An analysis published today by Opsera, a provider of a DevOps platform, finds that while adoption of artificial intelligence (AI) coding tools has increased developer productivity they also create more duplicate code, resulting in 15 to 18% more security vulnerabilities per line of code compared to code created by a human developer.
Overall, the Opsera report finds 90% of the enterprise organizations it was able to analyze have adopted AI coding tools, with AI-assisted workflows, on average, achieving a 48–58% faster time-to-pull request (PR). However, AI-generated pull requests wait 4.6x longer for review than pull requests created by human developers, the report finds.
Vishnu Vasudevan, chief product officer at Opsera, said the report makes it clear that while developers are becoming more productive they are both creating new DevOps bottlenecks and aggravating existing issues as the number of pipelines being created continues to increase.
Unless DevOps teams find ways to address those issues the rate at which code is being developed will prove unsustainable as the overall amount of technical debt being added continues to increase, he added.
In theory, DevOps teams could in the short term make more efficient use of existing pipelines to address that issue but compliance mandates in regulatory industries require DevOps teams to have a distinct isolated pipeline for every repository, noted Vasudevan. Those organizations will find it especially challenging to cope with the volume of code that is only going to continue to exponentially increase as more code is pushed through a single pipeline, said Vasudevan.
Despite those sustainability concerns, organizations continue to invest in AI coding tools. A recent survey conducted by the Futurum Group finds organizations plan to increase investment in generative artificial intelligence (AI) (40%), followed closely by AI and machine learning (ML) technologies (39%) and applying AI to IT operations (37%), also known as AIOps, over the next 12 to 18 months. The top areas of investment over the same period are AI Copilot/AI code tools (38%), AI agent development (37%), AI-assisted testing (37%) followed closely by DevOps (37%), automated deployment (34%), software security testing (31%).
On one level the impact AI coding tools are having on DevOps pipelines is not entirely unexpected. Many of those pipelines were inefficient long before AI coding tools arrived. However, to truly increase productivity to the point where more applications are actually being built and deployed it’s apparent more AI will need to be applied to DevOps workflows. The degree to which organizations are ready to apply AI to those workflows, however, varies widely. In many cases, DevOps teams are simply encountering the same bottlenecks faster, only more frequently and at higher levels of scale.
Eventually, most organizations will be able to apply AI to reduce those bottlenecks but there will for the foreseeable future be a need for a software engineer to orchestrate workflows and validate outputs. The only thing that remains to be seen is to what degree DevOps engineers may be able to rely on AI agents to manage codebases at a level of scale that not too long ago would have seemed unimaginable.
