The rise of AI-powered code generation tools is reshaping how developers write software - and introducing new risks to the software supply chain in the process. AI coding assistants, like large language models in general, have a habit of hallucinating. They suggest code that incorporates software packages that don't exist. As we noted in March and September last year, security and academic researchers have found that AI code assistants invent package names. In a recent study, researchers found t...