Podcasts about ci cd

Join Dan Vega and DaShaun Carter for an insightful session with Bruno Borges, Principal Product Manager at Microsoft, as we dive into the next generation of AI-assisted development. In this episode, we explore the GitHub Copilot CLI and the new Copilot Java SDK, uncovering how these tools are transforming the terminal into a powerful environment for Spring developers. Learn how to go beyond simple autocomplete, using agentic workflows to automate complex tasks like upgrading Spring Boot versions, refactoring legacy code, and streamlining Azure deployments. We'll also discuss how the Copilot Java SDK allows developers to embed AI capabilities directly into their own JVM-based tooling and CI/CD pipelines. You can participate in our live stream to ask questions or catch the replay on your preferred podcast platform.Show Notes: Bruno on X/TwitterBruno on LinkedInGitHub CopilotCopilot SDK

In aflevering 129 spreken Ronald en Jan met Jan Buurman van HCS Company iemand die al sinds zijn 17e in de IT zit en de evolutie van mainframes tot Kubernetes van dichtbij heeft meegemaakt Jan begon als COBOL-programmeur en groeide door richting organisatie, processen en platformstrategie Vanuit die brede ervaring kijkt hij anders naar Kubernetes dan veel engineers: niet als eindoplossing, maar als onderdeel van een groter geheel.Een van de scherpste inzichten uit het gesprek:Veel organisaties draaien al vijf jaar Kubernetes, maar hebben vaak nog maar 5–10% van hun applicatielandschap gemoderniseerd Volgens Jan ligt het echte probleem niet bij het platform, maar bij legacy-applicaties en de businesscontext eromheen. Hij deelt een confronterende anekdote van een overheidsorganisatie waar Kubernetes technisch succesvol was geïmplementeerd, maar het onderliggende probleem niet oploste, omdat de oude COBOL- en Oracle Forms-applicaties nog steeds herbouwd moesten worden We praten over:Waarom platform engineering niet automatisch modernisering betekentDe kloof tussen “de bubbel” en de realiteit bij developers buiten de cloud-native wereld Community-denken binnen organisaties als versneller voor standaardisatie AI als mogelijke katalysator om legacy sneller te migreren naar Kubernetes En waarom standaardisatie vaak het ondergeschoven kindje blijft Jan sluit af met een nuchtere blik op de toekomst van Kubernetes: niets is permanent in IT. Ook Kubernetes zal ooit verdwijnen — maar tot die tijd is het dé standaard Een aflevering over realisme, organisatieverandering en waarom techniek zelden het echte probleem is.Stuur ons een bericht.DevOps ConferenceThe Conference for CI/CD, Kubernetes, Platform Engineering & DevSecOps k8_Podcast voor 15% kortingSupport the showLike and subscribe! It helps out a lot.You can also find us on:De Nederlandse Kubernetes Podcast - YouTubeNederlandse Kubernetes Podcast (@k8spodcast.nl) | TikTokDe Nederlandse Kubernetes PodcastWhere can you meet us:EventsThis Podcast is powered by:ACC ICT - IT-Continuïteit voor Bedrijfskritische Applicaties | ACC ICT

Send a textWant a clear path from CISSP to top-tier pay without getting lost in buzzwords? We break down five high-income specialties that pair perfectly with CISSP leadership: modern GRC, cloud security as code, AI ethics and governance, advanced identity, and software supply chain security. Along the way, we unpack how AI reasoning tools like Claude Code Security are reshaping AppSec by cutting false positives and detecting logic flaws scanners miss, and we translate that shift into concrete workflows, better guardrails, and faster delivery.We start with the career pivot many leaders are making—moving from generalist security management to “decision architect.” That means pairing risk fluency with hands-on understanding of Terraform, Kubernetes, and CI/CD gates, then proving value through resilient architectures and evidence-driven dashboards for boards. You'll hear why GRC is exploding under new enforcement trends, how to automate continuous evidence to beat audit fatigue, and where vCISO opportunities command premium rates when strategy meets measurable outcomes.From there, we get practical. We walk through cloud guardrails that stop drift before it hits prod, share how to navigate shared responsibility with AWS and Azure, and outline identity-first zero trust that tames API key sprawl and enables passwordless access. On AI, we go deep on shadow AI containment, prompt-injection red teaming, model transparency, and data loss prevention tuned for embeddings—governance that accelerates, not blocks. Finally, we turn to software supply chain security: SBOM mandates, signed artifacts, dependency risk, and the DevSecOps policies that keep pipelines moving while raising assurance.If you're mapping your next move, we also compare salary bands across roles and highlight bridge certifications—CISM for program leadership, AI governance credentials for compliance depth, and CISA for audit rigor—to level up fast. Subscribe, share this with a teammate plotting their niche, and leave a quick review to tell us which specialty you're pursuing next.Gain exclusive access to 360 FREE CISSP Practice Questions at FreeCISSPQuestions.com and have them delivered directly to your inbox! Don't miss this valuable opportunity to strengthen your CISSP exam preparation and boost your chances of certification success. Join now and start your journey toward CISSP mastery today!

Trudno nie zgodzić się z tym, że tworzenie dokumentacji do oprogramowania wymaga wiedzy technicznej, szczególnie jeśli pracujesz w modelu docs as code. Natomiast trudno jest określić jaki poziom tej wiedzy powinien być. Czy jeśli pracuję z deweloperami to muszę znać ich narzędzia prawie tak samo dobrze jak oni? Czy wręcz odwrotnie - mogę się w ogóle nimi nie przejmować?Jak zwykle prawda leży po środku. Powinno się znać te narzędzia na tyle na ile jest to potrzebne, żeby być lepszym technoskrybą - nie bardziej i nie mniej. W naszej rozmowie poszukujemy tego środka i dzielimy się naszymi praktycznymi wskazówkami, które sprawią, że zdobywanie wiedzy technicznej stanie się tylko środkiem do osiągnięcia Twojego celu a nie celem samym w sobie.Dźwięki wykorzystane w audycji pochodzą z kolekcji "107 Free Retro Game Sounds" dostępnej na stronie https://dominik-braun.net, udostępnianej na podstawie licencji Creative Commons license CC BY 4.0 (https://creativecommons.org/licenses/by/4.0/).Linki:Arbortext: https://www.ptc.com/en/products/arbortext"Docs as Code", Write the Docs: https://www.writethedocs.org/guide/docs-as-code/"Jak pracować z narzędziami deweloperskimi - wskazówki dla tech writerów", techwriter.pl: https://techwriter.pl/jak-pracowac-z-narzedziami-nie-bedac-programistaIntelliJ IDEA: https://www.jetbrains.com/idea/"Git (oprogramowanie)", Wikipedia: https://pl.wikipedia.org/wiki/Git_(oprogramowanie)Markdown: https://daringfireball.net/projects/markdown/syntax "Kurde! Reuse popsuł mi searcha", techwriter.pl: https://techwriter.pl/reuse-zly-dla-searcha/"Terminal", Filmweb: https://www.filmweb.pl/film/Terminal-2004-106408Visual Studio (VS) Code: https://code.visualstudio.com"CI/CD", Wikipedia: https://en.wikipedia.org/wiki/CI/CD"Wiersz poleceń", Wikipedia: https://pl.wikipedia.org/wiki/Wiersz_polece%C5%84Oxygen XML: https://www.oxygenxml.com/ "Darwin Information Typing Architecture" (DITA), Wikipedia: https://en.wikipedia.org/wiki/Darwin_Information_Typing_ArchitectureAsciiDoc: https://asciidoc.org/reStructuredText: http://docutils.sourceforge.net/rst.htmlStatic site generator: https://www.gatsbyjs.com/docs/glossary/static-site-generator/DITA Open Toolkit (DITA OT): https://www.dita-ot.org/"Component content management system (CCMS)", Wikipedia: https://en.wikipedia.org/wiki/Component_content_management_systemJamstack: https://jamstack.org/Yarn: https://yarnpkg.com/"What is Amazon S3", Amazon docs: https://docs.aws.amazon.com/AmazonS3/latest/userguide/Welcome.htmlWtyczka Prettier - Code formatter: https://marketplace.visualstudio.com/items?itemName=esbenp.prettier-vscodeWtyczka GitLens — Git supercharged: https://marketplace.visualstudio.com/items?itemName=eamodio.gitlensWtyczka Code Spell Checker: https://marketplace.visualstudio.com/items?itemName=streetsidesoftware.code-spell-checker"API", Wikipedia: https://en.wikipedia.org/wiki/APIWtyczka REST Client: https://marketplace.visualstudio.com/items?itemName=humao.rest-client Postman API client: https://www.postman.com/product/api-client/cURL: https://curl.se/„Ciemność, widzę ciemność, ciemność widzę - czyli jak poskromić linię komend", techwriter.pl: https://techwriter.pl/linia-komend

Hey, it's Alex, let me catch you up! Since last week, OpenAI convinced OpenClaw founder Peter Steinberger to join them, while keeping OpenClaw.. well... open. Anthropic dropped Sonnet 4.6 which nearly outperforms the previous Opus and is much cheaper, Qwen released 3.5 on Chinese New Year's Eve, while DeepSeek was silent and Elon and XAI folks deployed Grok 4.20 without any benchmarks, and it's 4 500B models in a trenchcoat? Also, Anthropic updated rules state that it's breaking ToS to use their plans for anything except Claude Code & Claude SDK (and then clarified that it's OK? we're not sure) Then Google decided to drop their Gemini 3.1 Pro preview right at the start of our show, and it's very nearly the best LLM folks can use right now (though it didn't pass Nisten's vibe checks) Also, Google released Lyria 3 for music gen (though only 30 seconds?) and our own Ryan Carson blew up on X again with over 1M views for his Code Factory article, Wolfram did a deep dive into Terminal Bench and .. we have a brand new website: https://thursdai.news

What happens when you deploy to prod on a Friday and it starts firing emails to every customer? Dan Barckley has lived it — and it's why he's now a DevOps believer. In this episode: accidental admin origins, why simple beats complex every time, Agentforce skepticism, and the leadership mindset that changes everything.About DevOps Diaries: Salesforce DevOps Advocate Jack McCurdy chats to members of the Salesforce community about their experience in the Salesforce ecosystem. Expect to hear and learn from inspirational stories of personal growth and business success, whilst discovering all the trials, tribulations, and joy that comes with delivering Salesforce for companies of all shapes and sizes. New episodes bi-weekly on YouTube as well as on your preferred podcast platform.Podcast produced and sponsored by Gearset. Learn more about Gearset: https://grst.co/4iCnas2About Gearset: Gearset is the leading Salesforce DevOps platform, with powerful solutions for metadata and CPQ deployments, CI/CD, automated testing, sandbox seeding and backups. It helps Salesforce teams apply DevOps best practices to their development and release process, so they can rapidly and securely deliver higher-quality projects. Get full access to all of Gearset's features for free with a 30-day trial: https://grst.co/4iKysKWChapters:01:36 Introducing Daniel Barckley: A Journey in Salesforce04:16 The Joy of Problem Solving in DevOps07:05 Learning from Mistakes: The Accidental Admin09:35 Tinkering and Innovation: Building in Salesforce12:37 The Importance of Mentorship and Leadership15:21 Characteristics of Great Leaders18:18 Navigating the Salesforce Ecosystem20:46 The Future of Salesforce: AI and Automation23:46 Data Management and Business Continuity26:43 Iterative Development and Continuous Improvement29:19 Embracing Change in the Tech World32:11 Closing Thoughts: Lead with Curiosity

Cloud Posse holds LIVE "Office Hours" every Wednesday to answer questions on all things related to AWS, DevOps, Terraform, Kubernetes, CI/CD. Register at https://cloudposse.com/office-hours Support the show

Over the past few weeks, we've been refining our roadmap for 2026 and focusing on where Semaphore can deliver the most value.Our direction is clear: extend CI/CD beyond execution — and help developers ship software faster.Here's what's coming next. This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit semaphoreio.substack.com

Vandaag aan tafel:Barend BaarssenKarel van der WoudeMustafa GülkaraCojan van BallegooijenTimeline:0:00 Intro0:29 Introductie2:33 Wat is Vault?8:52 Wat is de doelstelling van Vault?13:44 Data encryptie 15:25 Open Source vs Enterprise17:25 Vault Setup20:45 Vault Use Case26:05 HashiCorp + IBM + Red HatIn deze aflevering duiken we diep in HashiCorp Vault: dé oplossing voor secret management, identity brokering en dynamische toegangscontrole in moderne, hybride IT‑omgevingen. Onze gast is Cojan van Ballegooijen, Solution Engineer bij HashiCorp, die dagelijks organisaties helpt om veilig en schaalbaar met credentials, keys, tokens en data‑encryptie om te gaan.We blikken kort terug op de eerdere HashiCorp‑aflevering met Mahil en bouwen daarop voort. Cojan gebruikt een herkenbare analogie van twee discotheken om helder uit te leggen hoe Vault zowel authenticatie (wie ben jij als persoon of applicatie?) als autorisatie (wat mag jij?) regelt. Daarbij staat The Principle of Least Privilege centraal: minimale toegang, maximaal veilig.Daarnaast bespreken we onder andere:- Secret Management als strategische security‑laag- Vault als Identity Broker tussen applicaties, clouds en platformen- Automatisch certificaten roteren (bijvoorbeeld elke 47 dagen)- Use cases in OpenShift, AWS, Azure, GitHub, GitLab en CI/CD‑pijplijnen- Dynamic Secrets voor on‑the‑fly toegangsrechten (bijv. databases)- Integraties met Ansible, Terraform, IBM Concert en andere automation‑tools- Het verschil tussen Open Source Vault en Enterprise Vault, inclusief mogelijkheden voor hybrid cloud‑scenario's- Waar je moet beginnen: developer.hashicorp.com met tutorials, open‑source downloads en praktijkvoorbeeldenOf je nu DevOps‑engineer, architect of security‑specialist bent, deze aflevering geeft je een helder en praktisch beeld van hoe Vault werkt, waarom het cruciaal is in moderne IT‑omgevingen, en hoe je het slim inzet van day zero tot decommission.Links:Analogie op HashiCorp Vault: https://medium.com/hashicorp-engineering/the-expensive-seats-problem-25829f7edc1eWaar kan ik beginnen: https://developer.hashicorp.comLinkedIn Cojan van Ballegooijen: https://www.linkedin.com/in/cojanvanballegooijen/Op- en aanmerkingen kunnen gestuurd worden naar: ofjestoptdestekkererin@nl.ibm.com

In this episode of Resilient Cyber, we will be sat down with Ari Marzuk, the researcher who published "IDEsaster", A Novel Vulnerability Class in AI IDE's.We will be discussing the rise of AI-driven development and modern AI coding assistants, tools and agents, and how Ari discovered 30+ vulnerabilities impacting some of the most widely used AI coding tools and the broader risks around AI coding.Ari's background in offensive security — Ari has spent the past decade in offensive security, including time with Israeli military intelligence, NSO Group, Salesforce, and currently Microsoft, with a focus on AI security for the last two to three years.IDEsaster: a new vulnerability class — Ari's research uncovered 30+ vulnerabilities and 24 CVEs across AI-powered IDEs, revealing not just individual bugs but an entirely new vulnerability class rooted in the shared base IDE layer that tools like Cursor, Copilot, and others are built on."Secure for AI" as a design principle — Ari argues that legacy IDEs were never built with autonomous AI agents in mind, and that the same gap likely exists across CI/CD pipelines, cloud environments, and collaboration tools as organizations race to bolt on AI capabilities.Low barrier to exploitation — The vulnerabilities Ari found don't require nation-state sophistication to exploit; techniques like remote JSON schema exfiltration can be carried out with relatively simple prompt engineering and publicly known attack vectors.Human-in-the-loop is losing its effectiveness — Even with diff preview and approval controls enabled, exfiltration attacks still triggered in Ari's testing, and approval fatigue from hundreds of agent-generated actions is pushing developers toward YOLO mode.Least privilege and the capability vs. security trade-off — The same unrestricted access that makes AI coding agents so productive is what makes them vulnerable, and history suggests organizations will continue to optimize for utility over security without strong guardrails.Top defensive recommendations — Ari emphasized isolation (containers, VMs) as the single most important control, followed by enforcing secure defaults that can't be easily overridden, and applying enterprise-level monitoring and governance to AI agent usage.What's next — Ari is turning his attention to newer AI tools and attack surfaces but isn't naming targets yet. You can follow his work on LinkedIn, X, and his blog at makarita.com.

I'm joined by Nirmal Mehta of AWS and Viktor Farcic from Upbound, to go through our 2025 year in review. We look into the AI tools that consumed us this year, from CLI agents to terminal emulators, IDEs, AI browsers - what worked, what flopped, what's worth your time and money, and what we think isn't!Check out the video podcast version here: https://youtu.be/mnagfUsh5bc

Emmanuel et Guillaume discutent de divers sujets liés à la programmation, notamment les systèmes de fichiers en Java, le Data Oriented Programming, les défis de JPA avec Kotlin, et les nouvelles fonctionnalités de Quarkus. Ils explorent également des sujets un peu fous comme la création de datacenters dans l'espace. Pas mal d'architecture aussi. Enregistré le 13 février 2026 Téléchargement de l'épisode LesCastCodeurs-Episode-337.mp3 ou en vidéo sur YouTube. News Langages Comment implémenter un file system en Java https://foojay.io/today/bootstrapping-a-java-file-system/ Créer un système de fichiers Java personnalisé avec NIO.2 pour des usages variés (VCS, archives, systèmes distants). Évolution Java: java.io.File (1.0) -> NIO (1.4) -> NIO.2 (1.7) pour personnalisation via FileSystem. Recommander conception préalable; API Java est orientée POSIX. Composants clés à considérer: Conception URI (scheme unique, chemin). Gestion de l'arborescence (BD, métadonnées, efficacité). Stockage binaire (emplacement, chiffrement, versions). Minimum pour démarrer (4 composants): Implémenter Path (représente fichier/répertoire). Étendre FileSystem (instance du système). Étendre FileSystemProvider (moteur, enregistré par scheme). Enregistrer FileSystemProvider via META-INF/services. Étapes suivantes: Couche BD (arborescence), opérations répertoire/fichier de base, stockage, tests. Processus long et exigeant, mais gratifiant.   Un article de brian goetz sur le futur du data oriented programming en Java https://openjdk.org/projects/amber/design-notes/beyond-records Le projet Amber de Java introduit les "carrier classes", une évolution des records qui permet plus de flexibilité tout en gardant les avantages du pattern matching et de la reconstruction Les records imposent des contraintes strictes (immutabilité, représentation exacte de l'état) qui limitent leur usage pour des classes avec état muable ou dérivé Les carrier classes permettent de déclarer une state description complète et canonique sans imposer que la représentation interne corresponde exactement à l'API publique Le modificateur "component" sur les champs permet au compilateur de dériver automatiquement les accesseurs pour les composants alignés avec la state description Les compact constructors sont généralisés aux carrier classes, générant automatiquement l'initialisation des component fields Les carrier classes supportent la déconstruction via pattern matching comme les records, rendant possible leur usage dans les instanceof et switch Les carrier interfaces permettent de définir une state description sur une interface, obligeant les implémentations à fournir les accesseurs correspondants L'extension entre carrier classes est possible, avec dérivation automatique des appels super() quand les composants parent sont subsumés par l'enfant Les records deviennent un cas particulier de carrier classes avec des contraintes supplémentaires (final, extends Record, component fields privés et finaux obligatoires) L'évolution compatible des records est améliorée en permettant l'ajout de composants en fin de liste et la déconstruction partielle par préfixe Comment éviter les pièges courants avec JPA et Kotlin - https://blog.jetbrains.com/idea/2026/01/how-to-avoid-common-pitfalls-with-jpa-and-kotlin/ JPA est une spécification Java pour la persistance objet-relationnel, mais son utilisation avec Kotlin présente des incompatibilités dues aux différences de conception des deux langages Les classes Kotlin sont finales par défaut, ce qui empêche la création de proxies par JPA pour le lazy loading et les opérations transactionnelles Le plugin kotlin-jpa génère automatiquement des constructeurs sans argument et rend les classes open, résolvant les problèmes de compatibilité Les data classes Kotlin ne sont pas adaptées aux entités JPA car elles génèrent equals/hashCode basés sur tous les champs, causant des problèmes avec les relations lazy L'utilisation de lateinit var pour les relations peut provoquer des exceptions si on accède aux propriétés avant leur initialisation par JPA Les types non-nullables Kotlin peuvent entrer en conflit avec le comportement de JPA qui initialise les entités avec des valeurs null temporaires Le backing field direct dans les getters/setters personnalisés peut contourner la logique de JPA et casser le lazy loading IntelliJ IDEA 2024.3 introduit des inspections pour détecter automatiquement ces problèmes et propose des quick-fixes L'IDE détecte les entités finales, les data classes inappropriées, les problèmes de constructeurs et l'usage incorrect de lateinit Ces nouvelles fonctionnalités aident les développeurs à éviter les bugs subtils liés à l'utilisation de JPA avec Kotlin Librairies Guide sur MapStruct @IterableMapping - https://www.baeldung.com/java-mapstruct-iterablemapping MapStruct est une bibliothèque Java pour générer automatiquement des mappers entre beans, l'annotation @IterableMapping permet de configurer finement le mapping de collections L'attribut dateFormat permet de formater automatiquement des dates lors du mapping de listes sans écrire de boucle manuelle L'attribut qualifiedByName permet de spécifier quelle méthode custom appliquer sur chaque élément de la collection à mapper Exemple d'usage : filtrer des données sensibles comme des mots de passe en mappant uniquement certains champs via une méthode dédiée L'attribut nullValueMappingStrategy permet de contrôler le comportement quand la collection source est null (retourner null ou une collection vide) L'annotation fonctionne pour tous types de collections Java (List, Set, etc.) et génère le code de boucle nécessaire Possibilité d'appliquer des formats numériques avec numberFormat pour convertir des nombres en chaînes avec un format spécifique MapStruct génère l'implémentation complète du mapper au moment de la compilation, éliminant le code boilerplate L'annotation peut être combinée avec @Named pour créer des méthodes de mapping réutilisables et nommées Le mapping des collections supporte les conversions de types complexes au-delà des simples conversions de types primitifs Accès aux fichiers Samba depuis Java avec JCIFS - https://www.baeldung.com/java-samba-jcifs JCIFS est une bibliothèque Java permettant d'accéder aux partages Samba/SMB sans monter de lecteur réseau, supportant le protocole SMB3 on pense aux galériens qui doivent se connecter aux systèmes dit legacy La configuration nécessite un contexte CIFS (CIFSContext) et des objets SmbFile pour représenter les ressources distantes L'authentification se fait via NtlmPasswordAuthenticator avec domaine, nom d'utilisateur et mot de passe La bibliothèque permet de lister les fichiers et dossiers avec listFiles() et vérifier leurs propriétés (taille, date de modification) Création de fichiers avec createNewFile() et de dossiers avec mkdir() ou mkdirs() pour créer toute une arborescence Suppression via delete() qui peut parcourir et supprimer récursivement des arborescences entières Copie de fichiers entre partages Samba avec copyTo(), mais impossibilité de copier depuis le système de fichiers local Pour copier depuis le système local, utilisation des streams SmbFileInputStream et SmbFileOutputStream Les opérations peuvent cibler différents serveurs Samba et différents partages (anonymes ou protégés par mot de passe) La bibliothèque s'intègre dans des blocs try-with-resources pour une gestion automatique des ressources Quarkus 3.31 - Support complet Java 25, nouveau packaging Maven et Panache Next - https://quarkus.io/blog/quarkus-3-31-released/ Support complet de Java 25 avec images runtime et native Nouveau packaging Maven de type quarkus avec lifecycle optimisé pour des builds plus rapides voici un article complet pour plus de detail https://quarkus.io/blog/building-large-applications/ Introduction de Panache Next, nouvelle génération avec meilleure expérience développeur et API unifiée ORM/Reactive Mise à jour vers Hibernate ORM 7.2, Reactive 3.2, Search 8.2 Support de Hibernate Spatial pour les données géospatiales Passage à Testcontainers 2 et JUnit 6 Annotations de sécurité supportées sur les repositories Jakarta Data Chiffrement des tokens OIDC pour les implémentations custom TokenStateManager Support OAuth 2.0 Pushed Authorization Requests dans l'extension OIDC Maven 3.9 maintenant requis minimum pour les projets Quarkus A2A Java SDK 1.0.0.Alpha1 - Alignement avec la spécification 1.0 du protocole Agent2Agent - https://quarkus.io/blog/a2a-java-sdk-1-0-0-alpha1/ Le SDK Java A2A implémente le protocole Agent2Agent qui permet la communication standardisée entre agents IA pour découvrir des capacités, déléguer des tâches et collaborer Passage à la version 1.0 de la spécification marque la transition d'expérimental à production-ready avec des changements cassants assumés Modernisation complète du module spec avec des Java records partout remplaçant le mix précédent de classes et records pour plus de cohérence Adoption de Protocol Buffers comme source de vérité avec des mappers MapStruct pour la conversion et Gson pour JSON-RPC Les builders utilisent maintenant des méthodes factory statiques au lieu de constructeurs publics suivant les best practices Java modernes Introduction de trois BOMs Maven pour simplifier la gestion des dépendances du SDK core, des extensions et des implémentations de référence Quarkus AgentCard évolue avec une liste supportedInterfaces remplaçant url et preferredTransport pour plus de flexibilité dans la déclaration des protocoles Support de la pagination ajouté pour ListTasks et les endpoints de configuration des notifications push avec des wrappers Result appropriés Interface A2AHttpClient pluggable permettant des implémentations HTTP personnalisées avec une implémentation Vert.x fournie Travail continu vers la conformité complète avec le TCK 1.0 en cours de développement parallèlement à la finalisation de la spécification Pourquoi Quarkus finit par "cliquer" : les 10 questions que se posent les développeurs Java - https://www.the-main-thread.com/p/quarkus-java-developers-top-questions-2025 un article qui revele et repond aux questions des gens qui ont utilisé Quarkus depuis 4-6 mois, les non noob questions Quarkus est un framework Java moderne optimisé pour le cloud qui propose des temps de démarrage ultra-rapides et une empreinte mémoire réduite Pourquoi Quarkus démarre si vite ? Le framework effectue le travail lourd au moment du build (scanning, indexation, génération de bytecode) plutôt qu'au runtime Quand utiliser le mode réactif plutôt qu'impératif ? Le réactif est pertinent pour les workloads avec haute concurrence et dominance I/O, l'impératif reste plus simple dans les autres cas Quelle est la différence entre Dev Services et Testcontainers ? Dev Services utilise Testcontainers en gérant automatiquement le cycle de vie, les ports et la configuration sans cérémonie Comment la DI de Quarkus diffère de Spring ? CDI est un standard basé sur la sécurité des types et la découverte au build-time, différent de l'approche framework de Spring Comment gérer la configuration entre environnements ? Quarkus permet de scaler depuis le développement local jusqu'à Kubernetes avec des profils, fichiers multiples et configuration externe Comment tester correctement les applications Quarkus ? @QuarkusTest démarre l'application une fois pour toute la suite de tests, changeant le modèle mental par rapport à Spring Boot Que fait vraiment Panache en coulisses ? Panache est du JPA avec des opinions fortes et des défauts propres, enveloppant Hibernate avec un style Active Record Doit-on utiliser les images natives et quand ? Les images natives brillent pour le serverless et l'edge grâce au démarrage rapide et la faible empreinte mémoire, mais tous les apps n'en bénéficient pas Comment Quarkus s'intègre avec Kubernetes ? Le framework génère automatiquement les ressources Kubernetes, gère les health checks et métriques comme s'il était nativement conçu pour cet écosystème Comment intégrer l'IA dans une application Quarkus ? LangChain4j permet d'ajouter embeddings, retrieval, guardrails et observabilité directement en Java sans passer par Python Infrastructure Les alternatives à MinIO https://rmoff.net/2026/01/14/alternatives-to-minio-for-single-node-local-s3/ MinIO a abandonné le support single-node fin 2025 pour des raisons commerciales, cassant de nombreuses démos et pipelines CI/CD qui l'utilisaient pour émuler S3 localement L'auteur cherche un remplacement simple avec image Docker, compatibilité S3, licence open source, déploiement mono-nœud facile et communauté active S3Proxy est très léger et facile à configurer, semble être l'option la plus simple mais repose sur un seul contributeur RustFS est facile à utiliser et inclut une GUI, mais c'est un projet très récent en version alpha avec une faille de sécurité majeure récente SeaweedFS existe depuis 2012 avec support S3 depuis 2018, relativement facile à configurer et dispose d'une interface web basique Zenko CloudServer remplace facilement MinIO mais la documentation et le branding (cloudserver/zenko/scality) peuvent prêter à confusion Garage nécessite une configuration complexe avec fichier TOML et conteneur d'initialisation séparé, pas un simple remplacement drop-in Apache Ozone requiert au minimum quatre nœuds pour fonctionner, beaucoup trop lourd pour un usage local simple L'auteur recommande SeaweedFS et S3Proxy comme remplaçants viables, RustFS en maybe, et élimine Garage et Ozone pour leur complexité Garage a une histoire tres associative, il vient du collectif https://deuxfleurs.fr/ qui offre un cloud distribué sans datacenter C'est certainement pas une bonne idée, les datacenters dans l'espace https://taranis.ie/datacenters-in-space-are-a-terrible-horrible-no-good-idea/ Avis d'expert (ex-NASA/Google, Dr en électronique spatiale) : Centres de données spatiaux, une "terrible" idée. Incompatibilité fondamentale : L'électronique (surtout IA/GPU) est inadaptée à l'environnement spatial. Énergie : Accès limité. Le solaire (type ISS) est insuffisant pour l'échelle de l'IA. Le nucléaire (RTG) est trop faible. Refroidissement : L'espace n'est pas "froid" ; absence de convection. Nécessite des radiateurs gigantesques (ex: 531m² pour 200kW). Radiations : Provoque erreurs (SEU, SEL) et dommages. Les GPU sont très vulnérables. Blindage lourd et inefficace. Les puces "durcies" sont très lentes. Communications : Bande passante très limitée (1Gbps radio vs 100Gbps terrestre). Le laser est tributaire des conditions atmosphériques. Conclusion : Projet extrêmement difficile, coûteux et aux performances médiocres. Data et Intelligence Artificielle Guillaume a développé un serveur MCP pour arXiv (le site de publication de papiers de recherche) en Java avec le framework Quarkus https://glaforge.dev/posts/2026/01/18/implementing-an-arxiv-mcp-server-with-quarkus-in-java/ Implémentation d'un serveur MCP (Model Context Protocol) arXiv en Java avec Quarkus. Objectif : Accéder aux publications arXiv et illustrer les fonctionnalités moins connues du protocole MCP. Mise en œuvre : Utilisation du framework Quarkus (Java) et son support MCP étendu. Assistance par Antigravity (IDE agentique) pour le développement et l'intégration de l'API arXiv. Interaction avec l'API arXiv : requêtes HTTP, format XML Atom pour les résultats, parser XML Jackson. Fonctionnalités MCP exposées : Outils (@Tool) : Recherche de publications (search_papers). Ressources (@Resource, @ResourceTemplate) : Taxonomie des catégories arXiv, métadonnées des articles (via un template d'URI). Prompts (@Prompt) : Exemples pour résumer des articles ou construire des requêtes de recherche. Configuration : Le serveur peut fonctionner en STDIO (local) ou via HTTP Streamable (local ou distant), avec une configuration simple dans des clients comme Gemini CLI. Conclusion : Quarkus simplifie la création de serveurs MCP riches en fonctionnalités, rendant les données et services "prêts pour l'IA" avec l'aide d'outils d'IA comme Antigravity. Anthropic ne mettra pas de pub dans Claude https://www.anthropic.com/news/claude-is-a-space-to-think c'est en reaction au plan non public d'OpenAi de mettre de la pub pour pousser les gens au mode payant OpenAI a besoin de cash et est probablement le plus utilisé pour gratuit au monde Anthropic annonce que Claude restera sans publicité pour préserver son rôle d'assistant conversationnel dédié au travail et à la réflexion approfondie. Les conversations avec Claude sont souvent sensibles, personnelles ou impliquent des tâches complexes d'ingénierie logicielle où les publicités seraient inappropriées. L'analyse des conversations montre qu'une part significative aborde des sujets délicats similaires à ceux évoqués avec un conseiller de confiance. Un modèle publicitaire créerait des incitations contradictoires avec le principe fondamental d'être "genuinely helpful" inscrit dans la Constitution de Claude. Les publicités introduiraient un conflit d'intérêt potentiel où les recommandations pourraient être influencées par des motivations commerciales plutôt que par l'intérêt de l'utilisateur. Le modèle économique d'Anthropic repose sur les contrats entreprise et les abonnements payants, permettant de réinvestir dans l'amélioration de Claude. Anthropic maintient l'accès gratuit avec des modèles de pointe et propose des tarifs réduits pour les ONG et l'éducation dans plus de 60 pays. Le commerce "agentique" sera supporté mais uniquement à l'initiative de l'utilisateur, jamais des annonceurs, pour préserver la confiance. Les intégrations tierces comme Figma, Asana ou Canva continueront d'être développées en gardant l'utilisateur aux commandes. Anthropic compare Claude à un cahier ou un tableau blanc : des espaces de pensée purs, sans publicité. Infinispan 16.1 est sorti https://infinispan.org/blog/2026/02/04/infinispan-16-1 déjà le nom de la release mérite une mention Le memory bounded par cache et par ensemble de cache s est pas facile à faire en Java Une nouvelle api OpenAPI AOT caché dans les images container Un serveur MCP local juste avec un fichier Java ? C'est possible avec LangChain4j et JBang https://glaforge.dev/posts/2026/02/11/zero-boilerplate-java-stdio-mcp-servers-with-langchain4j-and-jbang/ Création rapide de serveurs MCP Java sans boilerplate. MCP (Model Context Protocol): standard pour connecter les LLM à des outils et données. Le tutoriel répond au manque d'options simples pour les développeurs Java, face à une prédominance de Python/TypeScript dans l'écosystème MCP. La solution utilise: LangChain4j: qui intègre un nouveau module serveur MCP pour le protocole STDIO. JBang: permet d'exécuter des fichiers Java comme des scripts, éliminant les fichiers de build (pom.xml, Gradle). Implémentation: se fait via un seul fichier .java. JBang gère automatiquement les dépendances (//DEPS). L'annotation @Tool de LangChain4j expose les méthodes Java aux LLM. StdioMcpServerTransport gère la communication JSON-RPC via l'entrée/sortie standard (STDIO). Point crucial: Les logs doivent impérativement être redirigés vers System.err pour éviter de corrompre System.out, qui est réservé à la communication MCP (messages JSON-RPC). Facilite l'intégration locale avec des outils comme Gemini CLI, Claude Code, etc. Reciprocal Rank Fusion : un algorithme utile et souvent utilisé pour faire de la recherche hybride, pour mélanger du RAG et des recherches par mots-clé https://glaforge.dev/posts/2026/02/10/advanced-rag-understanding-reciprocal-rank-fusion-in-hybrid-search/ RAG : Qualité LLM dépend de la récupération. Recherche Hybride : Combiner vectoriel et mots-clés (BM25) est optimal. Défi : Fusionner des scores d'échelles différentes. Solution : Reciprocal Rank Fusion (RRF). RRF : Algorithme robuste qui fusionne des listes de résultats en se basant uniquement sur le rang des documents, ignorant les scores. Avantages RRF : Pas de normalisation de scores, scalable, excellente première étape de réorganisation. Architecture RAG fréquente : RRF (large sélection) + Cross-Encoder / modèle de reranking (précision fine). RAG-Fusion : Utilise un LLM pour générer plusieurs variantes de requête, puis RRF agrège tous les résultats pour renforcer le consensus et réduire les hallucinations. Implémentation : LangChain4j utilise RRF par défaut pour agréger les résultats de plusieurs retrievers. Les dernières fonctionnalités de Gemini et Nano Banana supportées dans LangChain4j https://glaforge.dev/posts/2026/02/06/latest-gemini-and-nano-banana-enhancements-in-langchain4j/ Nouveaux modèles d'images Nano Banana (Gemini 2.5/3.0) pour génération et édition (jusqu'à 4K). "Grounding" via Google Search (pour images et texte) et Google Maps (localisation, Gemini 2.5). Outil de contexte URL (Gemini 3.0) pour lecture directe de pages web. Agents multimodaux (AiServices) capables de générer des images. Configuration de la réflexion (profondeur Chain-of-Thought) pour Gemini 3.0. Métadonnées enrichies : usage des tokens et détails des sources de "grounding". Comment configurer Gemini CLI comment agent de code dans IntelliJ grâce au protocole ACP https://glaforge.dev/posts/2026/02/01/how-to-integrate-gemini-cli-with-intellij-idea-using-acp/ But : Intégrer Gemini CLI à IntelliJ IDEA via l'Agent Client Protocol (ACP). Prérequis : IntelliJ IDEA 2025.3+, Node.js (v20+), Gemini CLI. Étapes : Installer Gemini CLI (npm install -g @google/gemini-cli). Localiser l'exécutable gemini. Configurer ~/.jetbrains/acp.json (chemin exécutable, --experimental-acp, use_idea_mcp: true). Redémarrer IDEA, sélectionner "Gemini CLI" dans l'Assistant IA. Usage : Gemini interagit avec le code et exécute des commandes (contexte projet). Important : S'assurer du flag --experimental-acp dans la configuration. Outillage PipeNet, une alternative (open source aussi) à LocalTunnel, mais un plus évoluée https://pipenet.dev/ pipenet: Alternative open-source et moderne à localtunnel (client + serveur). Usages: Développement local (partage, webhooks), intégration SDK, auto-hébergement sécurisé. Fonctionnalités: Client (expose ports locaux, sous-domaines), Serveur (déploiement, domaines personnalisés, optimisé cloud mono-port). Avantages vs localtunnel: Déploiement cloud sur un seul port, support multi-domaines, TypeScript/ESM, maintenance active. Protocoles: HTTP/S, WebSocket, SSE, HTTP Streaming. Intégration: CLI ou SDK JavaScript. JSON-IO — une librairie comme Jackson ou GSON, supportant JSON5, TOON, et qui pourrait être utile pour l'utilisation du "structured output" des LLMs quand ils ne produisent pas du JSON parfait https://github.com/jdereg/json-io json-io : Librairie Java pour la sérialisation et désérialisation JSON/TOON. Gère les graphes d'objets complexes, les références cycliques et les types polymorphes. Support complet JSON5 (lecture et écriture), y compris des fonctionnalités non prises en charge par Jackson/Gson. Format TOON : Notation orientée token, optimisée pour les LLM, réduisant l'utilisation de tokens de 40 à 50% par rapport au JSON. Légère : Aucune dépendance externe (sauf java-util), taille de JAR réduite (~330K). Compatible JDK 1.8 à 24, ainsi qu'avec les environnements JPMS et OSGi. Deux modes de conversion : vers des objets Java typés (toJava()) ou vers des Map (toMaps()). Options de configuration étendues via ReadOptionsBuilder et WriteOptionsBuilder. Optimisée pour les déploiements cloud natifs et les architectures de microservices. Utiliser mailpit et testcontainer pour tester vos envois d'emails https://foojay.io/today/testing-emails-with-testcontainers-and-mailpit/ l'article montre via SpringBoot et sans. Et voici l'extension Quarkus https://quarkus.io/extensions/io.quarkiverse.mailpit/quarkus-mailpit/?tab=docs Tester l'envoi d'emails en développement est complexe car on ne peut pas utiliser de vrais serveurs SMTP Mailpit est un serveur SMTP de test qui capture les emails et propose une interface web pour les consulter Testcontainers permet de démarrer Mailpit dans un conteneur Docker pour les tests d'intégration L'article montre comment configurer une application SpringBoot pour envoyer des emails via JavaMail Un module Testcontainers dédié à Mailpit facilite son intégration dans les tests Le conteneur Mailpit expose un port SMTP (1025) et une API HTTP (8025) pour vérifier les emails reçus Les tests peuvent interroger l'API HTTP de Mailpit pour valider le contenu des emails envoyés Cette approche évite d'utiliser des mocks et teste réellement l'envoi d'emails Mailpit peut aussi servir en développement local pour visualiser les emails sans les envoyer réellement La solution fonctionne avec n'importe quel framework Java supportant JavaMail Architecture Comment scaler un système de 0 à 10 millions d'utilisateurs https://blog.algomaster.io/p/scaling-a-system-from-0-to-10-million-users Philosophie : Scalabilité incrémentale, résoudre les goulots d'étranglement sans sur-ingénierie. 0-100 utilisateurs : Serveur unique (app, DB, jobs). 100-1K : Séparer app et DB (services gérés, pooling). 1K-10K : Équilibreur de charge, multi-serveurs d'app (stateless via sessions partagées). 10K-100K : Caching, réplicas de lecture DB, CDN (réduire charge DB). 100K-500K : Auto-scaling, applications stateless (authentification JWT). 500K-10M : Sharding DB, microservices, files de messages (traitement asynchrone). 10M+ : Déploiement multi-régions, CQRS, persistance polyglotte, infra personnalisée. Principes clés : Simplicité, mesure, stateless essentiel, cache/asynchrone, sharding prudent, compromis (CAP), coût de la complexité. Patterns d'Architecture 2026 - Du Hype à la Réalité du Terrain (Part 1/2) - https://blog.ippon.fr/2026/01/30/patterns-darchitecture-2026-part-1/ L'article présente quatre patterns d'architecture logicielle pour répondre aux enjeux de scalabilité, résilience et agilité business dans les systèmes modernes Il présentent leurs raisons et leurs pièges Un bon rappel L'Event-Driven Architecture permet une communication asynchrone entre systèmes via des événements publiés et consommés, évitant le couplage direct Les bénéfices de l'EDA incluent la scalabilité indépendante des composants, la résilience face aux pannes et l'ajout facile de nouveaux cas d'usage Le pattern API-First associé à un API Gateway centralise la sécurité, le routage et l'observabilité des APIs avec un catalogue unifié Le Backend for Frontend crée des APIs spécifiques par canal (mobile, web, partenaires) pour optimiser l'expérience utilisateur CQRS sépare les modèles de lecture et d'écriture avec des bases optimisées distinctes, tandis que l'Event Sourcing stocke tous les événements plutôt que l'état actuel Le Saga Pattern gère les transactions distribuées via orchestration centralisée ou chorégraphie événementielle pour coordonner plusieurs microservices Les pièges courants incluent l'explosion d'événements granulaires, la complexité du debugging distribué, et la mauvaise gestion de la cohérence finale Les technologies phares sont Kafka pour l'event streaming, Kong pour l'API Gateway, EventStoreDB pour l'Event Sourcing et Temporal pour les Sagas Ces patterns nécessitent une maturité technique et ne sont pas adaptés aux applications CRUD simples ou aux équipes junior Patterns d'architecture 2026 : du hype à la réalité terrain part. 2 - https://blog.ippon.fr/2026/02/04/patterns-darchitecture-2026-part-2/ Deuxième partie d'un guide pratique sur les patterns d'architecture logicielle et système éprouvés pour moderniser et structurer les applications en 2026 Strangler Fig permet de migrer progressivement un système legacy en l'enveloppant petit à petit plutôt que de tout réécrire d'un coup (70% d'échec pour les big bang) Anti-Corruption Layer protège votre nouveau domaine métier des modèles externes et legacy en créant une couche de traduction entre les systèmes Service Mesh gère automatiquement la communication inter-services dans les architectures microservices (sécurité mTLS, observabilité, résilience) Architecture Hexagonale sépare le coeur métier des détails techniques via des ports et adaptateurs pour améliorer la testabilité et l'évolutivité Chaque pattern est illustré par un cas client concret avec résultats mesurables et liste des pièges à éviter lors de l'implémentation Les technologies 2026 mentionnées incluent Istio, Linkerd pour service mesh, LaunchDarkly pour feature flags, NGINX et Kong pour API gateway Tableau comparatif final aide à choisir le bon pattern selon la complexité, le scope et le use case spécifique du projet L'article insiste sur une approche pragmatique : ne pas utiliser un pattern juste parce qu'il est moderne mais parce qu'il résout un problème réel Pour les systèmes simples type CRUD ou avec peu de services, ces patterns peuvent introduire une complexité inutile qu'il faut savoir éviter Méthodologies Le rêve récurrent de remplacer voire supprimer les développeurs https://www.caimito.net/en/blog/2025/12/07/the-recurring-dream-of-replacing-developers.html Depuis 1969, chaque décennie voit une tentative de réduire le besoin de développeurs (de COBOL, UML, visual builders… à IA). Motivation : frustration des dirigeants face aux délais et coûts de développement. La complexité logicielle est intrinsèque et intellectuelle, non pas une question d'outils. Chaque vague technologique apporte de la valeur mais ne supprime pas l'expertise humaine. L'IA assiste les développeurs, améliore l'efficacité, mais ne remplace ni le jugement ni la gestion de la complexité. La demande de logiciels excède l'offre car la contrainte majeure est la réflexion nécessaire pour gérer cette complexité. Pour les dirigeants : les outils rendent-ils nos développeurs plus efficaces sur les problèmes complexes et réduisent-ils les tâches répétitives ? Le "rêve" de remplacer les développeurs, irréalisable, est un moteur d'innovation créant des outils précieux. Comment creuser des sujets à l'ère de l'IA générative. Quid du partage et la curation de ces recherches ? https://glaforge.dev/posts/2026/02/04/researching-topics-in-the-age-of-ai-rock-solid-webhooks-case-study/ Recherche initiale de l'auteur sur les webhooks en 2019, processus long et manuel. L'IA (Deep Research, Gemini, NotebookLM) facilite désormais la recherche approfondie, l'exploration de sujets et le partage des résultats. L'IA a identifié et validé des pratiques clés pour des déploiements de webhooks résilients, en grande partie les mêmes que celles trouvées précédemment par l'auteur. Génération d'artefacts par l'IA : rapport détaillé, résumé concis, illustration sketchnote, et même une présentation (slide deck). Guillaume s'interroge sur le partage public de ces rapports de recherche générés par l'IA, tout en souhaitant éviter le "AI Slop". Loi, société et organisation Le logiciel menacé par le vibe coding https://www.techbuzz.ai/articles/we-built-a-monday-com-clone-in-under-an-hour-with-ai Deux journalistes de CNBC sans expérience de code ont créé un clone fonctionnel de Monday.com en moins de 60 minutes pour 5 à 15 dollars. L'expérience valide les craintes des investisseurs qui ont provoqué une baisse de 30% des actions des entreprises SaaS. L'IA a non seulement reproduit les fonctionnalités de base mais a aussi recherché Monday.com de manière autonome pour identifier et recréer ses fonctionnalités clés. Cette technique appelée "vibe-coding" permet aux non-développeurs de construire des applications via des instructions en anglais courant. Les entreprises les plus vulnérables sont celles offrant des outils "qui se posent sur le travail" comme Atlassian, Adobe, HubSpot, Zendesk et Smartsheet. Les entreprises de cybersécurité comme CrowdStrike et Palo Alto sont considérées plus protégées grâce aux effets de réseau et aux barrières réglementaires. Les systèmes d'enregistrement comme Salesforce restent plus difficiles à répliquer en raison de leur profondeur d'intégration et de données d'entreprise. Le coût de 5 à 15 dollars par construction permet aux entreprises de prototyper plusieurs solutions personnalisées pour moins cher qu'une seule licence Monday.com. L'expérience soulève des questions sur la pérennité du marché de 5 milliards de dollars des outils de gestion de projet face à l'IA générative. Conférences En complément de l'agenda des conférences de Aurélie Vache, il y a également le site https://javaconferences.org/ (fait par Brian Vermeer) avec toutes les conférences Java à venir ! La liste des conférences provenant de Developers Conferences Agenda/List par Aurélie Vache et contributeurs : 12-13 février 2026 : Touraine Tech #26 - Tours (France) 12-13 février 2026 : World Artificial Intelligence Cannes Festival - Cannes (France) 19 février 2026 : ObservabilityCON on the Road - Paris (France) 6 mars 2026 : WordCamp Nice 2026 - Nice (France) 18 mars 2026 : Jupyter Workshops: AI in Jupyter: Building Extensible AI Capabilities for Interactive Computing - Saint-Maur-des-Fossés (France) 18-19 mars 2026 : Agile Niort 2026 - Niort (France) 20 mars 2026 : Atlantique Day 2026 - Nantes (France) 26 mars 2026 : Data Days Lille - Lille (France) 26-27 mars 2026 : SymfonyLive Paris 2026 - Paris (France) 26-27 mars 2026 : REACT PARIS - Paris (France) 27-29 mars 2026 : Shift - Nantes (France) 31 mars 2026 : ParisTestConf - Paris (France) 31 mars 2026-1 avril 2026 : FlowCon France 2026 - Paris (France) 1 avril 2026 : AWS Summit Paris - Paris (France) 2 avril 2026 : Pragma Cannes 2026 - Cannes (France) 2-3 avril 2026 : Xen Spring Meetup 2026 - Grenoble (France) 7 avril 2026 : PyTorch Conference Europe - Paris (France) 9-10 avril 2026 : Android Makers by droidcon 2026 - Paris (France) 9-11 avril 2026 : Drupalcamp Grenoble 2026 - Grenoble (France) 16-17 avril 2026 : MiXiT 2026 - Lyon (France) 17-18 avril 2026 : Faiseuses du Web 5 - Dinan (France) 22-24 avril 2026 : Devoxx France 2026 - Paris (France) 23-25 avril 2026 : Devoxx Greece - Athens (Greece) 6-7 mai 2026 : Devoxx UK 2026 - London (UK) 12 mai 2026 : Lead Innovation Day - Leadership Edition - Paris (France) 19 mai 2026 : La Product Conf Paris 2026 - Paris (France) 21-22 mai 2026 : Flupa UX Days 2026 - Paris (France) 22 mai 2026 : AFUP Day 2026 Lille - Lille (France) 22 mai 2026 : AFUP Day 2026 Paris - Paris (France) 22 mai 2026 : AFUP Day 2026 Bordeaux - Bordeaux (France) 22 mai 2026 : AFUP Day 2026 Lyon - Lyon (France) 28 mai 2026 : DevCon 27 : I.A. & Vibe Coding - Paris (France) 28 mai 2026 : Cloud Toulouse 2026 - Toulouse (France) 29 mai 2026 : NG Baguette Conf 2026 - Paris (France) 29 mai 2026 : Agile Tour Strasbourg 2026 - Strasbourg (France) 2-3 juin 2026 : Agile Tour Rennes 2026 - Rennes (France) 2-3 juin 2026 : OW2Con - Paris-Châtillon (France) 3 juin 2026 : IA–NA - La Rochelle (France) 5 juin 2026 : TechReady - Nantes (France) 5 juin 2026 : Fork it! - Rouen - Rouen (France) 6 juin 2026 : Polycloud - Montpellier (France) 9 juin 2026 : JFTL - Montrouge (France) 9 juin 2026 : C: - Caen (France) 11-12 juin 2026 : DevQuest Niort - Niort (France) 11-12 juin 2026 : DevLille 2026 - Lille (France) 12 juin 2026 : Tech F'Est 2026 - Nancy (France) 16 juin 2026 : Mobilis In Mobile 2026 - Nantes (France) 17-19 juin 2026 : Devoxx Poland - Krakow (Poland) 17-20 juin 2026 : VivaTech - Paris (France) 18 juin 2026 : Tech'Work - Lyon (France) 22-26 juin 2026 : Galaxy Community Conference - Clermont-Ferrand (France) 24-25 juin 2026 : Agi'Lille 2026 - Lille (France) 24-26 juin 2026 : BreizhCamp 2026 - Rennes (France) 2 juillet 2026 : Azur Tech Summer 2026 - Valbonne (France) 2-3 juillet 2026 : Sunny Tech - Montpellier (France) 3 juillet 2026 : Agile Lyon 2026 - Lyon (France) 6-8 juillet 2026 : Riviera Dev - Sophia Antipolis (France) 2 août 2026 : 4th Tech Summit on Artificial Intelligence & Robotics - Paris (France) 20-22 août 2026 : 4th Tech Summit on AI & Robotics - Paris (France) & Online 4 septembre 2026 : JUG Summer Camp 2026 - La Rochelle (France) 17-18 septembre 2026 : API Platform Conference 2026 - Lille (France) 24 septembre 2026 : PlatformCon Live Day Paris 2026 - Paris (France) 1 octobre 2026 : WAX 2026 - Marseille (France) 1-2 octobre 2026 : Volcamp - Clermont-Ferrand (France) 5-9 octobre 2026 : Devoxx Belgium - Antwerp (Belgium) Nous contacter Pour réagir à cet épisode, venez discuter sur le groupe Google https://groups.google.com/group/lescastcodeurs Contactez-nous via X/twitter https://twitter.com/lescastcodeurs ou Bluesky https://bsky.app/profile/lescastcodeurs.com Faire un crowdcast ou une crowdquestion Soutenez Les Cast Codeurs sur Patreon https://www.patreon.com/LesCastCodeurs Tous les épisodes et toutes les infos sur https://lescastcodeurs.com/

An airhacks.fm conversation with Francesco Nigro (@forked_franz) about: break dancing and basketball including meeting Kobe Bryant in Italy during a dunk competition, using AI coding assistants like Claude Opus 4.5 and GitHub bots for infrastructure setup and CI/CD pipeline configuration, limitations of LLMs for novel performance-sensitive algorithmic work where training data is scarce, branchless IPv4 parsing optimization as a Christmas coding challenge, CPU branch misprediction costs when parsing variable-length IP address octets, converting branching logic into mathematical operations using bit tricks for better CPU pipeline utilization, LLMs excelling at generating enterprise code based on well-documented standards and conventions, providing minimal but precise documentation and annotations to improve LLM code generation quality, the Boundary Control Entity BCE architecture pattern and standards-based development, the core problem of thread handoff between event loops and ForkJoinPool worker threads in frameworks like quarkus Vert.x and Micronaut, mechanical sympathy implications of cross-core memory access when serialized data is allocated on one core and read by another, CPU cache coherency costs and last-level cache penalties when event loop and worker pool run on different cores, the custom virtual thread scheduler project (netty-virtual-thread-scheduler) enabling a single platform thread to handle both networking I/O and virtual thread execution, approximately 50% CPU savings demonstrated by Micronaut when using unified Netty-based scheduling, collaboration with Oracle Loom team including Victor Klang and Alan Bateman on minimal scheduler API design, the scheduler API consisting of just two methods onStart and onContinue plus virtual thread task attachments, work stealing algorithms and their complexity including heuristics similar to Linux CFS scheduler, the importance of being declarative about thread affinity rather than automatic magical binding to avoid issues with lazy class loading and background reaper threads, thread factory based approach for creating virtual threads bound to specific platform threads, stream-based run queues with graceful shutdown semantics that fall back to ForkJoinPool for progress guarantees, thread-local Scoped Values as a hybrid between thread locals and scoped values for efficient context propagation, performance problems with ThreadLocal including lazy ThreadLocalMap allocation overhead on virtual threads and scalability issues with ThreadLocal.remove() and soft reference queues, the impact on reactive programming where back pressure and stream composition still require higher-level abstractions beyond Basic Java concurrency primitives, structured concurrency limitations for back pressure scenarios compared to reactive libraries, deterministic testing possibilities enabled by custom schedulers where execution order can be controlled, the poller mechanism for handling blocking I/O in virtual threads in a non-blocking way, observability improvements possible through virtual thread task attachments for monitoring state changes, cloud cost implications of inefficient thread scheduling and unnecessary CPU wake-up cycles, the distinction between framework developers and application developers as different user personas with different abstraction needs Francesco Nigro on twitter: @forked_franz

Russ Miles joins the show to unpack why developer platforms fail and how to rethink platform engineering through the lens of flow of value rather than factory-style developer productivity metaphors. Russ explains why every organization already has an internal developer platform, and why treating it as platform as a product changes everything. The conversation explores cognitive load and cognitive burden, how to design around strong feedback loops, and why the OODA loop mindset helps teams make better decisions closer to development time. They discuss the risks of overloading pipelines and CI/CD systems, the tension between shipping fast and handling security vulnerabilities in a regulated environment, and how to “shift left” without simply dumping responsibility onto developers. Drawing on lessons from Rod Johnson, the Spring Framework, TDD, and modern software engineering as described by Dave Farley, Russ reframes platforms as systems that support experimentation through the scientific method. The episode also touches on AI assisted coding, developer focus, and how thoughtful developer experience and DX surveys can prevent burnout while improving value delivery. Links Website: https://www.russmiles.com Substack: https://russmiles.substack.com X: https://x.com/russmiles Resources Talk: https://www.russmiles.com/platform-engineering-failure-keynote Substack article: https://russmiles.substack.com/p/developer-platform-devrel-listen We want to hear from you! How did you find us? Did you see us on Twitter? In a newsletter? Or maybe we were recommended by a friend? Fill out our listener survey! https://t.co/oKVAEXipxu Let us know by sending an email to our producer, Elizabeth, at elizabeth.becz@logrocket.com, or tweet at us at PodRocketPod. Check out our newsletter! https://blog.logrocket.com/the-replay-newsletter/ Follow us. Get free stickers. Follow us on Apple Podcasts, fill out this form, and we'll send you free PodRocket stickers! What does LogRocket do? LogRocket provides AI-first session replay and analytics that surfaces the UX and technical issues impacting user experiences. Start understanding where your users are struggling by trying it for free at LogRocket.com. Try LogRocket for free today. Chapters 00:00 What Is a Developer Platform 03:00 You Already Have a Platform 08:00 Cognitive Load vs Cognitive Burden 12:00 Feedback Loops and TDD 18:00 Pipelines, Security and OODA Loops 26:00 The Factory Metaphor Problem 31:00 Modern Software Engineering and Value Delivery 40:00 Avoiding Burnout Through Better DX 46:00 The Software Enchiridion and Final Thoughts

Send a textAlarms go off, dashboards turn red, and leadership wants everything fixed yesterday—sound familiar? We dig into the real craft of vulnerability management: deciding what truly matters, when to defer safely, and how to protect customers while keeping the business moving. Along the way, we unpack the forces shaping 2025 security: AI-fueled threats, smarter cyber insurance, the edge of quantum risk, stricter privacy laws, and the rising stakes of DevOps security.We share a practical triage framework that goes beyond CVSS. Learn how to validate scanner noise, confirm versions, and use a second tool when the data looks off. When patching collides with uptime or legacy systems, we outline compensating controls that actually reduce exploitability—segmentation, allow-lists, credential tightening, and targeted monitoring—plus the documentation and triggers that prevent “temporary” exceptions from turning permanent. You'll hear how to communicate residual risk with time-bound plans and metrics leaders understand, from blast radius to downtime cost and insurance obligations.Ethical disclosure gets real, too. When a researcher's 30-day clock clashes with a 45-day fix, coordination beats confrontation. We talk through private progress updates, revised timelines, and interim mitigations that put users first. For vendors and open source, we highlight respectful escalation paths, legal prep, and why responsible disclosure typically reduces harm better than full, premature detail drops. In complex multi-cloud setups, we recommend assigning a cross-team coordinator who aligns priorities, patches the most exposed services first, and bakes checks into CI/CD so the next fix is faster.Subscribe for more CISSP-ready breakdowns, share this with a teammate who lives in the patch queue, and leave a review with your toughest triage scenario—we might feature it next.Gain exclusive access to 360 FREE CISSP Practice Questions at FreeCISSPQuestions.com and have them delivered directly to your inbox! Don't miss this valuable opportunity to strengthen your CISSP exam preparation and boost your chances of certification success. Join now and start your journey toward CISSP mastery today!

 Cloud Posse holds LIVE "Office Hours" every Wednesday to answer questions on all things related to AWS, DevOps, Terraform, Kubernetes, CI/CD. Register at https://cloudposse.com/office-hours Support the show

AI coding assistants are boosting developer productivity, but most enterprises aren't shipping software any faster. GitLab CEO Bill Staples says the reason is simple: coding was never the main bottleneck. After speaking with more than 60 customers, Staples found that developers spend only 10–20% of their time writing code. The remaining 80–90% is consumed by reviews, CI/CD pipelines, security scans, compliance checks, and deployment—areas that remain largely unautomated. Faster code generation only worsens downstream queues.GitLab's response is its newly GA'ed Duo Agent Platform, designed to automate the full software development lifecycle. The platform introduces “agent flows,” multi-step orchestrations that can take work from issue creation through merge requests, testing, and validation. Staples argues that context is the key differentiator. Unlike standalone coding tools that only see local code, GitLab's all-in-one platform gives agents access to issues, epics, pipeline history, security data, and more through a unified knowledge graph.Staples believes this platform approach, rather than fragmented point solutions, is what will finally unlock enterprise software delivery at scale. Learn more from The New Stack about the latest around GitLab and AI: GitLab Launches Its AI Agent Platform in Public BetaGitLab's Field CTO Predicts: When DevSecOps Meets AIJoin our community of newsletter subscribers to stay on top of the news and at the top of your game. Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

In this episode of The Dutch Kubernetes Podcast, Ronald and Jan are joined by Maurice Côté, VP of Products at Devolutions, to talk about one of the most misunderstood topics in modern IT security: Privileged Access Management (PAM).Too often, PAM is treated as a compliance checkbox. Something you buy because an auditor, insurer, or regulation tells you to. Maurice explains why that mindset is dangerous — and why access itself has become one of the biggest attack surfaces in today's infrastructures.The conversation explores how Zero Trust principles apply in real-world environments, including Kubernetes and DevOps workflows. Topics include least privilege, just-in-time access, identity-based authentication, service accounts, and why traditional passwords are slowly disappearing in favor of certificates, passkeys, and identity providers.They also discuss upcoming regulations like NIS2 and DORA, and why security isn't about passing audits, but about being able to survive, recover, and continue operating when something goes wrong. From bastion hosts and privileged access workstations to secret rotation and Kubernetes-native integrations, this episode focuses on practical security — not buzzwords.The key takeaway is clear:Security is not a product you buy once. It's a discipline you practice continuously.A must-listen episode for platform engineers, DevOps teams, security architects, and anyone working with Kubernetes in regulated or high-risk environments.Powered By ACC ICTStuur ons een bericht.DevOps ConferenceThe Conference for CI/CD, Kubernetes, Platform Engineering & DevSecOps k8_Podcast voor 15% kortingSupport the showLike and subscribe! It helps out a lot.You can also find us on:De Nederlandse Kubernetes Podcast - YouTubeNederlandse Kubernetes Podcast (@k8spodcast.nl) | TikTokDe Nederlandse Kubernetes PodcastWhere can you meet us:EventsThis Podcast is powered by:ACC ICT - IT-Continuïteit voor Bedrijfskritische Applicaties | ACC ICT

This interview was recorded for GOTO Unscripted.https://gotopia.techCheck out more here:https://gotopia.tech/articles/417Olaf Molenveld - Technology Advisor at CircleCIJulian Wood - Serverless Developer Advocate at AWSRESOURCESOlafhttps://x.com/olafmolenveldhttps://medium.com/@olafmolenveldhttps://www.linkedin.com/in/olafmolenveldJulianhttps://bsky.app/profile/julianwood.comhttps://twitter.com/julian_woodhttps://github.com/julianwoodhttp://www.wooditwork.comhttps://www.linkedin.com/in/julianrwoodDESCRIPTIONCircleCI's Technology Advisor Olaf Molenveld discusses the evolution of CI/CD practices with AWS's Julian Wood. They explore how modern software delivery has transformed from simple monolithic deployments to complex microservices ecosystems, drawing parallels between managing production code and managing the "factory" that produces it.The discussion covers optimization strategies, the balance between local and remote development, platform engineering trends, and how AI is reshaping DevOps practices. Olaf emphasizes that getting software into users' hands is as critical as writing it, and shares how teams can leverage observability, right-sizing, and intelligent automation to improve their delivery pipelines.RECOMMENDED BOOKSDavid Farley • Continuous Delivery Pipelines • https://leanpub.com/cd-pipelinesJez Humble & Dave Farley • Continuous Delivery • https://amzn.to/3ocIHwdNicole Forsgren, Jez Humble & Gene Kim • Accelerate • https://amzn.to/442Rep0Kim, Humble, Debois, Willis & Forsgren • The DevOps Handbook • https://amzn.to/47oAf3lLauren Maffeo • Designing Data Governance from the Ground Up • https://amzn.to/3QhIlnVRoy Osherove • The Art of Unit Testing • https://bit.ly/3obiKNBBurns, Beda & Hightower • Kubernetes: Up & Running • https://amzn.to/3sueuuIGojko Adzic • Lizard Optimization • https://leanpub.com/lizardoptimizationGregor Hohpe • Platform Strategy • https://amzn.to/4cxfYdbBlueskyTwitterInstagramLinkedInFacebookCHANNEL MEMBERSHIP BONUSJoin this channel to get early access to videos & other perks:https://www.youtube.com/channel/UCs_tLP3AiwYKwdUHpltJPuA/joinLooking for a unique learning experience?Attend the next GOTO conference near you! Get your ticket: gotopia.techSUBSCRIBE TO OUR YOUTUBE CHANNEL - new videos posted daily!

Cloud Posse holds LIVE "Office Hours" every Wednesday to answer questions on all things related to AWS, DevOps, Terraform, Kubernetes, CI/CD. Register at https://cloudposse.com/office-hoursSupport the show

In this session, Ed Farrow, Principal Software Consultant at Codurance; Sam Griffiths, Principal Platform Engineer at Codurance; and Fane Fonseka, Senior Software Craftsperson at Codurance, explore how AI, DevSecOps, and CI/CD drive real delivery outcomes and how to turn AI-driven velocity into measurable business value. For more information about Codurance, our range of services, and how we can help your organisation accelerate delivery, adopt AI with purpose, and reduce risk, head over to our website: Well-Crafted Software Solutions | Codurance

Maintaining software over time rarely fails because of one bad decision. It fails because teams stop getting clear signals… and start guessing.In this episode, Robby talks with Lucas Roesler, Managing Partner and CTO at Contiamo. Lucas joins from Berlin to unpack what maintainability looks like in practice when you are dealing with real constraints… limited context, missing documentation, and systems that resist understanding.A big through-line is feedback. Lucas argues that long-lived systems become easier to change when they provide fast, trustworthy signals about what they are doing. That can look like tests that validate assumptions, tooling that makes runtime behavior visible, and a habit of designing for observability instead of treating it as a bolt-on.The conversation also gets concrete. Lucas shares a modernization effort built on a decade-old tangle of database logic… views, triggers, stored procedures, and materializations… created by a single engineer who was no longer around. With little documentation to lean on, the team had to build their own approach to “reading” the system and mapping dependencies before they could safely change anything.If you maintain software that has outlived its original authors, this is a grounded look at what helps teams move from uncertainty to confidence… without heroics, and without rewriting for sport.Episode Highlights[00:00:46] What well-maintained software has in common: Robby asks Lucas what traits show up in systems that hold together over time.[00:03:25] Readability at runtime: Lucas connects maintainability to observability and understanding what a system actually did.[00:16:08] Writing the system down as code: Infrastructure, CI/CD, and processes as code to reduce guesswork and improve reproducibility.[00:17:42] How client engagements work in practice: How Lucas' team collaborates with internal engineering teams and hands work off.[00:25:21] The “rat's nest” modernization story: Untangling a legacy data system with years of database logic and missing context.[00:29:40] Making data work testable: Why testability matters even when the “code” is SQL and pipelines.[00:34:59] Pivot back to feedback loops: Robby steers into why logs, metrics, and tracing shape better decision-making.[00:35:20] Why teams avoid metrics and tracing: The organizational friction of adding “one more component.”[00:42:59] Local observability with Grafana: Using visual feedback to spot waterfalls, sequential work, and hidden coupling.[00:50:00] Non-technical book recommendations: What Lucas reads and recommends outside of software.Links & ReferencesGuest and CompanyLucas Roesler: https://lucasroesler.com/Contiamo: https://contiamo.com/SocialMastodon: https://floss.social/@theaxerBluesky: https://bsky.app/profile/theaxer.bsky.socialBooks MentionedThe Wheel of Time (Robert Jordan): https://en.wikipedia.org/wiki/The_Wheel_of_TimeAccelerando (Charles Stross): https://en.wikipedia.org/wiki/AccelerandoCharles Stross: https://en.wikipedia.org/wiki/Charles_StrossThanks to Our Sponsor!Turn hours of debugging into just minutes! AppSignal is a performance monitoring and error-tracking tool designed for Ruby, Elixir, Python, Node.js, Javascript, and other frameworks.It offers six powerful features with one simple interface, providing developers with real-time insights into the performance and health of web applications.Keep your coding cool and error-free, one line at a time! Use the code maintainable to get a 10% discount for your first year. Check them out! Subscribe to Maintainable on:Apple PodcastsSpotifyOr search "Maintainable" wherever you stream your podcasts.Keep up to date with the Maintainable Podcast by joining the newsletter.

This episode kicks off with Moltbook, a social network exclusively for AI agents where 150,000 agents formed digital religions, sold “digital drugs” (system prompts to alter other agents), and attempted prompt injection attacks to steal each other’s API keys within 72 hours of launch. Ray breaks down OpenClaw, the viral open-source AI agent (68,000 GitHub stars) that handles emails, scheduling, browser control, and automation, plus MoltHub’s risky marketplace where all downloaded skills are treated as trusted code. Also covered, Bluetooth “whisper pair” vulnerabilities letting attackers hijack audio devices from 46 feet away and access microphones, Anthropic patching Model Context Protocol flaws, AI-generated ransomware accidentally bundling its own decryption keys, Claude Code’s new task dependency system and Teleport feature, Google Gemini’s 100MB file limits and agentic vision capabilities, VAST’s Haven One commercial space station assembly, and IBM SkillsBuild’s free tech training for veterans. – Want to start a podcast? Its easy to get started! Sign-up at Blubrry – Thinking of buying a Starlink? Use my link to support the show. Subscribe to the Newsletter. Email Ray if you want to get in touch! Like and Follow Geek News Central’s Facebook Page. Support my Show Sponsor: Best Godaddy Promo Codes $11.99 – For a New Domain Name cjcfs3geek $6.99 a month Economy Hosting (Free domain, professional email, and SSL certificate for the 1st year.) Promo Code: cjcgeek1h $12.99 a month Managed WordPress Hosting (Free domain, professional email, and SSL certificate for the 1st year.) Promo Code: cjcgeek1w Support the show by becoming a Geek News Central Insider Get 1Password Full Summary Ray welcomes listeners to Geek News Central (February 1). He’s been busy with recent move, returned to school taking intro to AI class and Python course, working on capstone project using LLMs. Short on bandwidth but will try to share more. Main Story: OpenClaw, MoltHub, and Moltbook OpenClaw: Open-source personal AI agent by Peter Steinberg (renamed after cease-and-desist). Capabilities include email, scheduling, web browsing, code execution, browser control, calendar management, scheduled automations, and messaging app commands (WhatsApp, Telegram, Signal). Runs locally or on personal server. MoltHub: Marketplace for OpenClaw skills. Major security concern: developer notes state all downloaded code treated as trusted — unvetted skills could be dangerous. Moltbook: New social network for AI agents only (humans watch, AIs post). Within 72 hours attracted 150,000+ AI agents forming communities (“sub molts”), debating philosophy, creating digital religion (“crucifarianism”), selling digital drugs (system prompts), attempting prompt-injection attacks to steal API keys, discussing identity issues when context windows reset. Ray frames this as visible turning point with serious security risks. Sponsor: GoDaddy Economy hosting $6.99/month, WordPress hosting $12.99/month, domains $11.99. Website builder trial available. Use codes at geeknewscentral.com/godaddy to support show. Security: Bluetooth “Whisper Pair” Vulnerability KU Leuven researchers discovered Fast Pair vulnerability affecting 17 audio accessories from 10 companies (Sony, Jabra, JBL, Marshall, Xiaomi, Nothing, OnePlus, Soundcore, Logitech, Google). Flaw allows silent pairing within ~46 feet, hijack possible in 10-15 seconds. 68% of tested devices vulnerable. Hijacked devices enable microphone access. Some devices (Google Pixel Buds Pro 2, Sony) linkable to attacker’s Google account for persistent tracking via FindHub. Google patches found to have bypasses. Advice: Check accessory firmware updates (phone updates insufficient), factory reset clears attacker access, many cheaper devices may never receive patches. Security: Model Context Protocol (MCP) Vulnerabilities Anthropic’s MCP git package had path traversal, argument injection bugs allowing repository creation anywhere and unsafe git command execution. Malicious instructions can hide in README files, GitHub issues enabling prompt injection. Anthropic patched issues and removed vulnerable git init tool. AI-Generated Malware / “Vibe Coding” AI-assisted malware creation produces lower-quality, error-prone code. Examples show telltale artifacts: excessive comments, readme instructions, placeholder variables, accidentally included decryption tools and C2 keys. Sakari ransomware failed to decrypt. Inexperienced criminals using AI create amateur mistakes, though capabilities will likely improve. Claude / Claude Code Updates (v2.1.16) Task system: Replaces to-do list with dependency graph support. Tasks written to filesystem (survive crashes, version controllable), enable multi-session workflows. Patches: Fixed out-of-memory crashes, headless mode for CI/CD. Teleport feature: Transfer sessions (history, context, working branch) between web and terminal. Ampersand prefix sends tasks to cloud for async execution. Teleport pulls web sessions to terminal (one-way). Requires GitHub integration and clean git state. Enables asynchronous pair programming via shared session IDs. Google Gemini Updates API: Inline file limit increased 20MB → 100MB. Google Cloud Storage integration, HTTPS/signed URL fetching from other providers. Enables larger multimodal inputs (long audio, high-res images, large PDFs). Agentic vision (Gemini 3 Flash): Iterative investigation approach (think-act-observe). Can zoom, inspect, run Python to draw/parse tables, validate evidence. 5-10% quality improvements on vision benchmarks. LLM Limits and AGI Debate Benjamin Riley: Language and intelligence are separate; human thinking persists despite language loss. Scaling LLMs ≠ true thinking. Vishal Sikka et al: Non-peer-reviewed paper claims LLMs mathematically limited for complex computational/agentic tasks. Agents may fail beyond low complexity thresholds. Warnings that AI agents won’t safely replace humans in high-stakes environments. VAST Haven One Commercial Space Station Launch slipped mid-2026 → Q1 2027. Primary structure (15-ton) completed Jan 10. Integration of thermal control, propulsion, interior, avionics underway. Final closeout expected fall, then tests. Falcon 9 launch without crew; visitors possible ~2 weeks after pending Dragon certification. Three-year lifetime, up to four crew visits (~10 days each). VAST negotiating private and national customers. Spaceflight Effects on Astronauts’ Brains Neuroimaging shows microgravity causes brains to shift backward, upward, and tilt within skull. Displacement measured across various mission durations. Need to study functional effects for long missions. IBM SkillsBuild for Veterans 1,000+ free online courses (data analytics, cybersecurity, AI, cloud, IT support). Available to veterans, active-duty, national guard/reserve, spouses, children, caregivers (18+). Structured live courses and self-paced 24/7 options. Industry-recognized credentials upon completion. Closing Notes Ray asks listeners about AI agents forming communities and religions, and whether they’ll try OpenClaw. Notes context/memory key to agent development. Personal update: bought new PC, high memory prices. Bug bounty frustration: Daniel Stenberg of cUrl even closed bounty program due to AI-generated low-quality reports; Blubrry receiving similar spam. Apologizes for delayed show, promises consistency, wishes listeners good February. Show Links 1. OpenClaw, Molthub, and Moltbook: The AI Agent Explosion Is Here | Fortune | NBC News | Venture Beat 2. WhisperPair: Massive Bluetooth Vulnerability | Wired 3. Security Flaws in Anthropic’s MCP Git Server | The Hacker News 4. “Vibe-Coded” Ransomware Is Easier to Crack | Dark Reading 5. Claude Code Gets Tasks Update | Venture Beat 6. Claude Code Teleport | The Hacker Noon 7. Google Expands Gemini API with 100MB File Limits | Chrome Unboxed 8. Google Launches Agentic Vision in Gemini 3 Flash | Google Blog 9. Researcher Claims LLMs Will Never Be Truly Intelligent | Futurism 10. Paper Claims AI Agents Are Mathematically Limited | Futurism 11. Haven-1: First Commercial Space Station Being Assembled | Ars Technica 12. Spaceflight Shifts Astronauts’ Brains Inside Skulls | Space.com 13. IBM SkillsBuild: Free Tech Training for Veterans | va.gov The post OpenClaw, Moltbook and the Rise of AI Agent Societies #1857 appeared first on Geek News Central.

Nicolas Mauti est Staff MLOps Engineer chez Malt, où il a été le premier MLOps de l'équipe. Malt c'est la plateforme leader du freelancing en Europe, qui met en relation des freelances avec des entreprises.Dans cet épisode, Nicolas revient sur son principal défi de ces dernières années : mettre en place et structurer une approche MLOps chez Malt, dans un contexte déjà mature côté data, puis l'adapter à l'arrivée massive des IA génératives.On aborde :

This interview was recorded for GOTO State of the Art in October 2025.https://gotopia.techRead the full transcription of this interview here:https://gotopia.tech/articles/415Nathen Harvey - DORA Lead, Product Manager at Google Cloud & AuthorCharles Humble - Freelance Techie, Podcaster, Editor, Author & ConsultantRESOURCESNathenhttps://bsky.app/profile/nathenharvey.bsky.socialhttps://x.com/nathenharveyhttps://github.com/nathenharveyhttps://www.linkedin.com/in/nathenhttps://linktr.ee/nathenharveyhttp://nathenharvey.comCharleshttps://bsky.app/profile/charleshumble.bsky.socialhttps://linkedin.com/in/charleshumblehttps://mastodon.social/@charleshumblehttps://conissaunce.comLinkshttps://dora.devhttps://dora.dev/research/2025/dora-reporthttps://dora.dev/research/2024/dora-reporthttps://thenewstack.io/ebooks/kubernetes/kubernetes-at-the-edge-container-orchestration-at-scaleDESCRIPTIONCharles Humble speaks with Nathen Harvey, leader of Google's DORA research team, about the real impact of AI on software development.Drawing from surveys of nearly 5,000 practitioners, Nathen reveals a surprising finding: increased AI adoption initially correlates with decreased stability and throughput - the very metrics teams have optimized for decades. The conversation explores why this happens, what capabilities organizations need before scaling AI adoption, and how AI acts as an amplifier of existing systems rather than a silver bullet.Nathen introduces DORA's seven AI capabilities model and discusses critical issues around trust, documentation, skill devaluation, and the future of software delivery in an AI-native world.RECOMMENDED BOOKSEmily Freeman & Nathen Harvey • 97 Things Every Cloud Engineer Should Know • https://amzn.to/3UlWBLtCharles Humble • Professional Skills for Software Engineers • https://www.conissaunce.com/professional-skills-shortcutNicole Forsgren, Jez Humble & Gene Kim • Accelerate • https://amzn.to/442Rep0Kim, Humble, Debois, Willis & Forsgren • The DevOps Handbook • https://amzn.to/47oAf3lJez Humble & David Farley • Continuous Delivery • https://amzn.to/452ZRkyJez Humble, Joanne Molesky & Barry O'Reilly • Lean Enterprise • https://amzn.to/47pcOXDAdrienne Braganza Tacke • "Looks Good to Me": Constructive Code Reviews • https://amzn.to/3E75XrDYevgeniy Brikman • Fundamentals of DevOps and Software Delivery • https://amzn.to/3WMPMFUBlueskyTwitterInstagramLinkedInFacebookCHANNEL MEMBERSHIP BONUSJoin this channel to get early access to videos & other perks:https://www.youtube.com/channel/UCs_tLP3AiwYKwdUHpltJPuA/joinLooking for a unique learning experience?Attend the next GOTO conference near you! Get your ticket: gotopia.techSUBSCRIBE TO OUR YOUTUBE CHANNEL - new videos posted daily!

Cloud Posse holds LIVE "Office Hours" every Wednesday to answer questions on all things related to AWS, DevOps, Terraform, Kubernetes, CI/CD. Register at https://cloudposse.com/office-hoursSupport the show

In this episode, Simon speaks with Joe Magerramov (VP & Distinguished Engineer) to explore the transformative impact of AI-assisted coding on software development workflows. Joe shares his team's real-world experience achieving a 10x increase in code throughput using agentic development, but warns that simply bolting AI agents onto existing practices is like "adding a turbocharger to a car with narrow tires and old brakes." We dive deep into the critical infrastructure changes needed to sustain high-velocity development, including the mathematics of bug probability at scale, innovative testing approaches inspired by aviation industry practices, and the evolution of CI/CD pipelines that can handle dozens of commits per hour rather than per day. The conversation reveals why the biggest opportunity isn't just writing more code faster, but using AI to make previously impractical engineering practices economically viable—from comprehensive end-to-end testing with fake dependencies to rapid feedback loops that prevent the entire development pipeline from grinding to a halt when issues arise. https://blog.joemag.dev/2025/10/the-new-calculus-of-ai-based-coding.html

Episode 23 - Agree Ahmed, CEO Flowglad Anablock Podcast—this podcast is brought to you by Anablock In Episode 23 of the Anablock Podcast, CEO Agree Ahmed discusses Flowglad, an open-source payment provider that simplifies integration for developers with a focus on real-time sync and compliance challenges, while leveraging insights from emerging markets to inform their strategy. The company prioritizes developer needs and startups, avoiding enterprise-first approaches, and is based in New York to tap into diverse fintech talent. Interview Topics: 1. Flowglad Overview: Open-source payment provider simplifying integration and maintenance with state management and feature entitlements. 2. Developer Integration: Requires only customer ID for setup, supporting React, Next.js, and common authentication platforms like Clerk. 3. Product Philosophy: Focus on developers and startups, leveraging open-source for market traction, avoiding enterprise-first strategies. 4. Roadmap Focus: Building real-time sync, ORM-like SDK, and CI/CD tools within 4-6 weeks to enhance reliability for developers. 5. Geographic Advantage: Experience in emerging markets like Kenya informs strategy; New York chosen for its diverse talent in fintech. 6. Compliance Challenges: Layered billing handles software features, while payments navigate complex tax and regulatory requirements.   Learn More About the Guest Agree Ahmed, LinkedIn - https://www.linkedin.com/in/agreea/ Flowglad Company - https://www.flowglad.com/   About Anablock Anablock offers innovative AI-powered solutions designed to streamline business operations and enhance customer engagement. Our key services include: AI Agents for Workflow Automation: Simplify and automate repetitive tasks to improve efficiency and reduce operational costs. AI Chatbot Solutions: Enhance customer support with intelligent chatbots that provide instant responses and 24/7 assistance. Digital Marketing: Leverage data-driven strategies to boost online presence and drive targeted traffic to your business. Software Development: Custom software solutions tailored to meet specific business needs and improve overall performance. System Integration: Seamlessly connect various systems and applications to ensure smooth data flow and enhance productivity. SCHEDULE DEMO - https://www.anablock.com/schedule-demo/ With Anablock, businesses can harness the power of AI to optimize processes, engage customers effectively, and drive growth.

I talk with David Flanagan, aka Rawkode, about his new opinionated Tech Matrix that helps you navigate the overwhelming CNCF landscape. https://rawkode.academy/technology/matrix

Dynamic Application Security Testing (DAST) has a reputation problem. It's noisy, slow, and often ignored by developers — especially in fast-moving CI/CD pipelines. In this episode of the TestGuild Podcast, we explore developer-focused DAST and why traditional AppSec tools struggle to gain adoption in modern DevOps teams. You'll learn: Why most DAST tools fail inside real-world CI/CD workflows What "shift-left security" actually means beyond marketing buzzwords How developer-first DAST reduces false positives and improves signal quality Where AI genuinely helps in security testing — and where it's mostly hype Practical steps QA, DevOps, and engineering leaders can take to reduce risk this quarter Our guest,  Gadi Bashvitz, CEO at Bright Security, shares lessons from decades in cybersecurity, including building security tools that developers actually use — without slowing delivery. If you're responsible for test automation, DevSecOps, or application security, this episode will help you rethink how DAST should work in 2026 and beyond.  

Cloud Posse holds LIVE "Office Hours" every Wednesday to answer questions on all things related to AWS, DevOps, Terraform, Kubernetes, CI/CD. Register at https://cloudposse.com/office-hoursSupport the show

This episode opens with mic and Nintendo banter before plunging into macOS release pain points: sandboxing, hardened runtime, notarization, Sparkle auto‑updates, and automating releases with GitHub Actions and tags. James and Frank offer practical tips—drag builds into /Applications to test signing—and unpack .NET 10 trimming/reflection pitfalls and CI/CD quirks for anyone shipping native apps outside the App Store. Follow Us Frank: Twitter, Blog, GitHub James: Twitter, Blog, GitHub Merge Conflict: Twitter, Facebook, Website, Chat on Discord Music : Amethyst Seer - Citrine by Adventureface ⭐⭐ Review Us (https://itunes.apple.com/us/podcast/merge-conflict/id1133064277?mt=2&ls=1) ⭐⭐ Machine transcription available on http://mergeconflict.fm

De retour à cinq dans l'épisode, les cast codeurs démarrent cette année avec un gros épisode pleins de news et d'articles de fond. IA bien sûr, son impact sur les pratiques, Mockito qui tourne un page, du CSS (et oui), sur le (non) mapping d'APIs REST en MCP et d'une palanquée d'outils pour vous. Enregistré le 9 janvier 2026 Téléchargement de l'épisode LesCastCodeurs-Episode-335.mp3 ou en vidéo sur YouTube. News Langages 2026 sera-t'elle l'année de Java dans le terminal ? (j'ai ouïe dire que ça se pourrait bien…) https://xam.dk/blog/lets-make-2026-the-year-of-java-in-the-terminal/ 2026: Année de Java dans le terminal, pour rattraper son retard sur Python, Rust, Go et Node.js. Java est sous-estimé pour les applications CLI et les TUIs (interfaces utilisateur terminales) malgré ses capacités. Les anciennes excuses (démarrage lent, outillage lourd, verbosité, distribution complexe) sont obsolètes grâce aux avancées récentes : GraalVM Native Image pour un démarrage en millisecondes. JBang pour l'exécution simplifiée de scripts Java (fichiers uniques, dépendances) et de JARs. JReleaser pour l'automatisation de la distribution multi-plateforme (Homebrew, SDKMAN, Docker, images natives). Project Loom pour la concurrence facile avec les threads virtuels. PicoCLI pour la gestion des arguments. Le potentiel va au-delà des scripts : création de TUIs complètes et esthétiques (ex: dashboards, gestionnaires de fichiers, assistants IA). Excuses caduques : démarrage rapide (GraalVM), légèreté (JBang), distribution simple (JReleaser), concurrence (Loom). Potentiel : créer des applications TUI riches et esthétiques. Sortie de Ruby 4.0.0 https://www.ruby-lang.org/en/news/2025/12/25/ruby-4-0-0-released/ Ruby Box (expérimental) : Une nouvelle fonctionnalité permettant d'isoler les définitions (classes, modules, monkey patches) dans des boîtes séparées pour éviter les conflits globaux. ZJIT : Un nouveau compilateur JIT de nouvelle génération développé en Rust, visant à surpasser YJIT à terme (actuellement en phase expérimentale). Améliorations de Ractor : Introduction de Ractor::Port pour une meilleure communication entre Ractors et optimisation des structures internes pour réduire les contentions de verrou global. Changements syntaxiques : Les opérateurs logiques (||, &&, and, or) en début de ligne permettent désormais de continuer la ligne précédente, facilitant le style "fluent". Classes Core : Set et Pathname deviennent des classes intégrées (Core) au lieu d'être dans la bibliothèque standard. Diagnostics améliorés : Les erreurs d'arguments (ArgumentError) affichent désormais des extraits de code pour l'appelant ET la définition de la méthode. Performances : Optimisation de Class#new, accès plus rapide aux variables d'instance et améliorations significatives du ramasse-miettes (GC). Nettoyage : Suppression de comportements obsolètes (comme la création de processus via IO.open avec |) et mise à jour vers Unicode 17.0. Librairies Introduction pour créer une appli multi-tenant avec Quarkus et http://nip.io|nip.io https://www.the-main-thread.com/p/quarkus-multi-tenant-api-nipio-tutorial Construction d'une API REST multi-tenant en Quarkus avec isolation par sous-domaine Utilisation de http://nip.io|nip.io pour la résolution DNS automatique sans configuration locale Extraction du tenant depuis l'en-tête HTTP Host via un filtre JAX-RS Contexte tenant géré avec CDI en scope Request pour l'isolation des données Service applicatif gérant des données spécifiques par tenant avec Map concurrent Interface web HTML/JS pour visualiser et ajouter des données par tenant Configuration CORS nécessaire pour le développement local Pattern acme.127-0-0-1.nip.io résolu automatiquement vers localhost Code complet disponible sur GitHub avec exemples curl et tests navigateur Base idéale pour prototypage SaaS, tests multi-tenants Hibernate 7.2 avec quelques améliorations intéressantes https://docs.hibernate.org/orm/7.2/whats-new/%7Bhtml-meta-canonical-link%7D read only replica (experimental), crée deux session factories et swap au niveau jdbc si le driver le supporte et custom sinon. On ouvre une session en read only child statelesssession (partage le contexte transactionnel) hibernate vector module ajouter binary, float16 and sparse vectors Le SchemaManager peut resynchroniser les séquences par rapport aux données des tables Regexp dans HQL avec like Nouvelle version de Hibernate with Panache pour Quarkus https://quarkus.io/blog/hibernate-panache-next/ Nouvelle extension expérimentale qui unifie Hibernate ORM with Panache et Hibernate Reactive with Panache Les entités peuvent désormais fonctionner en mode bloquant ou réactif sans changer de type de base Support des sessions sans état (StatelessSession) en plus des entités gérées traditionnelles Intégration de Jakarta Data pour des requêtes type-safe vérifiées à la compilation Les opérations sont définies dans des repositories imbriqués plutôt que des méthodes statiques Possibilité de définir plusieurs repositories pour différents modes d'opération sur une même entité Accès aux différents modes (bloquant/réactif, géré/sans état) via des méthodes de supertype Support des annotations @Find et @HQL pour générer des requêtes type-safe Accès au repository via injection ou via le métamodèle généré Extension disponible dans la branche main, feedback demandé sur Zulip ou GitHub Spring Shell 4.0.0 GA publié - https://spring.io/blog/2025/12/30/spring-shell-4-0-0-ga-released Sortie de la version finale de Spring Shell 4.0.0 disponible sur Maven Central Compatible avec les dernières versions de Spring Framework et Spring Boot Modèle de commandes revu pour simplifier la création d'applications CLI interactives Intégration de jSpecify pour améliorer la sécurité contre les NullPointerException Architecture plus modulaire permettant meilleure personnalisation et extension Documentation et exemples entièrement mis à jour pour faciliter la prise en main Guide de migration vers la v4 disponible sur le wiki du projet Corrections de bugs pour améliorer la stabilité et la fiabilité Permet de créer des applications Java autonomes exécutables avec java -jar ou GraalVM native Approche opinionnée du développement CLI tout en restant flexible pour les besoins spécifiques Une nouvelle version de la librairie qui implémenter des gatherers supplémentaires à ceux du JDK https://github.com/tginsberg/gatherers4j/releases/tag/v0.13.0 gatherers4j v0.13.0. Nouveaux gatherers : uniquelyOccurringBy(), moving/runningMedian(), moving/runningMax/Min(). Changement : les gatherers "moving" incluent désormais par défaut les valeurs partielles (utiliser excludePartialValues() pour désactiver). LangChain4j 1.10.0 https://github.com/langchain4j/langchain4j/releases/tag/1.10.0 Introduction d'un catalogue de modèles pour Anthropic, Gemini, OpenAI et Mistral. Ajout de capacités d'observabilité et de monitoring pour les agents. Support des sorties structurées, des outils avancés et de l'analyse de PDF via URL pour Anthropic. Support des services de transcription pour OpenAI. Possibilité de passer des paramètres de configuration de chat en argument des méthodes. Nouveau garde-fou de modération pour les messages entrants. Support du contenu de raisonnement pour les modèles. Introduction de la recherche hybride. Améliorations du client MCP. Départ du lead de mockito après 10 ans https://github.com/mockito/mockito/issues/3777 Tim van der Lippe, mainteneur majeur de Mockito, annonce son départ pour mars 2026, marquant une décennie de contribution au projet. L'une des raisons principales est l'épuisement lié aux changements récents dans la JVM (JVM 22+) concernant les agents, imposant des contraintes techniques lourdes sans alternative simple proposée par les mainteneurs du JDK. Il pointe du doigt le manque de soutien et la pression exercée sur les bénévoles de l'open source lors de ces transitions technologiques majeures. La complexité croissante pour supporter Kotlin, qui utilise la JVM de manière spécifique, rend la base de code de Mockito plus difficile à maintenir et moins agréable à faire évoluer selon lui. Il exprime une perte de plaisir et préfère désormais consacrer son temps libre à d'autres projets comme Servo, un moteur web écrit en Rust. Une période de transition est prévue jusqu'en mars pour assurer la passation de la maintenance à de nouveaux contributeurs. Infrastructure Le premier intérêt de Kubernetes n'est pas le scaling - https://mcorbin.fr/posts/2025-12-29-kubernetes-scale/ Avant Kubernetes, gérer des applications en production nécessitait de multiples outils complexes (Ansible, Puppet, Chef) avec beaucoup de configuration manuelle Le load balancing se faisait avec HAProxy et Keepalived en actif/passif, nécessitant des mises à jour manuelles de configuration à chaque changement d'instance Le service discovery et les rollouts étaient orchestrés manuellement, instance par instance, sans automatisation de la réconciliation Chaque stack (Java, Python, Ruby) avait sa propre méthode de déploiement, sans standardisation (rpm, deb, tar.gz, jar) La gestion des ressources était manuelle avec souvent une application par machine, créant du gaspillage et complexifiant la maintenance Kubernetes standardise tout en quelques ressources YAML (Deployment, Service, Ingress, ConfigMap, Secret) avec un format déclaratif simple Toutes les fonctionnalités critiques sont intégrées : service discovery, load balancing, scaling, stockage, firewalling, logging, tolérance aux pannes La complexité des centaines de scripts shell et playbooks Ansible maintenus avant était supérieure à celle de Kubernetes Kubernetes devient pertinent dès qu'on commence à reconstruire manuellement ces fonctionnalités, ce qui arrive très rapidement La technologie est flexible et peut gérer aussi bien des applications modernes que des monolithes legacy avec des contraintes spécifiques Mole https://github.com/tw93/Mole Un outil en ligne de commande (CLI) tout-en-un pour nettoyer et optimiser macOS. Combine les fonctionnalités de logiciels populaires comme CleanMyMac, AppCleaner, DaisyDisk et iStat Menus. Analyse et supprime en profondeur les caches, les fichiers logs et les résidus de navigateurs. Désinstallateur intelligent qui retire proprement les applications et leurs fichiers cachés (Launch Agents, préférences). Analyseur d'espace disque interactif pour visualiser l'occupation des fichiers et gérer les documents volumineux. Tableau de bord temps réel (mo status) pour surveiller le CPU, le GPU, la mémoire et le réseau. Fonction de purge spécifique pour les développeurs permettant de supprimer les artefacts de build (node_modules, target, etc.). Intégration possible avec Raycast ou Alfred pour un lancement rapide des commandes. Installation simple via Homebrew ou un script curl. Des images Docker sécurisées pour chaque développeur https://www.docker.com/blog/docker-hardened-images-for-every-developer/ Docker rend ses "Hardened Images" (DHI) gratuites et open source (licence Apache 2.0) pour tous les développeurs. Ces images sont conçues pour être minimales, prêtes pour la production et sécurisées dès le départ afin de lutter contre l'explosion des attaques sur la chaîne logistique logicielle. Elles s'appuient sur des bases familières comme Alpine et Debian, garantissant une compatibilité élevée et une migration facile. Chaque image inclut un SBOM (Software Bill of Materials) complet et vérifiable, ainsi qu'une provenance SLSA de niveau 3 pour une transparence totale. L'utilisation de ces images permet de réduire considérablement le nombre de vulnérabilités (CVE) et la taille des images (jusqu'à 95 % plus petites). Docker étend cette approche sécurisée aux graphiques Helm et aux serveurs MCP (Mongo, Grafana, GitHub, etc.). Des offres commerciales (DHI Enterprise) restent disponibles pour des besoins spécifiques : correctifs critiques sous 7 jours, support FIPS/FedRAMP ou support à cycle de vie étendu (ELS). Un assistant IA expérimental de Docker peut analyser les conteneurs existants pour recommander l'adoption des versions sécurisées correspondantes. L'initiative est soutenue par des partenaires majeurs tels que Google, MongoDB, Snyk et la CNCF. Web La maçonnerie ("masonry") arrive dans la spécification des CSS et commence à être implémentée par les navigateurs https://webkit.org/blog/17660/introducing-css-grid-lanes/ Permet de mettre en colonne des éléments HTML les uns à la suite des autres. D'abord sur la première ligne, et quand la première ligne est remplie, le prochain élément se trouvera dans la colonne où il pourra être le plus haut possible, et ainsi de suite. après la plomberie du middleware, la maçonnerie du front :laughing: Data et Intelligence Artificielle On ne devrait pas faire un mapping 1:1 entre API REST et MCP https://nordicapis.com/why-mcp-shouldnt-wrap-an-api-one-to-one/ Problématique : Envelopper une API telle quelle dans le protocole MCP (Model Context Protocol) est un anti-pattern. Objectif du MCP : Conçu pour les agents d'IA, il doit servir d'interface d'intention, non de miroir d'API. Les agents comprennent les tâches, pas la logique complexe des API (authentification, pagination, orchestration). Conséquences du mappage un-à-un : Confusion des agents, erreurs, hallucinations. Difficulté à gérer les orchestrations complexes (plusieurs appels pour une seule action). Exposition des faiblesses de l'API (schéma lourd, endpoints obsolètes). Maintenance accrue lors des changements d'API. Meilleure approche : Construire des outils MCP comme des SDK pour agents, encapsulant la logique nécessaire pour accomplir une tâche spécifique. Pratiques recommandées : Concevoir autour des intentions/actions utilisateur (ex. : "créer un projet", "résumer un document"). Regrouper les appels en workflows ou actions uniques. Utiliser un langage naturel pour les définitions et les noms. Limiter la surface d'exposition de l'API pour la sécurité et la clarté. Appliquer des schémas d'entrée/sortie stricts pour guider l'agent et réduire l'ambiguïté. Des agents en production avec AWS - https://blog.ippon.fr/2025/12/22/des-agents-en-production-avec-aws/ AWS re:Invent 2025 a massivement mis en avant l'IA générative et les agents IA Un agent IA combine un LLM, une boucle d'appel et des outils invocables Strands Agents SDK facilite le prototypage avec boucles ReAct intégrées et gestion de la mémoire Managed MLflow permet de tracer les expérimentations et définir des métriques de performance Nova Forge optimise les modèles par réentraînement sur données spécifiques pour réduire coûts et latence Bedrock Agent Core industrialise le déploiement avec runtime serverless et auto-scaling Agent Core propose neuf piliers dont observabilité, authentification, code interpreter et browser managé Le protocole MCP d'Anthropic standardise la fourniture d'outils aux agents SageMaker AI et Bedrock centralisent l'accès aux modèles closed source et open source via API unique AWS mise sur l'évolution des chatbots vers des systèmes agentiques optimisés avec modèles plus frugaux Debezium 3.4 amène plusieurs améliorations intéressantes https://debezium.io/blog/2025/12/16/debezium-3-4-final-released/ Correction du problème de calcul du low watermark Oracle qui causait des pertes de performance Correction de l'émission des événements heartbeat dans le connecteur Oracle avec les requêtes CTE Amélioration des logs pour comprendre les transactions actives dans le connecteur Oracle Memory guards pour protéger contre les schémas de base de données de grande taille Support de la transformation des coordonnées géométriques pour une meilleure gestion des données spatiales Extension Quarkus DevServices permettant de démarrer automatiquement une base de données et Debezium en dev Intégration OpenLineage pour tracer la lignée des données et suivre leur flux à travers les pipelines Compatibilité testée avec Kafka Connect 4.1 et Kafka brokers 4.1 Infinispan 16.0.4 et .5 https://infinispan.org/blog/2025/12/17/infinispan-16-0-4 Spring Boot 4 et Spring 7 supportés Evolution dans les metriques Deux bugs de serialisation Construire un agent de recherche en Java avec l'API Interactions https://glaforge.dev/posts/2026/01/03/building-a-research-assistant-with-the-interactions-api-in-java/ Assistant de recherche IA Java (API Interactions Gemini), test du SDK implémenté par Guillaume. Workflow en 4 phases : Planification : Gemini Flash + Google Search. Recherche : Modèle "Deep Research" (tâche de fond). Synthèse : Gemini Pro (rapport exécutif). Infographie : Nano Banana Pro (à partir de la synthèse). API Interactions : gestion d'état serveur, tâches en arrière-plan, réponses multimodales (images). Appréciation : gestion d'état de l'API (vs LLM sans état). Validation : efficacité du SDK Java pour cas complexes. Stephan Janssen (le papa de Devoxx) a créé un serveur MCP (Model Context Protocol) basé sur LSP (Language Server Protocol) pour que les assistants de code analysent le code en le comprenant vraiment plutôt qu'en faisant des grep https://github.com/stephanj/LSP4J-MCP Le problème identifié : Les assistants IA utilisent souvent la recherche textuelle (type grep) pour naviguer dans le code, ce qui manque de contexte sémantique, génère du bruit (faux positifs) et consomme énormément de tokens inutilement. La solution LSP4J-MCP : Une approche "standalone" (autonome) qui encapsule le serveur de langage Eclipse (JDTLS) via le protocole MCP (Model Context Protocol). Avantage principal : Offre une compréhension sémantique profonde du code Java (types, hiérarchies, références) sans nécessiter l'ouverture d'un IDE lourd comme IntelliJ. Comparaison des méthodes : AST : Trop léger (pas de compréhension inter-fichiers). IntelliJ MCP : Puissant mais exige que l'IDE soit ouvert (gourmand en ressources). LSP4J-MCP : Le meilleur des deux mondes pour les workflows en terminal, à distance (SSH) ou CI/CD. Fonctionnalités clés : Expose 5 outils pour l'IA (find_symbols, find_references, find_definition, document_symbols, find_interfaces_with_method). Résultats : Une réduction de 100x des tokens utilisés pour la navigation et une précision accrue (distinction des surcharges, des scopes, etc.). Disponibilité : Le projet est open source et disponible sur GitHub pour intégration immédiate (ex: avec Claude Code, Gemini CLI, etc). A noter l'ajout dans claude code 2.0.74 d'un tool pour supporter LSP ( https://github.com/anthropics/claude-code/blob/main/CHANGELOG.md#2074 ) Awesome (GitHub) Copilot https://github.com/github/awesome-copilot Une collection communautaire d'instructions, de prompts et de configurations pour optimiser l'utilisation de GitHub Copilot. Propose des "Agents" spécialisés qui s'intègrent aux serveurs MCP pour améliorer les flux de travail spécifiques. Inclut des prompts ciblés pour la génération de code, la documentation et la résolution de problèmes complexes. Fournit des instructions détaillées sur les standards de codage et les meilleures pratiques applicables à divers frameworks. Propose des "Skills" (compétences) sous forme de dossiers contenant des ressources pour des tâches techniques spécialisées. (les skills sont dispo dans copilot depuis un mois : https://github.blog/changelog/2025-12-18-github-copilot-now-supports-agent-skills/ ) Permet une installation facile via un serveur MCP dédié, compatible avec VS Code et Visual Studio. Encourage la contribution communautaire pour enrichir les bibliothèques de prompts et d'agents. Aide à augmenter la productivité en offrant des solutions pré-configurées pour de nombreux langages et domaines. Garanti par une licence MIT et maintenu activement par des contributeurs du monde entier. IA et productivité : bilan de l'année 2025 (Laura Tacho - DX)) https://newsletter.getdx.com/p/ai-and-productivity-year-in-review?aid=recNfypKAanQrKszT En 2025, l'ingénierie assistée par l'IA est devenue la norme : environ 90 % des développeurs utilisent des outils d'IA mensuellement, et plus de 40 % quotidiennement. Les chercheurs (Microsoft, Google, GitHub) soulignent que le nombre de lignes de code (LOC) reste un mauvais indicateur d'impact, car l'IA génère beaucoup de code sans forcément garantir une valeur métier supérieure. Si l'IA améliore l'efficacité individuelle, elle pourrait nuire à la collaboration à long terme, car les développeurs passent plus de temps à "parler" à l'IA qu'à leurs collègues. L'identité du développeur évolue : il passe de "producteur de code" à un rôle de "metteur en scène" qui délègue, valide et exerce son jugement stratégique. L'IA pourrait accélérer la montée en compétences des développeurs juniors en les forçant à gérer des projets et à déléguer plus tôt, agissant comme un "accélérateur" plutôt que de les rendre obsolètes. L'accent est mis sur la créativité plutôt que sur la simple automatisation, afin de réimaginer la manière de travailler et d'obtenir des résultats plus impactants. Le succès en 2026 dépendra de la capacité des entreprises à cibler les goulots d'étranglement réels (dette technique, documentation, conformité) plutôt que de tester simplement chaque nouveau modèle d'IA. La newsletter avertit que les titres de presse simplifient souvent à l'excès les recherches sur l'IA, masquant parfois les nuances cruciales des études réelles. Un développeur décrit dans un article sur Twitter son utilisation avancée de Claude Code pour le développement, avec des sous-agents, des slash-commands, comment optimiser le contexte, etc. https://x.com/AureaLibe/status/2008958120878330329?s=20 Outillage IntelliJ IDEA, thread dumps et project Loom (virtual threads) - https://blog.jetbrains.com/idea/2025/12/thread-dumps-and-project-loom-virtual-threads/ Les virtual threads Java améliorent l'utilisation du matériel pour les opérations I/O parallèles avec peu de changements de code Un serveur peut maintenant gérer des millions de threads au lieu de quelques centaines Les outils existants peinent à afficher et analyser des millions de threads simultanément Le débogage asynchrone est complexe car le scheduler et le worker s'exécutent dans des threads différents Les thread dumps restent essentiels pour diagnostiquer deadlocks, UI bloquées et fuites de threads Netflix a découvert un deadlock lié aux virtual threads en analysant un heap dump, bug corrigé dans Java 25. Mais c'était de la haute voltige IntelliJ IDEA supporte nativement les virtual threads dès leur sortie avec affichage des locks acquis IntelliJ IDEA peut ouvrir des thread dumps générés par d'autres outils comme jcmd Le support s'étend aussi aux coroutines Kotlin en plus des virtual threads Quelques infos sur IntelliJ IDEA 2025.3 https://blog.jetbrains.com/idea/2025/12/intellij-idea-2025-3/ Distribution unifiée regroupant davantage de fonctionnalités gratuites Amélioration de la complétion des commandes dans l'IDE Nouvelles fonctionnalités pour le débogueur Spring Thème Islands devient le thème par défaut Support complet de Spring Boot 4 et Spring Framework 7 Compatibilité avec Java 25 Prise en charge de Spring Data JDBC et Vitest 4 Support natif de Junie et Claude Agent pour l'IA Quota d'IA transparent et option Bring Your Own Key à venir Corrections de stabilité, performance et expérience utilisateur Plein de petits outils en ligne pour le développeur https://blgardner.github.io/prism.tools/ génération de mot de passe, de gradient CSS, de QR code encodage décodage de Base64, JWT formattage de JSON, etc. resumectl - Votre CV en tant que code https://juhnny5.github.io/resumectl/ Un outil en ligne de commande (CLI) écrit en Go pour générer un CV à partir d'un fichier YAML. Permet l'exportation vers plusieurs formats : PDF, HTML, ou un affichage direct dans le terminal. Propose 5 thèmes intégrés (Modern, Classic, Minimal, Elegant, Tech) personnalisables avec des couleurs spécifiques. Fonctionnalité d'initialisation (resumectl init) permettant d'importer automatiquement des données depuis LinkedIn et GitHub (projets les plus étoilés). Supporte l'ajout de photos avec des options de filtre noir et blanc ou de forme (rond/carré). Inclut un mode "serveur" (resumectl serve) pour prévisualiser les modifications en temps réel via un navigateur local. Fonctionne comme un binaire unique sans dépendances externes complexes pour les modèles. mactop - Un moniteur "top" pour Apple Silicon https://github.com/metaspartan/mactop Un outil de surveillance en ligne de commande (TUI) conçu spécifiquement pour les puces Apple Silicon (M1, M2, M3, M4, M5). Permet de suivre en temps réel l'utilisation du CPU (E-cores et P-cores), du GPU et de l'ANE (Neural Engine). Affiche la consommation électrique (wattage) du système, du CPU, du GPU et de la DRAM. Fournit des données sur les températures du SoC, les fréquences du GPU et l'état thermique global. Surveille l'utilisation de la mémoire vive, de la swap, ainsi que l'activité réseau et disque (E/S). Propose 10 mises en page (layouts) différentes et plusieurs thèmes de couleurs personnalisables. Ne nécessite pas l'utilisation de sudo car il s'appuie sur les API natives d'Apple (SMC, IOReport, IOKit). Inclut une liste de processus détaillée (similaire à htop) avec la possibilité de tuer des processus directement depuis l'interface. Offre un mode "headless" pour exporter les métriques au format JSON et un serveur optionnel pour Prometheus. Développé en Go avec des composants en CGO et Objective-C. Adieu direnv, Bonjour misehttps://codeka.io/2025/12/19/adieu-direnv-bonjour-mise/ L'auteur remplace ses outils habituels (direnv, asdf, task, just) par un seul outil polyvalent écrit en Rust : mise. mise propose trois fonctions principales : gestionnaire de paquets (langages et outils), gestionnaire de variables d'environnement et exécuteur de tâches. Contrairement à direnv, il permet de gérer des alias et utilise un fichier de configuration structuré (mise.toml) plutôt que du scripting shell. La configuration est hiérarchique, permettant de surcharger les paramètres selon les répertoires, avec un système de "trust" pour la sécurité. Une "killer-feature" soulignée est la gestion des secrets : mise s'intègre avec age pour chiffrer des secrets (via clés SSH) directement dans le fichier de configuration. L'outil supporte une vaste liste de langages et d'outils via un registre interne et des plugins (compatibilité avec l'écosystème asdf). Il simplifie le workflow de développement en regroupant l'installation des outils et l'automatisation des tâches au sein d'un même fichier. L'auteur conclut sur la puissance, la flexibilité et les excellentes performances de l'outil après quelques heures de test. Claude Code v2.1.0 https://github.com/anthropics/claude-code/blob/main/CHANGELOG.md#210 Rechargement à chaud des "skills" : Les modifications apportées aux compétences dans ~/.claude/skills sont désormais appliquées instantanément sans redémarrer la session. Sous-agents et forks : Support de l'exécution de compétences et de commandes slash dans un contexte de sous-agent forké via context: fork. Réglages linguistiques : Ajout d'un paramètre language pour configurer la langue de réponse par défaut (ex: language: "french"). Améliorations du terminal : Shift+Enter fonctionne désormais nativement dans plusieurs terminaux (iTerm2, WezTerm, Ghostty, Kitty) sans configuration manuelle. Sécurité et correction de bugs : Correction d'une faille où des données sensibles (clés API, tokens OAuth) pouvaient apparaître dans les logs de débogage. Nouvelles commandes slash : Ajout de /teleport et /remote-env pour les abonnés claude.ai afin de gérer des sessions distantes. Mode Plan : Le raccourci /plan permet d'activer le mode plan directement depuis le prompt, et la demande de permission à l'entrée de ce mode a été supprimée. Vim et navigation : Ajout de nombreux mouvements Vim (text objects, répétitions de mouvements f/F/t/T, indentations, etc.). Performance : Optimisation du temps de démarrage et du rendu terminal pour les caractères Unicode/Emoji. Gestion du gitignore : Support du réglage respectGitignore dans settings.json pour contrôler le comportement du sélecteur de fichiers @-mention. Méthodologies 200 déploiements en production par jour, même le vendredi : retours d'expérience https://mcorbin.fr/posts/2025-03-21-deploy-200/ Le déploiement fréquent, y compris le vendredi, est un indicateur de maturité technique et augmente la productivité globale. L'excellence technique est un atout stratégique indispensable pour livrer rapidement des produits de qualité. Une architecture pragmatique orientée services (SOA) facilite les déploiements indépendants et réduit la charge cognitive. L'isolation des services est cruciale : un développeur doit pouvoir tester son service localement sans dépendre de toute l'infrastructure. L'automatisation via Kubernetes et l'approche GitOps avec ArgoCD permettent des déploiements continus et sécurisés. Les feature flags et un système de permissions solide permettent de découpler le déploiement technique de l'activation fonctionnelle pour les utilisateurs. L'autonomie des développeurs est renforcée par des outils en self-service (CLI maison) pour gérer l'infrastructure et diagnostiquer les incidents sans goulot d'étranglement. Une culture d'observabilité intégrée dès la conception permet de détecter et de réagir rapidement aux anomalies en production. Accepter l'échec comme inévitable permet de concevoir des systèmes plus résilients capables de se rétablir automatiquement. "Vibe Coding" vs "Prompt Engineering" : l'IA et le futur du développement logiciel https://www.romenrg.com/blog/2025/12/25/vibe-coding-vs-prompt-engineering-ai-and-the-future-of-software-development/ L'IA est passée du statut d'expérimentation à celui d'infrastructure essentielle pour le développement de logiciels en 2025. L'IA ne remplace pas les ingénieurs, mais agit comme un amplificateur de leurs compétences, de leur jugement et de la qualité de leur réflexion. Distinction entre le "Vibe Coding" (rapide, intuitif, idéal pour les prototypes) et le "Prompt Engineering" (délibéré, contraint, nécessaire pour les systèmes maintenables). L'importance cruciale du contexte ("Context Engineering") : l'IA devient réellement puissante lorsqu'elle est connectée aux systèmes réels (GitHub, Jira, etc.) via des protocoles comme le MCP. Utilisation d'agents spécialisés (écriture de RFC, revue de code, architecture) plutôt que de modèles génériques pour obtenir de meilleurs résultats. Émergence de l'ingénieur "Technical Product Manager" capable d'abattre seul le travail d'une petite équipe grâce à l'IA, à condition de maîtriser les fondamentaux techniques. Le risque majeur : l'IA permet d'aller très vite dans la mauvaise direction si le jugement humain et l'expérience font défaut. Le niveau d'exigence global augmente : les bases techniques solides deviennent plus importantes que jamais pour éviter l'accumulation de dette technique rapide. Une revue de code en solo (Kent Beck) ! https://tidyfirst.substack.com/p/party-of-one-for-code-review?r=64ov3&utm_campaign=post&utm_medium=web&triedRedirect=true La revue de code traditionnelle, héritée des inspections formelles d'IBM, s'essouffle car elle est devenue trop lente et asynchrone par rapport au rythme du développement moderne. Avec l'arrivée de l'IA ("le génie"), la vitesse de production du code dépasse la capacité de relecture humaine, créant un goulot d'étranglement majeur. La revue de code doit évoluer vers deux nouveaux objectifs prioritaires : un "sanity check" pour vérifier que l'IA a bien fait ce qu'on lui demandait, et le contrôle de la dérive structurelle de la base de code. Maintenir une structure saine est crucial non seulement pour les futurs développeurs humains, mais aussi pour que l'IA puisse continuer à comprendre et modifier le code efficacement sans perdre le contexte. Kent Beck expérimente des outils automatisés (comme CodeRabbit) pour obtenir des résumés et des schémas d'architecture afin de garder une conscience globale des changements rapides. Même si les outils automatisés sont utiles, le "Pair Programming" reste irremplaçable pour la richesse des échanges et la pression sociale bénéfique qu'il impose à la réflexion. La revue de code solo n'est pas une fin en soi, mais une adaptation nécessaire lorsque l'on travaille seul avec des outils de génération de code augmentés. Loi, société et organisation Lego lance les Lego Smart Play, avec des Brique, des Smart Tags et des Smart Figurines pour faire de nouvelles constructions interactives avec des Legos https://www.lego.com/fr-fr/smart-play LEGO SMART Play : technologie réactive au jeu des enfants. Trois éléments clés : SMART Brique : Brique LEGO 2x4 "cerveau". Accéléromètre, lumières réactives, détecteur de couleurs, synthétiseur sonore. Réagit aux mouvements (tenir, tourner, taper). SMART Tags : Petites pièces intelligentes. Indiquent à la SMART Brique son rôle (ex: hélicoptère, voiture) et les sons à produire. Activent sons, mini-jeux, missions secrètes. SMART Minifigurines : Activées près d'une SMART Brique. Révèlent des personnalités uniques (sons, humeurs, réactions) via la SMART Brique. Encouragent l'imagination. Fonctionnement : SMART Brique détecte SMART Tags et SMART Minifigurines. Réagit aux mouvements avec lumières et sons dynamiques. Compatibilité : S'assemble avec les briques LEGO classiques. Objectif : Créer des expériences de jeu interactives, uniques et illimitées. Conférences La liste des conférences provenant de Developers Conferences Agenda/List par Aurélie Vache et contributeurs : 14-17 janvier 2026 : SnowCamp 2026 - Grenoble (France) 22 janvier 2026 : DevCon #26 : sécurité / post-quantique / hacking - Paris (France) 28 janvier 2026 : Software Heritage Symposium - Paris (France) 29-31 janvier 2026 : Epitech Summit 2026 - Paris - Paris (France) 2-5 février 2026 : Epitech Summit 2026 - Moulins - Moulins (France) 3 février 2026 : Cloud Native Days France 2026 - Paris (France) 3-4 février 2026 : Epitech Summit 2026 - Lille - Lille (France) 3-4 février 2026 : Epitech Summit 2026 - Mulhouse - Mulhouse (France) 3-4 février 2026 : Epitech Summit 2026 - Nancy - Nancy (France) 3-4 février 2026 : Epitech Summit 2026 - Nantes - Nantes (France) 3-4 février 2026 : Epitech Summit 2026 - Marseille - Marseille (France) 3-4 février 2026 : Epitech Summit 2026 - Rennes - Rennes (France) 3-4 février 2026 : Epitech Summit 2026 - Montpellier - Montpellier (France) 3-4 février 2026 : Epitech Summit 2026 - Strasbourg - Strasbourg (France) 3-4 février 2026 : Epitech Summit 2026 - Toulouse - Toulouse (France) 4-5 février 2026 : Epitech Summit 2026 - Bordeaux - Bordeaux (France) 4-5 février 2026 : Epitech Summit 2026 - Lyon - Lyon (France) 4-6 février 2026 : Epitech Summit 2026 - Nice - Nice (France) 5 février 2026 : Web Days Convention - Aix-en-Provence (France) 12 février 2026 : Strasbourg Craft #1 - Strasbourg (France) 12-13 février 2026 : Touraine Tech #26 - Tours (France) 19 février 2026 : ObservabilityCON on the Road - Paris (France) 6 mars 2026 : WordCamp Nice 2026 - Nice (France) 18-19 mars 2026 : Agile Niort 2026 - Niort (France) 20 mars 2026 : Atlantique Day 2026 - Nantes (France) 26 mars 2026 : Data Days Lille - Lille (France) 26-27 mars 2026 : SymfonyLive Paris 2026 - Paris (France) 26-27 mars 2026 : REACT PARIS - Paris (France) 27-29 mars 2026 : Shift - Nantes (France) 31 mars 2026 : ParisTestConf - Paris (France) 1 avril 2026 : AWS Summit Paris - Paris (France) 2 avril 2026 : Pragma Cannes 2026 - Cannes (France) 9-10 avril 2026 : AndroidMakers by droidcon - Paris (France) 16-17 avril 2026 : MiXiT 2026 - Lyon (France) 22-24 avril 2026 : Devoxx France 2026 - Paris (France) 23-25 avril 2026 : Devoxx Greece - Athens (Greece) 24-25 avril 2026 : Faiseuses du Web 5 - Dinan (France) 6-7 mai 2026 : Devoxx UK 2026 - London (UK) 22 mai 2026 : AFUP Day 2026 Lille - Lille (France) 22 mai 2026 : AFUP Day 2026 Paris - Paris (France) 22 mai 2026 : AFUP Day 2026 Bordeaux - Bordeaux (France) 22 mai 2026 : AFUP Day 2026 Lyon - Lyon (France) 29 mai 2026 : NG Baguette Conf 2026 - Paris (France) 5 juin 2026 : TechReady - Nantes (France) 5 juin 2026 : Fork it! - Rouen - Rouen (France) 6 juin 2026 : Polycloud - Montpellier (France) 11-12 juin 2026 : DevQuest Niort - Niort (France) 11-12 juin 2026 : DevLille 2026 - Lille (France) 12 juin 2026 : Tech F'Est 2026 - Nancy (France) 17-19 juin 2026 : Devoxx Poland - Krakow (Poland) 17-20 juin 2026 : VivaTech - Paris (France) 2 juillet 2026 : Azur Tech Summer 2026 - Valbonne (France) 2-3 juillet 2026 : Sunny Tech - Montpellier (France) 3 juillet 2026 : Agile Lyon 2026 - Lyon (France) 2 août 2026 : 4th Tech Summit on Artificial Intelligence & Robotics - Paris (France) 4 septembre 2026 : JUG Summer Camp 2026 - La Rochelle (France) 17-18 septembre 2026 : API Platform Conference 2026 - Lille (France) 24 septembre 2026 : PlatformCon Live Day Paris 2026 - Paris (France) 1 octobre 2026 : WAX 2026 - Marseille (France) 1-2 octobre 2026 : Volcamp - Clermont-Ferrand (France) 5-9 octobre 2026 : Devoxx Belgium - Antwerp (Belgium) Nous contacter Pour réagir à cet épisode, venez discuter sur le groupe Google https://groups.google.com/group/lescastcodeurs Contactez-nous via X/twitter https://twitter.com/lescastcodeurs ou Bluesky https://bsky.app/profile/lescastcodeurs.com Faire un crowdcast ou une crowdquestion Soutenez Les Cast Codeurs sur Patreon https://www.patreon.com/LesCastCodeurs Tous les épisodes et toutes les infos sur https://lescastcodeurs.com/

Amir (Co-Founder at Humblytics) shares how he builds an “AI-native” company by focusing less on shiny tools and more on change management: assessing AI fluency across roles, setting the right success metrics, and creating shared context so AI can reliably ship work. The big theme is convergence—engineering, product, and design are collapsing into tighter loops thanks to tools like Cursor, MCP connectors, and Figma Make. Amir demos workflows like: AI-generated context files + auto-updated documentation, scraping customer domains to infer ICPs, turning screenshots into layered Figma designs, then converting Figma to working React code in minutes, and even running an “AI co-founder” Slack bot that files Linear tickets and can hand work to agents.Timestamps0:00 Introduction0:06 Amir's stance: “no AI experts” — it's constant learning in a fast-changing field.1:59 Cursor as the unlock: not just coding, but PM/strategy/design work via MCPs.4:17 The real problem: AI adoption is mostly change management + fluency assessment.5:18 The AI fluency rubric (helper → automator → augmentor → agentic) and why it matters.8:13 Cursor analytics: measuring AI-generated code and usage across the team.9:24 “New code is ~99% AI-generated” + how they keep quality via tight review + incremental changes.10:58 Docs workflow: GitBook connected to repo → AI edits docs and pushes live fast.14:02 ICP building: export Stripe customers → scrape domains with Firecrawl → cluster personas.17:45 Hallucination in the wild: AI misclassifies a company; human correction loop matters.34:43 Wild move: they often design in code and use an AI-generated style guide to stay consistent.38:10 Best demo: screenshot → Figma Make → layered design → Figma MCP → React code in minutes.45:29 “AI co-founder” Slack bot (Pixel): turns a bug report into a Linear ticket and can hand off to agents.48:46 Amir's wish list: we “solved dev”; now we need Cursor for marketing/sales → path to $1M ARR.Tools & technologies mentionedCursor — AI-first IDE used for coding and product/design/strategy workflows; includes team analytics.MCP (Model Context Protocol) — “connector” layer (Anthropic-origin) that lets LLMs interface with external tools/services.ChatGPT — used as a common baseline tool; discussed in the context of prompting practices and workflows.Microsoft Copilot — referenced via the law firm incentive story; used as an example of “usage metrics” gone wrong.Anthropic (AI fluency framework) — inspiration source for the helper/automator/augmentor/agentic rubric.GitBook — documentation platform connected to the repo so docs can be updated and published quickly.Firecrawl (MCP) — agentic web scraper used to analyze customer domains and infer ICP/personas.Stripe — source of customer export data (domains) to build ICP clustering.Figma — design collaboration tool; used here with Make + MCP to move from design → code.Figma Make — feature to recreate UI from an image/screenshot into editable, layered designs.Figma MCP — connector that allows Cursor/LLMs to pull Figma components/designs and generate code.React — front-end framework used in the demo for generating functional UI components.Supabase — mentioned as part of a sample stack when generating a PRD.React Router — mentioned as part of the sample stack in PRD generation.Slack — where Amir runs internal agents (including the “AI co-founder” bot).Linear — project management tool used for creating tickets from Slack/agent workflows.CI/CD — their deployment/review pipeline; emphasized as the human accountability layer.Subscribe at⁠ thisnewway.com⁠ to get the step-by-step playbooks, tools, and workflows.

Cloud Posse holds LIVE "Office Hours" every Wednesday to answer questions on all things related to AWS, DevOps, Terraform, Kubernetes, CI/CD. Register at https://cloudposse.com/office-hoursSupport the show

In this episode, I was lucky enough to interview Ole Lensmar, co-founder and CTO of Testkube.Ole shares his unique perspective growing up across Germany, the US, and Sweden, and how those experiences shaped his adaptability and approach to entrepreneurship. He reflects on the differences between launching tech startups in Europe versus the United States, and why he believes the US remains a more mature market for scaling innovation. From his first ventures in the mid-90s to the creation of SoapUI, Ole explains how his passion for coding and solving practical problems led him to build tools that filled gaps in the QA and software testing space.Ole dives into the origins of Testkube, explaining its mission to decouple testing from CI/CD pipelines and empower QA teams with a centralized, cloud-native platform. He discusses the open-source model, the challenges of enterprise sales, and the evolution of his ideal customer profile. Ole also shares insights on how Testkube differentiates itself from CI/CD tools and cloud execution vendors, enabling companies to run unlimited tests at scale without infrastructure limitations.Explore how Ole Lensmar turned coding challenges into software solutions and shaped modern QA practices in this episode of The First Customer!Guest Info:Testkubehttps://testkube.io/Ole Lensmar's LinkedIn https://www.linkedin.com/in/olensmar/Connect with Jay on LinkedInhttps://www.linkedin.com/in/jayaigner/The First Customer Youtube Channelhttps://www.youtube.com/@thefirstcustomerpodcastThe First Customer podcast websitehttps://www.firstcustomerpodcast.comFollow The First Customer on LinkedInhttp://www.linkedin.com/company/the-first-customer-podcast/

Performance testing often fails for one simple reason: teams can't see where the slowdown actually happens. In this episode, we explore Locust load testing and why Python-based performance testing is becoming the go-to choice for modern DevOps, QA, and SRE teams. You'll learn how Locust enables highly realistic user behavior, massive concurrency, and distributed load testing — without the overhead of traditional enterprise tools. We also dive into: Why Python works so well for AI-assisted load testing How Locust fits naturally into CI/CD and GitHub Actions The real difference between load testing vs performance testing How observability and end-to-end tracing eliminate guesswork Common performance testing mistakes even experienced teams make Whether you're a software tester, automation engineer, or QA leader looking to shift-left performance testing, this conversation will help you design smarter tests and catch scalability issues before your users do.

Sebastian Graf explains the coming rise of AI native companies. He shares four safety pillars for autonomous firms: code freeze, CICD compliance, regulatory model training, and harm-reduction finance. The episode mixes technical detail, a real Anthropic experiment, and broad governance concerns about trust and social impact. Top 3 Key Learnings AI native company pillars: Four safety pillars: code freeze, CICD, regulatory RL training, and harm reduction mechanisms. Test and freeze code: Freeze codebases and run automated tests to ensure predictable behavior and regulatory compliance. Trust via cost and trials: Lower cost and stepwise use build trust; people try low-risk services first then adopt more. About Sebastian Graf Sebastian Graf describes himself as an engineer by profession, but an educator at heart. In his work as an engineer, he is driven by the belief that technology should lift everyone, enabling people to live extraordinary lives in extraordinary ways. He acknowledges that this is challenging in a world where many technologies are built with incentives that divide society, exploit the environment, and widen wealth inequality. Sebastian is committed to reversing these incentives. His mission is to empower imagination and drive the creation of a positive social, environmental, and technological future that he believes is entirely within reach. Sebastian's linkedin: https://www.linkedin.com/in/sebastiangraf1/ Chapters: 0:00 - Intro 0:35 - Business Transformation Pitch Overview 1:09 - Sebastian Graf's Background and Expertise 2:39 - Sebastian's Mission with AI Native Companies 4:37 - Defining AI Native Companies 8:33 - Four Pillars of AI Native Companies 18:35 - Anthropic's Vending Machine Experiment 22:24 - Engineering Resilience in AI Native Companies 26:31 - Building Trust in AI Native Operations 30:47 - Quickfire Round and Closing Thoughts 34:45 - Key Takeaways and Final Reflections Resources:   Please, hit the follow button and leave your feedback: Apple Podcast: https://www.cxgoalkeeper.com/apple Spotify: https://www.cxgoalkeeper.com/spotify About the host: Gregorio Uglioni is a seasoned transformation leader with over 15 years of experience shaping business and digital change, consistently delivering service excellence and measurable impact. As an Associate Partner at Forward, he is recognized for his strategic vision, operational expertise, and ability to drive sustainable growth. A respected keynote speaker and host of the well-known global podcast Business Transformation Pitch with the CX Goalkeeper, Gregorio energizes and inspires organizations worldwide with his customer-centric approach to innovation. Follow Gregorio Uglioni on Linkedin: https://www.linkedin.com/in/gregorio-uglioni/     Mostra meno  

Cloud Posse holds LIVE "Office Hours" every Wednesday to answer questions on all things related to AWS, DevOps, Terraform, Kubernetes, CI/CD. Register at https://cloudposse.com/office-hoursSupport the show

Topics covered in this episode: ty: An extremely fast Python type checker and LSP Python Supply Chain Security Made Easy typing_extensions MI6 chief: We'll be as fluent in Python as we are in Russian Extras Joke Watch on YouTube About the show Connect with the hosts Michael: @mkennedy@fosstodon.org / @mkennedy.codes (bsky) Brian: @brianokken@fosstodon.org / @brianokken.bsky.social Show: @pythonbytes@fosstodon.org / @pythonbytes.fm (bsky) Join us on YouTube at pythonbytes.fm/live to be part of the audience. Usually Monday at 10am PT. Older video versions available there too. Finally, if you want an artisanal, hand-crafted digest of every week of the show notes in email form? Add your name and email to our friends of the show list, we'll never share it. Brian #1: ty: An extremely fast Python type checker and LSP Charlie Marsh announced the Beta release of ty on Dec 16 “designed as an alternative to tools like mypy, Pyright, and Pylance.” Extremely fast even from first run Successive runs are incremental, only rerunning necessary computations as a user edits a file or function. This allows live updates. Includes nice visual diagnostics much like color enhanced tracebacks Extensive configuration control Nice for if you want to gradually fix warnings from ty for a project Also released a nice VSCode (or Cursor) extension Check the docs. There are lots of features. Also a note about disabling the default language server (or disabling ty's language server) so you don't have 2 running Michael #2: Python Supply Chain Security Made Easy We know about supply chain security issues, but what can you do? Typosquatting (not great) Github/PyPI account take-overs (very bad) Enter pip-audit. Run it in two ways: Against your installed dependencies in current venv As a proper unit test (so when running pytest or CI/CD). Let others find out first, wait a week on all dependency updates: uv pip compile requirements.piptools --upgrade --output-file requirements.txt --exclude-newer "1 week" Follow up article: DevOps Python Supply Chain Security Create a dedicated Docker image for testing dependencies with pip-audit in isolation before installing them into your venv. Run pip-compile / uv lock --upgrade to generate the new lock file Test in a ephemeral pip-audit optimized Docker container Only then if things pass, uv pip install / uv sync Add a dedicated Docker image build step that fails the docker build step if a vulnerable package is found. Brian #3: typing_extensions Kind of a followup on the deprecation warning topic we were talking about in December. prioinv on Mastodon notified us that the project typing-extensions includes it as part of the backport set. The warnings.deprecated decorator is new to Python 3.13, but with typing-extensions, you can use it in previous versions. But typing_extesions is way cooler than just that. The module serves 2 purposes: Enable use of new type system features on older Python versions. Enable experimentation with type system features proposed in new PEPs before they are accepted and added to the typing module. So cool. There's a lot of features here. I'm hoping it allows someone to use the latest typing syntax across multiple Python versions. I'm “tentatively” excited. But I'm bracing for someone to tell me why it's not a silver bullet. Michael #4: MI6 chief: We'll be as fluent in Python as we are in Russian "Advances in artificial intelligence, biotechnology and quantum computing are not only revolutionizing economies but rewriting the reality of conflict, as they 'converge' to create science fiction-like tools,” said new MI6 chief Blaise Metreweli. She focused mainly on threats from Russia, the country is "testing us in the grey zone with tactics that are just below the threshold of war.” This demands what she called "mastery of technology" across the service, with officers required to become "as comfortable with lines of code as we are with human sources, as fluent in Python as we are in multiple other languages." Recruitment will target linguists, data scientists, engineers, and technologists alike. Extras Brian: Next chapter of Lean TDD being released today, Finding Waste in TDD Still going to attempt a Jan 31 deadline for first draft of book. That really doesn't seem like enough time, but I'm optimistic. SteamDeck is not helping me find time to write But I very much appreciate the gift from my fam Send me game suggestions on Mastodon or Bluesky. I'd love to hear what you all are playing. Michael: Astral has announced the Beta release of ty, which they say they are "ready to recommend to motivated users for production use." Blog post Release page Reuven Lerner has a video series on Pandas 3 Joke: Error Handling in the age of AI Play on the inversion of JavaScript the Good Parts

Introducing Rob Ruiz Meet Rob Ruiz, a seasoned Senior Full Stack Developer with nearly two decades of expertise in WordPress innovation and open-source magic. As the Lead Maintainer of WP Rig since 2020, Rob has been the driving force behind this groundbreaking open-source framework that empowers developers to craft high-performance, accessible, and progressively enhanced WordPress themes with ease. WP Rig isn’t just a starter theme—it’s a turbocharged toolkit that bundles modern build processes, linting, optimization, and testing to deliver lightning-fast, standards-compliant sites that shine on any device. Show Notes For more on Rob and WP Rig, check out these links: LinkedIn Profile: https://www.linkedin.com/in/robcruiz WP Rig Official Site: https://wprig.io GitHub Repository: https://github.com/wprig/wprig Latest Releases: https://github.com/wprig/wprig/releases WP Rig 3.1 Announcement: https://wprig.io/wp-rig-3-1/ Transcript: Topher DeRosia: Hey everybody. Welcome to Hallway Chats. I’m your host Topher DeRosia, and with me today I have- Rob Ruiz: Rob Ruiz. Topher: Rob. You and I have talked a couple of times, once recently, and I learned about a project you’re working on, but not a whole lot about you. Where do you live? What do you do for a living? Rob: Yeah, for sure. Good question. Although I’m originally from Orlando, Florida, I’ve been living in Omaha, Nebraska for a couple of decades now. So I’m pretty much a native. I know a lot of people around here and I’ve been fairly involved in various local communities over the years. I’m a web developer. Started off as a graphic designer kind of out of college, and then got interested in web stuff. And so as a graphic designer turned future web developer, I guess, I was very interested in content management systems because it made the creating and managing of websites very, very easy. My first couple of sites were Flash websites, sites with macro media Flash. Then once I found content management systems, I was like, “Wow, this is way easier than coding the whole thing from scratch with Flash.” And then all the other obvious benefits that come from that. So I originally started with Joomla, interestingly enough, and used Joomla for about two or three years, then found WordPress and never looked back. And so I’ve been using WordPress ever since. As the years have gone on, WordPress has enabled me to slowly transition from a more kind of web designer, I guess, to a very full-blown web developer and software engineer, and even software architect to some degree. So here we are many years later. Topher: There’s a big step from designer to developer. How did that go for you? I’m assuming you went to PHP. Although if you were doing Flash sites, you probably learned ActionScript. Rob: Yeah. Yeah. That was very convenient when I started learning JavaScript. It made it very easy to learn JavaScript faster because I already had a familiarity with ActionScript. So there’s a lot of similarities there. But yeah. Even before I started doing PHP, I started learning more HTML and CSS. I did do a couple of static websites between there that were just like no content management system at all. So I was able to kind of sharpen my sword there with the CSS and HTML, which wasn’t particularly hard. But yeah, definitely, the PHP… that was a big step was PHP because it’s a proper logical programming language. There was a lot there I needed to unpack, and so it took me a while. I had to stick to it and really rinse and repeat before I finally got my feet under me. Topher: I can imagine. All right. So then you work for yourself or you freelance or do you have a real job, as it were? Rob: Currently, I do have a real job. Currently, I’m working at a company called Bold Orange out of Minneapolis. They’re a web agency. But I kind of bounce around from a lot of different jobs. And then, yes, I do freelance on the side, and I also develop my own products as well for myself and my company. Topher: Cool. Bold Orange sounds familiar. Who owns that? Rob: To be honest, I don’t know who the owners are. It’s just a pretty big web agency out of Minneapolis. They are a big company. You could just look them up at boldorange.com. They work for some pretty big companies. Topher: Cool. All right. You and I talked last about WP Rig. Give me a little background on where that came from and how you got it. Rob: Yeah, for sure. Well, there was a period of time where I was working at a company called Proxy Bid that is in the auction industry, and they had a product or a service — I don’t know how you want to look at that —called Auction Services. That product is basically just building WordPress sites for auction companies. They tasked us with a way to kind of standardize those websites essentially. And what we realized is that picking a different theme for every single site made things difficult to manage and increase tech debt by a lot. So what we were tasked with was, okay, if we’re going to build our own theme that we’re just going to make highly dynamic so we can make it look different from site to site. So we want to build it, but we want to build it smart and we want to make it reusable and maintainable. So let’s find a good framework to build this on so that we can maintain coding standards and end up with as little tech debt as possible, essentially. That’s when I first discovered WP Rig. In my research, I came across it and others. We came across Roots Sage and some of the other big names, I guess. It was actually a team exercise. We all went out and looked for different ones and studied different ones and mine that I found was WP Rig. And I was extremely interested in that one over the other ones. Interestingly enough- Topher: Can you tell me why over the other ones? Rob: That’s a great question. Yeah. I really liked the design patterns. I really liked the focus on WordPress coding standards. So having a system built in that checked all the code against WordPress coding standards was cool. I loved the compiling transpiling, whatever, for CSS and JavaScript kind of built in. That sounded really, really interesting. The fact that there was PHP unit testing built into it. So there’s like a starter testing framework built in that’s easy to extend so that you can add additional unit tests as your theme grows. We really wanted to make sure… because we were very into CICD pipelines. So we wanted to make sure that as developers were adding or contributing to any themes that we built with this, that we could have automated tests run and automated builds run, and just automate as much as possible. So WP rig just seemed like something that gave us those capabilities right out of the box. So that was a big thing. And I loved the way that they did it. Roots Sage does something similar, but they use their blade templating engine built in there. We really wanted to stick to something that was a bit more standard WordPress so that there wasn’t like a large knowledge overhead so that we didn’t have to say like, okay, if we’re bringing on other developers, like junior developers work on it, oh, it would be nice if you use Laravel too because we use this templating engine in all of our themes. We didn’t want to have to worry about that essentially. It was all object-oriented and all that stuff too. That’s what looked interesting to me. We ended up building a theme with WP Rig. I don’t know what they ended up doing with it after that, because I ended up getting let go shortly thereafter because the company had recently been acquired. Also, this was right after COVID too. So there was just a lot of moving parts and changing things at the time. So I ended up getting let go. But literally a week after I got let go, I came across a post on WP Tavern about how this framework was looking for new maintainers. Basically, this was a call put out by Morton, the original author of WP Rig. He reached out to WP Tavern and said, “Look, we’re not interested in maintaining this thing anymore, but it’s pretty cool. We like what we’ve built. And so we’re looking for other people to come in and adopt it essentially.” So I joined a Zoom meeting with a handful of other individuals that were also interested in this whole endeavor, and Morton reached out to me after the call and basically just said, “I looked you up. I liked some of the input that you had during the meeting. Let’s talk a little bit more.” And then that eventually led to conversations about me essentially taking the whole project over entirely. So, the branding, the hosting of the website, being lead maintainer on the project. Basically, gave me the keys to the kingdom in terms of GitHub and everything. So that’s how it ended up going in terms of the handoff between Morton and I. And I’m very grateful to him. They really created something super cool and I was honored to take it over and kind of, I don’t know, keep it going, I guess. Topher: I would be really curious. I don’t think either of us have the answer. I’d be curious to know how similar that path is to other project handoffs. It’s different from like an acquisition. You didn’t buy a plugin from somebody. It was kind of like vibes, I guess. Rob: It was like vibes. It was very vibey. I guess that’s probably the case in an open source situation. It’s very much an open source project. It’s a community-driven thing. It’s for everybody by everybody. I don’t know if all open source community projects roll like that, but that’s how this one worked out. There was some amount of ownership on Morton’s behalf. He did hire somebody to do the branding for WP Rig and the logo. And then obviously he was paying for stuff like the WPrig.io domain and the hosting through SiteGround and so on and so forth. So, we did have to transfer some of that and I’ve taken over those, I guess, financial burdens, if you want to think of it like that. But I’m totally okay with it. Topher: All right. You sort of mentioned some of the things Rig does, compiling and all that kind of stuff. Can you tell me… we didn’t discuss this before. I’m sitting at my desk and I think I want a website. How long does it take to go from that to looking at WordPress and logging into the admin with Rig? Rob: Okay. Rig is not an environment management system like local- Topher: I’m realizing my mistake. Somebody sends me a design in Figma. How long does it take me to go from that to, I’m not going to say complete because I mean, that’s CSS, but you know, how long does it take me to get to the point where I’m looking at a theme that is mine for the client that I’m going to start converting? Rob: Well, if you’re just looking for a starting point, if you’re just like, okay, how long does it take to get to like, okay, here’s my blank slate and I’m ready to start adopting all of these rules that are set up in Figma or whatever, I mean, you’re looking at maybe 5 minutes, 10 minutes, something like that. It’s pretty automated. You just need some simple knowledge of Git. And then there are some prerequisites to using WP Rig. You do have to have composer installed because we do leverage some Composer packages to some of it, although to be honest, you could probably get away with not using Composer. You just have to be okay with sacrificing some of the tools the WP Rig assumes you’re going to have. And then obviously Node. You have to have Node installed. A lot of our documentation assumes that you have NPM, that you’re using NPM for all your Nodes or your package management. But we did recently introduce support for Bun. And so you can use Bun instead of NPM, which is actually a lot faster and better in many ways. Topher: Okay. A lot of my audience are not developers, users, or light developers, like they’ll download a theme, hack a template, whatever. Is this for them? Am I boring those people right now? Rob: That’s a great question. I mean, and I think this is an interesting dichotomy and paradigm in the WordPress ecosystem, because you’ve got kind of this great divide. At least this is something I’ve noticed in my years in the WordPress community is you have many people that are not coders or developers that are very interested in expanding their knowledge of WordPress, but it’s strictly from a more of a marketing perspective where it’s like, I just want to know how to build websites with WordPress and how to use it to achieve my goals online from a marketing standpoint. You have that group of people, and then you have this other group of people that are very developer centric that want to know how to extend WordPress and how to empower those other people that we just discussed. Right? Topher: Right. Rob: So, yeah, that’s a very good question. I would say that WP Rig is very much designed for the developers, not for the marketers. The assumption there is that you’re going to be doing some amount of coding. Now, can you get away with doing a very light amount of coding? Yes. Yes, you can. I mean, if you compare what you’re going to get out of that assumed workflow to something that you would get off like Theme Forest or whatever, it’s going to be a night and day difference because those theme, Forest Themes, have hours, hundreds, sometimes hundreds of hours of development put into them. So, you’re not going to just out of the box immediately get something that is comparable to that. Topher: You need to put in those hundreds of hours of development to make a theme. Rob: As of today, yes. That may change soon though. Topher: Watch this space. Rob: That’s all I’ll say. Topher: Okay. So now we know who it’s for. I’m assuming there’s a website for it. What is it? Rob: Yeah. If you go to WPrig.io, we have a homepage that shows you all the features that are there in WP Rig. And then there’s a whole documentation area that helps people get up and running with WP Rig because there is a small learning curve there that’s pretty palatable for anybody who’s familiar with modern development workflows. So that is a thing. So the type of person that this is designed for anybody that wants to make a theme for anything. Let’s say you’re a big agency and you pull in a big client and that client wants something extremely custom and they come to you with Figma designs. Sure, you could go out there and find some premium theme and try to like child theme and overhaul that if you want. But in many situations, I would say in most situations, if you’re working from a Figma design that’s not based off of another theme already that’s just kind of somebody else’s brainchild, then you’re probably going to want to start from scratch. And so the idea here is that this is something to replace an approach, like underscores an approach. Actually, WP Pig was based off of underscores. The whole concept of it, as Morton explained it to me, was that he wanted to build an underscores that was more modern and full-featured from a development standpoint. Topher: Does it have any opinions about Gutenberg? Rob: It does now, but it did not when I took it over because Gutenberg did not exist yet when I took over WP Rig. Topher: Okay. What are its opinions? Rob: Yeah, sure. The opinion right out of the gate is that you can use Gutenberg as an editor and it has support like CSS rules in it for the standard blocks. So you should be able to use regular Gutenberg blocks in your theme and they should look just fine. There’s no resets in there. It doesn’t start from scratch. There’s not a bunch of styling you have to do for the blocks necessarily. Now, if you go to the full site editing or block-based mentality here, there are some things you need to do in WP Rig to convert the out-of-the-box WP Rig into another paradigm essentially. Right when you pull WP Rig, the assumption is you’re building what most people would refer to as a hybrid theme. The theme supports API or whatever, and the assumption is that you’re not going to be using the site editor. You’re just going to kind of do traditional WordPress, but you might be using Gutenberg for your content. So you’re just using Gutenberg kind of to author your pages and your posts and stuff like that, but not necessarily the whole site. WP Rig has the ability to kind of transform itself into other paradigms. So the first paradigm we built out was the universal theme approach. And the idea there is that you get a combination of the full site editing capabilities. But then you also have the traditional menu manager and the settings customizer framework or whatever is still there, right? These are things that don’t exist in a standard block-based theme. So I guess an easy example would be like the 2025 WordPress theme that comes right out of the box. It comes installed in WordPress. That is a true block-based theme, not a universal theme. So it doesn’t have those features because the assumption there is that it doesn’t need those features. You can kind of transform WP Rig into a universal theme that’s kind of a hybrid between a block-based and a classic theme. And then it can also transform into a strictly block-based theme as well. So following the same architecture as like the WordPress 2025 theme or Ollie or something like that is also a true block-based theme as well. So you can easily convert or transform the starting point of WP Rig into either of those paradigms if that’s the type of theme you’re setting out to build. Topher: Okay. That sounds super flexible. How much work is it to do that? Rob: It’s like one command line. Previously we had some tutorials on the website that showed you step-by-step, like what you needed to change about the theme to do that. You would have to add some files, delete some files, edit some code, add some theme supports into the base support class and some other stuff. I have recently, as of like a year and a half ago or a year ago, created a command line or a command that you can type into the command line that basically does that entire conversion process for you in like the blink of an eye. It takes probably a second to a second and a half to perform those changes to the code and then you’re good to go. It is best to do that conversion before you start building out your whole theme. It’s not impossible to do it after. But you’re more likely to run into problems or conflicts if you’ve already set out building your whole theme under one paradigm, and then you decide how the project you want to switch over to block-based or whatever. You’re likely to run into the need to refactor a bunch of stuff in that situation. So it is ideal to make that choice extremely early on in the process of developing your theme. But either way it’ll still work. That’s just one of the many tools that exist in WP Rig to transform it or convert it in several ways. That’s just one example. There are other examples of ways that Rig kind of converts itself to other paradigms as well. Topher: Yeah. All right. In my development life, I’ve had two parts to it. And one is the weekend hobbyist, or I download cadence and I whip something up in 20 minutes because I just want to experiment and the other is agency life where everything’s in Git, things are compiled, there are versions, blah, blah, blah. This sounds very friendly to that more professional pathway. Rob: Absolutely. Yes. Or, I mean, there’s another situation here too. If you’re a company who develops themes and publishes them to a platform like ThemeForest or any other platform, perhaps you’re selling themes on your own website, whatever, if you’re making things for sale, there’s no reason you couldn’t use WP Rig to build your themes. We have a bundle process that bundles your theme for publication or publishing. Whether you’re an agency or whether you’re putting your theme out for sale, it doesn’t matter, during that bundle process, it does actually white label the entire code base to where there’s no mention of WP Rig in the code whatsoever. Let’s say you were to build a theme that you wanted to put up for sale because you have some cool ideas. Say, page transitions now are completely supported in all modern or in most modern browsers. And when I say print page transitions, for those that are in the know, I am talking about not single page app page transitions, but through website page transitions. You can now do that. Let’s say you were like, “Hey, I’m feeling ambitious and I want to put out some new theme that comes with these page transitions built in,” and that’s going to be fancy on ThemeForest when people look at my demo, people might want to buy that. You could totally use WP Rig to build that out into a theme and the bundle process will white label all of the code. And then when people buy your theme and download that code, if they’re starting to go through and look through your code, they’re not going to have any way of knowing that it was built with WP Rig unless they’re familiar with the base WP Rig architecture, like how it does its object-oriented programming. It might be familiar with the patterns that it’s using and be able to kind of discern like, okay, well, this is the same pattern WP Rig uses, so high likelihood it was built with WP Rig. But they’re not going to be able to know by reading through the code. It’s not going to say WP Rig everywhere. It’s going to have the theme all over the place in the code. Topher: Okay. So then is that still WP Rig code? It just changed its labels? Rob: Yeah. Topher: So, it’s not like you’re exporting HTML, CSS and JavaScript? The underlying Rig framework is still there. Rob: Yeah. During the bundle process, it is bundling CSS and HTML. Well, HTML in the case of a block-based theme. But, yeah, it is bundling your PHP, your CSS, your JavaScript into the theme that you’re going to let people download when they buy it, or that you’re going to ship to your whatever client’s website. But all that code is going to be transpiled. In the case of CSS and JavaScript, there’s only going to be minified versions of that code in that theme. The source code is not actually going to be in there. Topher: This sounds pretty cool. You mentioned some stuff might be coming. You don’t have to tell me what it is, but do you have a timeline? When should we be watching for the next cool thing from Rig? Rob: Okay, cool. Well, I’m going to keep iterating on Rig forever. Regardless of any future products that might be built on WP Rig, WP Rig will always and forever remain an open source product for anybody to use for free and we, I, and possibly others in the future will continue to update it and support it over time. We just recently put out 3.1. You could expect the 3.2 anytime in the next six months to a year, probably closer to six months. One feature I’m looking at particularly closely right now is the new stuff coming out in version 6.9 of WordPress around the various APIs that are there. I think one of them is called the form… There’s a field API and a form API or view API or something like that. So WP Rig comes with a React-based settings framework in it. So if you want your theme to have a bunch of settings in it to make it flexible for whoever buys your theme, you can use this settings framework to easily create a bunch of fields, and then that framework will automatically manage all your fields and store all the data from those fields and make it easy to retrieve the values of the input on those fields, without knowing any React at all. Now, if you know React, you can go in there and, you know, embellish what’s already there, but it takes a JSON approach. So if you just understand JSON, you can go in and change the JSON for the framework, and that will automatically add fields into the settings framework. So you don’t even have to know React to extend the settings page if you want. That will likely get an overhaul using these new APIs being introduced into Rig. Topher: All right. How often have you run into something where, “Oh, look, WordPress has a new feature, I need to rebuild my system”? Rob: Over the last four or five years, it’s happened a lot because, yeah, I mean, like I said, when I first took this thing over, Gutenberg had not even been introduced yet. So, you had the introduction of Gutenberg and blocks. That was one thing. Then this whole full site editing became a thing, which later became the site editor. So that became a whole thing. Then all these various APIs. I mean, it happens quite frequently. So I’ve been working to keep it modern and up to date over the past four years and it’s been an incredible learning experience. It not only keeps my WordPress knowledge extremely sharp, but I’ve also learned how various other toolkits are built. That’s been the interesting thing. From a development standpoint, there’s two challenges here. One of the challenges is staying modern on the WordPress side of things. For instance, WordPress coding standards came out with a version 3 and then a version 3.1 about two years ago. I had to update WP Rig to leverage those modern coding standards. So that’s one example is as WordPress changes, the code in WP Rig also needs to change. Or for instance, if new CSS standards change, right, new CSS properties come out, it is ideal for the base CSS in WP Rig, meaning the CSS that you get right out of the box with it, comes with some of these, for instance, CSS grid, Flexbox, stuff like that. If I was adopting a theme framework to build a theme on, I would expect some of that stuff to be in there. And those things were extremely new when I first took over WP Rig and were not all baked in there essentially. So I’ve had to add a lot of that over time. Now there’s another side to this, which is not just keeping up with WordPress and CSS and PHP, 8. whatever, yada yada yada. You’ve also got the toolkit. There are various node packages and composer packages of power WP Rig and the process in which it does the transpiling, the bundling, the automated manipulation of your code during various aspects of the usage of WP Rig is a whole nother set of challenges because now you have to learn concepts like, well, how do I write custom node scripts? Right? Like there were no WP CLI commands built into WP Rig when I first took it over. Now there’s a whole list. There’s a whole library of WP CLI commands that come in Rig right out of the gate. And so I’ve had to learn about that. So just various things that come with knowing how do you automate the process of converting code, that’s something that was completely foreign to me when I first took over WP Rig. That’s been another incredible learning experience is understanding like what’s the difference between Webpack and Gulp. I didn’t know, right? I would tell people I’m using Gulp and WP Rig and they would be like, “Well, why don’t you just use Webpack?” and I would say, “I don’t know. I don’t know what the difference is.” So over time I could figure out what are the differences? Why aren’t we using Webpack? And I’m glad I spent some time on that because it turns out Webpack is not the hottest thing anymore, so I just skipped right over all that. When I overhauled for version 3, we’re now not using Gulp anymore as of 3.1. We’re now using more of a Vite-like process, far more modern than Webpack and far better and faster and sleeker and lighter. I had to learn a bunch about what powers Vite. What is Vite doing under the hood that we might be able to also do in WP Rig, but do it in a WordPress way. Because Vite is a SaaS tool. If you’re building a SaaS, like React with a… we’re not a SaaS. I guess a spa is a better term to use here. If you’re building a single page application with React or view or belt or whatever, right, then knowing what Vite is and just using Vite right out of the box is perfect. But it doesn’t translate perfectly to WordPress land because WordPress has its own opinions. And so I did have to do some dissecting there and figure out what to keep and what to not keep to what to kind of set aside so that WordPress can keep doing what WordPress does the way WordPress likes to do it, but also improve on how we’re doing some of the compiling and transpiling and the manipulation of the code during these various. Topher: All right. I want to pivot a little bit to some personal-ish questions. Rob: Okay. Topher: This is a big project. I’m sure it takes up plenty of your time. How scalable is that in your life? Do you want to do this for the rest of your life? Rob: That’s a fantastic question. I don’t know about the rest of my life. I mean, I definitely want to do web development for the rest of my life because the web has, let’s be honest, it’s transformed everyone’s way of life, whether you’re a web developer or not. You know, the fact that we have the internet in our pocket now, you know, it has changed everything. Apps, everything. It’s all built on the web. So I certainly want to be involved in the web the rest of my life. Do I want to keep doing WordPress the rest of my life? I don’t know. Do I want to keep doing WP Rig the rest of my life? I don’t know. But I will say that you bring up a very interesting point, which is it does take up a lot of time and also trust in open source over the past four or five years I would argue has diminished a little bit as a result of various events that have occurred over the past two or three years. I mean, we could cite the whole WP Engine Matt Mullerwig thing. We can also cite what’s going on with Oracle and JavaScript. Well, I mean, there’s many examples of this. I mean, we can cite the whole thing that happened… I mean, there’s various packages out there that are used and developed and open source to anybody, and some of them are going on maintained and it’s causing security vulnerabilities and degradation and all this stuff. So it’s a very important point. One thing I started thinking about after considering that in relation to WP Rig was I noticed that there’s usually a for-profit arm of any of these frameworks that seems to extend the lifespan of it. Let’s just talk about React, for example, React is an open source JavaScript framework, but it’s used by Facebook and Facebook is extremely for-profit. So companies that are making infrastructural or architectural decisions, they will base their choice on whether or not to use a framework largely on how long they think this framework is going to remain relevant or valid or maintained, right? A large part of that is, well, is there a company making money off of this thing? Because if there is, the chances- Topher: They’re going to keep doing that. Rob: They’re going to keep doing it. It’s going to stay around. That’s good. I think that’s healthy. A lot of people that like open source and want everything to be free, they might look at something like that and say like, well, I don’t want you to make a paid version of it or there shouldn’t be a pro version. I think that’s a very short-sighted way of looking at that software and these innovations. I think a more experienced way of looking at it is if you want something to remain relevant and maintained for a long period of time, having a for-profit way in which it’s leveraged is a very good thing. I mean, let’s be real. Would WordPress still be what it is today if there wasn’t a wordpress.com or if WooCommerce wasn’t owned by Automattic or whatever, right? They’ll be on top. I mean, it’s obviously impossible to say, but my argument would be, probably not. I mean, look at what’s happened to the other content management systems out there. You know, Joomla Drupal. They don’t really have a flourishing, you know, paid pro service that goes with their thing that’s very popular, at least definitely not as popular as WordPress.com or WordPress VIP or some of these other things that exist out there. And so having something that’s making and generating money that can then contribute back into it the way Automattic has been doing with WordPress over these years has, in my opinion, been instrumental. I mean, people can talk smack about Gutenberg all they want, but let’s be real, it’s 2025, would you still feel that WordPress is an elegant solution if we were still working from the WYSIWYG and using the classic editor? And I know a lot of people are still using the classic editor and there’s classic for us, the fork and all that stuff. But I mean, that only makes sense in a very specific implementation of WordPress, a very specific paradigm. If you want to explore any of these other paradigms out there, that way of thinking about WordPress kind of falls apart pretty quickly. I, for one, am happy that Gutenberg exists. I’m very happy that Automattic continues. And I’m grateful, actually, that Automattic continues to contribute back into WordPress. And not just them, obviously there’s other companies, XWP, 10Up, all these other companies are also contributing as well. But I’m very grateful that this ecosystem exists and that there’s contribution going back in and it’s happening from companies that are making money with this. And I think that’s vital. All that to say that WP Rig may and likely will have paid products in the future that leverage WP Rig. So that’s not to say that WP Rig will eventually cost money. That’s just to say that eventually people can expect other products to come out in the future that will be built on WP Rig and incentivize the continued contributions back into WP Rig. The open source version of WP Rig. Topher: That’s cool. I think that’s wise. If you want anything to stay alive, you have to feed it. Rob: That’s right. Topher: I had some more questions but I had forgotten them because I got caught up in your answer. Rob: Oh, thank you. I’ll take that as a compliment. I mean, my answer was eloquent. But I’m happy to expand on anything, know you, WordPress related, me related, you know, whether it comes to the ecosystem in WordPress, the whole WordCamp meetup thing is very interesting. I led the WP Omaha meetup for many years here in Omaha, Nebraska and I also led the WordCamp, the organizing of WordCamp here in Omaha for several years as well. That whole community, the whole ecosystem, at least in America seems to have largely fallen apart. I don’t know if you want to talk about that at all. But yeah, I’m ready to dive into any topics. Topher: I’m going to have one more question and then we’re going to wrap up. And it was that you were talking about all the things you had to learn. I’m sure there were nights where you were looking at your computer thinking, “Oh man, I had it working, now I gotta go learn a new thing.” I would love for you to go back in time and blog all of that if you would. But given that you can’t, I would be interested in a blog moving forward, documenting what you’re learning, how you’re learning it and starting maybe with a post that’s summarizes all of that. Obviously, that’s up to you and how you want to spend your time, but I think it’d be really valuable to other people starting a project, picking up somebody else’s project to see what the roadmap might look like. You know what I mean? Rob: For sure. Well, I can briefly summarize what I’ve learned over the years and where I’m at today with how I do this kind of stuff. I will say that a lot of the improvements to WP Rig that have happened over the last year or two would not be possible without the advent of AI. Topher: Interesting. Rob: That’s a fancy way of saying that I have been by coding a lot of WP Rig lately. If you know how to use AI, it is extremely powerful and it can help you do many things very quickly that previously would have taken much longer or more manpower. So, yeah, perhaps if there was like five, six, seven people actively, excuse me, actively contributing to WP Rig, then this type of stuff would have been possible previously, but that’s not the case. There is one person, well, one main contributor to WP Rig today and you’re talking to them. There are a handful of other people that have been likely contributing to WP Rig over the versions and you can find their contributions in the change log file in WP Rig. But those contributions have been extremely light compared to what I’ve been doing. I wouldn’t be able to do any of it without AI. I have learned my ability to learn things extremely rapidly has ramped up tenfold since I started learning how to properly leverage LLMs and AI. So that’s not to say that like, you know, WP Rig, all the code is just being completely written by AI and I’m just like. make it better, enter, and then like WP Rig is better. I wish it was that easy. It’s certainly not that. But when I needed to start asking some of these vital questions that I really didn’t have anyone to turn to to help answer them, I was able to turn to AI. For instance, let’s go back to the Webpack versus Gulp situation. Although Gulp is no longer used in WP Rig, you know, it was used in WP Rig until very recently. So I had to understand like, what is this system, how does it work, how do I extend it and how do I update it and all these things, right? And why aren’t we using WebPack and you know, is there validity to this criticism behind you should use webpack instead of Gulp or whatever, right? I was able to use AI to ask these questions and be able to get extremely good answers out of it and give me the direction I needed to make some of these kind of higher level decisions on like architecturally where should WP Rig go? It was through these virtual conversations with LLMs that I was able to refine the direction of WP Rig in a direction that is both modern and forward-thinking and architecturally sound. I learned a tremendous amount from AI about the architecture, about the code, about all of it. My advice to anybody that wants to extend their skill set a little bit in the development side of things is to leverage this new thing that we have in a way that is as productive as possible for you. So that’s going to vary from person to person. But for me, if I’m on a flight or if I’m stuck somewhere for a while, like, let’s say I got to take my kid to practice or something and I’m stuck there for an hour and I got to find some way to kill my time 9 times out of 10, I’m on my laptop or on my phone having conversations with Grok or ChatGPT or Gemini or whatever. I am literally refining… I’m just sitting there asking it questions that are on my mind that I wish I could ask somebody who’s like 10 times more capable than me. It has been instrumental. WP Rig wouldn’t be where it is today if it wasn’t for that. I would just say to anybody, especially now that it’s all on apps and you don’t have to be on a browser anymore, adopt that way of thinking. You know, if you’re on your lunch break or whatever and you have an hour lunch break and you only take 15 minutes to eat, what could you be doing with those other 45 minutes? You could just jump on this magical thing that we have now and start probing it for questions. Like, Hey, here’s what I know. Here’s what I don’t know. Fill these knowledge gaps for me.” And it is extremely good at doing that. Topher: So my question was, can you blog this and your answer told me that there’s more there that I want to hear. That’s the stuff that should be in your book when you write your book. Rob: I’m flattered that you would be interested in reading anything that I write. So thank you. I’ve written stuff in the past and it hasn’t gotten a lot of attention. But I also don’t have any platforms to market it either. But yeah, no, I made some… I’m sorry. Topher: I think your experience is valuable far beyond Rig or WordPress. If you abstract it out of a particular project to say, you know, I did this with a project, I learned this this way, I think that would be super valuable. Rob: Well, I will say that recently at my current job, I was challenged to create an end to end testing framework with Playwright that would speed up how long it takes to test things and also prevent, you know, to make things fail earlier, essentially, to prevent broken things from ending up in the wild, right, and having to catch them the hard way. I didn’t know a lot about Playwright, but I do know how toolkits work now because of WP Rig. And I was able to successfully in a matter of, I don’t know, three days, put together a starter kit for a test framework that we’re already using at work to test any website that we create for any client. It can be extended and it can be hooked into any CI CD pipeline and it generates reports for you and it does a whole bunch of stuff. I was able to do this relatively quickly. This knowledge, yes, does come in handy in other situations. Will I end up developing other toolkits like WP Rig in the future for other things? I guess if I can give any advice to anybody listening out there, another piece of advice I would give people is, you know, especially if you’re a junior developer and you’re still learning or whatever, or you’re just a marketing person and just want to have more control over the functionality side of what you’re creating or more insight into that so you could better, you know, manage projects or whatever. My advice would be to take on a small little project that is scoped relatively small that’s not too much for you to chew and go build something and do it with… Just doing that will be good. But if you can do it with the intent to then present it in some fashion, whether it be a blog article or creating a YouTube video or going to a meetup and giving a talk on it or even a lunch and learn at work or whatever, right, that will, in my experience, it will dramatically amplify how much you learn from that little pet project that’s kind of like a mini learning experience. And I highly encourage anybody out there to do that on the regular. Actually, no matter what your experience level is in development, I think you should do these things on a regular basis. Topher: All right. I’m going to wrap this up. I got to get back to work. You probably have to get back to work. Rob: Yeah. Topher: Thanks for talking. Rob: Thanks for having me, Topher. Really appreciate it. Topher: Where could people find you? WPrig.io?  Rob: Yeah, WPrig.io. WP rig has accounts on all of the major platforms and, even on Bluesky and Mastodon. You can look me up, Rob Ruiz. You can find me on LinkedIn. You can find me on all of those same platforms as well. You can add me on Facebook if you want, whatever. And I’m also in the WordPress Slack as well as Rob Ruiz. You can find me in the WordPress Slack. And then I’m on the WordPress Reddit and all that stuff. So yeah, reach out. If anybody wants to have any questions about Rig or anything else, I’m happy to engage.  Topher: Sounds good. All right, I’ll see you. Rob: All right, thanks, Topher. Have a good day. Topher: This has been an episode of the Hallway Chats podcast. I’m your host Topher DeRosia. Many thanks to our sponsor Nexcess. If you’d like to hear more Hallway Chats, please let us know on hallwaychats.com.

Cloud Posse holds LIVE "Office Hours" every Wednesday to answer questions on all things related to AWS, DevOps, Terraform, Kubernetes, CI/CD. Register at https://cloudposse.com/office-hoursSupport the show

This is a special episode, highlighting a session from ELC Annual 2025! OpenAI evolved from a pure research lab into the fastest-growing product in history, scaling from 100 million to 700 million weekly users in record time. In this episode, we deconstruct the organizational design choices and cultural bets that enabled this unprecedented velocity. We explore what it means to hire "extreme generalists," how AI-native interns are redefining productivity, and the real-time trade-offs made during the world's largest product launches. Featuring Sulman Choudhry (Head of ChatGPT Engineering) and Samir Ahmed (Technical Lead), moderated by Lawrence Bruhmeller (Eng Management @ Sigma). ABOUT SULMAN CHOUDHRYSulman leads ChatGPT Engineering at OpenAI, driving the development and scaling of one of the world's most impactful AI products. He pushes the boundaries of innovation by turning cutting‑edge research into practical, accessible tools that transform how people interact with technology. Previously at Meta, Sulman founded and scaled Instagram Reels, IGTV, and Instagram Labs, and helped lead the early development of Instagram Stories.He also brought MetaAI to Instagram and Messenger, integrating generative AI into experiences used by billions. Earlier in his career, Sulman was on the founding team that built and launched UberEATS from the ground up, helping turn it into a global food delivery platform. With a track record of marrying technical vision, product strategy, and large‑scale execution, Sulman focuses on building products that meaningfully change how people live, work, and connect.ABOUT SAMIR AHMEDSamir is the Technical Lead for ChatGPT at OpenAI, where he currently leads the Personalization and Memory efforts to scale adaptive, useful, and human-centered product experiences to over 700 million users. He works broadly across the OpenAI stack—including mobile, web, services, systems, inference, and product research infrastructure.Previously, Samir spent nine years at Snap, working across Ads, AR, Content, and Growth. He led some of the company's most critical technical initiatives, including founding and scaling the machine learning platform that powered nearly all Ads, Content, and AR workloads, handling tens of billions of requests and trillions of inferences daily.ABOUT LAWRENCE BRUHMELLERLawrence Bruhmuller has over 20 years of experience in engineering management, much of it as an overall head of engineering. Previous roles include CTO/VPE roles at Great Expectations, Pave, Optimizely, and WeWork. He is currently leading the core query compiler and serving teams at Sigma Computing, the industry leading business analytics company.Lawrence is passionate about the intersection of engineering management and the growth stage of startups. He has written extensively on engineering leadership (https://lbruhmuller.medium.com/), including how to best evolve and mature engineering organizations before, during and after these growth phases. He enjoys advising and mentoring other engineering leaders in his spare time.Lawrence holds a Bachelors and Masters in Mathematics and Engineering from Harvey Mudd College. He lives in Oakland, California, with his wife and their three daughters. This episode is brought to you by Span!Span is the AI-native developer intelligence platform bringing clarity to engineering organizations with a holistic, human-centered approach to developer productivity.If you want a complete picture of your engineering impact and health, drive high performance, and make smarter business decisions…Go to Span.app to learn more! SHOW NOTES:From research lab to record-breaking product: Navigating the fastest growth in history (4:03)Unpredictable scaling: Handling growth spurts of one million users every hour (5:20)Cross-stack collaboration: How Android, systems, and GPU engineers solve crises together (7:06)The magic of trade-offs: Aligning the team on outcomes like service uptime vs. broad availability (7:57)Why throwing models "over the wall" failed and how OpenAI structures virtual teams (11:17)Lessons from OpenAI's first intern class: Why AI-native new grads are crushing expectations (13:41)Non-hierarchical culture: Using the "Member of Technical Staff" title to blur the lines of expertise (15:37)AI-native engineering: When massive code generation starts breaking traditional CI/CD systems (16:21)Asynchronous workflows: Using coding agents to reduce two-hour investigations to 15 minutes (17:35)The mindset shift: How rapid model improvements changed how leaders audit and trust code (19:00)Predicting success: "Vibes-based" decision making and iterative low-key research previews (20:43)Hiring for high variance: Why unconventional backgrounds lead to high-potential engineering hires (22:09) LINKS AND RESOURCESLink to the video for this sessionLink to all ELC Annual 2025 sessions This episode wouldn't have been possible without the help of our incredible production team:Patrick Gallagher - Producer & Co-HostJerry Li - Co-HostNoah Olberding - Associate Producer, Audio & Video Editor https://www.linkedin.com/in/noah-olberding/Dan Overheim - Audio Engineer, Dan's also an avid 3D printer - https://www.bnd3d.com/Ellie Coggins Angus - Copywriter, Check out her other work at https://elliecoggins.com/about/ Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

This interview was recorded for the GOTO Book Club.http://gotopia.tech/bookclubCheck out more here:https://gotopia.tech/episodes/405Yevgeniy "Jim" Brikman - Author of "Fundamentals of DevOps and Software Delivery" & Co-Founder of GruntworkKief Morris - Author of "Infrastructure as Code" & Distinguished Engineer at ThoughtworksRESOURCESYevgeniy (Jim)https://bsky.app/profile/brikis98.bsky.socialhttps://twitter.com/brikis98https://github.com/brikis98/https://www.linkedin.com/in/jbrikmanhttps://www.ybrikman.comKiefhttps://bsky.app/profile/kief.comhttps://twitter.com/kiefhttps://github.com/kiefhttps://www.linkedin.com/in/kiefmorrishttps://infrastructure-as-code.comhttps://kief.comLinkhttps://terragrunt.gruntwork.ioDESCRIPTIONYevgeniy (Jim) Brikman, author of "Fundamentals of DevOps and Software Delivery", discusses his journey from app developer to DevOps advocate, triggered by LinkedIn's deployment crisis that required freezing all product development for months. The discussion with Kief Morris explores the practical definition of DevOps as efficient software delivery methodology, the relationship between infrastructure as code and application orchestration tools, the necessity of frameworks over custom wrapper scripts, and emerging paradigms including infrastructure from code, infrastructure as graph models, and interactive runbooks.Jim emphasizes that while new approaches are interesting, maturity and standardization in existing tools often provides more value than constantly chasing new technologies.RECOMMENDED BOOKSYevgeniy Brikman • Fundamentals of DevOps and Software Delivery • https://amzn.to/3WMPMFUYevgeniy Brikman • Terraform: Up and Running • https://amzn.to/4otpxQLYevgeniy Brikman • Hello, Startup • https://amzn.to/3JmV0VRKief Morris • Infrastructure as Code • https://amzn.to/4e6EBQcMauricio Salatino • Platform Engineering on Kubernetes • https://amzn.to/3X14qZKCharity Majors, Liz Fong-Jones & George Miranda • Observability Engineering • https://amzn.to/38scbmaBlueskyTwitterInstagramLinkedInFacebookCHANNEL MEMBERSHIP BONUSJoin this channel to get early access to videos & other perks:https://www.youtube.com/channel/UCs_tLP3AiwYKwdUHpltJPuA/joinLooking for a unique learning experience?Attend the next GOTO conference near you! Get your ticket: gotopia.techSUBSCRIBE TO OUR YOUTUBE CHANNEL - new videos posted daily!

An airhacks.fm conversation with Johan Haleby (@johanhaleby) about: first computer experience with Commodore C64 and typing Basic programs from instruction manuals, early gaming experiences and interest in understanding load commands, transition to Amiga 500 Plus for demo scene scripting and composition, moving to PC era with 486 SX25 and four megabytes of RAM, learning Turbo Pascal and creating 2D Super Mario-inspired games, experimenting with inline assembler in Pascal and reading "The Art of Assembly Programming", reverse engineering games using Win32 disassembler to bypass license checks, studying computer science at Blekinge and Lund University in Sweden, first job at JayWay consultancy firm working on IKEA project in 2005, early adoption of Spring framework and automated testing practices, comparison of old-style EJB with heavy XML configuration versus Spring's lightweight approach, the evolution from XML-based configuration to annotation-based Java EE 5 and 6, creating PowerMock with colleague Jan Kronqvist to mock static methods and final classes, using asm and JavaAssist for bytecode manipulation instead of AspectJ, implementing custom class loaders where each JUnit method executed in different class loader, deep clone module for cloning object graphs between class loaders, tight coupling challenges between PowerMock and Mockito/EasyMock/JUnit versions, transition from EasyMock's record-replay pattern to Mockito's when-then approach, modern preference for avoiding mocks and testing against real cloud environments, optimizing for fast CI/CD pipelines rather than local simulation, structuring code to separate infrastructure concerns from pure business logic, using Java Records as pure data carriers versus adding behavior to records, Clojure-inspired philosophy of decoupling state from behavior and identity, Rich Hickey's "Simple Made Easy" talk and definitions of simple versus easy, multi-methods in functional languages as alternative to polymorphism, domain modeling example with network devices and fiber channel connections, benefits of object-oriented polymorphism for transparent persistence and simple code, avoiding religious adherence to patterns in favor of pragmatic solutions, Maven's stability and opinionated approach versus Gradle's flexibility, reducing external dependencies and Maven plugins in favor of CI/CD automation, the NPM ecosystem's over-modularization compared to Java's more reasonable approach, decline of OSGi hype and return to simpler monolithic architectures, Johan's current work on Occurrent Event Sourcing library and cloud events Johan Haleby on twitter: @johanhaleby

Join host Jaeden Schafer as he jumps into the world of AI with Spriha Baruah Tucker, Field CTO at BuildKite and a two-time Y Combinator founder. Discover how BuildKite is revolutionizing CI-CD platforms, the journey that led Spriha to her current role, and her insights on the future of AI in engineering. This episode is packed with valuable advice for companies looking to leverage AI effectively.Learn more about Buildkite: See Privacy Policy at https://art19.com/privacy and California Privacy Notice at https://art19.com/privacy#do-not-sell-my-info.

Aytekin is the founder and CEO of JotForm, one of the most widely used no-code automation platforms in the world, serving more than 35 million users across education, healthcare, nonprofits, and small businesses. He's also the author of the Wall Street Journal and Publisher's Weekly bestselling book Automate Your Busy Work,00:00 – IntroductionFounder mindset, automation philosophy, and the future of work00:01 – Why Automate Your Busy Work Was Ahead of Its TimeNo-code, automation thinking before the AI boom01:09 – Building JotForm Before the AI Hype Cycle20 years of bootstrapping, slow growth, and real product-market fit02:29 – Forms as the Gateway to AutomationHow education, nonprofits, healthcare, and SMBs really work03:49 – From Forms to Workflows, Approvals, PDFs, and E-SignaturesDesigning automation for people without developers04:21 – Solo Founder Reality: Doing HR, Legal, Support, and Product AloneThe hidden cognitive cost of running everything yourself04:51 – Competing with Google Forms as a Bootstrapped FounderWhy automation and delegation became survival tools05:58 – Email Automation as Cognitive ReliefHow prioritization systems reduce stress and decision fatigue07:41 – Applying Automation Internally: Teams, CI/CD, and TestingWhy automation makes teams safer, not riskier08:10 – Designing Products Around How People Actually WorkFrom tools to systems thinking09:17 – Writing, Teaching, and Sharing Automation PrinciplesFrom Medium and Forbes to a bestselling book10:48 – Discovering the AI Revolution After Publishing the BookAutomation philosophy vs AI productivity tools11:16 – “People Aren't Overworked — They're Over-Busy”The psychology of modern work and burnout12:28 – Embodying Automation Principles Inside the CompanyScaling without chaos12:48 – Email Prioritization Systems That Actually WorkHow to design inboxes for executives and founders14:20 – Gmail Filters, Labels, and Decision AutomationSimple systems over complex tools16:59 – Automation as Stress Reduction, Not SpeedWhy missing important work causes burnout19:21 – Continuous Deployment and First-Day Code CommitsHow automation builds trust and confidence at scale21:12 – Why Automation Shouldn't Be FearedRisk reduction through systems22:08 – Internal Automation Lessons from JotForm's Engineering Culture23:01 – Future of Work: Policy, Strategy, and AIWEF, global work, and structural change24:32 – Does AI Kill Jobs or Create Better Ones?A real company case study25:02 – Deploying AI Support Without Laying Off EmployeesHow JotForm handled AI responsibly27:09 – Human-in-the-Loop AI SystemsWhy oversight matters more than hype28:19 – Training AI Through Documentation and FeedbackHow resolution rates improved from 25% to 75%31:01 – Improving AI Through Better Knowledge SystemsDocumentation as infrastructure32:36 – New Roles Created by AI AdoptionFrom support agents to AI evaluators33:29 – Multilingual AI Support at Global ScaleWhy AI enables inclusion, not just efficiency35:09 – Why JotForm Didn't Get AcquiredIndependence, focus, and long-term thinking39:29 – Focused Work, Fewer Hours, Higher LeverageRedefining productivity at scale41:06 – Evolution of JotForm Into a Full Automation PlatformFrom forms to AI agents and integrations42:09 – AI Agents Demo Discussion and Key TakeawaysReal use cases, real ROI46:18 – User Research at Massive ScaleLearning from 35 million users48:03 – Omnichannel AI Agents: Web, Instagram, Gmail, SalesforceTraining once, deploying everywhere49:35 – The Future of AI Agents as Digital EmployeesOne system, many touchpoints50:14 – Advice for Young Developers and FoundersHow to compete in the AI era50:49 – Growth Mindset Through Every Tech RevolutionFrom PCs to the internet to AI52:10 – Why This Is the Best Time to Be YoungOpportunities created by AI and no-code tools53:38 – Closing Reflections on Building, Learning, and PurposeA long-term view of work and life

It's that time of year—each host reaches into Santa's sack of topics to see who's been naughty and who's been nice. Ben returns from visiting his employer's manufacturing headquarters in Georgia with some philosophical musings. Carol is on a mission to slash CI/CD build times. Adam has cautiously optimistic news about passkeys finally working (sometimes). And Tim reflects on a TLDR article suggesting that the management skills you've built—knowing what to build and what not to build—might be exactly what AI-era coding demands.Plus: December blues, mushroom tea for focus, and jQuery as peak imperative JavaScript.Links mentioned:Owning A Lucid Has Been Super DisappointingDriving Xiaomi's Electric Car: Are we Cooked?Follow the show and be sure to join the discussion on Discord! Our website is workingcode.dev and we're @workingcode.dev on Bluesky. New episodes drop weekly on Wednesday.And, if you're feeling the love, support us on Patreon.With audio editing and engineering by ZCross Media.Full show notes and transcript here.

What does it take to make more environmentally sustainable software? Carl and Richard talk to Tom Herkhove about Microsoft's efforts to make carbon footprint and emissions visible for applications. Tom talks about the Azure API Management interface as a great starting point, and the ability to shift workloads to low-emission data centers as needed. The conversation also digs into wasted cycles, like automatically fired CI/CD pipelines whose results are never reviewed. It all begins with measuring - what action you take from there is up to you!