多數開發者不信任 AI 生成的程式碼，但仍未檢查

Topics

Security

Off-Prem

On-Prem

Software

Offbeat

Special Features

Vendor Voice

Vendor Voice

Resources

Most devs don't trust AI-generated code, but fail to check it anyway

Developer survey from Sonar finds AI tool adoption has created a verification bottleneck

Talk about letting things go! Ninety-six percent of software developers believe AI-generated code isn't functionally correct, yet only 48 percent say they always check code generated with AI assistance before committing it.

This conveniently self-validating statistic comes from Sonar, a company that sells code review and verification software, in its State of Code Developer Survey.

Based on data from more than 1,100 developers worldwide, the survey finds that AI coding tools have become the norm, with 72 percent of developers who have tried these tools using them every day or multiple times a day. And only six percent report occasional usage, meaning less than once a week.

Devs say 42 percent of their code includes significant assistance from AI models, a share they expect will reach 65 percent by 2027, up from just six percent in 2023.

The types of software projects where these developers are using AI tools range from prototypes (88 percent) to internal production software (83 percent), production software for customer-facing applications (73 percent), and production software for critical business services (58 percent).

The most commonly used code tools are: GitHub Copilot (75 percent), ChatGPT (74 percent), Claude/Claude Code (48 percent), Gemini/Duet AI (37 percent), Cursor (31 percent), Perplexity (21 percent), OpenAI Codex (21 percent), JetBrains (17 percent), Amazon Q Developer (12 percent), Windsurf (8 percent), and others (37 percent).

But the growing usage of AI tooling has, according to Sonar, created a verification bottleneck.

"This verification step isn't trivial," the report says. "While AI is supposed to save time, developers are spending a significant portion of that saved time on review. Nearly all developers (95 percent) spend at least some effort reviewing, testing, and correcting AI output. A majority (59 percent) rate that effort as 'moderate' or 'substantial.'"

According to the survey, 38 percent of respondents said reviewing AI-generated code requires more effort than reviewing human-generated code, compared to 27 percent who said the opposite.

"We are witnessing a fundamental shift in software engineering where value is no longer defined by the speed of writing code, but by the confidence in deploying it," said Tariq Shaukat, CEO of Sonar, in a statement. "While AI has made code generation nearly effortless, it has created a critical trust gap between output and deployment."

Sonar cites remarks by Amazon CTO Werner Vogels to buttress the company's argument for more robust code verification.

Speaking at AWS re:Invent 2025, Vogels said, "Now, the world is changing. You will write less code, 'cause generation is so fast, you will review more code because understanding it takes time. And when you write a code yourself, comprehension comes with the act of creation. When the machine writes it, you'll have to rebuild that comprehension during review. That's what's called verification debt."

That, said Vogels, is one of the two challenges he hears about from developers. The other, he explained, is hallucination. That's the anthropomorphic term for the tendency of AI models to make errors.

There are other challenges though for the companies employing these developers. Thirty-five percent of devs report using AI coding tools from personal accounts rather than corporate ones – perhaps unsurprising given Microsoft's recent call to take personal Copilot subscriptions to work, a position it subsequently argued against.

Developers say the shift toward AI tools has both benefits (93 percent) and drawbacks (88 percent). They appreciate, for example, that AI helps make the documentation process better (57 percent) and helps with creating test coverage (53 percent). They're less thrilled about code that looks correct but isn't (53 percent) or is unneeded or redundant (40 percent).

The report also notes that despite 75 percent of developers saying that AI reduces the amount of unwanted toil (managing technical debt, debugging legacy or poorly documented code, etc.), the reality is that AI tools just shift that work to new areas, like "correcting or rewriting code created by AI coding tools."

"Interestingly, the amount of time spent on toil (an average of 23-25 percent) stays almost exactly the same for developers who use AI coding tools frequently and for those who use them less often," the report says. ®

More about

Narrower topics

Broader topics

More about

Narrower topics

Broader topics

Send us news

Other stories you might like

The Register Biting the hand that feeds IT

Copyright. All rights reserved © 1998–2025