you’re familiar with the codebase. It’s quicker to scan the code at that point.<p>If it could give you some context about the implications I could see it being handy for static analysis one day.
I know it's completely missing the point here but: it's a good habit to verify signature using constant time comparison rather than == to avoid timing side channel attack :)
looks great, reminds me of our product, <a href="https://denigma.app" rel="nofollow">https://denigma.app</a> that explains the business logic of code and technical concepts, which recently launched an extension for all Intelli-J based IDEs (except Android Studio- there's a compatibility issue with it)
Before clicking through I thought this was for this great command line tool [0]. I'm skeptical about GPT-3 generated comments, but I can recommend the other TLDR whole heartedly!<p>[0] <a href="https://github.com/tldr-pages/tldr" rel="nofollow">https://github.com/tldr-pages/tldr</a>