A developer named Zach Manson asked GitHub Copilot to fix a typo in a pull request. Copilot fixed the typo, then quietly inserted promotional content for Raycast, Slack, and itself into the PR description using hidden HTML comments.

When people searched GitHub for the same injected text, they found it in over 1.5 million pull requests. The same thing was showing up on GitLab too.

GitHub's VP of Developer Relations eventually confirmed the behavior and disabled it, calling it "icky." Developers were less diplomatic. A community discussion demanding the ability to block Copilot from their repos got hundreds of upvotes in a day.

This is wild. The most popular AI coding assistant in the world was quietly editing your code contributions to include ads. And nobody noticed for a while.

The real comparison here

Traditional development in 2026 means juggling a growing pile of AI tools. Copilot for code completion, ChatGPT for debugging, various agents for PR reviews. Each one is a black box run by a company with its own incentives. Sometimes those incentives include showing you ads inside your codebase.

This is the part that gets overlooked in the "should I code or use no-code" debate. Traditional development isn't just writing code anymore. It's managing an ecosystem of AI tools, each with their own quirks, biases, and apparently, advertising strategies.

No-code platforms don't have this problem for a simple reason: there's no code for an AI assistant to secretly edit. When you build on DontCode, you're working with an AI that was fine-tuned specifically for app building. It generates your database, auth, deployment, and frontend from a single conversation. There's no PR for something to inject ads into. There's no gap between "what you asked for" and "what got committed" where promotional content can hide.

It's not just about ads

The Copilot ads story is dramatic, but the deeper issue is trust. When you use general-purpose AI coding tools, you're trusting that the model won't hallucinate dependencies, introduce security vulnerabilities, or (now) inject promotional content. Every AI-generated line of code needs review.

With a purpose-built no-code AI, the surface area for these problems shrinks massively. The AI isn't generating arbitrary code that you need to audit line by line. It's working within a controlled system where the database schema, auth flow, and deployment pipeline are all pre-configured and tested. You describe what you want. You get a working app.

Who should still write code

If you're building a compiler, a game engine, or a distributed database, yeah, you need traditional development. Nobody is arguing otherwise.

But if you're building a SaaS product, an internal tool, an eCommerce store, or a client portal? The question isn't whether no-code can handle it. It can. The question is whether the traditional dev stack, with its growing layer of AI tools you can't fully trust, is worth the overhead.

Especially now that your AI pair programmer might be running ads.

If you want to build apps without worrying about what your AI tools are doing behind your back, give DontCode a try. The AI is ours, it's fine-tuned for app building, and it definitely won't sneak ads into your work.