Table of contents
Through these conversations, we’ve heard time and time again that GenAI Code Transparency – knowing how much code in a codebase came in full or in part from a GenAI tool – matters a lot.
What we didn’t expect to learn was how many different reasons why.
Here are nine reasons why developers and organizations care about GenAI Code Transparency.
- Transparency can increase GenAI adoption, leading to more developer job satisfaction and overall productivity. Many developers are excited to leverage GenAI to automate more tedious tasks or assist with reviews, prototyping, testing, and more. But others may be hesitant. One of the blockers we’ve heard is an “identity conversation”: am I a real developer if I use GenAI? We often respond by asking: Are you a real developer if you use Open Source? Of course the answer is yes, but in the early days of adoption having more data on peers’ usage helps developers feel more comfortable.
- If left unblended or “Pure”, GenAI code can be lower quality and not maintainable. When developers use code directly generated by AI without reviewing and modifying it, the resulting unblended code may not meet the same standards as human-written code. It could lack proper documentation, have confusing variable names, or use suboptimal algorithms and design patterns. Over time, too much unblended AI code can make the codebase harder to understand and maintain.
- Unblended code can be insecure. Despite significant investments by GenAI products to increase the security of the resulting code, GenAI tools do produce code with security issues. Companies should put their GenAI code through the identical security gates that the rest of their code receives. Large sections of unblended code could indicate that a security tool is not in place.
- Incorrect GenAI usage can lead to Intellectual Property (IP) Risk. In our view, users of GenAI tools do not face an IP risk relative to creators of the training set. However, there are two IP risk areas that companies need to take seriously: trade secret and copyright. For Trade Secret, if developers use consumer-grade GenAI tools rather than enterprise offerings, the company's proprietary code may be used to train those public models. Companies that plan to seek copyright protection on their code should consult with counsel. The Copyright Office has directed organizations to disclosure GenAI usage.
- Prepare for exit/ investment. GenAI code detection is already part of some investors’ and acquirers’ technical due diligences. Just like the use of Open Source, GenAI code can generate flags during diligence around IP risk and commercial defensibility. Having visibility into GenAI usage helps organizations stay ahead of any potential concerns.
- Demonstrate the ROI to Finance. Tracking metrics around GenAI usage and the resulting productivity gains can help justify the cost of enterprise GenAI tools to financial stakeholders.
- In the future, insurers and procurement offices may expect GenAI Code Transparency. Today, it is common to have to provide a Software Bill of Materials (SBOM) to understand the Open Source components in software they use for complex procurement processes and while getting certain kinds of insurance. As GenAI code usage expands, a "GBOM" (Generative AI Bill of Materials) may also become a common requirement.
- Some organizations are mandating transparency. For all of the above reasons, some organizations have set standards for tracking how much GenAI is used, and where.
- GenAI usage is important, and high-performing teams collect and analyze metrics that matter. Innovation-focused and data-driven Engineering leaders and teams we’ve spoken with are keen to learn from their GenAI usage to optimize it, including setting team-specific usage goals and boundaries.
Want to understand how much GenAI is in your code? Sign up for a free pilot today.