Sauce Labs exposes some developers’ risky habits

Ryan Daws is a senior editor at TechForge Media, with a seasoned background spanning over a decade in tech journalism. His expertise lies in identifying the latest technological trends, dissecting complex topics, and weaving compelling narratives around the most cutting-edge developments. His articles and interviews with leading industry figures have gained him recognition as a key influencer by organisations such as Onalytica. Publications under his stewardship have since gained recognition from leading analyst houses like Forrester for their performance. Find him on X (@gadget_ry) or Mastodon (@gadgetry@techhub.social)


A survey by Sauce Labs of 500 US-based developers has put the spotlight on some concerning practices.

One alarming discovery was the tendency of developers to push code to production without adequate testing. 67 percent of respondents admitted to this practice, jeopardising software quality, user experience, and system stability.

Additionally, 68 percent confessed to merging their own pull requests without review—raising concerns about potential security vulnerabilities.

The rise of AI and large language models has enabled developers to write code swiftly. However, this has led to another concerning trend. 60 percent of developers admit to using untested code generated by platforms like ChatGPT. This reliance on unverified AI-generated code poses significant risks to software integrity.

Beyond the surface, more subtle security protocol breaches were also discovered.

A shocking 70 percent of respondents confessed to using coworkers’ credentials to bypass company restrictions. Additionally, 60 percent admitted to sharing unredacted data without authorisation, and another 70 percent bypassed data encryption to expedite processes. These seemingly minor transgressions collectively create ample opportunities for security hacks and critical software bugs.

The survey indicated that the youngest developers (18-24) and the oldest (58+) adhered to more conservative review practices. However, developers aged 25-41 were found to be the most likely to merge without review—indicating a potential generational divide in risk tolerance.

Need for organisational reforms

This survey demonstrates that the industry faces challenges beyond the “lazy developer” stereotype.

“Developers are the backbone of the digital experiences that run our world — from banking to commerce to media and more. They write and deliver code that drives innovation forward, but restricted resources, increased pressure to ship at a higher velocity, and roadblocks in the DevOps toolchain stand in their way,” said Dave Rhodes, CEO of Sauce Labs.

“It’s incumbent upon leaders to create an environment for developers to thrive by establishing realistic expectations, fostering a culture centred on quality and safety, and offering resources and tools that align with contemporary development methods. Tackling these challenges will ensure high quality, secure code that improves the user experiences.”

The revelations in the survey underscore the critical need for organisations to reevaluate their approach to development. The balance between speed and security must be struck, fostering an environment where developers can excel without compromising software quality or user safety.

You can find the complete report here.

(Photo by Casey Horner on Unsplash)

See also: GitHub launches Innovation Graph for interactive development insights

Want to learn more about cybersecurity and the cloud from industry leaders? Check out Cyber Security & Cloud Expo taking place in Amsterdam, California, and London. The comprehensive event is co-located with AI & Big Data Expo Europe.

Explore other upcoming enterprise technology events and webinars powered by TechForge here.

Tags: , , , , , , , , , , ,

View Comments
Leave a comment

Leave a Reply

Your email address will not be published. Required fields are marked *