top of page
  • Writer's pictureWessel Swanepoel
    • Feb 19
    • 5 min read

Dev Oops: How to save time developing with ChatGPT

What is ChatGPT and how can it be used as a development tool?


ChatGPT is a large language model created by OpenAI that uses deep learning techniques to generate human-like text responses to various inputs.


Chat GPT's application in the average software developer's workflow are numerous. I've personally been using it in my day-to-day dev endeavors wherever I can to test out its capabilities and effectiveness for just over a month and I am equal parts impressed and uncomfortable!


What follows are a few use cases and examples where I've personally saved time using it:


Regular expressions

The old adage "I used regular expressions to solve my problem, now I have two problems" still holds true today, 5 decades after its first use in QED back 1968.


Developers who can read and write these mystical hieroglyphics of immense power are known as Gods among men, but for the first time, I feel ChatGPT has democratized the ancient art for the rest of us mere mortals:

I didn't even need to ask ChatGPT to provide me with a JavaScript example as from the last 5 times I've posed the question, it just assumed I would. Incredible!



Research Software/Framework Features

I often need to quickly determine if a specific software tool I'm using can do something or not, or if a feature I'm considering implementing can be achieved easily in a specific framework/language. The answer can naturally be found in the documentation, but it can take a considerable amount of time to find what you're looking for, especially in very mature and feature rich ecosystems such as .net.


Application feature requests

While I was testing an API using Postman, I wondered if I could save myself some time by simply exporting the Postman-collection I'd been working on into a workable Swagger Definition to share with other developers:

Neat!


Framework Features

I was considering building an API that would execute arbitrary scripts against a provided dataset to add some much-needed string manipulation features to Microsoft's Cloud Flow platform (more on that in a future blog post).


Such a feature had obvious security risks and I needed to determine from a basket of tools I like using which approach would be best. I considered .Net (C#) or Node.js (JavaScript) - researching this problem in both languages and frameworks would have easily cost me an hour of research, but posing three simple questions got me the answer in just over a minute.


First let's consider running dynamic c# in .Net...

That sounds like a lot of work, and I'm unsure how AppDomains behave in environment like AWS' Lambda of Azure Functions.


Let's consider running JavaScript in .Net:

Seems doable, but those pesky object and dynamic keywords might be a problem...


Let's finally consider Dynamic JavaScript in Node.js:

The answer was obvious - the Node.js implementation would be much simpler to implement and the built in capabilities of Node's vm library made it concise and secure. The code provided by ChatGPT gave me a good head start in terms of libraries and structure to use.



SDK Capabilities

I wanted to implement a home automation idea that was a little meatier than I was comfortable implementing in Home Assistant's built in automation tools. I wonder if I can write automations in my go to programming language?

Yes, you can, and here's some scaffolding to get you started.


Generate dummy data.

I often need to test some process against a set of dummy data, why not ask ChatGPT to do that?

CSV Format? No problem!


JSON format? Of course!




How do I do "x" in "y"

Generate small code snippets, demonstrating specific features.

I've found using ChatGPT to generate example code snippets for well-defined byte sized actions to be the best use of its capabilities. For example:


Web Requests in Haskell?

Let's say I needed to do perform a common activity in a language that I'm not all that familiar with?


The above already gave me a good overview of the libraries and structure to follow, I can then build on the complexity of the code snippet:


Spyware in Swift?

Perhaps we need to quickly bash together a GPS tracker to stalk... err I mean make sure our partners are safe!?

----- Trimmed for brevity -----



Generating complex code

My personal experience using ChatGPT to write substantial pieces of code felt a little like working with a developer fresh out of varsity. They can probably get 90% of the way with a good brief, but you need to carefully review the code for logic and security issues.


SQL Injection Vulnerabilities in PHP code - of course!

The above code is obviously vulnerable to SQL injection attacks. If we were to post a username of "1'; drop table users; --" we'd be minus a user's table as the resulting sql statement would be:

SELECT * FROM users WHERE username='1'; drop table users; --' AND password='doesn't matter'


Funny enough, when I made chat GPT aware of the fact, it produced a second script that was much better!





Let's travel the world!

Inspired by the dummy data generation features, I thought I'd try a more complex example.

Chat GPT's first attempt is astounding! Instead of dumping megabytes worth of data, it proposed a python script that could do the same.


The script had some issues though. It was missing an import and, strangely, limited the dataset to the first 20 rows. So, I asked it to remove the limitation and added a bit more context:


At first glance, the above code seems legit however on closer inspection it seems that ChatGPT flipped the signage on both lon/lat updates - meaning we'd be travelling in a north easternly direction instead of a south easternly direction from Pretoria to Middelburg:

We'll get there eventually, after taking 203 round trips around the globe though! The script in practice would likely never finish as it would flood your RAM way before reaching Middelburg!



Let's upload some backdoors!

If you ask ChatGPT to provide some basic example code to upload files, it will do a pretty good job! There's nothing inherently wrong with the code provided, but if you were hosting this site with a basic file serving configuration (which is 90% of the time the case) you'd be opening yourself up to backdoor injection as an attacker could simply upload a .php file with a reverse shell and execute it through the browser.


Again, you could get a solution from ChatGPT if you noticed this issue:



Conclusion

ChatGPT's capabilities are frighteningly powerful and its fair to say it will only improve.


Its ability to provide answers to questions in a fraction of the time it would have taken to get the same from peers or google/stackoverflow searches makes it a "should use".


Its ability to generate code snippets, dummy data, test cases and answer the questions you were too afraid to ask makes it a "must use"!





18 views0 comments
bottom of page