《我是如何学会不再焦虑并爱上氛围编码的.pdf》由会员分享,可在线阅读,更多相关《我是如何学会不再焦虑并爱上氛围编码的.pdf(25页珍藏版)》请在三个皮匠报告上搜索。
1、How I Learned to Stop Worrying and Love Vibe CodingSecurity Edition Im Jon Zeolla Founder,SANS Instructor SEC540(Cloud Native),SEC545(GenAI)Open Source(CNCF,ASF,OpenSSF,)Conference Organizer Pittsburgh,PAStep 1:Build a Baseline Design your repo structure Write Instructions for your AI tools to follo
2、w Use preferred tooling for builds,tests,and deploys Implement tests Make updates easy Build pipelines for CI,CD,and security scansAI Native PythonStep 2:Spec Driven DevelopmentSpecifications:GherkinFeature:Create itemScenario:Happy path Given I have a valid JWT And a payload name:Widget,price:9.99
3、When I POST to/api/v1/items Then the response code is 201 And the body has fields id(uuid),created_at(ISO 8601)And name=Widget and price=9.99Scenario:Validation failure Given a payload name:,price:-1 When I POST to/api/v1/items Then the response code is 400 And the body explains missing/invalid fiel
4、dsScenario:Unauthorized Given no Authorization header When I POST to/api/v1/items Then the response code is 401Specifications:EARSEasy Approach to Requirements SyntaxUbiquitous requirementsState driven requirementsEvent driven requirementsOptional feature requirementsUnwanted behaviour requirementsC
5、omplex requirementsSpecifications:EARSWhen an authenticated client submits a valid JSON payload name:string,price:decimal to POST/api/v1/items,the Items API shall create the item and respond 201 Created with body id:UUID,created_at:ISO-8601,name,price.When the JSON payload is missing required fields
6、 or violates constraints(e.g.,empty name,negative price,wrong type,or max length exceeded),the Items API shall respond 400 Bad Request with a field-level error list(Problem Details JSON).When the request lacks a valid Authorization:Bearer (missing,expired,malf