Before writing the first line of code by Cloud Code, Versailles Vibe was already in the coding space with its v0 service.
The basic idea behind the original v0, which was launched in 2024, was to essentially be version 0. That is, the earliest version of an application, helping developers solve the blank canvas problem. Developers could suggest their own way to scaffold user interface (UI) that looked good, but the code was disposable. Those prototypes required rewriting to get them into production.
Over 4 million people have used v0 to create millions of prototypes, but the platform was missing the elements needed to get into production. This challenge is familiar to Vibe coding tools, as there is a gap between what tools are provided and what enterprise builders need. cloud codeFor example, effectively generates backend logic and scripts, but does not deploy the production UI within existing company design systems while enforcing security policies
This creates what Versal CPO Tom Ocino says "The world’s biggest shadow IT problem." AI-enabled software creation is already happening inside every enterprise. The credentials are copied into prompts. Company data flows into unmanaged tools. Apps are deployed outside the approved infrastructure. There is no audit trail.
Vercel rebuilt v0 to address this production deployment gap. The new version, generally available today, imports existing GitHub repositories and automatically pulls environment variables and configurations. It generates code in a sandbox-based runtime that maps directly to a real Vercel deployment and applies security controls and proper Git workflow, while allowing non-engineers to ship production code.
"The really nice thing about V0 is that you still have the code visible and reviewable and controlled," Aucino told VentureBeat in an exclusive interview. "Teams collaborate on product, not PRDs and other things."
This change matters because most enterprise software work happens on existing applications, not new prototypes. Teams need tools that integrate with their current codebase and infrastructure.
How v0’s Sandbox Runtime connects AI-generated code to existing repositories
The original v0 created UI scaffolding from prompts and let users iterate through interactions. But the code lived in v0’s isolated environment, which meant that taking it to production required copying files, rewriting imports, and linking everything together manually.
Rebuilt v0 fundamentally changes it by directly importing existing GitHub repositories. The sandbox-based runtime automatically pulls environment variables, deployments, and configurations from Vercel, so each prompt generates production-ready code that already understands the company’s infrastructure. The code lives in the repository, not in a separate prototyping tool.
Previously, v0 was a separate prototyping environment. Now, it’s connected to the real codebase with the full VS Code built in interface, meaning developers can edit code directly without switching tools.
A new git panel handles the proper workflow. Anyone on the team can create branches from within v0, open a pull request against master, and deploy to merge. Pull requests are first-class citizens and previews map directly to actual Vercel deployments, not isolated demos.
This matters because product managers and marketers can now push production code through a proper Git workflow without the need for a local development environment or handing code snippets to engineers for integration. The new version also adds direct integration with Snowflake and AWS databases, so teams can wire apps to production data sources with proper access controls built-in, rather than requiring manual work.
Vercel’s React and Next.js Experience v0 deployment infrastructure explained
Before joining Vercel in 2023, Ocino spent a dozen years as an engineer at Meta (formerly Facebook) and helped lead the development of that company’s widely used React JavaScript framework.
Vercel’s claim to fame is that its company founder, Guillermo Rauch, is the creator of Next.js, a full-stack framework built on top of React. In the vibe coding era, Next.js has become an increasingly popular framework. The company has recently published a list Feedback on best practices Specifically designed to help AI agents and LLMs get the job done.
The Vercel platform incorporates best practices and learnings from Next.js and React. That decade of building the framework and infrastructure means that v0 outputs production-ready code that deploys on the same infrastructure that Vercel uses for millions of deployments annually. The platform includes agentive workflow support, MCP integration, web application firewall, SSO, and deployment security. Teams can open any project in a cloud dev environment and make changes to Vercel preview or production deployment in one click.
While there’s no shortage of competing offerings in the Vibe coding space, including Replit, Lovable, and Cursor, among others, it’s the core infrastructure that Ochino sees that stands out.
"The biggest differentiator for us is the Versal infrastructure," Ochino said. "It has been building managed infrastructure, framework-defined infrastructure, and now self-driving infrastructure for the last 10 years."
Why does vibe coding security require infrastructure controls, not just policy?
The shadow IT problem isn’t whether employees are using AI tools. This is because most Vibe coding tools work entirely outside of the enterprise infrastructure. Credentials are copied into prompts because there is no secure way to connect the generated code to the enterprise database. Apps deploy to public URLs because the tools are not integrated with company deployment pipelines. Data leaks occur because visibility controls are not in place.
The technical challenge is that securing AI-generated code requires controlling where it runs and who it can access. Policy documents don’t help if the tooling itself can’t enforce those policies.
This is where infrastructure matters. When vibe coding tools work on different platforms, enterprises face a choice: block the tool entirely or accept the security risk. When the Vibe coding tool runs on the same infrastructure as the production deployment, security controls can be automatically applied.
v0 runs on Vercel’s infrastructure, meaning enterprises can set deployment security, visibility controls, and access policies that apply to AI-generated code the same way they apply to hand-written code. Direct integration with Snowflake and AWS databases lets teams connect to production data with appropriate access controls instead of copying credentials across signals.
"IT teams are comfortable with what their teams are building because they have control over who has access," Ochino said. "They have control over what those applications have access to from Snowflake or the data system."
Generative UI vs Generative Software
In addition to the new version of V0, Vercel has recently introduced a generative UI technology called json-render.
v0 is what Vercel calls generative software. This differs from the company’s json-render framework for true generative UI. Vercel software engineer Chris Tate explained that v0 builds full-stack apps and agents, not just the UI or frontend. In contrast, json-render is a framework that enables AI to generate UI components directly at runtime by outputting JSON instead of code.
"AI doesn’t write software," Tate told VentureBeat. "It plugs directly into the rendering layer to create intuitive, personalized interfaces on demand."
The difference matters for enterprise use cases. Teams use v0 when they need to build entire applications, custom components, or production software.
They use JSON-rendering for dynamic, personalized UI elements within applications, dashboards tailored to individual users, contextual widgets, and interfaces that react to changing data without code changes.
Both leverage the AI SDK infrastructure that Vercel has built for streaming and structured output.
Three lessons enterprises learned from adopting Vibe Coding
As enterprises adopted Vibe coding tools over the past two years, several patterns emerged regarding AI-generated code in production environments.
Lesson 1: Prototyping without production deployment creates false progress. Enterprises saw teams create impressive demos in early versions of v0, then hit a wall in taking those demos to production. The problem was not the quality of the code generated. This meant that the prototypes lived in separate environments from the production infrastructure.
"While demos are easy to create, I think most of the iteration happening on these code bases is happening on actual production apps," Ochino said. "90% of what we need to do is make changes to the existing code base."
Lesson 2: The software development lifecycle has already changed, whether enterprises planned for it or not. Domain experts are building the software directly instead of writing Product Requirements Documents (PRDs) for engineers to interpret. Product managers and marketers ship features without waiting for engineering sprints.
This shift means enterprises need tools that maintain code visibility and governance while enabling non-engineers to run the ship. The alternative is creating barriers by forcing all AI-generated code through the traditional development workflow.
Lesson 3: Blocking the Vibe Coding tool doesn’t stop Vibe Coding. This pushes the activity out of IT’s visibility. Enterprises that attempt to restrict AI-powered development somehow find employees using the tools, creating a massive shadow IT problem.
The practical implication is that enterprises should focus less on allowing vibe coding and more on ensuring that it occurs within an infrastructure that can enforce existing security and deployment policies.
<a href