Comments (5)
Partly, read my answer to #946
Secondly, for web-stuff, you may be luckier with https://gptengineer.app/, though I know the waiting list is long atm.
from gpt-engineer.
What about the constant usage of old vulnerable code libraries?
That isn't ChatGPT, because I tested it side by side with the same prompt, same model, and got different results with GPT Engineer always defaulting to using old and very dangerous versions of code even when told not to. When I specified to use the newest code versions with no publish vulnerabilities to ChatGPT I got the latest versions of code and links to where it verified vulnerabilities.
Something isn't working in GPT Engineer.
from gpt-engineer.
gpt-engineer gets all written code from chat-gpt. Before asking chat-gpt for the code it adds some pre-prompts, asking chat-gpt to make the implementation as complete and functional as possible. It is possible that, when doing so, chat-gpt down prioritizes using the newest version, but this is just speculation on my part. How the prompt to chat-gpt affects safety awareness is for sure incredibly complex. You can try adding something like "make sure to use the newest library versions to avoid safety vulnerabilities" to the prompt.
from gpt-engineer.
I guess you missed the part where I said I already added commands in my prompt to use new software with no vulnerabilities, but it doesn't work in GPT Engineer and does work on ChatGPT. I understand the desire to defend your code, but, seriously if GPT Engineer is choosing to ignore my prompt and then pulls down old vulnerable code despite what its told, then this isn't a ChatGPT issue.
from gpt-engineer.
Sorry for overlooking that you already tested my suggestion.
I'm not primarily defending gpt-engineer, but giving you context on what gpt-engineer is doing, so that you can judge its behavior better.
I repeat: the only thing gpt-engineer does different from using chatgpt directly, is adding additional instructions to the chatgpt user prompt. These instructions are probably the reason why your reported problem occurs, which I was open about in my answer. How to change these instructions to be more security aware, without harming perfomance in less security critical applications is an open problem. If you have a suggestion on how to do this, your help is more than welcome.
from gpt-engineer.
Related Issues (20)
- TypeError: unsupported operand type(s) for |: 'FilesDict' and 'FilesDict' HOT 2
- Automatic benchmarking of gpt-engineer with swe-bench
- Automatic benchmarking of gpt-engineer with MBPP
- gpt-engineer keeps trying to background jobs when writing shell scripts HOT 1
- Make GPT able to create a draft document in word format from the following sources in Slack chat, emails.... HOT 1
- Fresh Install Failing on a Langchain Module HOT 5
- Testing webhook meta issue + edit 2 HOT 1
- docker install get a error Multiple top-level packages discovered in a flat-layout: ['docker', 'projects', 'gpt_engineer'].
- KeyError in apply_edits breaking improve mode HOT 13
- Issue with message chunking in GPT-Engineer script HOT 1
- Docker command show error on running
- Data Collection: Why? HOT 1
- Instructions for running it with local models is lacking. HOT 14
- Error Applying Code Edit in Improve Code Mode HOT 1
- How to Get GPT Engineer to Implement "Complex" Algorithms? HOT 1
- No module named '_tkinter' HOT 1
- ImportError: cannot import name 'tracing_enabled' from 'langchain_core.tracers.context' HOT 11
- Feature Request: Enhanced Rate Limit Flexibility for GPT-4 Turbo API HOT 1
- Cost forecast for usage of GPT 4 endpoints HOT 3
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from gpt-engineer.