The market for AI coding assistants has split into two clearly defined camps.
Camp #1 – Full-featured graphical IDEs
Cursor, Windsurf, Zed + Cursor mode, VS Code with Continue + Copilot + many extensions, IntelliJ Ultimate with AI Assistant, etc.
Polished UI, inline completions, chat panels, debugging integration, project-wide indexing.
Typical costs: 8–40 s startup, 4–8 GB RAM, mandatory indexing of the whole repo, poor or no support for direct work over SSH on production/legacy servers.
Camp #2 – Terminal-first tools
vim, neovim, helix, kakoune, tmux… and aider.
Start in 200–400 ms, use 50–150 MB RAM, require only a terminal and git, work perfectly over SSH with no indexing step.
aider is a command-line tool that sends selected files + conversation to an LLM and applies the returned edits directly under git control. It is widely used by senior engineers, DevOps, SRE, and security teams for fast, targeted changes in large or old repositories where launching a heavy IDE is impractical.
Configuration
aider is configured via ~/.aider.conf.yml (or .aider.conf.yml in the repository) and command-line flags.
Common options include:
- choice of main and weak models
-
read:list to permanently attach markdown files with guidelines, conventions, security rules, etc. - toggles for auto-commits, pretty diffs, vim mode, prompt caching, etc.
One can use multiple profile YAML files placed in ~/.aider/profiles/ and switch between them with a little script that copies the selected profile to the active config file.
Here's a full example of such a script (/usr/local/bin/aider-switch):
#!/usr/bin/env bash
# aider-switch — switch profiles with a single command
set -euo pipefail
AIDER_DIR="$HOME/.aider"
PROFILES_DIR="${AIDER_DIR}/profiles"
CURRENT_LINK="${AIDER_DIR}/current"
CONFIG_FILE="${AIDER_DIR}/aider.conf.yml"
die() { echo "Error: $*" >&2; exit 1; }
[[ -d "$AIDER_DIR" ]] || die ".aider/ not found in $HOME"
[[ -d "$PROFILES_DIR" ]] || die ".aider/profiles/ missing in $HOME"
case "${1:-}" in
list|"")
echo "Available profiles:"
ls -1 "$PROFILES_DIR"/*.yaml 2>/dev/null | xargs -n1 basename | sed 's/\.yaml$//' | sed 's/^/ /'
[[ -f "$CONFIG_FILE" ]] && echo -e "\nCurrent → $(yq e '.model // "unknown"' "$CONFIG_FILE" 2>/dev/null || echo "unknown")"
exit 0
;;
*)
PROFILE="$1"
SRC="$PROFILES_DIR/$PROFILE.yaml"
[[ -f "$SRC" ]] || { echo "Profile '$PROFILE' not found"; exit 1; }
cp -f "$SRC" "$CONFIG_FILE"
ln -sf "$(basename "$SRC")" "$CURRENT_LINK" 2>/dev/null || true
echo "Switched to profile → $PROFILE"
yq e '.model // "unknown"' "$CONFIG_FILE" 2>/dev/null | sed 's/^/ model: /'
;;
esac
Usage:
aider-switch list
aider-switch security-review
aider-switch kubernetes-expert && aider
You keep a handful of YAML files in ~/.aider/profiles/ and a few markdown rule sheets nearby. One profile for backend work loads grok-4, turns on vim mode, and permanently attaches backend.md plus conventions-security.md. Another for security reviews swaps to claude-3.5-sonnet, cranks caution up, and locks onto security-review.md alone. DevOps profile picks a cheaper weak model and reads only kubernetes.md and ansible-conventions.md. Switch with aider-switch backend or aider-switch security-review and the model instantly forgets yesterday’s tone and remembers exactly who it is supposed to be today. Ten lines of bash give you twenty different personalities for the same binary. That is all there is to it.
Prompting is 95 % of success with aider. aider never tries to be smarter than you — it faithfully executes exactly what’s written in the profiles and the current request. No surprise refactoring, no “I thought this would be better.”
The markdown files loaded via read: act as permanent code review from your lead architect and security lead on every edit. The stricter and more concrete the rules, the safer and more predictable the output — even on the most powerful models.
Bad/empty profile + vague prompt = production chaos Good profile = katana instead of chainsaw
That’s why the real work with aider isn’t picking a model; it’s writing and maintaining evergreen profiles.
Example ~/.aider/profiles/backend.md:
# Backend Instructions
- Define clear APIs and contracts; version endpoints when needed.
- Validate and sanitize all inputs; enforce types and limits.
- Implement authn/authz consistently; least privilege by default.
- Handle errors with structured responses; avoid leaking internals.
- Add observability: logs, metrics, and traces for critical paths.
- Manage migrations carefully; ensure idempotent operations and rollbacks.
- Use timeouts/retries/circuit breakers for external calls.
- Protect secrets and credentials; rotate and scope access.
These files are loaded into context on every run and survive /clear. Write once — never repeat again.
Typical usage examples
aider src/api/users/*.py
# Migrate to Pydantic v2, follow the attached backend guidelines
aider --message-file security.md src/auth/*.py
# Look for SSRF, open redirects and credential leaks
aider deploy/values-prod.yaml
# Increase replicas to 12 and add the new nodeSelector
Security-sensitive environments
In security-sensitive environments (banks, healthcare, defense, government), running aider directly on a developer’s laptop is often forbidden by compliance. A single careless prompt could leak secrets to logs, exfiltrate context, or generate malicious code.
The gold standard fix: run aider inside an isolated Firecracker microVM (or gVisor/Kata). The microVM boots in ~120–150 ms, has its own kernel, zero network access, and only the current git repository is mounted — nothing else. Host keys, credentials, other projects, Docker sockets, and cloud access remain physically unreachable by the LLM process.
https://github.com/avkcode/firecracker-sandbox let you spin up the sandbox with one command while keeping your familiar vim/tmux workflow intact. The developer feels no difference, but the model is completely contained.
Summary
Heavy graphical AI IDEs and lightweight terminal tools such as aider address different workflows.
The graphical tools are preferred for long, exploratory development sessions on a local workstation.
Terminal tools are chosen when minimal latency, low resource usage, seamless SSH access, and strict control over context and edits take priority.
Most engineers use both categories, switching depending on the specific task.
Top comments (0)