Sauce Labs Survey Reveals: Majority of Developers Are Pushing Code to Production Without Testing, Circumventing Security Protocols, Relying on ChatGPT

Two-Thirds Push Code to Production Without Testing, 60 Percent Admit to Using Untested Code Generated By ChatGPT, 70 Percent Use Coworkers’ Credentials, and More

SAN FRANCISCO, Oct. 03, 2023 (GLOBE NEWSWIRE) -- Sauce Labs Inc, the leading provider of continuous testing and scalable test automation solutions, today released new survey data to quantify the extent of the most common transgressions from “Lazy Developers.” Against the backdrop of significant layoffs in 2023, the report, which surveyed 500 U.S.-based full-time developers, investigates the prevalent IT trope, exploring the accuracy of the “Lazy Developer” stereotype and the underlying industry practices that perpetuate it.

Pushing Code to Production and Merging Pull Request Without Review

Developers pushing code to production without the proper testing or merging pull requests without review can risk software quality, user experience, and system stability, with potential security vulnerabilities that could harm brand reputation and finances.

  • 67% of respondents admitted to pushing code to production without testing
  • 68% of developers merge their own pull requests without a review, and 28% report doing so often or very often

The Temptations and Follies of ChatGPT

Developers are leaning on AI and large language models to write code faster, even though using untested code generated by platforms like ChatGPT is highly risky.

  • 60% of developers admit to using untested code generated by ChatGPT
  • More than a quarter (26%) of developers admit to doing so regularly

Security Protocol Circumvention

While the below discrete transgressions may seem low risk, in the aggregate they create a tremendous amount of surface area for bad things — from security hacks to service outages to critical software bugs — to transpire.

  • 70% of respondents used coworkers' credentials to bypass company restrictions
  • 60% admitted to sharing unredacted data with an unauthorized individual when troubleshooting or fixing a process
  • 70% admitted to bypassing data encryption when transferring sensitive data to make the process faster or simpler

U-Shaped Age Dynamics

Age-related trends suggest that the youngest developers surveyed (ages 18-24) and the oldest developers surveyed (ages 58+) are more likely to follow conservative review practices.

  • 92% of respondents ages 58+ report that they have rarely or never pushed to prod without testing in their current job
  • 73% of respondents ages 18-24 report that they have rarely or never pushed to prod without testing in their current job
  • Developers aged 25-41 are the most likely to regularly merge without review (32%); the number dips to 23% of the 42-57 age group

The report reveals that organizations are facing bigger challenges than just the “Lazy Developer,” which signals the need for more drastic organizational reforms.

“Developers are the backbone of the digital experiences that run our world — from banking to commerce to media and more. They write and deliver code that drives innovation forward, but restricted resources, increased pressure to ship at a higher velocity, and roadblocks in the DevOps toolchain stand in their way,” said Dave Rhodes, CEO of Sauce Labs. “It’s incumbent upon leaders to create an environment for developers to thrive by establishing realistic expectations, fostering a culture centered on quality and safety, and offering resources and tools that align with contemporary development methods. Tackling these challenges will ensure high quality, secure code that improves the user experiences.”

"Traditionally developers have to make a tradeoff between security and convenience," said Avery Pennarun, co-founder and CEO of Tailscale, a leader in zero trust networking. "If it doesn't cause pain, can it really be secure? At Tailscale, we want to make the path of least resistance the safest one. When you do that, devs start doing the right thing by default. They feel like the security team is their partner instead of a barrier.”

To review the full survey report, please visit: To learn more about Sauce Labs and its suite of testing and error-reporting solutions, visit

About Sauce Labs
Sauce Labs is a leader in providing cutting-edge continuous testing and error-reporting solutions that streamline the creation, delivery, and enhancement of high-quality code. With over five billion tests performed on its cloud test infrastructure that includes a unified data intelligence layer, Sauce Labs provides a complete solution to optimize testing speed, efficiency, and scalability.

The research consisted of a survey of 500 developers conducted between July 22 and August 1, 2023. The sample includes frontend, backend, and full stack developers, with insights drawn from their experiences and practices. The study was commissioned by Sauce Labs and executed by OnePoll, whose team members are members of the Market Research Society and have corporate membership to the American Association for Public Opinion Research (AAPOR) and the European Society for Opinion and Marketing Research (ESOMAR).