Activity where one or more people check a program's code
POPULARITY
Sally and Aji discuss their experiences with invisible mentorship when it comes to code review. Together they question when is the right time to have conversations with your team in a bid to chase improvement, the importance of understanding your co-workers perspectives, as well as the best ways to initiate a mentoring moment. — Check out some of the things mentioned in this episode - The Coding Train (https://thecodingtrain.com) - Sarah Mel's Livable Code (https://www.youtube.com/watch?v=lI77oMKr5EY&pp=ygUTc2FyYWggbWVpIHJhaWxzY29uZg==) Thanks to our sponsors for this episode Judoscale - Autoscale the Right Way (https://judoscale.com/bikeshed) (check the link for your free gift!), and Scout Monitoring (https://www.scoutapm.com/). Your hosts for this episode have been thoughtbot's own Sally Hall (https://www.linkedin.com/in/sallyannahall) and Aji Slater (https://www.linkedin.com/in/doodlingdev/) If you would like to support the show, head over to our GitHub page (https://github.com/sponsors/thoughtbot), or check out our website (https://bikeshed.thoughtbot.com). Got a question or comment about the show? Why not write to our hosts: hosts@bikeshed.fm This has been a thoughtbot (https://thoughtbot.com/) podcast. Stay up to date by following us on social media - YouTube (https://www.youtube.com/@thoughtbot/streams) - LinkedIn (https://www.linkedin.com/company/150727/) - Mastodon (https://thoughtbot.social/@thoughtbot) - BlueSky (https://bsky.app/profile/thoughtbot.com) © 2025 thoughtbot, inc.
OpenAI's Codex has already shipped hundreds of thousands of pull requests in its first month. But what is it really, and how will coding agents change the future of software?In this episode, General Partner Anjney Midha goes behind the scenes with one of Codex's product leads- Alexander Embiricos - to unpack its origin story, why its PR success rate is so high, the safety challenges of autonomous agents, and what this all means for developers, students, and the future of coding. Timecodes:0:00 Intro: The Vision for AI Agents1:25 Codex's Origin and Naming3:20 Early Prototypes and Agent Form Factors6:00 Cloud Agents: Safety and Security9:40 Prompt Injection and Attack Vectors12:00 PR Merging: Metrics and Transparency17:00 The Future of Code Review and Automation20:00 User Adoption: Internal vs. External Surprises22:00 Multi-Turn Interactions and Product Learnings29:30 Best-of-N, Slot Machine Analogy, and Creativity33:00 Human Taste, Iteration, and Collaboration40:00 AI's Impact on Software Engineering Careers45:00 Education, CS Degrees, and AI Integration49:00 Prototyping, Hackathons, and Speed to Magic55:00 Legacy Code, Modernization, and Global Adoption1:00:00 Enterprise, Security, and Air-Gapped Environments1:05:00 Product Roadmap and Future of Codex1:10:00 Advice for Founders and Startups1:15:00 Education Reform and Project-Based Learning1:20:00 Hiring, Building, and New Grad Advice Resources: Find Alex on X: https://x.com/embiricoFind Anjney on X: https://twitter.com/AnjneyMidha Stay Updated: If you enjoyed this episode, be sure to like, subscribe, and share with your friends!Find a16z on X: https://x.com/a16zFind a16z on LinkedIn: https://www.linkedin.com/company/a16zListen to the a16z Podcast on Spotify: https://open.spotify.com/show/5bC65RDvs3oxnLyqqvkUYXListen to the a16z Podcast on Apple Podcasts: https://podcasts.apple.com/us/podcast/a16z-podcast/id842818711Follow our host: https://x.com/eriktorenbergPlease note that the content here is for informational purposes only; should NOT be taken as legal, business, tax, or investment advice or be used to evaluate any investment or security; and is not directed at any investors or potential investors in any a16z fund. a16z and its affiliates may maintain investments in the companies discussed. For more details please see a16z.com/disclosures. Stay Updated:Find a16z on XFind a16z on LinkedInListen to the a16z Podcast on SpotifyListen to the a16z Podcast on Apple PodcastsFollow our host: https://twitter.com/eriktorenberg Please note that the content here is for informational purposes only; should NOT be taken as legal, business, tax, or investment advice or be used to evaluate any investment or security; and is not directed at any investors or potential investors in any a16z fund. a16z and its affiliates may maintain investments in the companies discussed. For more details please see a16z.com/disclosures. Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.
How To Perform Technical Due Diligence Hello, this is Hall T. Martin with the Startup Funding Espresso -- your daily shot of startup funding and investing. Investors perform diligence on a startup before investing. Most of the diligence focuses on the financial aspects of the business. Technical diligence is just as important. For startups, it's also important to focus on the technical aspects. Here's a list of areas to review for technical due diligence: Architecture Review the technical architecture for scalability and robustness. Check the architecture for fit with the application. Code Review the code for quality and documentation. Are there processes for testing and verification? Security Review the code for security measures. Perform penetration exercises to check its strength. People Interview the technical team for their technical background and skills. See if the skills match the project requirements. Intellectual property Review the intellectual property to see if the key technical features are covered. Consider these steps in performing technical due diligence on a startup. Thank you for joining us for the Startup Funding Espresso where we help startups and investors connect for funding. Let's go startup something today. _______________________________________________________ For more episodes from Investor Connect, please visit the site at: Check out our other podcasts here: For Investors check out: For Startups check out: For eGuides check out: For upcoming Events, check out For Feedback please contact info@tencapital.group Please , share, and leave a review. Music courtesy of .
This interview was recorded for GOTO Unscripted.https://gotopia.techRead the full transcription of this interview herePaul Slaughter - Staff Fullstack Engineer at GitLab & Creator of Conventional CommentsAdrienne Braganza Tacke - Senior Developer Advocate at Viam Robotics & Author of "Looks Good To Me: Constructive Code Reviews"RESOURCESPaulhttps://x.com/souldzinhttps://github.com/souldzinhttps://gitlab.com/pslaughterhttps://gitlab.com/souldzinhttps://souldzin.comAdriennehttps://bsky.app/profile/abt.bsky.socialhttps://x.com/AdrienneTackehttps://github.com/AdrienneTackehttps://www.linkedin.com/in/adriennetackehttps://www.instagram.com/adriennetackehttps://www.adrienne.iohttps://blog.adrienne.ioLinkshttps://conventionalcomments.orgDESCRIPTIONCan "Conventional Comments" transform code reviews from frustrating experiences into productive collaborations?Paul Slaughter shares his experience developing and practicing "Conventional Comments", a structured approach to improving code review communications through labeled feedback. The conversation explores clear communication patterns with labels (e.g. 'suggestion:', 'issue:' or 'question:').Paul and Adrienne discuss the importance of empathy in the review process, the balance between politeness and efficiency, and how GitLab's Code Review Weekly Workshops have helped normalize review experiences across their remote teams. The interview highlights that effective code reviews depend not just on technical evaluations but on thoughtful communication that acknowledges developers' emotional investment in their work while fostering a culture of collaborative ownership.RECOMMENDED BOOKSAdrienne Braganza Tacke • "Looks Good to Me": Constructive Code ReviewsAdrienne Braganza Tacke • Coding for KidsGrace Huang • Code Reviews in TechMartin Fowler • RefactoringMatthew Skelton & Manuel Pais • Team TopologiesDave Thomas & Andy Hunt • The Pragmatic ProgrammerBlueskyTwitterInstagramLinkedInFacebookCHANNEL MEMBERSHIP BONUSJoin this channel to get early access to videos & other perks:https://www.youtube.com/channel/UCs_tLP3AiwYKwdUHpltJPuA/joinLooking for a unique learning experience?Attend the next GOTO conference near you! Get your ticket: gotopia.techSUBSCRIBE TO OUR YOUTUBE CHANNEL - new videos posted daily!
AI is rewriting the rules of code review and CodeRabbit is leading the charge. In this featured episode of Screaming in the Cloud, Harjot Gill shares with Corey Quinn how his team built the most-installed AI app on GitHub and GitLab, nailed positive unit economics, and turned code review into a powerful guardrail for the AI era.Show Highlights(0:00) Entrepreneurial Journey and Code Rabbit's Origin (3:06) The Broken Nature of Code Reviews (5:47) Developer Feedback and the Future of Code Review (9:50) AI-Generated Code and the Code Review Burden (11:46) Traditional Tools vs. AI in Code Review (13:41) Keeping Up with State-of-the-Art Models (16:16) Cloud Architecture and Google Cloud Run(18:21) Context Engineering for Large Codebases (20:52) Taming LLMs and Balancing Feedback (22:30) Business Model and Open Source Strategy About Harjot Gill Harjot is the CEO of CodeRabbit, a leading AI-first developer tools company. LinksHarjot on LinkedIn: https://www.linkedin.com/in/harjotsgill/SponsorCodeRabbit: https://coderabbit.link/corey
Are long code review cycles killing your engineering team's velocity? Learn how top engineering teams are shipping code faster without sacrificing quality.In this episode, Greg Foster, CTO and co-founder of Graphite, discusses the evolution of code review practices, from the fundamentals of pull requests to the future of AI in code review workflows. He shares the secrets behind how the Graphite team became one of the most productive engineering teams by leveraging techniques like small code changes and stacked PRs (pull requests).Key topics discussed:The evolution of code review from bug-hunting to knowledge sharingBest practices for PRs and why small PRs get better feedbackHow stacked PRs eliminate waiting time in development workflowsThe rise of AI in the code review processWhy AI code review works best as an automated CI checkHow Graphite achieves P99 engineering productivityHiring engineers in the age of AI-assisted codingTimestamps:(00:00) Trailer & Intro(02:21) Career Turning Points(05:11) Now is The Golden Time to Be in Software Engineering(09:08) The Evolution of Code Review in Software Development(14:59) The Popularity of Pull Request Workflow(21:01) Pull Request Best Practices(26:17) The Stacked PR and Its Benefits(34:07) How Graphite Ships Code Remarkably Fast(40:03) The Cool Things About AI Code Review(45:23) Graphite's Unique Recipes for Engineering Productivity(50:55) Hiring Engineers in the Age of AI(55:31) 2 Tech Lead Wisdom_____Greg Foster's BioGreg Foster is the CTO and co-founder of Graphite, an a16z and Anthropic-backed company helping teams like Snowflake, Figma, and Perplexity ship faster and scale AI-generated code with confidence. Prior to Graphite, Greg was a dev tools engineer at Airbnb. There, he experienced the impact of robust internal tooling on developer velocity and co-founded Graphite to bring powerful, AI-powered code review to every team. Greg holds a BS in Computer Science from Harvard University.Follow Greg:LinkedIn – linkedin.com/in/gregmfosterX – x.com/gregmfosterEmail – greg@graphite.devGraphite – graphite.devGraphite X – x.com/withgraphiteLike this episode?Show notes & transcript: techleadjournal.dev/episodes/231.Follow @techleadjournal on LinkedIn, Twitter, and Instagram.Buy me a coffee or become a patron.
In dieser Folge spreche ich mit Thomas Much, Technical Agile Coach bei der Techniker Krankenkasse, Deutschlands größter gesetzlicher Krankenversicherung. Wir tauchen tief in die Welt der agilen Softwareentwicklung bei einem großen Versicherungsunternehmen ein. Thomas erklärt auf spannende Weise, wie er und sein Team Entwickler dabei unterstützen, moderne Software zu entwickeln und die Zusammenarbeit zwischen verschiedenen Teams verbessern. Hier sind fünf Highlights aus unserer Unterhaltung: Die zwei Welten der Softwareentwicklung: Thomas schildert den Unterschied zwischen klassischer, oft ineffizienter Softwareentwicklung in großen Unternehmen (lange Release-Zyklen, unklare Verantwortlichkeiten) und modernen, agilen Methoden. Er verdeutlicht, wie wichtig es ist, Software kontinuierlich auszuliefern und nicht erst nach Monaten oder Jahren. Team Programming als Schlüssel zum Erfolg: Wir diskutieren die Praxis des Team Programming (auch Mob Programming genannt), bei dem mehrere Entwickler gemeinsam an einer Codezeile arbeiten. Das klingt erstmal ungewöhnlich, aber Thomas erklärt, wie effektiv das für den Wissenstransfer, die Codequalität und die Teambildung ist. Der Vorteil liegt im unmittelbaren Austausch und in der Vermeidung von langwierigen Code Reviews. Continuous Integration/Continuous Delivery (CI/CD): Thomas erklärt die Bedeutung von CI/CD für die kontinuierliche Auslieferung von Software und wie es das Risiko reduziert. Er betont, dass es nicht nur um Tools geht, sondern auch um eine entsprechende Denkweise und Unternehmenskultur. Der Weg zur Modernisierung: Thomas beschreibt die Herausforderungen, die mit der Integration neuer Technologien in bestehende Systeme einhergehen. Er erzählt von seinen Erfahrungen, wie er Teams dabei unterstützt, diese Herausforderungen zu meistern und in kleinen Schritten Fortschritte zu erzielen. Von der Freelancer-Karriere zum Angestellten: Thomas teilt seine Beweggründe, seine langjährige Freelancer-Karriere für eine Festanstellung bei der TK zu tauschen. Er beschreibt, wie seine Erfahrungen und Fähigkeiten dort wertgeschätzt werden und wie er als Multiplikator in der TK-IT wirken kann. Links in dieser Ausgabe Zur Homepage von Jonas Piela Zum LinkedIn-Profil von Jonas Piela Zum LinkedIn-Profil von Thomas Much Die Liferay Digital Experience Platform Kunden erwarten digitale Services für die Kommunikation, Schadensmeldung und -abwicklung. Liferays Digital Experience Platform bietet Out-of-the-Box-Funktionen wie Low-Code, höchste Sicherheit & Zuverlässigkeit. Jetzt Kontakt aufnehmen.
Show DescriptionIdentifying where we are in the AI hype cycle, a quick #davegoeshairy update, what has been the impact of AI on tech creators, Chris is making his own CSS starter on stream, and Item flow / masonry discussions. Listen on WebsiteLinks Introducing GPT-5 - YouTube Simon Willison on ai Orion Browser by Kagi VisBug Chrome Canary Features For Developers - Google Chrome Download Microsoft Edge Zen Browser Google Backtracks On Plans For URL Shortener Service Impact of AI on Tech Content Creators Pre-commit Hooks, requestAnimationFrame, Code Reviews, and More - Syntax #922 CodePen Radio CSS Tools: Reset CSS Item Flow – Part 2: next steps for Masonry | WebKit
Cybersecurity Today: July Review - Massive Lawsuits, AI Warnings, and Major Breaches In this episode of Cybersecurity Today: The Month in Review, host Jim Love and an expert panel, including David Shipley, Anton Levaja, and Tammy Harper, discuss the most significant cybersecurity stories from July. Key topics include the $380 million lawsuit between Clorox and Cognizant following a massive ransomware attack, the ongoing legal battle between Delta and CrowdStrike, and breached forums like XSS leading to significant law enforcement actions. The panel also dives into AI-related risks in software development, recent supply chain attacks, and legislative developments in Europe affecting cybersecurity. Watch to stay informed about the latest trends and challenges in the cybersecurity landscape. 00:00 Introduction and Panelist Introductions 01:28 Major Cybersecurity Lawsuits: Clorox vs. Cognizant and Delta vs. CrowdStrike 04:11 Reflections on Legal Implications and Industry Impact 13:01 Tammy Harper on XSS Forum Seizure 17:52 Law Enforcement Tactics and Dark Web Trust Issues 23:47 Anton Levaja on Supply Chain Attacks 30:18 AI Wiping Code and Backup Issues 31:18 Security Concerns with Model Control Protocol 31:56 Challenges with AI in Code Review 34:02 The Problem with AI-Generated Code 40:43 The SharePoint Apocalypse 43:36 Impact of Business Decisions on Technology 49:16 Final Thoughts and Upcoming Stories 49:25 Current and Upcoming Tech Legislation
This interview was recorded for GOTO Unscripted.https://gotopia.techRead the full transcription of this interview hereAdrienne Braganza Tacke - Senior Developer Advocate at Viam Robotics & Author of "Looks Good To Me: Constructive Code Reviews"Saša Jurić - Author of "Elixir in Action" & The Ultimate Beacon in the Elixir SpaceRESOURCESAdriennehttps://bsky.app/profile/abt.bsky.socialhttps://x.com/AdrienneTackehttps://github.com/AdrienneTackehttps://www.linkedin.com/in/adriennetackehttps://www.instagram.com/adriennetackehttps://www.adrienne.iohttps://blog.adrienne.ioSašahttps://bsky.app/profile/sasajuric.bsky.socialhttps://twitter.com/sasajurichttps://github.com/sasa1977https://linkedin.com/in/sa%C5%A1a-juri%C4%87-21b23186https://www.theerlangelist.comDESCRIPTIONAdrienne Braganza, author of "Looks Good to Me: Constructive Code Reviews", and Saša Jurić, author of “Elixir in Action”, explore best practices for effective code reviews. They discuss how smaller, well-organized pull requests lead to better feedback, the importance of comment classification, and when to take discussions offline. Both emphasize that code reviews aren't just about catching bugs—they're crucial for knowledge transfer and creating cohesive codebases.While AI tools can help with routine aspects, human judgment remains essential, especially as AI-generated code becomes more common. The speakers agree that when done well, code reviews Digital Disruption with Geoff Nielson Discover how technology is reshaping our lives and livelihoods.Listen on: Apple Podcasts Spotify Inspiring Tech Leaders - The Technology PodcastInterviews with Tech Leaders and insights on the latest emerging technology trends.Listen on: Apple Podcasts SpotifyBlueskyTwitterInstagramLinkedInFacebookCHANNEL MEMBERSHIP BONUSJoin this channel to get early access to videos & other perks:https://www.youtube.com/channel/UCs_tLP3AiwYKwdUHpltJPuA/joinLooking for a unique learning experience?Attend the next GOTO conference near you! Get your ticket: gotopia.techSUBSCRIBE TO OUR YOUTUBE CHANNEL - new videos posted daily!
In this episode of Founded & Funded, Madrona Investor Rolanda Fu is joined by Dedy Kredo, the co-founder and chief product officer of QodoAI — formerly CodiumAI, a 2024 IA40 winner and one of the most exciting AI companies shaping the future of software development. Dedy and his co-founder, Itamar, are entrepreneurs who have spent their careers building for developers, and with Qodo, they're tackling one of the most frustrating problems in software engineering — testing and verifying code. As AI generates more code, the challenge shifts to ensuring quality, maintaining standards, and managing complexity across the entire software development lifecycle. In this conversation, Dedy and Rolanda discuss how Qodo's agentic architecture and deep code-based understanding are helping enterprises leverage AI speed while ensuring code integrity and governance. They get into what it takes to build enterprise-ready AI platforms, the strategy behind scaling from a developer-first approach to major enterprise partnerships, and how AI agents might reshape software engineering teams altogether. Transcript: https://www.madrona.com/engineering-ai-era-qodo-dedy-kredo-on-ai-powered-sdlc Chapters: (00:00) Introduction (01:12) The Future of AI in Software Development (01:58) Dedy's Journey in Tech (03:02) The Genesis of Qodo (03:53) Qodo's Unique Approach to AI Coding (05:13) Exploring Qodo's Product Features (06:42) Code Review and Verification (08:53) Customizing AI Agents (11:02) Vibe Coding and Code Review (13:27) Developer Love vs. Enterprise Needs (15:33) Enterprise Adoption (17:51) Future of Software Engineering (22:13) Balancing Developer Love and Enterprise Sales (24:05) Advice for Founders
One of the most immediate and high-impact applications of LLMs has been in software development. The models can significantly accelerate code writing, but with that increased velocity comes a greater need for thoughtful, scalable approaches to codereview. Integrating AI into the development workflow requires rethinking how to ensure quality,security, and maintainability at scale. CodeRabbit is The post CodeRabbit and RAG for Code Review with Harjot Gill appeared first on Software Engineering Daily.
One of the most immediate and high-impact applications of LLMs has been in software development. The models can significantly accelerate code writing, but with that increased velocity comes a greater need for thoughtful, scalable approaches to codereview. Integrating AI into the development workflow requires rethinking how to ensure quality,security, and maintainability at scale. CodeRabbit is The post CodeRabbit and RAG for Code Review with Harjot Gill appeared first on Software Engineering Daily.
One of the most immediate and high-impact applications of LLMs has been in software development. The models can significantly accelerate code writing, but with that increased velocity comes a greater need for thoughtful, scalable approaches to codereview. Integrating AI into the development workflow requires rethinking how to ensure quality,security, and maintainability at scale. CodeRabbit is The post CodeRabbit and RAG for Code Review with Harjot Gill appeared first on Software Engineering Daily.
Cette semaine, on reçoit Sandra Gomes, responsable du contenu musical à Konbini et coanimatrice du Code Review, pour une longue entrevue. Rosaliedu38 - NOT ALONE Theodora - 243 km/h (feat. Zoomy) SadBoi & Blanco - L's Bob Marlich - Les deux Souffrance - Barbecue En Hiver (feat. Chilly Gonzales) Medine - Thalys (feat. Isha) Okis & Mani Deiz - TÉLÉ BOCAL (feat. Gen) Yvnnis - BARA Hamza - DRAGONS (feat. Werenoi) AAMO - CHF (feat. Mairo & Kenzy) Nunca - Passage Nicholas Craven & Boldy James - Spider Webbing Windshields Boldy James & Your Boy Posca - Nancy Botwin
ORDINANCES AND RESOLUTIONSCB2025-091-097: A Resolution Reappointing Della Perrone to the Board of Fire and Police Commissioners in the City of Champaign; A Resolution Reappointing Minnie Pearson, Charles Lansford and Chaya Sandler to the Champaign Public Library Board of Trustees in the City of Champaign; A Resolution Reappointing Steve Taylor, Lucas Pryor, and Jason Dodds to the Code Review & Appeals Board in the City of Champaign; A Resolution Reappointing David Palmer to the Human Relations Commission in the City of Champaign; A Resolution Reappointing Mike Ingram and Darrin Smith to the Citizen Review Subcommittee of the Human Relations Commission in the City of Champaign; A Resolution Reappointing Bret Kroencke, Donald Elmore and Adani Sanchez to the Plan Commission in the City of Champaign; A Resolution Reappointing Joe Zalabak, Brian Knox, and Jon Youakim to the Zoning Board of Appeals in the City of ChampaignCB2025-0098-103: An Ordinance Approving and Adopting the Annual Budget for the Fiscal Year Commencing July 1, 2025, and Ending June 30, 2026; A Resolution Adopting Financial Policies for the Development, Adoption and Execution of the Annual Budget; An Ordinance Establishing Rates of Compensation for Employees of the City of Champaign and Approving the Annual Position Control Report for the Fiscal Year 2025-2026; An Ordinance Establishing Rates of Compensation for Employees of the Champaign Public Library and Adopting the Annual Position Control Report for the Champaign Public Library for the Fiscal Year 2025/26; A Resolution Adopting the Ten-Year Capital Improvement Plan for Fiscal Years 2025/26 – 2034/35 and Adopting the Capital Improvement Policies; An Ordinance Amending Section 29-401(a) of the Champaign Municipal Code, 1985CB2025-104: A Resolution Authorizing the City Manager to Execute a Subrecipient Agreement with the City of Champaign TownshipCB2025-105: A Resolution Approving the 2025-2029 Consolidated Plan and FY 2025/26 Annual Action PlanCB2025-106-107: A Resolution Approving an Engineering Services Agreement with the Roderick Group, LLC, DBA Ardmore Roderick, for the 2026 Asphalt Streets Improvement Project; A Resolution for Improvement of Streets by Municipalities Under the Illinois Highway CodeCB2025-108: A Resolution Accepting a Bid and Authorizing the City Manager to Execute an Agreement for the 2025 Pavement Marking ProjectCB2025-109-110: A Resolution Approving an Engineering Services Agreement with Clark Dietz, Inc. for the 2026 Concrete Street Improvements Project; A Resolution for Improvement of Streets by Municipalities Under the Illinois Highway CodeCB2025-111: A Resolution Approving a Change Order with Lochmueller Group, Inc., to Provide Engineering Services for the State Street Sanitary Sewer ProjectCB2025-112: A Resolution Accepting a Proposal for Streetlight Pole PaintingCB2025-113: A Resolution Accepting a Proposal for a Traffic and Lighting Maintenance and Repair AgreementCB2025-114-115: A Resolution Accepting a Bid and Authorizing the City Manager to Execute an Agreement for the Bradley Avenue; A Resolution Authorizing the City Manager to Execute a Professional Services Agreement with Lochmueller Group, Inc., to Provide Construction Engineering Services for the Bradley AvenueCB2025-116: A Resolution Approving the Renewal of ThreatLocker SoftwareCB2025-117: A Resolution Accepting a Proposal for the 2025-2028 Comprehensive Occupational Medical Program for the Champaign Fire Department
LINKS: https://distrust.co/software.html - Software page with OSS software Linux distro: https://codeberg.org/stagex/stagex Milksad vulnerability: https://milksad.info/ In this episode of Cybersecurity Today on the Weekend, host Jim Love engages in a captivating discussion with Anton Livaja from Distrust. Anton shares his unique career transition from obtaining a BA in English literature at York University to delving into cybersecurity and tech. Anton recounts how he initially entered the tech field through a startup and quickly embraced programming and automation. The conversation covers Anton's interest in Bitcoin and blockchain technology, including the importance of stablecoins, and the frequent hacking incidents in the crypto space. Anton explains the intricacies of blockchain security, emphasizing the critical role of managing cryptographic keys. The dialogue also explores advanced security methodologies like full source bootstrapping and deterministic builds, and Anton elaborates on the significance of creating open-source software for enhanced security. As the discussion concludes, Anton highlights the need for continual curiosity, teamwork, and purpose-driven work in the cybersecurity field. 00:00 Introduction to Cybersecurity Today 00:17 Anton's Journey from Literature to Cybersecurity 01:08 First Foray into Programming and Automation 02:35 Blockchain and Its Real-World Applications 04:36 Security Challenges in Blockchain and Cryptocurrency 13:21 The Rise of Insider Threats and Social Engineering 16:40 Advanced Security Measures and Supply Chain Attacks 22:36 The Importance of Deterministic Builds and Full Source Bootstrapping 29:35 Making Open Source Software Accessible 31:29 Blockchain and Supply Chain Traceability 33:34 Ensuring Software Integrity and Security 38:20 The Role of AI in Code Review 40:37 The Milksad Incident 46:33 Introducing Distrust and Its Mission 52:23 Final Thoughts and Encouragement
More info: https://docs.anthropic.com/en/docs/claude-code/overview The AI coding wars have now split across four battlegrounds: 1. AI IDEs: with two leading startups in Windsurf ($3B acq. by OpenAI) and Cursor ($9B valuation) and a sea of competition behind them (like Cline, Github Copilot, etc). 2. Vibe coding platforms: Bolt.new, Lovable, v0, etc. all experiencing fast growth and getting to the tens of millions of revenue in months. 3. The teammate agents: Devin, Cosine, etc. Simply give them a task, and they will get back to you with a full PR (with mixed results) 4. The cli-based agents: after Aider's initial success, we are now seeing many other alternatives including two from the main labs: OpenAI Codex and Claude Code. The main draw is that 1) they are composable 2) they are pay as you go based on tokens used. Since we covered all three of the first categories, today's guests are Boris and Cat, the lead engineer and PM for Claude Code. If you only take one thing away from this episode, it's this piece from Boris: Claude Code is not a product as much as it's a Unix utility. This fits very well with Anthropic's product principle: “do the simple thing first.” Whether it's the memory implementation (a markdown file that gets auto-loaded) or the approach to prompt summarization (just ask Claude to summarize), they always pick the smallest building blocks that are useful, understandable, and extensible. Even major features like planning (“/think”) and memory (#tags in markdown) fit the same idea of having text I/O as the core interface. This is very similar to the original UNIX design philosophy: Claude Code is also the most direct way to consume Sonnet for coding, rather than going through all the hidden prompting and optimization than the other products do. You will feel that right away, as the average spend per user is $6/day on Claude Code compared to $20/mo for Cursor, for example. Apparently, there are some engineers inside of Anthropic that have spent >$1,000 in one day! If you're building AI developer tools, there's also a lot of alpha on how to design a cli tool, interactive vs non-interactive modes, and how to balance feature creation. Enjoy! Timestamps [00:00:00] Intro [00:01:59] Origins of Claude Code [00:04:32] Anthropic's Product Philosophy [00:07:38] What should go into Claude Code? [00:09:26] Claude.md and Memory Simplification [00:10:07] Claude Code vs Aider [00:11:23] Parallel Workflows and Unix Utility Philosophy [00:12:51] Cost considerations and pricing model [00:14:51] Key Features Shipped Since Launch [00:16:28] Claude Code writes 80% of Claude Code [00:18:01] Custom Slash Commands and MCP Integration [00:21:08] Terminal UX and Technical Stack [00:27:11] Code Review and Semantic Linting [00:28:33] Non-Interactive Mode and Automation [00:36:09] Engineering Productivity Metrics [00:37:47] Balancing Feature Creation and Maintenance [00:41:59] Memory and the Future of Context [00:50:10] Sandboxing, Branching, and Agent Planning [01:01:43] Future roadmap [01:11:00] Why Anthropic Excels at Developer Tools
News includes the release of Elixir 1.18.2 with various enhancements and bug fixes, a new experimental SQL sigil for Ecto that brings automatic parameterized queries, a recent GOTO 2025 talk featuring Saša Jurić on code reviews. We talked with Jonatan Kłosko about his work on PythonX, a new library for executing Python code inside Elixir, the Fine library for working with C++ NIFs, and much more! Show Notes online - http://podcast.thinkingelixir.com/244 (http://podcast.thinkingelixir.com/244) Elixir Community News https://gigalixir.com/thinking (https://gigalixir.com/thinking?utm_source=thinkingelixir&utm_medium=shownotes) – Visit Gigalixir.com to sign up and get 20% off your first year. Or use the promo code "Thinking" during signup. https://github.com/elixir-lang/elixir/releases/tag/v1.18.2 (https://github.com/elixir-lang/elixir/releases/tag/v1.18.2?utm_source=thinkingelixir&utm_medium=shownotes) – Elixir 1.18.2 was released with enhancements to Code.Fragment and Regex, plus bug fixes for CLI, ExUnit, IEx.Autocomplete, and mix deps.update. https://github.com/elixir-lang/elixir/releases/tag/v1.18.1 (https://github.com/elixir-lang/elixir/releases/tag/v1.18.1?utm_source=thinkingelixir&utm_medium=shownotes) – Elixir 1.18.1 included bug fixes for Kernel, ExUnit.Case, mix compile.elixir, mix escript.build, and Mix.Shell, especially related to error handling and Windows compatibility. https://www.erlang.org/news/174 (https://www.erlang.org/news/174?utm_source=thinkingelixir&utm_medium=shownotes) – Erlang OTP 28 RC-1 is out with a new source Software Bill of Materials (SBOM) on the Github Releases page. https://github.com/elixir-dbvisor/sql (https://github.com/elixir-dbvisor/sql?utm_source=thinkingelixir&utm_medium=shownotes) – A new experimental SQL sigil for Ecto brings an extensible SQL parser to Elixir with automatic parameterized queries. https://groups.google.com/g/elixir-ecto/c/8MOkRFAdLZc (https://groups.google.com/g/elixir-ecto/c/8MOkRFAdLZc?utm_source=thinkingelixir&utm_medium=shownotes) – The experimental SQL sigil for Ecto is being discussed on the Elixir-Ecto mailing list. https://www.youtube.com/watch?v=AYUNI2Pm6_w (https://www.youtube.com/watch?v=AYUNI2Pm6_w?utm_source=thinkingelixir&utm_medium=shownotes) – New talk from GOTO 2025 with Saša Jurić and Adrienne Braganza Tacke on "Small PRs, Big Impact - The Art of Code Reviews." https://alchemyconf.com/ (https://alchemyconf.com/?utm_source=thinkingelixir&utm_medium=shownotes) – AlchemyConf is coming up March 31 - April 3 in Braga, Portugal. https://www.gigcityelixir.com/ (https://www.gigcityelixir.com/?utm_source=thinkingelixir&utm_medium=shownotes) – GigCity Elixir and NervesConf are happening in Chattanooga, TN, USA with NervesConf on May 8 and the main event on May 9-10. https://www.elixirconf.eu/ (https://www.elixirconf.eu/?utm_source=thinkingelixir&utm_medium=shownotes) – ElixirConf EU will be held May 15-16, 2025 in Kraków & Virtual. https://goatmire.com/#tickets (https://goatmire.com/#tickets?utm_source=thinkingelixir&utm_medium=shownotes) – Goatmire tickets are on sale now for the event happening September 10-12, 2025 in Varberg, Sweden. Do you have some Elixir news to share? Tell us at @ThinkingElixir (https://twitter.com/ThinkingElixir) or email at show@thinkingelixir.com (mailto:show@thinkingelixir.com) Discussion Resources https://dashbit.co/blog/dashbit-plans-2025 (https://dashbit.co/blog/dashbit-plans-2025?utm_source=thinkingelixir&utm_medium=shownotes) https://github.com/thewca/wca-live (https://github.com/thewca/wca-live?utm_source=thinkingelixir&utm_medium=shownotes) – Speed cubing software https://dashbit.co/blog/running-python-in-elixir-its-fine (https://dashbit.co/blog/running-python-in-elixir-its-fine?utm_source=thinkingelixir&utm_medium=shownotes) https://hexdocs.pm/pythonx/Pythonx.html (https://hexdocs.pm/pythonx/Pythonx.html?utm_source=thinkingelixir&utm_medium=shownotes) https://github.com/livebook-dev/pythonx (https://github.com/livebook-dev/pythonx?utm_source=thinkingelixir&utm_medium=shownotes) https://bsky.app/profile/josevalim.bsky.social/post/3liyrfvlth22c (https://bsky.app/profile/josevalim.bsky.social/post/3liyrfvlth22c?utm_source=thinkingelixir&utm_medium=shownotes) – Jose said “We said we will focus on interoperability for 2025 and we are ready to share the first results.” https://github.com/elixir-nx/fine (https://github.com/elixir-nx/fine?utm_source=thinkingelixir&utm_medium=shownotes) – “Fine” is a new package related to the elixir-nx organization. It's a C++ library enabling more ergonomic NIFs, tailored to Elixir. https://peps.python.org/pep-0703/ (https://peps.python.org/pep-0703/?utm_source=thinkingelixir&utm_medium=shownotes) – Discussion about removing the Python GIL Find us online - Message the show - Bluesky (https://bsky.app/profile/thinkingelixir.com) - Message the show - X (https://x.com/ThinkingElixir) - Message the show on Fediverse - @ThinkingElixir@genserver.social (https://genserver.social/ThinkingElixir) - Email the show - show@thinkingelixir.com (mailto:show@thinkingelixir.com) - Mark Ericksen on X - @brainlid (https://x.com/brainlid) - Mark Ericksen on Bluesky - @brainlid.bsky.social (https://bsky.app/profile/brainlid.bsky.social) - Mark Ericksen on Fediverse - @brainlid@genserver.social (https://genserver.social/brainlid) - David Bernheisel on Bluesky - @david.bernheisel.com (https://bsky.app/profile/david.bernheisel.com) - David Bernheisel on Fediverse - @dbern@genserver.social (https://genserver.social/dbern)
Roy Derks, Developer Experience at IBM, talks about the integration of Large Language Models (LLMs) in web development. We explore practical applications such as building agents, automating QA testing, and the evolving role of AI frameworks in software development. Links https://www.linkedin.com/in/gethackteam https://www.youtube.com/@gethackteam https://x.com/gethackteam https://hackteam.io We want to hear from you! How did you find us? Did you see us on Twitter? In a newsletter? Or maybe we were recommended by a friend? Let us know by sending an email to our producer, Emily, at emily.kochanekketner@logrocket.com (mailto:emily.kochanekketner@logrocket.com), or tweet at us at PodRocketPod (https://twitter.com/PodRocketpod). Follow us. Get free stickers. Follow us on Apple Podcasts, fill out this form (https://podrocket.logrocket.com/get-podrocket-stickers), and we'll send you free PodRocket stickers! What does LogRocket do? LogRocket provides AI-first session replay and analytics that surfaces the UX and technical issues impacting user experiences. Start understand where your users are struggling by trying it for free at [LogRocket.com]. Try LogRocket for free today.(https://logrocket.com/signup/?pdr) Special Guest: Roy Derks.
In this episode, I sit down with Stephen Smith, founder of the Center for Building, to uncover the labyrinthine world of building codes—how they're made, who really influences them, and why they end up stifling the very innovation and affordability we need. From the peculiarities of elevator requirements to the often overlooked role of local politics and special interests, we unpack how these complex rules shape our homes, buildings, and cities more than we might realize.TAKEAWAYSWhy Building Codes Matter: Even if you're not a builder or developer, codes dictate your home's layout, the price of housing, and whether your favorite small condo project can even get off the ground.The ICC (International Code Council) Isn't Really “International”: You'll learn how this non-governmental body, which writes most U.S. building codes, can be both extremely influential and surprisingly insular.Over-Regulation's Real-World Costs: We break down how elevator mandates, fire codes, and accessibility requirements—though well-intended—sometimes create perverse incentives that drive up costs or discourage better solutions.Local Politics & Hidden Interests: Discover how “government members” and private manufacturers shape these codes, and why your mayor or city council may have little say in regulations that affect everyone.A Path Forward: Stephen shares practical ways policymakers and citizens can get involved in reforming the system, focusing on a more human-centered approach that balances safety, cost, and beautyCHAPTERS00:00 The Challenge of Building Codes in the U.S.03:06 The Role of Building Codes in Urban Development05:46 Understanding the American Way of Building09:09 The Impact of Building Codes on Housing Costs12:09 Elevator Regulations and Their Consequences14:52 Harmonization of Codes and Standards18:11 Over-Dimensioning in American Construction21:05 Labor Issues in the Construction Industry23:57 The Need for Code Review and Justification26:49 The Tyranny of Bureaucracy in Building Codes38:49 The Grenfell Fire and Its Aftermath45:05 Design Innovations in Building Codes48:25 Understanding the ICC and Code Writing58:09 The Revolving Door: Industry and Regulation01:07:26 The Role of Government in Building Codes01:15:20 Getting Involved: Supporting Change in Building CodesCONNECT WITH STEPHENCenter for Building https://www.centerforbuilding.org/BlueSky: https://bsky.app/profile/stephenjacobsmith.com Email: stephen@centerforbuilding.orgMENTIONED RESOURCESElevator research: https://admin.centerforbuilding.org/wp-content/uploads/2024/12/Elevators.pdf CONNECT WITH AUSTIN TUNNELLNewsletter: https://playbook.buildingculture.com/https://www.instagram.com/austintunnell/https://www.linkedin.com/in/austin-tunnell-2a41894a/https://twitter.com/AustinTunnellCONNECT WITH BUILDING CULTUREhttps://www.buildingculture.com/https://www.instagram.com/buildingculture/https://twitter.com/build_culturehttps://www.facebook.com/BuildCulture/SPONSORSThank you so much to the sponsors of The Building Culture Podcast!Sierra Pacific Windows: https://www.sierrapacificwindows.com/One Source Windows: https://onesourcewindows.com/
Merrill Lutsky is the cofounder and CEO of Graphite, an AI-powered code reviewer that's used by tens of thousands of users. They are backed by amazing investors including Andreessen Horowitz.Merrill's favorite book: Never Split the Difference (Author: Chris Voss)(00:01) Introduction(00:06) Teaching AI to Understand Code(02:40) AI-Assisted Code Generation and Code Review(06:20) Current Landscape of AI-Assisted Code Review(09:04) Motivation Behind Launching Graphite(16:52) Landing the First Paying Users and Early Learnings(21:42) Growth Experiments: Wins and Misses(26:27) Current Scale of Graphite(29:12) Tech Stack Behind Graphite(33:12) Future of AI-Assisted Coding and Graphite's Role(35:37) Rapid Fire Round--------Where to find Merrill Lutsky: LinkedIn: https://www.linkedin.com/in/merrill-lutsky/--------Where to find Prateek Joshi: Newsletter: https://prateekjoshi.substack.com Website: https://prateekj.com LinkedIn: https://www.linkedin.com/in/prateek-joshi-91047b19 X: https://x.com/prateekvjoshi
This interview was recorded for the GOTO Book Club.http://gotopia.tech/bookclubRead the full transcription of the interview hereAdrienne Braganza Tacke - Senior Developer Advocate at Cisco & Author of "Looks Good To Me: Constructive Code Reviews"Paul Slaughter - Staff Fullstack Engineer at GitLab & Creator of Conventional CommentsRESOURCESAdriennehttps://x.com/AdrienneTackehttps://github.com/AdrienneTackehttps://www.linkedin.com/in/adriennetackehttps://www.instagram.com/adriennetackehttps://www.adrienne.iohttps://blog.adrienne.ioPaulhttps://x.com/souldzinhttps://github.com/souldzinhttps://gitlab.com/pslaughterhttps://gitlab.com/souldzinhttps://souldzin.comDESCRIPTIONPaul Slaughter and Adrienne Braganza Tacke delve into the critical role of communication in code reviews, emphasizing how soft skills can significantly enhance the engineering process. Adrienne, drawing insights from her upcoming book, explores the expectations for software engineers in code reviews, offers practical tips for improving communication, and shares her unique perspective on the parallels between writing and reviewing code.Their conversation highlights the importance of fostering a positive feedback culture and leading by example to create a collaborative environment within teams.RECOMMENDED BOOKSAdrienne Braganza Tacke • "Looks Good to Me": Constructive Code ReviewsAdrienne Braganza Tacke • Coding for KidsGrace Huang • Code Reviews in TechMartin Fowler • RefactoringMatthew Skelton & Manuel Pais • Team TopologiesDave Thomas & Andy Hunt • The Pragmatic ProgrammerBlueskyTwitterInstagramLinkedInFacebookCHANNEL MEMBERSHIP BONUSJoin this channel to get early access to videos & other perks:https://www.youtube.com/channel/UCs_tLP3AiwYKwdUHpltJPuA/joinLooking for a unique learning experience?Attend the next GOTO conference near you! Get your ticket: gotopia.techSUBSCRIBE TO OUR YOUTUBE CHANNEL - new videos posted daily!
In this episode, we dive deep into the dynamics of working solo versus being part of a development team. From the ideal team composition at large companies to the challenges of maintaining open source projects, our hosts share their experiences and insights. Learn about the crucial roles of designers and product managers, the importance of documentation, and why even senior developers still Google Git commands. Whether you're a solo developer looking to collaborate or a team player wanting to improve your workflow, this episode has something for everyone. Chapter Marks00:00 - Introduction01:16 - The Perfect Team Composition02:44 - Different Approaches to Team Building04:37 - Working Without Designers: The FedEx Experience08:10 - Documentation and Project Requirements12:30 - The Role of Documentation in Team Success14:47 - Documentation's Impact on Career Growth15:14 - Onboarding and Documentation Connection16:51 - Open Source Project Management19:45 - Automation in Open Source22:34 - Deals for Devs: Managing Contributors25:29 - Branch Management and PR Workflows29:59 - Solo Development Practices31:21 - Git Commands and Team Workflows35:14 - Open Source Knowledge Barriers38:02 - The Importance of Admitting What You Don't Know39:15 - Episode Wrap-up LinksNick Taylor's Blog Post about GitHub Code Owners - https://dev.to/opensauced/supercharge-your-repository-with-code-owners-4clgB Dougie's GitHub Action for the "Take" command - https://github.com/bdougie/take-action/blob/main/action.ymlChantastic's Git Course on Epic Web - https://www.epicweb.dev/tutorials/git-fundamentalsGitHub Documentation on Squash Merging vs Rebase Merging - https://docs.github.com/en/pull-requests/collaborating-with-pull-requests/incorporating-changes-from-a-pull-request/about-pull-request-mergesMerge vs Rebase vs Squash - https://gist.github.com/mitchellh/319019b1b8aac9110fcfb1862e0c97fbGitHub Issue Forms Documentation - https://docs.github.com/en/communities/using-templates-to-encourage-useful-issues-and-pull-requests/syntax-for-issue-formsGitHub Pull Request Templates Guide - https://docs.github.com/en/communities/using-templates-to-encourage-useful-issues-and-pull-requests/creating-a-pull-request-template-for-your-repositoryGitHub Code Owners Documentation - https://docs.github.com/en/repositories/managing-your-repositorys-settings-and-features/customizing-your-repository/about-code-ownersVirtual Coffee's Hacktoberfest Resources - https://hacktoberfest.virtualcoffee.io/OpenSauce - https://opensauced.pizza/The "Working Genius" Assessment - https://www.workinggenius.com/Gun.io Work Personality Quiz - https://gun.io/workstyle/Deals for Devs Project - https://www.dealsfordevs.com/GitHub Actions Documentation on Release Management - https://docs.github.com/en/actions/sharing-automations/creating-actions/releasing-and-maintaining-actionsConventional Commits Documentation - https://www.conventionalcommits.org/en/v1.0.0/
Are you helping or holding your team back? In this episode, I explore why sharing technical answers with your development team might not be the best way to help them grow. Instead, learn how to use resourceful questions to empower your team members to think critically, solve problems independently, and build long-term confidence. This coaching strategy is rooted in co-active coaching principles and can transform how you mentor junior developers or lead your software team. Grow Faster in Your Tech Career: https://thrivingtechnologist.com/coaching Join the Thriving Tech Community: https://thrivingtechnologist.com/community As a tech lead, manager, or mentor, it's natural to want to provide answers when your team is stuck. But constantly solving problems for them can create dependency and stifle their growth. By shifting from a directive approach to a coaching mindset, you'll help your team develop essential skills, foster ownership, and reduce your own workload in the long run. In this video, I'll share practical examples and techniques you can start using today to guide your team effectively without always giving them the solution. If you've ever felt the pressure to be the “go-to expert” on your team, this episode will challenge that belief and show you a better way to lead. Coaching your team to solve their own problems not only benefits them but also makes you a stronger leader. Watch now to learn how to implement these strategies and take your leadership to the next level! You can also watch this episode on YouTube. Chapter markers / timelinks: (0:00) Introduction (1:14) 1 Bringing Out The Best in Your Software Team (1:31) 1.1 Solving Problems For People Holds Them Back (2:48) 1.2 Let People Struggle (4:36) 1.3 The Role of Resourceful Questions (11:30) 1.3.1 Examples of Resourceful Questions (11:35) 1.3.1.1 "Have You Broken This Up Into Smaller Pieces?" (12:33) 1.3.1.2 "Have You Really Considered ALL Your Options?" (14:07) 1.3.1.3 "What if I Wasn't Available?" (15:09) 1.4 Shifting From Expert to Coach (22:36) 1.5 The Long-Term Benefits of Coaching (26:16) 2 How To Start Leading Like a Coach (26:48) 2.1 Start Small (28:50) 2.2 You Don't Need Formal Training (29:50) 2.3 Where to Start Coaching (30:02) 2.3.1 Code Reviews (31:08) 2.3.2 Design Reviews (32:46) 2.3.3 Project Planning (33:30) 2.3.4 Debugging Sessions (34:30) Get Help with Leadership Visit me at thrivingtechnologist.com
Exploring AI, Cybersecurity, and Open Source with Chris Lindsey from Mend.io In this episode of the FINOS podcast, Grizz Griswold interviews Chris Lindsey, a Security Evangelist from Mend.io. They discuss the intersection of AI, cybersecurity, and open-source software. Chris shares his extensive experience in software development and application security, providing insights into secure coding practices, the critical role of open source in development, and practical approaches to managing AI technology within highly regulated industries. Tune in to learn about the challenges and strategies in the evolving landscape of AI and cybersecurity. 00:00 Introduction to AI and Security 01:07 Meet Chris Lindsey of Mend.io 02:34 Chris Lindsey's Origin Story 04:39 Challenges in Secure Software Development 07:00 Open Source Security Concerns 15:28 AI in Code Reviews and Security 20:09 The Role of AI in Cybersecurity 29:25 About Mend.io and Its Tools 32:18 Final Thoughts and Future Discussions Chris Lindsey: https://www.linkedin.com/in/chris-lindsey-39b3915/ Mend.io: https://www.mend.io/ Grizz's Info | https://www.linkedin.com/in/aarongriswold/ | grizz@finos.org Find more info about FINOS: On the web: https://www.finos.org/ Twitter: https://twitter.com/FINOSFoundation LinkedIn: https://www.linkedin.com/company/finosfoundation/ 2024 State of Open Source in Financial Services Download: https://www.finos.org/state-of-open-source-in-financial-services-2024 FINOS Current Newsletter Here: https://www.finos.org/newsletter About FINOS FINOS (The Fintech Open Source Foundation) is a nonprofit whose mission is to foster the adoption of open source, open standards, and collaborative software development practices in financial services. It is the center for open source developers and the financial services industry to build new technology projects that have a lasting impact on business operations. As a regulatory compliant platform, the foundation enables developers from these competing organizations to collaborate on projects with a strong propensity for mutualization. It has enabled codebase contributions from both the buy- and sell-side firms and counts over 50 major financial institutions, fintechs and technology consultancies as part of its membership. FINOS is also part of the Linux Foundation, the largest shared technology organization in the world. Get involved and join FINOS as a Member.
In this engaging episode, Mon-Chaio and Andy dive deep into the topic of peer code reviews. They begin by providing historical context, tracing back code review practices to IBM's research in the 70s and 80s, and examine the efficacy of modern-day peer reviews. The hosts debate the true benefits of code reviews, discussing whether they genuinely enhance quality or merely serve as a process ritual. They also explore alternative methods like pair programming, and propose innovative ideas for improving peer review processes, such as detailed walkthroughs and code review checklists. Listeners are encouraged to experiment with different tactics and to consider feedback on their own peer review approaches. Join Mon-Chaio and Andy as they navigate the intricacies of peer reviews and share actionable insights for refining this critical practice in software engineering organizations. References Investigating the effectiveness of peer code review in distributed software development based on objective and subjective data Advances in Software Inspections The Impact of Design and Code Reviews on Software Quality: An Empirical Study Based on PSP Data An empirical study of the impact of modern code reviewpractices on software quality Evaluating Pair Programming with Respect to System Complexity and Programmer Expertise Are Two Heads Better than One? On the Effectiveness of Pair Programming From Async Code Reviews to Co-Creation Patterns
In this episode, Dominik Dorfmeister, TanStack maintainer, joins us to discuss component composition in React. He discusses breaking components apart, managing conditional rendering, and the benefits of early returns in improving code readability and maintainability. Links https://tkdodo.eu/blog/component-composition-is-great-btw https://tkdodo.eu/blog https://github.com/TkDodo https://www.dorfmeister.cc https://x.com/TkDodo https://www.linkedin.com/in/dominik-dorfmeister-8a71051b9 We want to hear from you! How did you find us? Did you see us on Twitter? In a newsletter? Or maybe we were recommended by a friend? Let us know by sending an email to our producer, Emily, at emily.kochanekketner@logrocket.com (mailto:emily.kochanekketner@logrocket.com), or tweet at us at PodRocketPod (https://twitter.com/PodRocketpod). Follow us. Get free stickers. Follow us on Apple Podcasts, fill out this form (https://podrocket.logrocket.com/get-podrocket-stickers), and we'll send you free PodRocket stickers! What does LogRocket do? LogRocket provides AI-first session replay and analytics that surfaces the UX and technical issues impacting user experiences. Start understand where your users are struggling by trying it for free at [LogRocket.com]. Try LogRocket for free today.(https://logrocket.com/signup/?pdr) Special Guest: Dominik Dorfmeister.
To kick off Elixir Wizards Season 13, The Creator's Lab, we're joined by Zach Daniel, the creator of Igniter and the Ash framework. Zach joins hosts Owen Bickford and Charles Suggs to discuss the mechanics and aspirations of his latest brainchild, Igniter—a code generation and project patching framework designed to revolutionize the Elixir development experience. Igniter isn't just about generating code; it's about generating smarter code. By leveraging tools like Sourcerer and Rewrite, Igniter allows developers to modify source code and batch updates by directly interacting with Elixir's AST instead of regex patching. This approach streamlines new project setup and package installations and enhances overall workflow. They also discuss the strategic implications of Igniter for the broader Elixir community. Zach hopes Igniter will foster a more interconnected and efficient ecosystem that attracts new developers to Elixir and caters to the evolving needs of seasoned Elixir engineers. Topics discussed in this episode: Advanced package installation and code generation improve the developer experience Scripting and staging techniques streamline project updates Innovative methods for smoother installation processes in Elixir packages High-level tools apply direct patches to source code Progressive feature additions simplify the mix phx.new experience Chaining installers and composing tasks for more efficient project setup Continuous improvement in developer experiences to boost Elixir adoption Encourage listeners to collaborate by sharing code generation patterns Introduction of a new mix task aimed at removing the "unless" keyword in preparation for Elixir 1.18 You can learn more in the upcoming book "Building Web Applications with Ash Framework" by Zach and Rebecca Links mentioned: https://smartlogic.io/ https://alembic.com.au/blog/igniter-rethinking-code-generation-with-project-patching https://hexdocs.pm/igniter/readme.html https://github.com/ash-project/igniter https://www.zachdaniel.dev/p/serialization-is-the-secret https://www.zachdaniel.dev/p/welcome-to-my-substack https://ash-hq.org/ https://hexdocs.pm/sourceror/readme.html https://smartlogic.io/podcast/elixir-wizards/s10-e09-hugo-lucas-future-of-elixir-community/ https://github.com/hrzndhrn/rewrite https://github.com/zachdaniel https://github.com/liveshowy/webauthn_components https://hexdocs.pm/elixir/Regex.html https://github.com/msaraiva/vscode-surface https://github.com/swoosh/swoosh https://github.com/erlef/oidcc https://alembic.com.au/ https://www.zachdaniel.dev/ Special Guest: Zach Daniel.
Code reviews can be highly beneficial but tricky to execute well due to the human factors involved, says Adrienne Braganza Tacke, author of *Looks Good to Me: Actionable Advice for Constructive Code Review.* In a recent conversation with *The New Stack*, Tacke identified three challenges teams must address for successful code reviews: ambiguity, subjectivity, and ego.Ambiguity arises when the goals or expectations for the code are unclear, leading to miscommunication and rework. Tacke emphasizes the need for clarity and explicit communication throughout the review process. Subjectivity, the second challenge, can derail reviews when personal preferences overshadow objective evaluation. Reviewers should justify their suggestions based on technical merit rather than opinion. Finally, ego can get in the way, with developers feeling attached to their code. Both reviewers and submitters must check their egos to foster a constructive dialogue.Tacke encourages programmers to first review their own work, as self-checks can enhance the quality of the code before it reaches the reviewer. Ultimately, code reviews can improve code quality, mentor developers, and strengthen team knowledge. Learn more from The New Stack about code reviews:The Anatomy of Slow Code Reviews One Company Rethinks Diff to Cut Code Review TimesHow Good Is Your Code Review Process?Join our community of newsletter subscribers to stay on top of the news and at the top of your game.
In this episode of the Modern Web Podcast, we sit down with Shashi Lo, Senior UX Engineer at Microsoft and the founder of the Gridiron Survivor project. Shashi shares his approach to mentoring junior developers by helping them bridge the gap between boot camp and their first job in tech. We cover the challenges of onboarding, the importance of code reviews, and how companies can better support new talent by investing in mentorship and training. Shashi also talks about his experience with building a community of learners, the process of de-risking junior candidates, and why companies should be more proactive in nurturing the next generation of developers. 00:00 - Meet Shashi Lo 02:25 - The Gridiron Survivor Project 05:02 - The Importance of Code Reviews 07:25 - Teaching the Basics of Project Communication 09:47 - Code Reviews as a Learning Tool 12:06 - Why Shashi Mentors: Giving Back to the Community 14:26 - The Importance of De-Risking Junior Candidates 16:41 - Building in Public: Transparency and Learning 19:00 - Assessing Candidates for the Gridiron Survivor Project 21:25 - The Power of Simple Coding Tests 23:45 - Scaling Up Skills: From Small Tasks to Big Projects 26:07 - Should Companies Be Doing This? 28:25 - Finding Hidden Gems in the Job Market 30:47 - The Challenges of Filtering Candidates 33:02 - Where to Find Shashi Online 34:38 - Closing Remarks Follow Shashi Lo on Social Media Twitter: https://x.com/shashiwhocodes Linkedin: https://www.linkedin.com/in/shashilo/ Github: https://github.com/shashilo Sponsored by This Dot.
“A lot of problems that we are facing in code review are due to the interface. We are not actually giving feedback to a person, but we are just filling in text boxes and looking at code." Dr. Michaela Greiler is a code review advocate and runs the “Awesome Code Reviews” workshops. In this episode, we discuss the importance of making code reviews awesome. We discuss the common challenges of code reviews, emphasizing the need for a balanced approach that considers both the technical and social aspects. Michaela also shares insights on how to assess and improve code review practices within teams, highlighting the code review quadrant of review speed and feedback value. Our discussion further explores the correlation between code reviews and developer experience, emphasizing the role of psychological safety and a positive feedback culture. Finally, Michaela provides valuable tips on code review tools and techniques, including the use of checklists and strategies for managing context switching. If you're looking to enhance your team's code review process and foster a positive developer experience, listen now and take your code reviews to the next level! Listen out for: Career Journey - [00:01:53] Awesome Code Review - [00:05:33] Assessing Code Review Practices - [00:11:41] Code Review Speed - [00:18:23] Code Review & Developer Experience - [00:23:31] Improving Code Review Cultural Aspect - [00:29:13] Code Review Tools - [00:35:36] Code Review Techniques - [00:42:11] Context Switching - [00:48:15] 3 Tech Lead Wisdom - [00:54:14] _____ Michaela Greiler's BioFor over 15 years, Michaela Greiler has helped software teams build high-quality software in an efficient and effective way. Her mission is to lead teams to unlock their full potential during company workshops and team coaching sessions. She shares her findings through articles on her blog or in scientific journals, in publications such as freecodecamp and at conferences. She also runs a weekly newsletter that more than 2500 people enjoy. In this newsletter, she shares her thoughts on relevant software engineering topics and helps you stay up-to-date. She's also the host of the software engineering unlocked podcast. Here, she interviews experienced developers, product managers and CTOs about how they build software. Follow Michaela: Awesome Code Reviews – awesomecodereviews.com Personal Website – michaelagreiler.com LinkedIn – linkedin.com/in/mgreiler Twitter – @mgreiler SE Unlocked Podcast – softwareengineeringunlocked.com _____ Our Sponsors Enjoy an exceptional developer experience with JetBrains. Whatever programming language and technology you use, JetBrains IDEs provide the tools you need to go beyond simple code editing and excel as a developer.Check out FREE coding software options and special offers on jetbrains.com/store/#discounts.Make it happen. With code. Manning Publications is a premier publisher of technical books on computer and software development topics for both experienced developers and new learners alike. Manning prides itself on being independently owned and operated, and for paving the way for innovative initiatives, such as early access book content and protection-free PDF formats that are now industry standard.Get a 40% discount for Tech Lead Journal listeners by using the code techlead24 for all products in all formats. Like this episode?Show notes & transcript: techleadjournal.dev/episodes/189.Follow @techleadjournal on LinkedIn, Twitter, and Instagram.Buy me a coffee or become a patron.
Guest: Abraham Aranguren, Managing Director at 7ASecurity [@7aSecurity]On LinkedIn | https://www.linkedin.com/in/abrahamaranguren/____________________________Hosts: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/sean-martinMarco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society PodcastOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli____________________________Episode NotesIn this On Location episode recorded in Lisbon at the OWASP AppSec Global event, Sean Martin engages in a comprehensive discussion with Abraham Aranguren, a cybersecurity trainer skilled at hacking IoT, iOS, and Android devices. The conversation delves into the intricacies of mobile application security, touching on both the technical and procedural aspects that organizations must consider to build and maintain secure apps.Abraham Aranguren, known for his expertise in cybersecurity training, shares compelling insights into identifying IoT vulnerabilities without physically having the device. By reverse engineering applications, one can uncover potential security flaws and understand how apps communicate with their IoT counterparts. For instance, Aranguren describes exercises where students analyze mobile apps to reveal hardcoded passwords and unsecured Wi-Fi connections used to manage devices like drones.A significant portion of the discussion revolves around real-world examples of security lapses in mobile applications. Aranguren details an incident involving a Chinese government app that harvests personal data from users' phones, highlighting the serious privacy implications of such vulnerabilities. Another poignant example is Hong Kong's COVID-19 contact-tracing app, which stored sensitive user information insecurely, revealing how even high-budget applications can suffer from critical security flaws if not properly tested.Sean Martin, drawing from his background in software quality assurance, emphasizes the importance of establishing clear, repeatable processes and workflows to ensure security measures are consistently applied throughout the development and deployment phases. He and Aranguren agree that while developers need to be educated in secure coding practices, organizations must also implement robust processes, including code reviews, automated tools for static analysis, and third-party audits to identify and rectify potential vulnerabilities.Aranguren stresses the value of pentests, noting that organizations often show significant improvement over multiple tests. He shares experiences of clients who, after several engagements, greatly reduced the number of exploitable vulnerabilities. Regular, comprehensive testing, combined with a proactive approach to fixing identified issues, helps create a robust security posture, ultimately making applications harder to exploit and dissuading potential attackers.For businesses developing apps, this episode underscores the necessity of integrating security from the ground up, continuously educating developers, enforcing centralized security controls, and utilizing pentests as a tool for both validation and education. The ultimate goal is to make applications resilient enough to deter attackers, ensuring both the business and its users are protected.Be sure to follow our Coverage Journey and subscribe to our podcasts!____________________________Follow our OWASP AppSec Global Lisbon 2024 coverage: https://www.itspmagazine.com/owasp-global-2024-lisbon-application-security-event-coverage-in-portugalOn YouTube:
Guest: Abraham Aranguren, Managing Director at 7ASecurity [@7aSecurity]On LinkedIn | https://www.linkedin.com/in/abrahamaranguren/____________________________Hosts: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/sean-martinMarco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society PodcastOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli____________________________Episode NotesIn this On Location episode recorded in Lisbon at the OWASP AppSec Global event, Sean Martin engages in a comprehensive discussion with Abraham Aranguren, a cybersecurity trainer skilled at hacking IoT, iOS, and Android devices. The conversation delves into the intricacies of mobile application security, touching on both the technical and procedural aspects that organizations must consider to build and maintain secure apps.Abraham Aranguren, known for his expertise in cybersecurity training, shares compelling insights into identifying IoT vulnerabilities without physically having the device. By reverse engineering applications, one can uncover potential security flaws and understand how apps communicate with their IoT counterparts. For instance, Aranguren describes exercises where students analyze mobile apps to reveal hardcoded passwords and unsecured Wi-Fi connections used to manage devices like drones.A significant portion of the discussion revolves around real-world examples of security lapses in mobile applications. Aranguren details an incident involving a Chinese government app that harvests personal data from users' phones, highlighting the serious privacy implications of such vulnerabilities. Another poignant example is Hong Kong's COVID-19 contact-tracing app, which stored sensitive user information insecurely, revealing how even high-budget applications can suffer from critical security flaws if not properly tested.Sean Martin, drawing from his background in software quality assurance, emphasizes the importance of establishing clear, repeatable processes and workflows to ensure security measures are consistently applied throughout the development and deployment phases. He and Aranguren agree that while developers need to be educated in secure coding practices, organizations must also implement robust processes, including code reviews, automated tools for static analysis, and third-party audits to identify and rectify potential vulnerabilities.Aranguren stresses the value of pentests, noting that organizations often show significant improvement over multiple tests. He shares experiences of clients who, after several engagements, greatly reduced the number of exploitable vulnerabilities. Regular, comprehensive testing, combined with a proactive approach to fixing identified issues, helps create a robust security posture, ultimately making applications harder to exploit and dissuading potential attackers.For businesses developing apps, this episode underscores the necessity of integrating security from the ground up, continuously educating developers, enforcing centralized security controls, and utilizing pentests as a tool for both validation and education. The ultimate goal is to make applications resilient enough to deter attackers, ensuring both the business and its users are protected.Be sure to follow our Coverage Journey and subscribe to our podcasts!____________________________Follow our OWASP AppSec Global Lisbon 2024 coverage: https://www.itspmagazine.com/owasp-global-2024-lisbon-application-security-event-coverage-in-portugalOn YouTube:
Hands-On als Engineering Manager: Yay or Nei? Leute, die einmal das Handwerk des Software-Engineerings professionell ausgeübt haben und dann ins Management wechseln, haben oft den Drang, ihr Hardskills nicht zu verlieren. Doch durch den neuen Job sind die Prioritäten nun andere: People Leadership, das Team effizient halten, Strategie und Roadmaps entwickeln. Wo bleibt denn da noch die Zeit am Code mitzuarbeiten?Wir stellen uns die Frage: Warum ist das so? Muss das sein, dass Manager weiterhin technisch sind? Und wenn ja, welche Gefahren birgt das? Aber auch: Wie können wir es möglich machen, obwohl unser Kalender sagt, dass die Woche mit Meetings bereits belegt ist?Darum geht es in dieser Episode. Viel Spaß!Bonus: Auch Manager laufen auf Kaffee.Das schnelle Feedback zur Episode:
Key Insights:Importance of Code Reviews: Code reviews are essential for error detection, understanding new features, adhering to coding standards, and ensuring only reviewed code is deployed.Emotional Impact: Emotional dynamics play a significant role, with 30% of developers reviewing code from less favored colleagues, which can lead to biased judgments and negative feelings.Striving for Objectivity: Despite personal feelings, approximately 76% of developers strive for objectivity to maintain professionalism.Impact of Developer Experience: The experience level of a developer also influences the depth of code reviews and the manner in which feedback is provided.Perceptions Formed: Reviewers' perceptions of code quality can affect their views on the author's skills or character.Strategies to Mitigate Bias: The episode outlines multiple strategies to reduce bias in code reviews, such as involving multiple reviewers, standardizing review criteria, and implementing anonymous reviews.Additional Resources: Read the full paper called "How social interactions can affect Modern Code Review"Visit awesomecodereviews.com to discover Dr. McKayla's latest article on the top 10 code review techniques and methodologies, including systematic approaches like using checklists and change-impact analysis.Conclusion: The podcast sheds light on both the positive and negative impacts of human factors in code reviews and emphasizes the need for strategies to minimize bias, enhancing both code quality and team dynamics.
In Office Hours Episode 6, SmartLogic Developers Anna Dorigo and Bilal Hankins join Elixir Wizards Sundi and Dan to discuss their experiences maintaining a decade-old Ruby on Rails codebase. They delve into the critical importance of deeply understanding the codebase, keeping dependencies current, and adapting to the original application's evolving priorities and design choices. The conversation spans a range of topics, including accessibility, testing, monitoring, and the challenges of deploying database migrations in production environments. The guests share effective strategies for sustaining and enhancing older codebases, such as employing automated tools, performing code audits, and adhering to clean coding principles. Key topics discussed in this episode: Grasping the legacy codebase and its historical context Overcoming accessibility issues in older applications Safe dependency management and upgrades The effects of application scaling on database performance The critical role of comprehensive test suites in legacy systems Using tools like Sentry for error tracking and performance monitoring The benefits of automated security and dependency scans Juggling client needs with budget constraints Local simulation techniques for large datasets The value of iterative code reviews and maintaining clean code Utilizing git history for contextual understanding Onboarding strategies for legacy projects Removing obsolete code and avoiding "magic numbers" Importance of descriptive naming for better code clarity Leveraging a rich repository of example code for learning and reference Proactive code audits to anticipate issues Managing pull request sizes for smoother reviews Communicating effectively about upgrades and potential impacts Strategies for handling large databases efficiently Ensuring thorough test coverage Keeping open lines of communication with clients regarding ongoing maintenance Links mentioned: COBOL programming language https://developer.ibm.com/languages/cobol/ Ruby on Rails https://rubyonrails.org/ ARIA Rules (Accessible Rich Internet Applications) https://www.w3.org/TR/using-aria/ Shawn Vo on Elixir as a Competitive Advantage https://smartlogic.io/podcast/elixir-wizards/s5e5-vo/ Bundler Audit Ruby Gem https://rubygems.org/gems/bundler-audit/ Sentry application monitoring and error tracking software https://sentry.io/ Dependabot Github automated dependency updates Mix hex.audit https://hexdocs.pm/hex/Mx.Tasks.Hex.Audit.html Git Blame https://git-scm.com/docs/git-blame Cow hoof trimming videos - The Hoof GP on YouTube (TW graphic imagery) Special Guests: Anna Dorigo and Bilal Hankins.
In this episode of WPwatercooler, titled “To Bot or Not to Bot,” hosts Jason Tucker, Sé Reed, and Jason Cosper dive into the implications and ethical considerations of utilizing bots, specifically ChatGPT, in the realm of WordPress development. The discussion kicks off with an anecdote from Sé, who experimented with using ChatGPT to solve a coding problem related to grouping WordPress pages in the admin area. This led to a broader conversation about the reliability, safety, and future role of AI-generated code in production environments. The episode touches on themes such as the balance between automation and manual oversight, the evolving landscape of WordPress plugin development, and the importance of adhering to coding standards. Throughout, the hosts share personal experiences, concerns, and the potential they see in integrating AI tools like ChatGPT into their workflows, all while maintaining a critical eye on the implications for developers and the wider WordPress community. Links https://github.com/WordPress/WordPress-Coding-Standards https://fedi.simonwillison.net/@simon/112147026040154264 https://labs.perplexity.ai https://huggingface.co/docs/transformers/model_doc/code_llama https://unmaintained.tech Chapters 00:00 Intro 00:16 Introducing the Hosts and Their Quirky Banter 01:03 Inspiration from Discord: Tackling WordPress Page Chaos 06:18 The Quest for Better Page Organization: A Plugin Solution 08:40 ChatGPT to the Rescue: Crafting a Custom Plugin 10:54 Testing and Tweaking: The Plugin's Journey to GitHub 12:28 The Ethical Dilemma: Using Bots for Code Generation 14:34 Learning to Code with ChatGPT: A Personal Journey 17:59 Ensuring Code Quality: The Role of Large Language Models 20:44 The Future of Plugin Development: Community Collaboration 22:00 The Open Source Dilemma: Plugins, Patches, and the Power of Collaboration 23:00 Navigating the Free vs. Pro Plugin Conundrum 23:47 The No Maintenance Intended Tag: A New Approach to Open Source 24:37 The Challenges of Community Contributions and Code Reviews 25:06 Harnessing AI for Code Generation: A New Frontier 29:49 The Trust Crisis in Plugin Repositories 35:01 AI vs. Traditional Coding: Navigating the New Landscape 39:06 The Ethical Dilemma of Using AI-Generated Code 43:39 Collaborative Coding with AI: The Future of Development? What is WPwatercooler? WPwatercooler is streamed live and recorded as the self-titled show on the WPwatercooler Network. Our objective with the show since the beginning has been to help people in this industry have a place to hear people, much like themselves, talk about the technologies and methods we all use on a daily basis. We named WPwatercooler to be that, the watercooler that WordPress folks can gather around and participate in the conversation, or just sit back and learn from the discussion. Our listeners and contributors come from all walks of life and all backgrounds. We strive to make this place as welcoming and accessible as we can. Learn more at https://www.wpwatercooler.com/wpwatercooler What is Dev Branch? Dev Branch is streamed live and recorded monthly on the first friday of the month as the developer-focused discussions of the WPwatercooler Network. Dev Branch is released on its own podcast feed and made available live and on-demand in video format on Facebook, YouTube, LinkedIn, and Twitch. Learn more at https://www.wpwatercooler.com/devbranch
The Elixir Wizards Podcast is back with Season 12 Office Hours, where we talk with the internal SmartLogic team about the stages of the software development lifecycle. For the season premiere, "Testing 1, 2, 3," Joel Meador and Charles Suggs join us to discuss the nuances of software testing. In this episode, we discuss everything from testing philosophies to test driven development (TDD), integration, and end-user testing. Our guests share real-world experiences that highlight the benefits of thorough testing, challenges like test maintenance, and problem-solving for complex production environments. Key topics discussed in this episode: How to find a balance that's cost-effective and practical while testing Balancing test coverage and development speed The importance of clear test plans and goals So many tests: Unit testing, integration testing, acceptance testing, penetration testing, automated vs. manual testing Agile vs. Waterfall methodologies Writing readable and maintainable tests Testing edge cases and unexpected scenarios Testing as a form of documentation and communication Advice for developers looking to improve testing practices Continuous integration and deployment Links mentioned: https://smartlogic.io/ Watch this episode on YouTube! youtu.be/unx5AIvSdc Bob Martin “Clean Code” videos - “Uncle Bob”: http://cleancoder.com/ JUnit 5 Testing for Java and the JVM https://junit.org/junit5/ ExUnit Testing for Elixir https://hexdocs.pm/exunit/ExUnit.html Code-Level Testing of Smalltalk Applications https://www.cs.ubc.ca/~murphy/stworkshop/28-7.html Agile Manifesto https://agilemanifesto.org/ Old Man Yells at Cloud https://i.kym-cdn.com/entries/icons/original/000/019/304/old.jpg TDD: Test Driven Development https://www.agilealliance.org/glossary/tdd/ Perl Programming Language https://www.perl.org/ Protractor Test Framework for Angular and AngularJS protractortest.org/#/ Waterfall Project Management https://business.adobe.com/blog/basics/waterfall CodeSync Leveling up at Bleacher Report A cautionary tale - PETER HASTIE https://www.youtube.com/watch?v=P4SzZCwB8B4 Mix ecto.dump https://hexdocs.pm/ectosql/Mix.Tasks.Ecto.Dump.html Apache JMeter Load Testing in Java https://jmeter.apache.org/ Pentest Tools Collection - Penetration Testing https://github.com/arch3rPro/PentestTools The Road to 2 Million Websocket Connections in Phoenix https://www.phoenixframework.org/blog/the-road-to-2-million-websocket-connections Donate to Miami Indians of Indiana https://www.miamiindians.org/take-action Joel Meador on Tumblr https://joelmeador.tumblr.com/ Special Guests: Charles Suggs and Joel Meador.
Lex chats with Richard Ma, CEO of Quantstamp -a leading blockchain security company. Richard kicks off by discussing the origins of the company and the importance of security in the blockchain space. He explains that the idea for Quantstamp came after he invested in Ethereum and witnessed the hack of the DAO, which prompted him to focus on the security side of Ethereum. Richard describes how Quantstamp conducts audits of blockchain projects, identifying vulnerabilities and providing recommendations for improvement. He emphasizes the importance of reading audit reports and understanding the risks associated with projects. Richard also discusses different types of adversaries in the blockchain space, including nation-state actors, developers seeking recognition, and financially motivated hackers. He believes that while established projects will become more secure over time, new experimental projects will always carry some level of risk. Richard suggests that AI-based debuggers could help improve security auditing in the future. He highlights EigenLayer, ZK-rollups, and the development on Solana as exciting sectors to watch in the coming years. MENTIONED IN THE CONVERSATION Quantstamps's Website: https://bit.ly/3Iv6zX4Richard's LinkedIn: https://bit.ly/3IvaxyO Topics: blockchain, security, audit, hacking, hacks, crypto, cryptocurrency, digital assets, Web3, DeFi Companies: Quantstamp, Ethereum, MakerDAO, Compound, EigenLayer ABOUT THE FINTECH BLUEPRINT
The inspiration for this was a piece about the art of the good code review. Throughout my career, I've seen code reviews grow and change. From formal meetings to automated notifications and asynchronous discussions to complete lip service to the process. I'd like to think that most organizations are beyond the latter and there is some sort of review beyond the developer, but I still see a lack of other eyes looking at code before it's deployed, especially database code. The article above opens with the idea of why we review code. The main reason is to create ownership, or more specifically, shared ownership. I had never thought of it in these terms, even though I think the ideas of standards and patterns are certainly shared items. Having everyone take ownership not only keeps quality high but could help you share knowledge and also ensure everyone feels a responsibility to safeguard all the code. This also helps everyone keep an eye on the larger picture of the entire codebase. Read the rest of The Art of the Code Review
In this conversation, Ben interviews Caleb Porzio, the creator of AlpineJS and Laravel Livewire. The discussion ranges from discussions about life in general to specific testing practices and which notebook Caleb uses.LinksTuple.app - The best app for pair programmingAlpineJS Laravel Livewire Caleb's VSCode Course TakeawaysApply core truths to life outside of programming.Find ways to make difficult tasks easier.Change your environment to support your goals.Value tests as much as, if not more than, the code itself.Keep methods and functions short for better code quality.Embrace your strengths and delegate tasks that don't bring you joy.Focus on the meaty tasks that excite you.Consider rewrites carefully and prioritize other solutions first.Pull down unfamiliar code and interact with it to understand it better.Start the day with tasks that align with your goals and priorities.Chapters(00:00) - Introduction and Background (03:51) - Overview of LiveWire and Alpine (12:09) - Caleb's Programming Style (20:09) - Functional vs Object-Oriented Programming (25:39) - The Appeal of Functional Programming (32:01) - The Challenges of Learning Object-Oriented Programming (33:06) - Memory Allocation and Functional Languages (36:30) - Starting Complicated Projects (40:10) - Writing Blog Posts as Problem-Solving (42:30) - Core Beliefs (48:21) - Materials (49:20) - Getting into the Zone (51:14) - The Value of Tests Over Code (55:27) - Transitioning to Non-Typical Apps (01:03:00) - Radical Practices at Tuple (01:05:50) - Managing Pull Requests and Code Reviews (01:06:33) - Starting the Day and Prioritizing Tasks (01:07:41) - Balancing Maintenance and Long-Term Goals (01:09:52) - Finding Motivation for Maintenance Tasks (01:10:50) - Embracing Strengths and Delegating Weaknesses (01:11:46) - Continuous Improvement and Learning (01:14:19) - Favorite Tools and Productivity Hacks (01:19:07) - Core Beliefs and Values in Coding (01:21:19) - Benefits of Short Methods and Single File Principle (01:21:57) - Approaching Unfamiliar Code (01:22:51) - The Pros and Cons of Rewrites (01:23:46) - Final Thoughts and Passion for Coding
“A lot of developers tie their self-worth to their code. Being able to let go of your ego and understanding the feedback is based on the code, and it has nothing to do with anything about me. It's just the code.” Adrienne Tacke is a software engineer, keynote speaker, and the author of the upcoming book “Looks Good To Me”. In this episode, we discuss code reviews and why it is an essential part of the software development process. Adrienne discusses the importance and benefits of code review, the common code review workflow and the different roles involved, how to provide effective code review comments, and why we should leverage on code review tools and automation. She also provides tips on how to speed up our code review turnaround time. Listen out for: Career Journey - [00:03:31] Looks Good to Me (LGTM) - [00:09:05] Code Review Story - [00:12:24] Importance of Code Review - [00:15:38] Code Review Benefits - [00:20:27] Code Review Role: Author - [00:25:50] Code Review Role: Reviewer - [00:32:42] Code Review Role: The Team - [00:38:41] Code Review Tools & Automation - [00:45:53] Effective Code Review Comments - [00:51:44] Code Review Turnaround - [00:57:45] 3 Tech Lead Wisdom - [01:04:56] _____ Adrienne Tacke's BioAdrienne is a Filipina software engineer, keynote speaker, author of the best-selling book Coding for Kids: Python, and a LinkedIn Learning instructor who's reached over 65,000 learners with her courses (a number she'll likely surpass when you read this). She is writing Looks Good To Me: Constructive Code Reviews, a labor of love that she hopes will improve code reviews everywhere. Perhaps most important, however, is that she spends way too much money on desserts and ungodly amounts of time playing Age of Empires II. Follow Adrienne: LinkedIn – linkedin.com/in/adriennetacke Twitter / X – @AdrienneTacke Instagram – @adriennetacke Website – adrienne.io _____ Our Sponsors Miro is your team's visual workspace to connect, collaborate, and create innovations together, from anywhere. Sign up today at miro.com/podcast and get your first 3 Miro boards free forever. Like this episode? Show notes & transcript: techleadjournal.dev/episodes/159. Follow @techleadjournal on LinkedIn, Twitter, and Instagram. Buy me a coffee or become a patron.
On today's episode, Elixir Wizards Owen Bickford and Dan Ivovich compare notes on building web applications with Elixir and the Phoenix Framework versus Ruby on Rails. They discuss the history of both frameworks, key differences in architecture and approach, and deciding which programming language to use when starting a project. Both Phoenix and Rails are robust frameworks that enable developers to build high-quality web apps—Phoenix leverages functional programming in Elixir and Erlang's networking for real-time communication. Rails follows object-oriented principles and has a vast ecosystem of plug-ins. For data-heavy CRUD apps, Phoenix's immutable data pipelines provide some advantages. Developers can build great web apps with either Phoenix or Rails. Phoenix may have a slight edge for new projects based on its functional approach, built-in real-time features like LiveView, and ability to scale efficiently. But, choosing the right tech stack depends heavily on the app's specific requirements and the team's existing skills. Topics discussed in this episode: History and evolution of Phoenix Framework and Ruby on Rails Default project structure and code organization preferences in each framework Comparing object-oriented vs functional programming paradigms CRUD app development and interaction with databases Live reloading capabilities in Phoenix LiveView vs Rails Turbolinks Leveraging WebSockets for real-time UI updates Testing frameworks like RSpec, Cucumber, Wallaby, and Capybara Dependency management and size of standard libraries Scalability and distribution across nodes Readability and approachability of object-oriented code Immutability and data pipelines in functional programming Types, specs, and static analysis with Dialyzer Monkey patching in Ruby vs extensible core language in Elixir Factors to consider when choosing between frameworks Experience training new developers on Phoenix and Rails Community influences on coding styles Real-world project examples and refactoring approaches Deployment and dev ops differences Popularity and adoption curves of both frameworks Ongoing research into improving Phoenix and Rails Links Mentioned in this Episode: SmartLogic.io (https://smartlogic.io/) Dan's LinkedIn (https://www.linkedin.com/in/divovich/) Owen's LinkedIn (https://www.linkedin.com/in/owen-bickford-8b6b1523a/) Ruby https://www.ruby-lang.org/en/ Rails https://rubyonrails.org/ Sams Teach Yourself Ruby in 21 Days (https://www.overdrive.com/media/56304/sams-teach-yourself-ruby-in-21-days) Learn Ruby in 7 Days (https://www.thriftbooks.com/w/learn-ruby-in-7-days---color-print---ruby-tutorial-for-guaranteed-quick-learning-ruby-guide-with-many-practical-examples-this-ruby-programming-book--to-build-real-life-software-projects/18539364/#edition=19727339&idiq=25678249) Build Your Own Ruby on Rails Web Applications (https://www.thriftbooks.com/w/build-your-own-ruby-on-rails-web-applications_patrick-lenz/725256/item/2315989/?utm_source=google&utm_medium=cpc&utm_campaign=low_vol_backlist_standard_shopping_customer_acquisition&utm_adgroup=&utm_term=&utm_content=593118743925&gad_source=1&gclid=CjwKCAiA1MCrBhAoEiwAC2d64aQyFawuU3znN0VFgGyjR0I-0vrXlseIvht0QPOqx4DjKjdpgjCMZhoC6PcQAvD_BwE#idiq=2315989&edition=3380836) Django https://github.com/django Sidekiq https://github.com/sidekiq Kafka https://kafka.apache.org/ Phoenix Framework https://www.phoenixframework.org/ Phoenix LiveView https://hexdocs.pm/phoenixliveview/Phoenix.LiveView.html#content Flask https://flask.palletsprojects.com/en/3.0.x/ WebSockets API https://developer.mozilla.org/en-US/docs/Web/API/WebSockets_API WebSocket connection for Phoenix https://github.com/phoenixframework/websock Morph Dom https://github.com/patrick-steele-idem/morphdom Turbolinks https://github.com/turbolinks Ecto https://github.com/elixir-ecto Capybara Testing Framework https://teamcapybara.github.io/capybara/ Wallaby Testing Framework https://wallabyjs.com/ Cucumber Testing Framework https://cucumber.io/ RSpec https://rspec.info/
This week, the Elixir Wizards are joined by Yohana Tesfazgi and Wes Bos to compare notes on the experience of learning Elixir vs. JavaScript as your first programming language. Yohana recently completed an Elixir apprenticeship, and Wes Bos is a renowned JavaScript educator with popular courses for beginner software developers. They discuss a variety of media and resources and how people with different learning styles benefit from video courses, articles, or more hands-on projects. They also discuss the current atmosphere for those looking to transition into an engineering career and how to stick out among the crowd when new to the scene. Topics Discussed in this Episode Pros and cons of learning Elixir as your first programming language Materials and resources for beginners to JavaScript and Elixir Projects and methods for learning Elixir with no prior knowledge Recommendations for sharpening and showcasing skills How to become a standout candidate for potential employers Soft skills like communication translate well from other careers to programming work Learning subsequent languages becomes more intuitive once you learn your first How to decide which library to use for a project How to build an online presence and why it's important Open-source contributions are a way to learn from the community Ship early and often, just deploying a default Phoenix app teaches deployment skills Attend local meetups and conferences for mentoring and potential job opportunities Links Mentioned https://syntax.fm/ https://fly.io/ https://elixirschool.com/en Syntax.fm: Supper Club × How To Get Your First Dev Job With Stuart Bloxham (https://syntax.fm/show/667/supper-club-how-to-get-your-first-dev-job-with-stuart-bloxham) Quinnwilton.com (https://quinnwilton.com/) https://github.com/pallets/flask https://wesbos.com/courses https://beginnerjavascript.com/ Free course: https://javascript30.com/ https://pragmaticstudio.com/ https://elixircasts.io/ https://grox.io/ LiveView Mastery YouTube Channel (https://www.youtube.com/channel/UC7T19hPLqQ-Od3Rb3T2OX1g) Contact Yohana: yytesfazgi@gmail.com
On Security Now, Steve Gibson and Leo Laporte discuss how HackerOne's breach bounty payouts have surpassed $300 million total, with AI seen as a top emerging target by 55% of hackers surveyed. For the full episode go to: https://twit.tv/sn/946 Hosts: Leo Laporte and Steve Gibson You can find more about TWiT and subscribe to our podcasts at https://podcasts.twit.tv/ Sponsor: GO.ACILEARNING.COM/TWIT
On Security Now, Steve Gibson and Leo Laporte discuss how HackerOne's breach bounty payouts have surpassed $300 million total, with AI seen as a top emerging target by 55% of hackers surveyed. For the full episode go to: https://twit.tv/sn/946 Hosts: Leo Laporte and Steve Gibson You can find more about TWiT and subscribe to our podcasts at https://podcasts.twit.tv/ Sponsor: GO.ACILEARNING.COM/TWIT
On Security Now, Steve Gibson and Leo Laporte discuss how HackerOne's breach bounty payouts have surpassed $300 million total, with AI seen as a top emerging target by 55% of hackers surveyed. For the full episode go to: https://twit.tv/sn/946 Hosts: Steve Gibson and Leo Laporte You can find more about TWiT and subscribe to our podcasts at https://podcasts.twit.tv/ Sponsor: GO.ACILEARNING.COM/TWIT
Patrick and I are always stressing the importance of code reviews and collaboration when developing. On Freund, co-founder & CEO at Wilco, is super familiar with how code review processes can go well, or become a hinderance. In today's episode with us, he shares his unique perspective on code reviews and maintaining high code quality!00:00:56 Introductions00:01:38 On's first exposure to tech00:06:04 Game development adventures00:11:12 The difference between university and real-world experiences00:17:43 A context switch question00:24:41 Points of frustration00:30:53 Build versus Buy complications00:32:06 Code reviews00:39:58 Quality of code00:45:12 Using callouts for the right reasons00:49:57 Code reviews can be too late sometimes00:52:11 Using social interaction as pre-review orientation00:57:03 How not to use code reviews01:01:35 Where Wilco helps programmers learn01:09:11 Working in Wilco01:11:49 FarewellsResources mentioned in this episode:Links: On Freund:Linkedin: https://www.linkedin.com/in/onfreund Wilco: Website: https://www.trywilco.com/ Twitter: https://twitter.com/trywilco Linkedin: https://www.linkedin.com/company/trywilco References:Micro-Adventure:https://en.wikipedia.org/wiki/Micro_Adventure If you've enjoyed this episode, you can listen to more on Programming Throwdown's website: https://www.programmingthrowdown.com/ Reach out to us via email: programmingthrowdown@gmail.com You can also follow Programming Throwdown on Facebook | Apple Podcasts | Spotify | Player.FM Join the discussion on our DiscordHelp support Programming Throwdown through our Patreon ★ Support this podcast on Patreon ★