top | item 44792813

(no title)

I've noticed with nearly all of these "Vibe Code" security fatalities, they're nearly ALWAYS using Firebase as a backend. I get it, I've used Firebase for a number of enterprise and personal projects, its convenient and easy to setup.

But even before LLM coding, I had team members walk into its numerous footguns - especially around public buckets and bad firestore rules. How many of these stories are really to be blamed on the AI tooling, and how many could be blamed on the very poor default settings of Firebase?

discuss

No comments yet.