Amazon CodeWhisperer users will now be able to leverage AI-powered code remediation tools as part of a raft of updates to the coding assistant.
The updates, unveiled ahead of AWS re:Invent 2023, will enable generative AI-powered code suggestions to help users remediate security and code quality issues.
AWS said the feature roll-out is part of a concerted focus to weed out hard-to-find security vulnerabilities that typically evade built-in security scans.
Built-in security scanning is performed to detect common issues, such as log injection risks or exposed credentials.
“These new enhancements to Amazon CodeWhisperer help to enable faster and more efficient software development by offloading undifferentiated work and delivering more automation, security, efficiency, and accelerated code delivery for customers, and provides this support in more places where developers love to work,” the firm said in a statement.
Supercharging security with Amazon CodeWhisperer
As part of the feature update, CodeWhisperer code suggestions will automatically remediate identified vulnerabilities.
During the scanning process, users will be presented with code suggestions that can be easily accepted to close vulnerabilities. The feature will be specifically tailored to users’ application code, AWS said, enabling users to "quickly accept fixes with confidence”.
In a blog post, AWS’ Irshad Buchh said the tool will improve developer productivity by reducing the burden of manual code reviews, allowing them to focus on alternative tasks in their daily workflow.
Read how organizations are accelerating the training and deployment of machine learning models at scale.
“Generative AI-powered code suggestions speed up the process of addressing security issues, so you can focus on higher-value work instead of manually reviewing code line by line to find the correct solution,” he said.
Security scanning in CodeWhisperer is already available for Java, Python, and JavaScript. Code suggestions to remediate vulnerabilities will be available for all three languages.
Infrastructure as Code announcements
In addition to AI-powered security scanning capabilities, CodeWhisperer will also offer support for Infrastructure as Code (IaC).
This will apply to AWSCloudFormation (YAML, JSON), AWS CDK (Typescript, Python), and HashiCorp Terraform (HCL).
Buchh said the update will streamline efficiency of IaC script development, enabling devs and DevOps teams to “write infrastructure code seamlessly”.
With support for multiple IaC languages, CodeWhisperer promotes collaboration and consistency across diverse teams,” he said. “This marks a significant advancement in cloud infrastructure development, offering a more streamlined and productive coding experience for users.”
CodeWhisperer is coming to Visual Studio
CodeWhisperer is also now available in Visual Studio 2022 in a preview, AWS confirmed.
The integration of the coding assistant within Visual Studio will enable developers to build applications faster by drawing on real-time code suggestions for C#, the firm said.
This roll-out will automatically flag code suggestions that resemble publicly available code, the firm said. This will include insights on repository URLs and licenses if code is highlighted as similar to public code.
