Ask HN: Are diffs still useful for AI-assisted code changes?
7 pointsby nuky23 days ago7 comments
  • ccoreilly23 days ago
    There‘s many approaches being discussed and it will depend on the size of the task. You could just review a plan and assume the output is correct but you need at least behavioural tests to understand what was built fulfilled the requirements. You can split the plan further and further until the changes are small enough to be reviewable. Where I don’t see the benefit is in asking an agent to generate test as it tends to generate many useless unit tests that make reviewing more cumbersome. Writing the tests yourself (or defining them and letting an agent write the code) and not letting implementation agents change the tests is also something worth trying.

    The truth is we’re all still experimenting and shovels of all sizes and forms are being built.

    • nuky23 days ago
      That matches my experience too - tests and plans are still the backbone.

      What I keep running into is the step before reading tests or code: when a change is large or mechanical, I’m mostly trying to answer "did behavior or API actually change, or is this mostly reshaping?" so I know how deep to go etc.

      Agree we’re all still experimenting here.

  • 19 days ago
    undefined
  • csomar23 days ago
    I'm working on a similar tool (https://codeinput.com/products/merge-conflicts/online-diff), specifically focusing on how to use the diff results. For semantic parsing, I think the best option available right now is Tree-sitter (https://tree-sitter.github.io/tree-sitter), which has decent WASM support. If this interests you, feel free to shoot me an email. I'm always looking to connect with other devs who want to discuss this stuff.
    • nuky22 days ago
      Oh yeah tree-sitter it's a great foundation for semantic structure.

      What I'm exploring is more about what we do with that structure once someone/smth starts generating thousands of changed lines: how to compress change into signals we can actually reason about.

      Thank you for sharing. I'm actually trying your tool right now - it looks really interesting. Happy to exchange thoughts.

      • csomar22 days ago
        Feel free to shoot me an email (your email is not visible on your profile).
  • veunes23 days ago
    I totally get the fear regarding probabilistic changes being reviewed by probabilistic tools. It's a trap. If we trust AI to write the code and then another AI to review it, we end up with perfectly functioning software that does precisely the wrong thing.

    Diffs are still necessary, but they should act as a filter. If a diff is too complex for a human to parse in 5 minutes, it’s bad code, even if it runs. We need to force AI to write "atomically" and clearly; otherwise we're building legacy code that's unmaintainable without that same AI

    • nuky22 days ago
      Agreed - that trap is very real. The open question for me is what we do when atomic, 5min readable diffs are the right goal but not realistically achievable always. My gut says we need better deterministic signals to reduce noise before human review. Not to replace it.
  • DiabloD323 days ago
    You know there are other kinds of diffs, right?

    Its common to change git's diff to things like difftastic, so formatting slop doesn't trigger false diff lines.

    You're probably better off, FWIW, just avoiding LLMs. LLMs cannot produce working code, and they're the wrong tool for this. They're just predicting tokens around other tokens, they do not ascribe meaning to them, just statistical likelihood.

    LLM weights themselves would be far more useful if we used them to indicate statistical likelihood (ie, perplexity) of the code that has been written; ie, strange looking code is likely to be buggy, but nobody has written this tool yet.

    • nuky23 days ago
      It was precisely because this was going too far that I thought the consequences of the active adoption of LLM tools could be made visible. I'm not saying LLM is completely bad—after all, and not all tools, even non-LLM ones, are 100% deterministic. At the same time, reckless and uncontrolled use of LLM is increasingly gaining ground not only in coding but even in code analyze/review.
    • nuky23 days ago
      Yeah difftastic and similar tools help a lot with formatting noise really.

      My question is slightly orthogonal though: even with a cleaner diff, I still find it hard to quickly tell whether public API or behavior changed, or whether logic just moved around.

      Not really about LLMs as reviewers — more about whether there are useful deterministic signals above line-level diff.

      • veunes23 days ago
        The tools exist, they're just rarely used in web dev. Look into ApiDiff or tools using Tree-sitter to compare function signatures. In the Rust/Go ecosystem, there are tools that scream in CI if the public contract changes. We need to bring that rigor into everyday AI-assisted dev. A diff should say "Function X now accepts null", not "line 42 changed"
  • nuky23 days ago
    Just to clarify - this isn’t about replacing diffs or selling a tool

    I ran into this problem while reviewing AI-gen refactors and started thinking about whether we’re still reviewing the right things. Mostly curious how others approach this.

  • uhfraid23 days ago
    > How do you review large AI-assisted refactors today?

    just like any other patch, by reading it

    • veunes23 days ago
      Reading works when you generate 50 lines a day. When AI generates 5,000 lines of refactoring in 30 seconds, linear reading becomes a bottleneck. Human attention doesn't scale like GPUs. Trying to "just read" machine-generated code is a sure path to burnout and missed vulnerabilities. We need change summarization tools, not just syntax highlighting
      • uhfraid20 days ago
        Whether you or someone/something else wrote it is irrelevant

        You’re expected to have self-reviewed and understand the changes made before requesting review. You must to be able to answer questions reviewers have about it. Someone must read the code. If not, why require a human review at all?

        Not meeting this expectation = user ban in both kernel and chromium

      • nuky22 days ago
        This is exactly the gap I'm worried about. human review still matters, but linear reading breaks down once the diff is mostly machine-generated noise. Summarizing what actually changed before reading feels like the only way to keep reviews sustainable.
    • nuky23 days ago
      fair — that’s what I do as well)