Podcasts about docker

В этом выпуске: пьем кофе с таурином, ищем side-channel уязвимости в Docker, заменяем Rust на Python, пристаем с глупыми вопросами к Gemini, а также обсуждаем темы слушателей. [00:00:00] Чему мы научились за неделю [00:19:48] Кофе и нервозность/раздрожительность [00:42:47] Fun-reliable side-channels for cross-container communication [00:57:03] Как Rust проиграл по скорости Python https://eax.me/2026/2026-01-23-rust-vs-python.html https://www.reddit.com/r/Python/comments/1dv811q/flpc_probably_the_fastest_regex_library_for/ https://docs.rs/plotters/latest/plotters/ https://github.com/pola-rs/polars [01:11:08]… Читать далее →

This very special episode of Programming By Stealth is a Tidbit written and taught by the lovely Helma van der Linden. Bart has wanted to understand Docker better, and Helma has some great use cases for how to use them for developer setups so it was a good opportunity for Bart to learn from Helma. The material is quite long, so the podcast was recorded in two segments, Tidbit 17a and b. Tidbit b will be along shortly, and picks up and the heading entitled "Reusing the Docker image". You can find Helma's fabulous tutorial shownotes and the audio podcast at pbs.bartificer.net Join the Conversation: allison@podfeet.com podfeet.com/slack Support the Show: Patreon Donation Apple Pay or Credit Card one-time donation PayPal one-time donation Podfeet Podcasts Mugs at Zazzle NosillaCast 20th Anniversary Shirts Referral Links: Setapp - 1 month free for you and me PETLIBRO - 30% off for you and me Parallels Toolbox - 3 months free for you and me Learn through MacSparky Field Guides - 15% off for you and me Backblaze - One free month for me and you Eufy - $40 for me if you spend $200. Sadly nothing in it for you. PIA VPN - One month added to Paid Accounts for both of us CleanShot X - Earns me $25%, sorry nothing in it for you but my gratitude

When your self-hosted services become infrastructure, breakage matters. We tackle monitoring that actually helps, alerts you won't ignore, and DNS for local, and multi-mesh network setups.Sponsored By:Jupiter Party Annual Membership: Put your support on automatic with our annual plan, and get one month of membership for free! Managed Nebula: Meet Managed Nebula from Defined Networking. A decentralized VPN built on the open-source Nebula platform that we love. Support LINUX UnpluggedLinks:

This week, we discuss the end of Cloud 1.0, AI agents fixing old apps, and Chainguard vs. Docker images. Plus, the mystery of Dutch broth is finally solved. Watch the YouTube Live Recording of Episode 556 Runner-up Titles His overall deal Been there and done that been ignoring that shift key for years Cloud is just fine I'll be back in Bartertown The “F” Word Hardened-washing We'll never do this, but we should check back in in 3 months Libraries are the best Elves don't belong in space Rundown Are we at the end of cloud or cloud 1.0 It's the beginning of Cloud 2.0 Spec-driven development system for Claude Code Anthropic and App Modernization A meta-prompting, context engineering and spec-driven development What comes next, if Claude Code is as good as people say. Microsoft Spending on Anthropic Approaches $500 Million a Year Claude Code Won't Fix Your Life Coté and Tony contemplate day two AI-generated apps, and an excerpt. Why We've Tried to Replace Developers Every Decade Since 1969 Well, that escalated quickly: Zero CVEs, lots of vendors Relevant to your Interests Beijing tells Chinese firms to stop using US and Israeli cybersecurity software China blacklists VMware, Palo Alto Networks software over national security fears Kroger taps Google Gemini, announces more key AI moves Texas judge throws out second lawsuit over CrowdStrike outage Apple will pay billions for Gemini after OpenAI declined Dell wants £10m+ from VMware if Tesco case goes against it Tailscale: The Best Free App Most Mac Power Users Aren't Using How WhatsApp Took Over the Global Conversation Our approach to advertising and expanding access to ChatGPT OpenAI's ARR reached over $20 billion in 2025, CFO says Simon Willison's take on Our approach to advertising and ChatGPT The AI lab revolving door spins ever faster | TechCrunch How Markdown took over the world An Interview with United CEO Scott Kirby About Tech Transformation Conferences cfgmgmtcamp 2026, February 2nd to 4th, Ghent, BE. Coté speaking - anyone interested in being an SDI guest? DevOpsDayLA at SCALE23x, March 6th, Pasadena, CA Use code: DEVOP for 50% off. Devnexus 2026, March 4th to 6th, Atlanta, GA. Use this 30% off discount code from your pals at Tanzu: DN26VMWARE30. KubeCon EU, March 23rd to 26th, 2026 - Coté will be there on a media pass. VMware User Groups (VMUGs): Amsterdam (March 17-19, 2026) Minneapolis (April 7-9, 2026) Toronto (May 12-14, 2026) Dallas (June 9-11, 2026) Orlando (October 20-22, 2026) SDT News & Community Join our Slack community Email the show: questions@softwaredefinedtalk.com Free stickers: Email your address to stickers@softwaredefinedtalk.com Follow us on social media: Twitter, Threads, Mastodon, LinkedIn, BlueSky Watch us on: Twitch, YouTube, Instagram, TikTok Book offer: Use code SDT for $20 off "Digital WTF" by Coté Sponsor the show Recommendations Brandon: The Library will loan you a 5G hotspot Matt: Deep Rock Galactic: Survivor (rogue-like Vampire Hunters-type game) Coté: Streamyard shorts generation. Salesforce was inspired by dolphins.

I talk with David Flanagan, aka Rawkode, about his new opinionated Tech Matrix that helps you navigate the overwhelming CNCF landscape. https://rawkode.academy/technology/matrix

In this episode of Tank Talks, Matt Cohen sits down with Timothy Chen, the sole General Partner at Essence VC. Tim shares his remarkable journey from being a “nerdy, geeky kid” who hacked open-source projects to becoming one of the most respected early-stage infrastructure investors, backing breakout companies like Tabular (acquired by Databricks for $2.2 billion). A former engineer at Microsoft and VMware, co-founder of Hyperpilot (acquired by Cloudera), and now a solo GP who quietly raised over $41 million for his latest fund, Tim offers a unique, no-BS perspective on spotting technical founders, navigating the idea maze, and rethinking sales and traction in the world of AI and infrastructure.We dive deep into his unconventional path into VC, rejected by traditional Sand Hill Road firms, only to build a powerhouse reputation through sheer technical credibility and founder empathy. Tim reveals the patterns behind disruptive infra companies, why most VCs can't help with product-market fit, and how he leverages his engineering background to win competitive deals.Whether you're a founder building the next foundational layer or an investor trying to understand the infra and AI boom, this conversation is packed with hard-won insights.The Open Source Resume (00:03:44)* How contributing to Apache projects (Drill, Cloud Foundry) built his career when a CS degree couldn't.* The moment he realized open source was a path to industry influence, not just a hobby.* Why the open source model is more “vertical than horizontal”, allowing deep contribution without corporate red tape.From Engineer to Founder: The Hyperpilot Journey (00:13:24)* Leaving Docker to start Hyperpilot and raising seed funding from NEA and Bessemer.* The harsh reality of founder responsibility: “It's not about the effort hard, it's about all the other things that has to go right.”* Learning from being “way too early to market” and the acquisition by Cloudera.The Unlikely Path into Venture Capital (00:26:07)* Rejected by top-tier VC firms for a job, then prompted to start his own fund via AngelList.* Starting with a $1M “Tim Chen Angel Fund” focused solely on infrastructure.* How Bain Capital's small anchor investment gave him the initial credibility.Building a Brand Through Focus & Reputation (00:30:42)* Why focusing exclusively on infrastructure was his “best blessing” creating a standout identity in a sparse field.* The reputation flywheel: Founders praising his help led to introductions from top-tier GPs and LPs.* StepStone reaching out for a commitment before he even had fund documents ready.The Essence VC Investment Philosophy (00:44:34)* Pattern Recognition: What he learned from witnessing the early days of Confluent, Databricks, and Docker.* Seeking Disruptors, Not Incrementalists: Backing founders who have a “non-common belief” that leads to a 10x better product (e.g., Modal Labs, Cursor, Warp).* Rethinking Sales & Traction: Why revenue-first playbooks don't apply in early-stage infra; comfort comes from technical co-building and roadmap planning.* The “Superpower”: Using his engineering background to pressure-test technical assumptions and timelines with founders.The Future of Infra & AI (00:52:09)* Infrastructure as an “enabler” for new application paradigms (real-time video, multimodal apps).* The coming democratization of building complex systems (the “next Netflix” built by smaller teams).* The shift from generalist backend engineers to specialists, enabled by new stacks and AI.Solo GP Life & Staying Relevant (00:54:55)* Why being a solo GP doesn't mean being a lone wolf; 20-30% of his time is spent syncing with other investors to learn.* The importance of continuous learning and adaptation in a fast-moving tech landscape.* His toolkit: Using portfolio company Clerky (a CRM) to manage workflow.About Timothy ChenFounder and Sole General Partner, Essence VCTimothy Chen is the Sole General Partner at Essence VC, a fund focused on early-stage infrastructure, AI, and open-source innovation. A three-time founder with an exit, his journey from Microsoft engineer to sought-after investor is a masterclass in building credibility through technical depth and founder-centric support. He has backed companies like Tabular, Iteratively, and Warp, and his insights are shaped by hundreds of conversations at the bleeding edge of infrastructure.Connect with Timothy Chen on LinkedIn: linkedin.com/in/timchenVisit the Essence VC Website: https://www.essencevc.fund/Connect with Matt Cohen on LinkedIn: https://ca.linkedin.com/in/matt-cohen1Visit the Ripple Ventures website: https://www.rippleventures.com/ This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit tanktalks.substack.com

Accenture, American Express, ASOS, EY, Four Seasons Hotels, Google, NBC Universal  are his clientsFrm Royal Air Force Senior Officer, Frm. International Negotiator for the UK Government,  executive coach. Google, Accenture, American Express His first book, 'Find Your Why: A Practical Guide for Discovering Purpose for You and Your Team', co-authored with Simon Sinek and David Mead. Peter gets up every day inspired to enable people to be extraordinary so that they can do extraordinary things. Collaborating with Simon Sinek for over 7 years, he was a founding Igniter and Implementation Specialist on the Start With Why team, teaching leaders and companies how to use the concept of Why."The first step is to distinguish leadership from management. “Management is about handling complexity,” explains Docker, while “leadership is about creating simplicity. It's about cutting through the noise, identifying what's really important, making it personal for people, bringing them together and connecting them.”  ~  Peter Docker in Venteur Magazine January 2023One of Peter's latest books, 'Leading from The Jumpseat: How to Create Extraordinary Opportunities by Handing Over Control'Peter's commercial and industry experience has been at the most senior levels in sectors including oil & gas, construction, mining, pharmaceuticals, banking, television, film, media, manufacturing and services - across more than 90 countries. His career has spanned professional pilot; leading an aviation training and standards organisation; teaching post-graduates at an international college; and running multi-billion dollar procurement projects. A former Royal Air Force senior officer, he has been a Force Commander during combat flying operations and has seen service across the world. He is a seasoned crisis manager, a former international negotiator for the UK Government and executive coach.© 2026 Building Abundant Success!!2026 All Rights ReservedJoin Me on ~ iHeart Media @ https://tinyurl.com/iHeartBASSpot Me on Spotify: https://tinyurl.com/yxuy23bAmazon Music ~ https://tinyurl.com/AmzBASAudacy:  https://tinyurl.com/BASAud

This week, we discuss AI's impact on Stack Overflow, Docker's Hardened Images, and Nvidia buying Groq. Plus, thoughts on playing your own game and having fun. Watch the YouTube Live Recording of Episode (https://www.youtube.com/live/LQSxLbjvz3c?si=ao8f3hwxlCrmH1vX) 554 (https://www.youtube.com/live/LQSxLbjvz3c?si=ao8f3hwxlCrmH1vX) Please complete the Software Defined Talk Listener Survey! (https://docs.google.com/forms/d/e/1FAIpQLSfl7eHWQJwu2tBLa-FjZqHG2nr6p_Z3zQI3Pp1EyNWQ8Fu-SA/viewform?usp=header) Runner-up Titles It's all brisket after that. Exploring Fun Should I go build a snow man? Pets Innersourcing Two books Michael Lewis should write. Article IV is foundational. Freedom is options. Rundown Stack Overflow is dead. (https://x.com/rohanpaul_ai/status/2008007012920209674?s=20) Hardened Images for Everyone (https://www.docker.com/blog/docker-hardened-images-for-every-developer/) Tanzu's Bitnami stuff does this too (https://blogs.vmware.com/tanzu/what-good-software-supply-chain-security-looks-like-for-highly-regulated-industries/). OpenAI OpenAI's New Fundraising Round Could Value Startup at as Much as $830 Billion (https://www.wsj.com/tech/ai/openais-new-fundraising-round-could-value-startup-at-a[…]4238&segment_id=212500&user_id=c5a514ba8b7d9a954711959a6031a3fa) OpenAI Reportedly Planning to Make ChatGPT "Prioritize" Advertisers in Conversation (https://futurism.com/artificial-intelligence/openai-chatgpt-sponsored-ads) OpenAI bets big on audio as Silicon Valley declares war on screens (https://techcrunch.com/2026/01/01/openai-bets-big-on-audio-as-silicon-valley-declares-war-on-screens/) Sam Altman says: He has zero percent interest in remaining OpenAI CEO, once (https://timesofindia.indiatimes.com/technology/tech-news/sam-altman-says-he-has-zero-percent-interest-remaining-openai-ceo-once-/articleshow/126350602.cms) Nvidia buying AI chip startup Groq's assets for about $20 billion in its largest deal on record (https://www.cnbc.com/2025/12/24/nvidia-buying-ai-chip-startup-groq-for-about-20-billion-biggest-deal.html) Relevant to your Interests Broadcom IT uses Tanzu Platform to host MCP Servers (https://news.broadcom.com/app-dev/broadcom-tanzu-platform-agentic-business-transformation). A Brief History Of The Spreadsheet (https://hackaday.com/2025/12/15/a-brief-history-of-the-spreadsheet/) Databricks is raising over $4 billion in Series L funding at a $134 billion (https://x.com/exec_sum/status/2000971604449485132?s=20) Amazon's big AGI reorg decoded by Corey Quinn (https://www.theregister.com/2025/12/17/jassy_taps_peter_desantis_to_run_agi/) “They burned millions but got nothing.” (https://automaton-media.com/en/news/japanese-game-font-services-aggressive-price-hike-could-be-result-of-parent-companys-alleged-ai-failu/) X sues to protect Twitter brand Musk has been trying to kill (https://www.theregister.com/2025/12/17/x_twitter_brand_lawsuit/) Mozilla's new CEO says AI is coming to Firefox, but will remain a choice | TechCrunch (https://techcrunch.com/2025/12/17/mozillas-new-ceo-says-ai-is-coming-to-firefox-but-will-remain-a-choice/) Why Oracle keeps sparking AI-bubble fears (https://www.axios.com/2025/12/18/ai-oracle-stock-blue-owl) What's next for Threads (https://sources.news/p/whats-next-for-threads) Salesforce Executives Say Trust in Large Language Models Has Declined (https://www.theinformation.com/articles/salesforce-executives-say-trust-generative-ai-declined?rc=giqjaz) Akamai Technologies Announces Acquisition of Function-as-a-Service Company Fermyon (https://www.akamai.com/newsroom/press-release/akamai-announces-acquisition-of-function-as-a-service-company-fermyon) Google Rolling Out Gmail Address Change Feature: Here Is How It Works (https://finance.yahoo.com/news/google-rolling-gmail-address-change-033112607.html) The Enshittifinancial Crisis (https://www.wheresyoured.at/the-enshittifinancial-crisis/) MongoBleed: Critical MongoDB Vulnerability CVE-2025-14847 | Wiz Blog (https://www.wiz.io/blog/mongobleed-cve-2025-14847-exploited-in-the-wild-mongodb) Softbank to buy data center firm DigitalBridge for $4 billion in AI push (https://www.cnbc.com/amp/2025/12/29/digitalbridge-shares-jump-on-report-softbank-in-talks-to-acquire-firm.html) The best tech announced at CES 2026 so far (https://www.theverge.com/tech/854159/ces-2026-best-tech-gadgets-smartphones-appliances-robots-tvs-ai-smart-home) Who's who at X, the deepfake porn site formerly known as Twitter (https://www.ft.com/content/ad94db4c-95a0-4c65-bd8d-3b43e1251091?accessToken=zwAGR7kzep9gkdOtlNtMlaBMZdO9jTtD4SUQkQ.MEYCIQCdZajuC9uga-d9b5Z1t0HI2BIcnkVoq98loextLRpCTgIhAPL3rW72aTHBNL_lS7s1ONpM2vBgNlBNHDBeGbHkPkZj&sharetype=gift&token=a7473827-0799-4064-9008-bf22b3c99711) Manus Joins Meta for Next Era of Innovation (https://manus.im/blog/manus-joins-meta-for-next-era-of-innovation) The WELL: State of the World 2026 with Bruce Sterling and Jon Lebkowsky (https://people.well.com/conf/inkwell.vue/topics/561/State-of-the-World-2026-with-Bru-page01.html) Virtual machines still run the world (https://cote.io/2026/01/07/virtual-machines-still-run-the.html) Databases in 2025: A Year in Review (https://www.cs.cmu.edu/~pavlo/blog/2026/01/2025-databases-retrospective.html) Chat Platform Discord Files Confidentially for IPO (https://www.bloomberg.com/news/articles/2026-01-06/chat-platform-discord-is-said-to-file-confidentially-for-ipo?embedded-checkout=true) The DRAM shortage explained: AI, rising prices, and what's next (https://www.techradar.com/pro/why-is-ram-so-expensive-right-now-its-more-complicated-than-you-think) Nonsense Palantir CEO buys monastery in Old Snowmass for $120 million (https://www.denverpost.com/2025/12/17/palantir-alex-karp-snowmass-monastery/amp/) H-E-B gives free groceries to all customers after registers glitch today in Burleson, Texas. (https://www.reddit.com/r/interestingasfuck/s/ZEcblg7atP) Conferences cfgmgmtcamp 2026 (https://cfgmgmtcamp.org/ghent2026/), February 2nd to 4th, Ghent, BE. Coté speaking - anyone interested in being a SDI guest? DevOpsDayLA at SCALE23x (https://www.socallinuxexpo.org/scale/23x), March 6th, Pasadena, CA Use code: DEVOP for 50% off. Devnexus 2026 (https://devnexus.com), March 4th to 6th, Atlanta, GA. Coté has a discount code, but he's not sure if he can give it out. He's asking! Send him a DM in the meantime. KubeCon EU, March 23rd to 26th, 2026 - Coté will be there on a media pass. Whole bunch of VMUGs, mostly in the US. The CFPs are open (https://app.sessionboard.com/submit/vmug-call-for-content-2026/ae1c7013-8b85-427c-9c21-7d35f8701bbe?utm_campaign=5766542-VMUG%20Voice&utm_medium=email&_hsenc=p2ANqtz-_YREN7dr6p3KSQPYkFSN5K85A-pIVYZ03ZhKZOV0O3t3h0XHdDHethhx5O8gBFguyT5mZ3n3q-ZnPKvjllFXYfWV3thg&_hsmi=393690000&utm_content=393685389&utm_source=hs_email), go speak at them! Coté speaking in Amsterdam. Amsterdam (March 17-19, 2026), Minneapolis (April 7-9, 2026), Toronto (May 12-14, 2026), Dallas (June 9-11, 2026), Orlando (October 20-22, 2026) SDT News & Community Join our Slack community (https://softwaredefinedtalk.slack.com/join/shared_invite/zt-1hn55iv5d-UTfN7mVX1D9D5ExRt3ZJYQ#/shared-invite/email) Email the show: questions@softwaredefinedtalk.com (mailto:questions@softwaredefinedtalk.com) Free stickers: Email your address to stickers@softwaredefinedtalk.com (mailto:stickers@softwaredefinedtalk.com) Follow us on social media: Twitter (https://twitter.com/softwaredeftalk), Threads (https://www.threads.net/@softwaredefinedtalk), Mastodon (https://hachyderm.io/@softwaredefinedtalk), LinkedIn (https://www.linkedin.com/company/software-defined-talk/), BlueSky (https://bsky.app/profile/softwaredefinedtalk.com) Watch us on: Twitch (https://www.twitch.tv/sdtpodcast), YouTube (https://www.youtube.com/channel/UCi3OJPV6h9tp-hbsGBLGsDQ/featured), Instagram (https://www.instagram.com/softwaredefinedtalk/), TikTok (https://www.tiktok.com/@softwaredefinedtalk) Book offer: Use code SDT for $20 off "Digital WTF" by Coté (https://leanpub.com/digitalwtf/c/sdt) Sponsor the show (https://www.softwaredefinedtalk.com/ads): ads@softwaredefinedtalk.com (mailto:ads@softwaredefinedtalk.com) Recommendations Brandon: Why Data Doesn't Always Win, with a Philosopher of Art (https://podcasts.apple.com/us/podcast/the-points-you-shouldnt-score-a-new-years-resolution/id1685093486?i=1000743950053) (Apple Podcasts) Why Data Doesn't Always Win, with a Philosopher of Art (https://www.youtube.com/watch?v=7AdbePyGS2M&list=RD7AdbePyGS2M&start_radio=1) (YouTube) Coté: “Databases in 2025: A Year in Review.” (https://www.cs.cmu.edu/~pavlo/blog/2026/01/2025-databases-retrospective.html) Photo Credits Header (https://unsplash.com/photos/red-and-black-love-neon-light-signage-igJrA98cf4A)

Happy New Year! You may have noticed that in 2025 we had moved toward YouTube as our primary podcasting platform. As we'll explain in the next State of Latent Space post, we'll be doubling down on Substack again and improving the experience for the over 100,000 of you who look out for our emails and website updates!We first mentioned Artificial Analysis in 2024, when it was still a side project in a Sydney basement. They then were one of the few Nat Friedman and Daniel Gross' AIGrant companies to raise a full seed round from them and have now become the independent gold standard for AI benchmarking—trusted by developers, enterprises, and every major lab to navigate the exploding landscape of models, providers, and capabilities.We have chatted with both Clementine Fourrier of HuggingFace's OpenLLM Leaderboard and (the freshly valued at $1.7B) Anastasios Angelopoulos of LMArena on their approaches to LLM evals and trendspotting, but Artificial Analysis have staked out an enduring and important place in the toolkit of the modern AI Engineer by doing the best job of independently running the most comprehensive set of evals across the widest range of open and closed models, and charting their progress for broad industry analyst use.George Cameron and Micah-Hill Smith have spent two years building Artificial Analysis into the platform that answers the questions no one else will: Which model is actually best for your use case? What are the real speed-cost trade-offs? And how open is “open” really?We discuss:* The origin story: built as a side project in 2023 while Micah was building a legal AI assistant, launched publicly in January 2024, and went viral after Swyx's retweet* Why they run evals themselves: labs prompt models differently, cherry-pick chain-of-thought examples (Google Gemini 1.0 Ultra used 32-shot prompts to beat GPT-4 on MMLU), and self-report inflated numbers* The mystery shopper policy: they register accounts not on their own domain and run intelligence + performance benchmarks incognito to prevent labs from serving different models on private endpoints* How they make money: enterprise benchmarking insights subscription (standardized reports on model deployment, serverless vs. managed vs. leasing chips) and private custom benchmarking for AI companies (no one pays to be on the public leaderboard)* The Intelligence Index (V3): synthesizes 10 eval datasets (MMLU, GPQA, agentic benchmarks, long-context reasoning) into a single score, with 95% confidence intervals via repeated runs* Omissions Index (hallucination rate): scores models from -100 to +100 (penalizing incorrect answers, rewarding ”I don't know”), and Claude models lead with the lowest hallucination rates despite not always being the smartest* GDP Val AA: their version of OpenAI's GDP-bench (44 white-collar tasks with spreadsheets, PDFs, PowerPoints), run through their Stirrup agent harness (up to 100 turns, code execution, web search, file system), graded by Gemini 3 Pro as an LLM judge (tested extensively, no self-preference bias)* The Openness Index: scores models 0-18 on transparency of pre-training data, post-training data, methodology, training code, and licensing (AI2 OLMo 2 leads, followed by Nous Hermes and NVIDIA Nemotron)* The smiling curve of AI costs: GPT-4-level intelligence is 100-1000x cheaper than at launch (thanks to smaller models like Amazon Nova), but frontier reasoning models in agentic workflows cost more than ever (sparsity, long context, multi-turn agents)* Why sparsity might go way lower than 5%: GPT-4.5 is ~5% active, Gemini models might be ~3%, and Omissions Index accuracy correlates with total parameters (not active), suggesting massive sparse models are the future* Token efficiency vs. turn efficiency: GPT-5 costs more per token but solves Tau-bench in fewer turns (cheaper overall), and models are getting better at using more tokens only when needed (5.1 Codex has tighter token distributions)* V4 of the Intelligence Index coming soon: adding GDP Val AA, Critical Point, hallucination rate, and dropping some saturated benchmarks (human-eval-style coding is now trivial for small models)Links to Artificial Analysis* Website: https://artificialanalysis.ai* George Cameron on X: https://x.com/georgecameron* Micah-Hill Smith on X: https://x.com/micahhsmithFull Episode on YouTubeTimestamps* 00:00 Introduction: Full Circle Moment and Artificial Analysis Origins* 01:19 Business Model: Independence and Revenue Streams* 04:33 Origin Story: From Legal AI to Benchmarking Need* 16:22 AI Grant and Moving to San Francisco* 19:21 Intelligence Index Evolution: From V1 to V3* 11:47 Benchmarking Challenges: Variance, Contamination, and Methodology* 13:52 Mystery Shopper Policy and Maintaining Independence* 28:01 New Benchmarks: Omissions Index for Hallucination Detection* 33:36 Critical Point: Hard Physics Problems and Research-Level Reasoning* 23:01 GDP Val AA: Agentic Benchmark for Real Work Tasks* 50:19 Stirrup Agent Harness: Open Source Agentic Framework* 52:43 Openness Index: Measuring Model Transparency Beyond Licenses* 58:25 The Smiling Curve: Cost Falling While Spend Rising* 1:02:32 Hardware Efficiency: Blackwell Gains and Sparsity Limits* 1:06:23 Reasoning Models and Token Efficiency: The Spectrum Emerges* 1:11:00 Multimodal Benchmarking: Image, Video, and Speech Arenas* 1:15:05 Looking Ahead: Intelligence Index V4 and Future Directions* 1:16:50 Closing: The Insatiable Demand for IntelligenceTranscriptMicah [00:00:06]: This is kind of a full circle moment for us in a way, because the first time artificial analysis got mentioned on a podcast was you and Alessio on Latent Space. Amazing.swyx [00:00:17]: Which was January 2024. I don't even remember doing that, but yeah, it was very influential to me. Yeah, I'm looking at AI News for Jan 17, or Jan 16, 2024. I said, this gem of a models and host comparison site was just launched. And then I put in a few screenshots, and I said, it's an independent third party. It clearly outlines the quality versus throughput trade-off, and it breaks out by model and hosting provider. I did give you s**t for missing fireworks, and how do you have a model benchmarking thing without fireworks? But you had together, you had perplexity, and I think we just started chatting there. Welcome, George and Micah, to Latent Space. I've been following your progress. Congrats on... It's been an amazing year. You guys have really come together to be the presumptive new gardener of AI, right? Which is something that...George [00:01:09]: Yeah, but you can't pay us for better results.swyx [00:01:12]: Yes, exactly.George [00:01:13]: Very important.Micah [00:01:14]: Start off with a spicy take.swyx [00:01:18]: Okay, how do I pay you?Micah [00:01:20]: Let's get right into that.swyx [00:01:21]: How do you make money?Micah [00:01:24]: Well, very happy to talk about that. So it's been a big journey the last couple of years. Artificial analysis is going to be two years old in January 2026. Which is pretty soon now. We first run the website for free, obviously, and give away a ton of data to help developers and companies navigate AI and make decisions about models, providers, technologies across the AI stack for building stuff. We're very committed to doing that and tend to keep doing that. We have, along the way, built a business that is working out pretty sustainably. We've got just over 20 people now and two main customer groups. So we want to be... We want to be who enterprise look to for data and insights on AI, so we want to help them with their decisions about models and technologies for building stuff. And then on the other side, we do private benchmarking for companies throughout the AI stack who build AI stuff. So no one pays to be on the website. We've been very clear about that from the very start because there's no use doing what we do unless it's independent AI benchmarking. Yeah. But turns out a bunch of our stuff can be pretty useful to companies building AI stuff.swyx [00:02:38]: And is it like, I am a Fortune 500, I need advisors on objective analysis, and I call you guys and you pull up a custom report for me, you come into my office and give me a workshop? What kind of engagement is that?George [00:02:53]: So we have a benchmarking and insight subscription, which looks like standardized reports that cover key topics or key challenges enterprises face when looking to understand AI and choose between all the technologies. And so, for instance, one of the report is a model deployment report, how to think about choosing between serverless inference, managed deployment solutions, or leasing chips. And running inference yourself is an example kind of decision that big enterprises face, and it's hard to reason through, like this AI stuff is really new to everybody. And so we try and help with our reports and insight subscription. Companies navigate that. We also do custom private benchmarking. And so that's very different from the public benchmarking that we publicize, and there's no commercial model around that. For private benchmarking, we'll at times create benchmarks, run benchmarks to specs that enterprises want. And we'll also do that sometimes for AI companies who have built things, and we help them understand what they've built with private benchmarking. Yeah. So that's a piece mainly that we've developed through trying to support everybody publicly with our public benchmarks. Yeah.swyx [00:04:09]: Let's talk about TechStack behind that. But okay, I'm going to rewind all the way to when you guys started this project. You were all the way in Sydney? Yeah. Well, Sydney, Australia for me.Micah [00:04:19]: George was an SF, but he's Australian, but he moved here already. Yeah.swyx [00:04:22]: And I remember I had the Zoom call with you. What was the impetus for starting artificial analysis in the first place? You know, you started with public benchmarks. And so let's start there. We'll go to the private benchmark. Yeah.George [00:04:33]: Why don't we even go back a little bit to like why we, you know, thought that it was needed? Yeah.Micah [00:04:40]: The story kind of begins like in 2022, 2023, like both George and I have been into AI stuff for quite a while. In 2023 specifically, I was trying to build a legal AI research assistant. So it actually worked pretty well for its era, I would say. Yeah. Yeah. So I was finding that the more you go into building something using LLMs, the more each bit of what you're doing ends up being a benchmarking problem. So had like this multistage algorithm thing, trying to figure out what the minimum viable model for each bit was, trying to optimize every bit of it as you build that out, right? Like you're trying to think about accuracy, a bunch of other metrics and performance and cost. And mostly just no one was doing anything to independently evaluate all the models. And certainly not to look at the trade-offs for speed and cost. So we basically set out just to build a thing that developers could look at to see the trade-offs between all of those things measured independently across all the models and providers. Honestly, it was probably meant to be a side project when we first started doing it.swyx [00:05:49]: Like we didn't like get together and say like, Hey, like we're going to stop working on all this stuff. I'm like, this is going to be our main thing. When I first called you, I think you hadn't decided on starting a company yet.Micah [00:05:58]: That's actually true. I don't even think we'd pause like, like George had an acquittance job. I didn't quit working on my legal AI thing. Like it was genuinely a side project.George [00:06:05]: We built it because we needed it as people building in the space and thought, Oh, other people might find it useful too. So we'll buy domain and link it to the Vercel deployment that we had and tweet about it. And, but very quickly it started getting attention. Thank you, Swyx for, I think doing an initial retweet and spotlighting it there. This project that we released. And then very quickly though, it was useful to others, but very quickly it became more useful as the number of models released accelerated. We had Mixtrel 8x7B and it was a key. That's a fun one. Yeah. Like a open source model that really changed the landscape and opened up people's eyes to other serverless inference providers and thinking about speed, thinking about cost. And so that was a key. And so it became more useful quite quickly. Yeah.swyx [00:07:02]: What I love talking to people like you who sit across the ecosystem is, well, I have theories about what people want, but you have data and that's obviously more relevant. But I want to stay on the origin story a little bit more. When you started out, I would say, I think the status quo at the time was every paper would come out and they would report their numbers versus competitor numbers. And that's basically it. And I remember I did the legwork. I think everyone has some knowledge. I think there's some version of Excel sheet or a Google sheet where you just like copy and paste the numbers from every paper and just post it up there. And then sometimes they don't line up because they're independently run. And so your numbers are going to look better than... Your reproductions of other people's numbers are going to look worse because you don't hold their models correctly or whatever the excuse is. I think then Stanford Helm, Percy Liang's project would also have some of these numbers. And I don't know if there's any other source that you can cite. The way that if I were to start artificial analysis at the same time you guys started, I would have used the Luther AI's eval framework harness. Yup.Micah [00:08:06]: Yup. That was some cool stuff. At the end of the day, running these evals, it's like if it's a simple Q&A eval, all you're doing is asking a list of questions and checking if the answers are right, which shouldn't be that crazy. But it turns out there are an enormous number of things that you've got control for. And I mean, back when we started the website. Yeah. Yeah. Like one of the reasons why we realized that we had to run the evals ourselves and couldn't just take rules from the labs was just that they would all prompt the models differently. And when you're competing over a few points, then you can pretty easily get- You can put the answer into the model. Yeah. That in the extreme. And like you get crazy cases like back when I'm Googled a Gemini 1.0 Ultra and needed a number that would say it was better than GPT-4 and like constructed, I think never published like chain of thought examples. 32 of them in every topic in MLU to run it, to get the score, like there are so many things that you- They never shipped Ultra, right? That's the one that never made it up. Not widely. Yeah. Yeah. Yeah. I mean, I'm sure it existed, but yeah. So we were pretty sure that we needed to run them ourselves and just run them in the same way across all the models. Yeah. And we were, we also did certain from the start that you couldn't look at those in isolation. You needed to look at them alongside the cost and performance stuff. Yeah.swyx [00:09:24]: Okay. A couple of technical questions. I mean, so obviously I also thought about this and I didn't do it because of cost. Yep. Did you not worry about costs? Were you funded already? Clearly not, but you know. No. Well, we definitely weren't at the start.Micah [00:09:36]: So like, I mean, we're paying for it personally at the start. There's a lot of money. Well, the numbers weren't nearly as bad a couple of years ago. So we certainly incurred some costs, but we were probably in the order of like hundreds of dollars of spend across all the benchmarking that we were doing. Yeah. So nothing. Yeah. It was like kind of fine. Yeah. Yeah. These days that's gone up an enormous amount for a bunch of reasons that we can talk about. But yeah, it wasn't that bad because you can also remember that like the number of models we were dealing with was hardly any and the complexity of the stuff that we wanted to do to evaluate them was a lot less. Like we were just asking some Q&A type questions and then one specific thing was for a lot of evals initially, we were just like sampling an answer. You know, like, what's the answer for this? Like, we didn't want to go into the answer directly without letting the models think. We weren't even doing chain of thought stuff initially. And that was the most useful way to get some results initially. Yeah.swyx [00:10:33]: And so for people who haven't done this work, literally parsing the responses is a whole thing, right? Like because sometimes the models, the models can answer any way they feel fit and sometimes they actually do have the right answer, but they just returned the wrong format and they will get a zero for that unless you work it into your parser. And that involves more work. And so, I mean, but there's an open question whether you should give it points for not following your instructions on the format.Micah [00:11:00]: It depends what you're looking at, right? Because you can, if you're trying to see whether or not it can solve a particular type of reasoning problem, and you don't want to test it on its ability to do answer formatting at the same time, then you might want to use an LLM as answer extractor approach to make sure that you get the answer out no matter how unanswered. But these days, it's mostly less of a problem. Like, if you instruct a model and give it examples of what the answers should look like, it can get the answers in your format, and then you can do, like, a simple regex.swyx [00:11:28]: Yeah, yeah. And then there's other questions around, I guess, sometimes if you have a multiple choice question, sometimes there's a bias towards the first answer, so you have to randomize the responses. All these nuances, like, once you dig into benchmarks, you're like, I don't know how anyone believes the numbers on all these things. It's so dark magic.Micah [00:11:47]: You've also got, like… You've got, like, the different degrees of variance in different benchmarks, right? Yeah. So, if you run four-question multi-choice on a modern reasoning model at the temperatures suggested by the labs for their own models, the variance that you can see on a four-question multi-choice eval is pretty enormous if you only do a single run of it and it has a small number of questions, especially. So, like, one of the things that we do is run an enormous number of all of our evals when we're developing new ones and doing upgrades to our intelligence index to bring in new things. Yeah. So, that we can dial in the right number of repeats so that we can get to the 95% confidence intervals that we're comfortable with so that when we pull that together, we can be confident in intelligence index to at least as tight as, like, a plus or minus one at a 95% confidence. Yeah.swyx [00:12:32]: And, again, that just adds a straight multiple to the cost. Oh, yeah. Yeah, yeah.George [00:12:37]: So, that's one of many reasons that cost has gone up a lot more than linearly over the last couple of years. We report a cost to run the artificial analysis. We report a cost to run the artificial analysis intelligence index on our website, and currently that's assuming one repeat in terms of how we report it because we want to reflect a bit about the weighting of the index. But our cost is actually a lot higher than what we report there because of the repeats.swyx [00:13:03]: Yeah, yeah, yeah. And probably this is true, but just checking, you don't have any special deals with the labs. They don't discount it. You just pay out of pocket or out of your sort of customer funds. Oh, there is a mix. So, the issue is that sometimes they may give you a special end point, which is… Ah, 100%.Micah [00:13:21]: Yeah, yeah, yeah. Exactly. So, we laser focus, like, on everything we do on having the best independent metrics and making sure that no one can manipulate them in any way. There are quite a lot of processes we've developed over the last couple of years to make that true for, like, the one you bring up, like, right here of the fact that if we're working with a lab, if they're giving us a private endpoint to evaluate a model, that it is totally possible. That what's sitting behind that black box is not the same as they serve on a public endpoint. We're very aware of that. We have what we call a mystery shopper policy. And so, and we're totally transparent with all the labs we work with about this, that we will register accounts not on our own domain and run both intelligence evals and performance benchmarks… Yeah, that's the job. …without them being able to identify it. And no one's ever had a problem with that. Because, like, a thing that turns out to actually be quite a good… …good factor in the industry is that they all want to believe that none of their competitors could manipulate what we're doing either.swyx [00:14:23]: That's true. I never thought about that. I've been in the database data industry prior, and there's a lot of shenanigans around benchmarking, right? So I'm just kind of going through the mental laundry list. Did I miss anything else in this category of shenanigans? Oh, potential shenanigans.Micah [00:14:36]: I mean, okay, the biggest one, like, that I'll bring up, like, is more of a conceptual one, actually, than, like, direct shenanigans. It's that the things that get measured become things that get targeted by labs that they're trying to build, right? Exactly. So that doesn't mean anything that we should really call shenanigans. Like, I'm not talking about training on test set. But if you know that you're going to be great at another particular thing, if you're a researcher, there are a whole bunch of things that you can do to try to get better at that thing that preferably are going to be helpful for a wide range of how actual users want to use the thing that you're building. But will not necessarily work. Will not necessarily do that. So, for instance, the models are exceptional now at answering competition maths problems. There is some relevance of that type of reasoning, that type of work, to, like, how we might use modern coding agents and stuff. But it's clearly not one for one. So the thing that we have to be aware of is that once an eval becomes the thing that everyone's looking at, scores can get better on it without there being a reflection of overall generalized intelligence of these models. Getting better. That has been true for the last couple of years. It'll be true for the next couple of years. There's no silver bullet to defeat that other than building new stuff to stay relevant and measure the capabilities that matter most to real users. Yeah.swyx [00:15:58]: And we'll cover some of the new stuff that you guys are building as well, which is cool. Like, you used to just run other people's evals, but now you're coming up with your own. And I think, obviously, that is a necessary path once you're at the frontier. You've exhausted all the existing evals. I think the next point in history that I have for you is AI Grant that you guys decided to join and move here. What was it like? I think you were in, like, batch two? Batch four. Batch four. Okay.Micah [00:16:26]: I mean, it was great. Nat and Daniel are obviously great. And it's a really cool group of companies that we were in AI Grant alongside. It was really great to get Nat and Daniel on board. Obviously, they've done a whole lot of great work in the space with a lot of leading companies and were extremely aligned. With the mission of what we were trying to do. Like, we're not quite typical of, like, a lot of the other AI startups that they've invested in.swyx [00:16:53]: And they were very much here for the mission of what we want to do. Did they say any advice that really affected you in some way or, like, were one of the events very impactful? That's an interesting question.Micah [00:17:03]: I mean, I remember fondly a bunch of the speakers who came and did fireside chats at AI Grant.swyx [00:17:09]: Which is also, like, a crazy list. Yeah.George [00:17:11]: Oh, totally. Yeah, yeah, yeah. There was something about, you know, speaking to Nat and Daniel about the challenges of working through a startup and just working through the questions that don't have, like, clear answers and how to work through those kind of methodically and just, like, work through the hard decisions. And they've been great mentors to us as we've built artificial analysis. Another benefit for us was that other companies in the batch and other companies in AI Grant are pushing the capabilities. Yeah. And I think that's a big part of what AI can do at this time. And so being in contact with them, making sure that artificial analysis is useful to them has been fantastic for supporting us in working out how should we build out artificial analysis to continue to being useful to those, like, you know, building on AI.swyx [00:17:59]: I think to some extent, I'm mixed opinion on that one because to some extent, your target audience is not people in AI Grants who are obviously at the frontier. Yeah. Do you disagree?Micah [00:18:09]: To some extent. To some extent. But then, so a lot of what the AI Grant companies are doing is taking capabilities coming out of the labs and trying to push the limits of what they can do across the entire stack for building great applications, which actually makes some of them pretty archetypical power users of artificial analysis. Some of the people with the strongest opinions about what we're doing well and what we're not doing well and what they want to see next from us. Yeah. Yeah. Because when you're building any kind of AI application now, chances are you're using a whole bunch of different models. You're maybe switching reasonably frequently for different models and different parts of your application to optimize what you're able to do with them at an accuracy level and to get better speed and cost characteristics. So for many of them, no, they're like not commercial customers of ours, like we don't charge for all our data on the website. Yeah. They are absolutely some of our power users.swyx [00:19:07]: So let's talk about just the evals as well. So you start out from the general like MMU and GPQA stuff. What's next? How do you sort of build up to the overall index? What was in V1 and how did you evolve it? Okay.Micah [00:19:22]: So first, just like background, like we're talking about the artificial analysis intelligence index, which is our synthesis metric that we pulled together currently from 10 different eval data sets to give what? We're pretty much the same as that. Pretty confident is the best single number to look at for how smart the models are. Obviously, it doesn't tell the whole story. That's why we published the whole website of all the charts to dive into every part of it and look at the trade-offs. But best single number. So right now, it's got a bunch of Q&A type data sets that have been very important to the industry, like a couple that you just mentioned. It's also got a couple of agentic data sets. It's got our own long context reasoning data set and some other use case focused stuff. As time goes on. The things that we're most interested in that are going to be important to the capabilities that are becoming more important for AI, what developers are caring about, are going to be first around agentic capabilities. So surprise, surprise. We're all loving our coding agents and how the model is going to perform like that and then do similar things for different types of work are really important to us. The linking to use cases to economically valuable use cases are extremely important to us. And then we've got some of the. Yeah. These things that the models still struggle with, like working really well over long contexts that are not going to go away as specific capabilities and use cases that we need to keep evaluating.swyx [00:20:46]: But I guess one thing I was driving was like the V1 versus the V2 and how bad it was over time.Micah [00:20:53]: Like how we've changed the index to where we are.swyx [00:20:55]: And I think that reflects on the change in the industry. Right. So that's a nice way to tell that story.Micah [00:21:00]: Well, V1 would be completely saturated right now. Almost every model coming out because doing things like writing the Python functions and human evil is now pretty trivial. It's easy to forget, actually, I think how much progress has been made in the last two years. Like we obviously play the game constantly of like the today's version versus last week's version and the week before and all of the small changes in the horse race between the current frontier and who has the best like smaller than 10B model like right now this week. Right. And that's very important to a lot of developers and people and especially in this particular city of San Francisco. But when you zoom out a couple of years ago, literally most of what we were doing to evaluate the models then would all be 100% solved by even pretty small models today. And that's been one of the key things, by the way, that's driven down the cost of intelligence at every tier of intelligence. We can talk about more in a bit. So V1, V2, V3, we made things harder. We covered a wider range of use cases. And we tried to get closer to things developers care about as opposed to like just the Q&A type stuff that MMLU and GPQA represented. Yeah.swyx [00:22:12]: I don't know if you have anything to add there. Or we could just go right into showing people the benchmark and like looking around and asking questions about it. Yeah.Micah [00:22:21]: Let's do it. Okay. This would be a pretty good way to chat about a few of the new things we've launched recently. Yeah.George [00:22:26]: And I think a little bit about the direction that we want to take it. And we want to push benchmarks. Currently, the intelligence index and evals focus a lot on kind of raw intelligence. But we kind of want to diversify how we think about intelligence. And we can talk about it. But kind of new evals that we've kind of built and partnered on focus on topics like hallucination. And we've got a lot of topics that I think are not covered by the current eval set that should be. And so we want to bring that forth. But before we get into that.swyx [00:23:01]: And so for listeners, just as a timestamp, right now, number one is Gemini 3 Pro High. Then followed by Cloud Opus at 70. Just 5.1 high. You don't have 5.2 yet. And Kimi K2 Thinking. Wow. Still hanging in there. So those are the top four. That will date this podcast quickly. Yeah. Yeah. I mean, I love it. I love it. No, no. 100%. Look back this time next year and go, how cute. Yep.George [00:23:25]: Totally. A quick view of that is, okay, there's a lot. I love it. I love this chart. Yeah.Micah [00:23:30]: This is such a favorite, right? Yeah. And almost every talk that George or I give at conferences and stuff, we always put this one up first to just talk about situating where we are in this moment in history. This, I think, is the visual version of what I was saying before about the zooming out and remembering how much progress there's been. If we go back to just over a year ago, before 01, before Cloud Sonnet 3.5, we didn't have reasoning models or coding agents as a thing. And the game was very, very different. If we go back even a little bit before then, we're in the era where, when you look at this chart, open AI was untouchable for well over a year. And, I mean, you would remember that time period well of there being very open questions about whether or not AI was going to be competitive, like full stop, whether or not open AI would just run away with it, whether we would have a few frontier labs and no one else would really be able to do anything other than consume their APIs. I am quite happy overall that the world that we have ended up in is one where... Multi-model. Absolutely. And strictly more competitive every quarter over the last few years. Yeah. This year has been insane. Yeah.George [00:24:42]: You can see it. This chart with everything added is hard to read currently. There's so many dots on it, but I think it reflects a little bit what we felt, like how crazy it's been.swyx [00:24:54]: Why 14 as the default? Is that a manual choice? Because you've got service now in there that are less traditional names. Yeah.George [00:25:01]: It's models that we're kind of highlighting by default in our charts, in our intelligence index. Okay.swyx [00:25:07]: You just have a manually curated list of stuff.George [00:25:10]: Yeah, that's right. But something that I actually don't think every artificial analysis user knows is that you can customize our charts and choose what models are highlighted. Yeah. And so if we take off a few names, it gets a little easier to read.swyx [00:25:25]: Yeah, yeah. A little easier to read. Totally. Yeah. But I love that you can see the all one jump. Look at that. September 2024. And the DeepSeek jump. Yeah.George [00:25:34]: Which got close to OpenAI's leadership. They were so close. I think, yeah, we remember that moment. Around this time last year, actually.Micah [00:25:44]: Yeah, yeah, yeah. I agree. Yeah, well, a couple of weeks. It was Boxing Day in New Zealand when DeepSeek v3 came out. And we'd been tracking DeepSeek and a bunch of the other global players that were less known over the second half of 2024 and had run evals on the earlier ones and stuff. I very distinctly remember Boxing Day in New Zealand, because I was with family for Christmas and stuff, running the evals and getting back result by result on DeepSeek v3. So this was the first of their v3 architecture, the 671b MOE.Micah [00:26:19]: And we were very, very impressed. That was the moment where we were sure that DeepSeek was no longer just one of many players, but had jumped up to be a thing. The world really noticed when they followed that up with the RL working on top of v3 and R1 succeeding a few weeks later. But the groundwork for that absolutely was laid with just extremely strong base model, completely open weights that we had as the best open weights model. So, yeah, that's the thing that you really see in the game. But I think that we got a lot of good feedback on Boxing Day. us on Boxing Day last year.George [00:26:48]: Boxing Day is the day after Christmas for those not familiar.George [00:26:54]: I'm from Singapore.swyx [00:26:55]: A lot of us remember Boxing Day for a different reason, for the tsunami that happened. Oh, of course. Yeah, but that was a long time ago. So yeah. So this is the rough pitch of AAQI. Is it A-A-Q-I or A-A-I-I? I-I. Okay. Good memory, though.Micah [00:27:11]: I don't know. I'm not used to it. Once upon a time, we did call it Quality Index, and we would talk about quality, performance, and price, but we changed it to intelligence.George [00:27:20]: There's been a few naming changes. We added hardware benchmarking to the site, and so benchmarks at a kind of system level. And so then we changed our throughput metric to, we now call it output speed, and thenswyx [00:27:32]: throughput makes sense at a system level, so we took that name. Take me through more charts. What should people know? Obviously, the way you look at the site is probably different than how a beginner might look at it.Micah [00:27:42]: Yeah, that's fair. There's a lot of fun stuff to dive into. Maybe so we can hit past all the, like, we have lots and lots of emails and stuff. The interesting ones to talk about today that would be great to bring up are a few of our recent things, I think, that probably not many people will be familiar with yet. So first one of those is our omniscience index. So this one is a little bit different to most of the intelligence evils that we've run. We built it specifically to look at the embedded knowledge in the models and to test hallucination by looking at when the model doesn't know the answer, so not able to get it correct, what's its probability of saying, I don't know, or giving an incorrect answer. So the metric that we use for omniscience goes from negative 100 to positive 100. Because we're simply taking off a point if you give an incorrect answer to the question. We're pretty convinced that this is an example of where it makes most sense to do that, because it's strictly more helpful to say, I don't know, instead of giving a wrong answer to factual knowledge question. And one of our goals is to shift the incentive that evils create for models and the labs creating them to get higher scores. And almost every evil across all of AI up until this point, it's been graded by simple percentage correct as the main metric, the main thing that gets hyped. And so you should take a shot at everything. There's no incentive to say, I don't know. So we did that for this one here.swyx [00:29:22]: I think there's a general field of calibration as well, like the confidence in your answer versus the rightness of the answer. Yeah, we completely agree. Yeah. Yeah.George [00:29:31]: On that. And one reason that we didn't do that is because. Or put that into this index is that we think that the, the way to do that is not to ask the models how confident they are.swyx [00:29:43]: I don't know. Maybe it might be though. You put it like a JSON field, say, say confidence and maybe it spits out something. Yeah. You know, we have done a few evils podcasts over the, over the years. And when we did one with Clementine of hugging face, who maintains the open source leaderboard, and this was one of her top requests, which is some kind of hallucination slash lack of confidence calibration thing. And so, Hey, this is one of them.Micah [00:30:05]: And I mean, like anything that we do, it's not a perfect metric or the whole story of everything that you think about as hallucination. But yeah, it's pretty useful and has some interesting results. Like one of the things that we saw in the hallucination rate is that anthropics Claude models at the, the, the very left-hand side here with the lowest hallucination rates out of the models that we've evaluated amnesty is on. That is an interesting fact. I think it probably correlates with a lot of the previously, not really measured vibes stuff that people like about some of the Claude models. Is the dataset public or what's is it, is there a held out set? There's a hell of a set for this one. So we, we have published a public test set, but we we've only published 10% of it. The reason is that for this one here specifically, it would be very, very easy to like have data contamination because it is just factual knowledge questions. We would. We'll update it at a time to also prevent that, but with yeah, kept most of it held out so that we can keep it reliable for a long time. It leads us to a bunch of really cool things, including breakdown quite granularly by topic. And so we've got some of that disclosed on the website publicly right now, and there's lots more coming in terms of our ability to break out very specific topics. Yeah.swyx [00:31:23]: I would be interested. Let's, let's dwell a little bit on this hallucination one. I noticed that Haiku hallucinates less than Sonnet hallucinates less than Opus. And yeah. Would that be the other way around in a normal capability environments? I don't know. What's, what do you make of that?George [00:31:37]: One interesting aspect is that we've found that there's not really a, not a strong correlation between intelligence and hallucination, right? That's to say that the smarter the models are in a general sense, isn't correlated with their ability to, when they don't know something, say that they don't know. It's interesting that Gemini three pro preview was a big leap over here. Gemini 2.5. Flash and, and, and 2.5 pro, but, and if I add pro quickly here.swyx [00:32:07]: I bet pro's really good. Uh, actually no, I meant, I meant, uh, the GPT pros.George [00:32:12]: Oh yeah.swyx [00:32:13]: Cause GPT pros are rumored. We don't know for a fact that it's like eight runs and then with the LM judge on top. Yeah.George [00:32:20]: So we saw a big jump in, this is accuracy. So this is just percent that they get, uh, correct and Gemini three pro knew a lot more than the other models. And so big jump in accuracy. But relatively no change between the Google Gemini models, between releases. And the hallucination rate. Exactly. And so it's likely due to just kind of different post-training recipe, between the, the Claude models. Yeah.Micah [00:32:45]: Um, there's, there's driven this. Yeah. You can, uh, you can partially blame us and how we define intelligence having until now not defined hallucination as a negative in the way that we think about intelligence.swyx [00:32:56]: And so that's what we're changing. Uh, I know many smart people who are confidently incorrect.George [00:33:02]: Uh, look, look at that. That, that, that is very humans. Very true. And there's times and a place for that. I think our view is that hallucination rate makes sense in this context where it's around knowledge, but in many cases, people want the models to hallucinate, to have a go. Often that's the case in coding or when you're trying to generate newer ideas. One eval that we added to artificial analysis is, is, is critical point and it's really hard, uh, physics problems. Okay.swyx [00:33:32]: And is it sort of like a human eval type or something different or like a frontier math type?George [00:33:37]: It's not dissimilar to frontier frontier math. So these are kind of research questions that kind of academics in the physics physics world would be able to answer, but models really struggled to answer. So the top score here is not 9%.swyx [00:33:51]: And when the people that, that created this like Minway and, and, and actually off via who was kind of behind sweep and what organization is this? Oh, is this, it's Princeton.George [00:34:01]: Kind of range of academics from, from, uh, different academic institutions, really smart people. They talked about how they turn the models up in terms of the temperature as high temperature as they can, where they're trying to explore kind of new ideas in physics as a, as a thought partner, just because they, they want the models to hallucinate. Um, yeah, sometimes it's something new. Yeah, exactly.swyx [00:34:21]: Um, so not right in every situation, but, um, I think it makes sense, you know, to test hallucination in scenarios where it makes sense. Also, the obvious question is, uh, this is one of. Many that there is there, every lab has a system card that shows some kind of hallucination number, and you've chosen to not, uh, endorse that and you've made your own. And I think that's a, that's a choice. Um, totally in some sense, the rest of artificial analysis is public benchmarks that other people can independently rerun. You provide it as a service here. You have to fight the, well, who are we to, to like do this? And your, your answer is that we have a lot of customers and, you know, but like, I guess, how do you converge the individual?Micah [00:35:08]: I mean, I think, I think for hallucinations specifically, there are a bunch of different things that you might care about reasonably, and that you'd measure quite differently, like we've called this a amnesty and solutionation rate, not trying to declare the, like, it's humanity's last hallucination. You could, uh, you could have some interesting naming conventions and all this stuff. Um, the biggest picture answer to that. It's something that I actually wanted to mention. Just as George was explaining, critical point as well is, so as we go forward, we are building evals internally. We're partnering with academia and partnering with AI companies to build great evals. We have pretty strong views on, in various ways for different parts of the AI stack, where there are things that are not being measured well, or things that developers care about that should be measured more and better. And we intend to be doing that. We're not obsessed necessarily with that. Everything we do, we have to do entirely within our own team. Critical point. As a cool example of where we were a launch partner for it, working with academia, we've got some partnerships coming up with a couple of leading companies. Those ones, obviously we have to be careful with on some of the independent stuff, but with the right disclosure, like we're completely comfortable with that. A lot of the labs have released great data sets in the past that we've used to great success independently. And so it's between all of those techniques, we're going to be releasing more stuff in the future. Cool.swyx [00:36:26]: Let's cover the last couple. And then we'll, I want to talk about your trends analysis stuff, you know? Totally.Micah [00:36:31]: So that actually, I have one like little factoid on omniscience. If you go back up to accuracy on omniscience, an interesting thing about this accuracy metric is that it tracks more closely than anything else that we measure. The total parameter count of models makes a lot of sense intuitively, right? Because this is a knowledge eval. This is the pure knowledge metric. We're not looking at the index and the hallucination rate stuff that we think is much more about how the models are trained. This is just what facts did they recall? And yeah, it tracks parameter count extremely closely. Okay.swyx [00:37:05]: What's the rumored size of GPT-3 Pro? And to be clear, not confirmed for any official source, just rumors. But rumors do fly around. Rumors. I get, I hear all sorts of numbers. I don't know what to trust.Micah [00:37:17]: So if you, if you draw the line on omniscience accuracy versus total parameters, we've got all the open ways models, you can squint and see that likely the leading frontier models right now are quite a lot bigger than the ones that we're seeing right now. And the one trillion parameters that the open weights models cap out at, and the ones that we're looking at here, there's an interesting extra data point that Elon Musk revealed recently about XAI that for three trillion parameters for GROK 3 and 4, 6 trillion for GROK 5, but that's not out yet. Take those together, have a look. You might reasonably form a view that there's a pretty good chance that Gemini 3 Pro is bigger than that, that it could be in the 5 to 10 trillion parameters. To be clear, I have absolutely no idea, but just based on this chart, like that's where you would, you would land if you have a look at it. Yeah.swyx [00:38:07]: And to some extent, I actually kind of discourage people from guessing too much because what does it really matter? Like as long as they can serve it as a sustainable cost, that's about it. Like, yeah, totally.George [00:38:17]: They've also got different incentives in play compared to like open weights models who are thinking to supporting others in self-deployment for the labs who are doing inference at scale. It's I think less about total parameters in many cases. When thinking about inference costs and more around number of active parameters. And so there's a bit of an incentive towards larger sparser models. Agreed.Micah [00:38:38]: Understood. Yeah. Great. I mean, obviously if you're a developer or company using these things, not exactly as you say, it doesn't matter. You should be looking at all the different ways that we measure intelligence. You should be looking at cost to run index number and the different ways of thinking about token efficiency and cost efficiency based on the list prices, because that's all it matters.swyx [00:38:56]: It's not as good for the content creator rumor mill where I can say. Oh, GPT-4 is this small circle. Look at GPT-5 is this big circle. And then there used to be a thing for a while. Yeah.Micah [00:39:07]: But that is like on its own, actually a very interesting one, right? That is it just purely that chances are the last couple of years haven't seen a dramatic scaling up in the total size of these models. And so there's a lot of room to go up properly in total size of the models, especially with the upcoming hardware generations. Yes.swyx [00:39:29]: So, you know. Taking off my shitposting face for a minute. Yes. Yes. At the same time, I do feel like, you know, especially coming back from Europe, people do feel like Ilya is probably right that the paradigm is doesn't have many more orders of magnitude to scale out more. And therefore we need to start exploring at least a different path. GDPVal, I think it's like only like a month or so old. I was also very positive when it first came out. I actually talked to Tejo, who was the lead researcher on that. Oh, cool. And you have your own version.George [00:39:59]: It's a fantastic. It's a fantastic data set. Yeah.swyx [00:40:01]: And maybe it will recap for people who are still out of it. It's like 44 tasks based on some kind of GDP cutoff that's like meant to represent broad white collar work that is not just coding. Yeah.Micah [00:40:12]: Each of the tasks have a whole bunch of detailed instructions, some input files for a lot of them. It's within the 44 is divided into like two hundred and twenty two to five, maybe subtasks that are the level of that we run through the agenda. And yeah, they're really interesting. I will say that it doesn't. It doesn't necessarily capture like all the stuff that people do at work. No avail is perfect is always going to be more things to look at, largely because in order to make the tasks well enough to find that you can run them, they need to only have a handful of input files and very specific instructions for that task. And so I think the easiest way to think about them are that they're like quite hard take home exam tasks that you might do in an interview process.swyx [00:40:56]: Yeah, for listeners, it is not no longer like a long prompt. It is like, well, here's a zip file with like a spreadsheet or a PowerPoint deck or a PDF and go nuts and answer this question.George [00:41:06]: OpenAI released a great data set and they released a good paper which looks at performance across the different web chat bots on the data set. It's a great paper, encourage people to read it. What we've done is taken that data set and turned it into an eval that can be run on any model. So we created a reference agentic harness that can run. Run the models on the data set, and then we developed evaluator approach to compare outputs. That's kind of AI enabled, so it uses Gemini 3 Pro Preview to compare results, which we tested pretty comprehensively to ensure that it's aligned to human preferences. One data point there is that even as an evaluator, Gemini 3 Pro, interestingly, doesn't do actually that well. So that's kind of a good example of what we've done in GDPVal AA.swyx [00:42:01]: Yeah, the thing that you have to watch out for with LLM judge is self-preference that models usually prefer their own output, and in this case, it was not. Totally.Micah [00:42:08]: I think the way that we're thinking about the places where it makes sense to use an LLM as judge approach now, like quite different to some of the early LLM as judge stuff a couple of years ago, because some of that and MTV was a great project that was a good example of some of this a while ago was about judging conversations and like a lot of style type stuff. Here, we've got the task that the grader and grading model is doing is quite different to the task of taking the test. When you're taking the test, you've got all of the agentic tools you're working with, the code interpreter and web search, the file system to go through many, many turns to try to create the documents. Then on the other side, when we're grading it, we're running it through a pipeline to extract visual and text versions of the files and be able to provide that to Gemini, and we're providing the criteria for the task and getting it to pick which one more effectively meets the criteria of the task. Yeah. So we've got the task out of two potential outcomes. It turns out that we proved that it's just very, very good at getting that right, matched with human preference a lot of the time, because I think it's got the raw intelligence, but it's combined with the correct representation of the outputs, the fact that the outputs were created with an agentic task that is quite different to the way the grading model works, and we're comparing it against criteria, not just kind of zero shot trying to ask the model to pick which one is better.swyx [00:43:26]: Got it. Why is this an ELO? And not a percentage, like GDP-VAL?George [00:43:31]: So the outputs look like documents, and there's video outputs or audio outputs from some of the tasks. It has to make a video? Yeah, for some of the tasks. Some of the tasks.swyx [00:43:43]: What task is that?George [00:43:45]: I mean, it's in the data set. Like be a YouTuber? It's a marketing video.Micah [00:43:49]: Oh, wow. What? Like model has to go find clips on the internet and try to put it together. The models are not that good at doing that one, for now, to be clear. It's pretty hard to do that with a code editor. I mean, the computer stuff doesn't work quite well enough and so on and so on, but yeah.George [00:44:02]: And so there's no kind of ground truth, necessarily, to compare against, to work out percentage correct. It's hard to come up with correct or incorrect there. And so it's on a relative basis. And so we use an ELO approach to compare outputs from each of the models between the task.swyx [00:44:23]: You know what you should do? You should pay a contractor, a human, to do the same task. And then give it an ELO and then so you have, you have human there. It's just, I think what's helpful about GDPVal, the OpenAI one, is that 50% is meant to be normal human and maybe Domain Expert is higher than that, but 50% was the bar for like, well, if you've crossed 50, you are superhuman. Yeah.Micah [00:44:47]: So we like, haven't grounded this score in that exactly. I agree that it can be helpful, but we wanted to generalize this to a very large number. It's one of the reasons that presenting it as ELO is quite helpful and allows us to add models and it'll stay relevant for quite a long time. I also think it, it can be tricky looking at these exact tasks compared to the human performance, because the way that you would go about it as a human is quite different to how the models would go about it. Yeah.swyx [00:45:15]: I also liked that you included Lama 4 Maverick in there. Is that like just one last, like...Micah [00:45:20]: Well, no, no, no, no, no, no, it is the, it is the best model released by Meta. And... So it makes it into the homepage default set, still for now.George [00:45:31]: Other inclusion that's quite interesting is we also ran it across the latest versions of the web chatbots. And so we have...swyx [00:45:39]: Oh, that's right.George [00:45:40]: Oh, sorry.swyx [00:45:41]: I, yeah, I completely missed that. Okay.George [00:45:43]: No, not at all. So that, which has a checkered pattern. So that is their harness, not yours, is what you're saying. Exactly. And what's really interesting is that if you compare, for instance, Claude 4.5 Opus using the Claude web chatbot, it performs worse than the model in our agentic harness. And so in every case, the model performs better in our agentic harness than its web chatbot counterpart, the harness that they created.swyx [00:46:13]: Oh, my backwards explanation for that would be that, well, it's meant for consumer use cases and here you're pushing it for something.Micah [00:46:19]: The constraints are different and the amount of freedom that you can give the model is different. Also, you like have a cost goal. We let the models work as long as they want, basically. Yeah. Do you copy paste manually into the chatbot? Yeah. Yeah. That's, that was how we got the chatbot reference. We're not going to be keeping those updated at like quite the same scale as hundreds of models.swyx [00:46:38]: Well, so I don't know, talk to a browser base. They'll, they'll automate it for you. You know, like I have thought about like, well, we should turn these chatbot versions into an API because they are legitimately different agents in themselves. Yes. Right. Yeah.Micah [00:46:53]: And that's grown a huge amount of the last year, right? Like the tools. The tools that are available have actually diverged in my opinion, a fair bit across the major chatbot apps and the amount of data sources that you can connect them to have gone up a lot, meaning that your experience and the way you're using the model is more different than ever.swyx [00:47:10]: What tools and what data connections come to mind when you say what's interesting, what's notable work that people have done?Micah [00:47:15]: Oh, okay. So my favorite example on this is that until very recently, I would argue that it was basically impossible to get an LLM to draft an email for me in any useful way. Because most times that you're sending an email, you're not just writing something for the sake of writing it. Chances are context required is a whole bunch of historical emails. Maybe it's notes that you've made, maybe it's meeting notes, maybe it's, um, pulling something from your, um, any of like wherever you at work store stuff. So for me, like Google drive, one drive, um, in our super base databases, if we need to do some analysis or some data or something, preferably model can be plugged into all of those things and can go do some useful work based on it. The things that like I find most impressive currently that I am somewhat surprised work really well in late 2025, uh, that I can have models use super base MCP to query read only, of course, run a whole bunch of SQL queries to do pretty significant data analysis. And. And make charts and stuff and can read my Gmail and my notion. And okay. You actually use that. That's good. That's, that's, that's good. Is that a cloud thing? To various degrees of order, but chat GPD and Claude right now, I would say that this stuff like barely works in fairness right now. Like.George [00:48:33]: Because people are actually going to try this after they hear it. If you get an email from Micah, odds are it wasn't written by a chatbot.Micah [00:48:38]: So, yeah, I think it is true that I have never actually sent anyone an email drafted by a chatbot. Yet.swyx [00:48:46]: Um, and so you can, you can feel it right. And yeah, this time, this time next year, we'll come back and see where it's going. Totally. Um, super base shout out another famous Kiwi. Uh, I don't know if you've, you've any conversations with him about anything in particular on AI building and AI infra.George [00:49:03]: We have had, uh, Twitter DMS, um, with, with him because we're quite big, uh, super base users and power users. And we probably do some things more manually than we should in. In, in super base support line because you're, you're a little bit being super friendly. One extra, um, point regarding, um, GDP Val AA is that on the basis of the overperformance of the models compared to the chatbots turns out, we realized that, oh, like our reference harness that we built actually white works quite well on like gen generalist agentic tasks. This proves it in a sense. And so the agent harness is very. Minimalist. I think it follows some of the ideas that are in Claude code and we, all that we give it is context management capabilities, a web search, web browsing, uh, tool, uh, code execution, uh, environment. Anything else?Micah [00:50:02]: I mean, we can equip it with more tools, but like by default, yeah, that's it. We, we, we give it for GDP, a tool to, uh, view an image specifically, um, because the models, you know, can just use a terminal to pull stuff in text form into context. But to pull visual stuff into context, we had to give them a custom tool, but yeah, exactly. Um, you, you can explain an expert. No.George [00:50:21]: So it's, it, we turned out that we created a good generalist agentic harness. And so we, um, released that on, on GitHub yesterday. It's called stirrup. So if people want to check it out and, and it's a great, um, you know, base for, you know, generalist, uh, building a generalist agent for more specific tasks.Micah [00:50:39]: I'd say the best way to use it is get clone and then have your favorite coding. Agent make changes to it, to do whatever you want, because it's not that many lines of code and the coding agents can work with it. Super well.swyx [00:50:51]: Well, that's nice for the community to explore and share and hack on it. I think maybe in, in, in other similar environments, the terminal bench guys have done, uh, sort of the Harbor. Uh, and so it's, it's a, it's a bundle of, well, we need our minimal harness, which for them is terminus and we also need the RL environments or Docker deployment thing to, to run independently. So I don't know if you've looked at it. I don't know if you've looked at the harbor at all, is that, is that like a, a standard that people want to adopt?George [00:51:19]: Yeah, we've looked at it from a evals perspective and we love terminal bench and, and host benchmarks of, of, of terminal mention on artificial analysis. Um, we've looked at it from a, from a coding agent perspective, but could see it being a great, um, basis for any kind of agents. I think where we're getting to is that these models have gotten smart enough. They've gotten better, better tools that they can perform better when just given a minimalist. Set of tools and, and let them run, let the model control the, the agentic workflow rather than using another framework that's a bit more built out that tries to dictate the, dictate the flow. Awesome.swyx [00:51:56]: Let's cover the openness index and then let's go into the report stuff. Uh, so that's the, that's the last of the proprietary art numbers, I guess. I don't know how you sort of classify all these. Yeah.Micah [00:52:07]: Or call it, call it, let's call it the last of like the, the three new things that we're talking about from like the last few weeks. Um, cause I mean, there's a, we do a mix of stuff that. Where we're using open source, where we open source and what we do and, um, proprietary stuff that we don't always open source, like long context reasoning data set last year, we did open source. Um, and then all of the work on performance benchmarks across the site, some of them, we looking to open source, but some of them, like we're constantly iterating on and so on and so on and so on. So there's a huge mix, I would say, just of like stuff that is open source and not across the side. So that's a LCR for people. Yeah, yeah, yeah, yeah.swyx [00:52:41]: Uh, but let's, let's, let's talk about open.Micah [00:52:42]: Let's talk about openness index. This. Here is call it like a new way to think about how open models are. We, for a long time, have tracked where the models are open weights and what the licenses on them are. And that's like pretty useful. That tells you what you're allowed to do with the weights of a model, but there is this whole other dimension to how open models are. That is pretty important that we haven't tracked until now. And that's how much is disclosed about how it was made. So transparency about data, pre-training data and post-training data. And whether you're allowed to use that data and transparency about methodology and training code. So basically, those are the components. We bring them together to score an openness index for models so that you can in one place get this full picture of how open models are.swyx [00:53:32]: I feel like I've seen a couple other people try to do this, but they're not maintained. I do think this does matter. I don't know what the numbers mean apart from is there a max number? Is this out of 20?George [00:53:44]: It's out of 18 currently, and so we've got an openness index page, but essentially these are points, you get points for being more open across these different categories and the maximum you can achieve is 18. So AI2 with their extremely open OMO3 32B think model is the leader in a sense.swyx [00:54:04]: It's hooking face.George [00:54:05]: Oh, with their smaller model. It's coming soon. I think we need to run, we need to get the intelligence benchmarks right to get it on the site.swyx [00:54:12]: You can't have it open in the next. We can not include hooking face. We love hooking face. We'll have that, we'll have that up very soon. I mean, you know, the refined web and all that stuff. It's, it's amazing. Or is it called fine web? Fine web. Fine web.Micah [00:54:23]: Yeah, yeah, no, totally. Yep. One of the reasons this is cool, right, is that if you're trying to understand the holistic picture of the models and what you can do with all the stuff the company's contributing, this gives you that picture. And so we are going to keep it up to date alongside all the models that we do intelligence index on, on the site. And it's just an extra view to understand.swyx [00:54:43]: Can you scroll down to this? The, the, the, the trade-offs chart. Yeah, yeah. That one. Yeah. This, this really matters, right? Obviously, because you can b

In this episode of the Ardan Labs Podcast, Bill Kennedy talks with Miles Spencer, founder of Reflekta, about using AI to preserve the stories and legacies of loved ones. Miles explains how Reflekta enables meaningful, ongoing conversations with elders through AI while prioritizing privacy, ethics, and emotional responsibility.They explore the technical foundations of the platform, the challenges of building trust around deeply personal data, and the business model behind Reflekta. Miles also shares his journey from high school to entrepreneurship and reflects on how technology can foster genuine human connection rather than replace it.00:00 Introduction 02:35 How Reflekta Uses AI05:10 Media Processing and Conversations08:26 Privacy, Security, and Ethics13:25 Miles' Background and Journey27:57 Early Entrepreneurship and Family Challenges36:49 Finance, Venture Capital, and Media44:57 New Ventures and Career Shifts56:54 COVID-19 and Business Impact01:00:04 The Birth of Reflekta01:09:03 Ethical Challenges and the Road AheadConnect with Miles: LinkedIn: https://www.linkedin.com/in/milesspencer/Mentioned in this Episode:Reflekta: https://reflekta.ai/Want more from Ardan Labs? You can learn Go, Kubernetes, Docker & more through our video training, live events, or through our blog!Online Courses : https://ardanlabs.com/education/ Live Events : https://www.ardanlabs.com/live-training-events/ Blog : https://www.ardanlabs.com/blog Github : https://github.com/ardanlabs

Topics covered in this episode: ty: An extremely fast Python type checker and LSP Python Supply Chain Security Made Easy typing_extensions MI6 chief: We'll be as fluent in Python as we are in Russian Extras Joke Watch on YouTube About the show Connect with the hosts Michael: @mkennedy@fosstodon.org / @mkennedy.codes (bsky) Brian: @brianokken@fosstodon.org / @brianokken.bsky.social Show: @pythonbytes@fosstodon.org / @pythonbytes.fm (bsky) Join us on YouTube at pythonbytes.fm/live to be part of the audience. Usually Monday at 10am PT. Older video versions available there too. Finally, if you want an artisanal, hand-crafted digest of every week of the show notes in email form? Add your name and email to our friends of the show list, we'll never share it. Brian #1: ty: An extremely fast Python type checker and LSP Charlie Marsh announced the Beta release of ty on Dec 16 “designed as an alternative to tools like mypy, Pyright, and Pylance.” Extremely fast even from first run Successive runs are incremental, only rerunning necessary computations as a user edits a file or function. This allows live updates. Includes nice visual diagnostics much like color enhanced tracebacks Extensive configuration control Nice for if you want to gradually fix warnings from ty for a project Also released a nice VSCode (or Cursor) extension Check the docs. There are lots of features. Also a note about disabling the default language server (or disabling ty's language server) so you don't have 2 running Michael #2: Python Supply Chain Security Made Easy We know about supply chain security issues, but what can you do? Typosquatting (not great) Github/PyPI account take-overs (very bad) Enter pip-audit. Run it in two ways: Against your installed dependencies in current venv As a proper unit test (so when running pytest or CI/CD). Let others find out first, wait a week on all dependency updates: uv pip compile requirements.piptools --upgrade --output-file requirements.txt --exclude-newer "1 week" Follow up article: DevOps Python Supply Chain Security Create a dedicated Docker image for testing dependencies with pip-audit in isolation before installing them into your venv. Run pip-compile / uv lock --upgrade to generate the new lock file Test in a ephemeral pip-audit optimized Docker container Only then if things pass, uv pip install / uv sync Add a dedicated Docker image build step that fails the docker build step if a vulnerable package is found. Brian #3: typing_extensions Kind of a followup on the deprecation warning topic we were talking about in December. prioinv on Mastodon notified us that the project typing-extensions includes it as part of the backport set. The warnings.deprecated decorator is new to Python 3.13, but with typing-extensions, you can use it in previous versions. But typing_extesions is way cooler than just that. The module serves 2 purposes: Enable use of new type system features on older Python versions. Enable experimentation with type system features proposed in new PEPs before they are accepted and added to the typing module. So cool. There's a lot of features here. I'm hoping it allows someone to use the latest typing syntax across multiple Python versions. I'm “tentatively” excited. But I'm bracing for someone to tell me why it's not a silver bullet. Michael #4: MI6 chief: We'll be as fluent in Python as we are in Russian "Advances in artificial intelligence, biotechnology and quantum computing are not only revolutionizing economies but rewriting the reality of conflict, as they 'converge' to create science fiction-like tools,” said new MI6 chief Blaise Metreweli. She focused mainly on threats from Russia, the country is "testing us in the grey zone with tactics that are just below the threshold of war.” This demands what she called "mastery of technology" across the service, with officers required to become "as comfortable with lines of code as we are with human sources, as fluent in Python as we are in multiple other languages." Recruitment will target linguists, data scientists, engineers, and technologists alike. Extras Brian: Next chapter of Lean TDD being released today, Finding Waste in TDD Still going to attempt a Jan 31 deadline for first draft of book. That really doesn't seem like enough time, but I'm optimistic. SteamDeck is not helping me find time to write But I very much appreciate the gift from my fam Send me game suggestions on Mastodon or Bluesky. I'd love to hear what you all are playing. Michael: Astral has announced the Beta release of ty, which they say they are "ready to recommend to motivated users for production use." Blog post Release page Reuven Lerner has a video series on Pandas 3 Joke: Error Handling in the age of AI Play on the inversion of JavaScript the Good Parts

In this episode I talk with Lio Lunesu, CTO of Defang, about infrastructure as code, Docker, and Docker Compose. Defang compiles Docker Compose files into cloud infrastructure code.Links:DefangLio Lunesu on LinkedInSaturnCINonsense Monthly

This week, Brian Gracely joins to dissect strategic choices made by Broadcom, Docker, Netflix and Intel. Plus: The AI Bifurcation—are models commodities or product pillars? Rundown Licensing in VMware Cloud Foundation 9.0 (https://blogs.vmware.com/cloud-foundation/2025/06/24/licensing-in-vmware-cloud-foundation-9-0/) Hardened Images for Everyone (https://www.docker.com/blog/docker-hardened-images-for-every-developer/) Introducing Chainguard EmeritOSS (https://www.chainguard.dev/unchained/introducing-chainguard-emeritoss) Netflix to Acquire Warner Bros. (https://about.netflix.com/en/news/netflix-to-acquire-warner-bros) Anthropic reportedly preparing for one of the largest IPOs (https://www.cnbc.com/2025/12/03/anthropic-claude-reportedly-preparing-ipo-race-openai-chatgpt-ft-wilson-sonsini-goodrich-rosati.html) Conferences cfgmgmtcamp 2026 (https://cfgmgmtcamp.org/ghent2026/), February 2nd to 4th, Ghent, BE. Coté speaking and doing live SDI (https://www.softwaredefinedinterviews.com) with John Willis. DevOpsDayLA at SCALE23x (https://www.socallinuxexpo.org/scale/23x), March 6th, Pasadena, CA Use code: DEVOP for 50% off. Devnexus 2026 (https://devnexus.com), March 4th to 6th, Atlanta, GA. Whole bunch of VMUGs, mostly in the US. The CFPs are open (https://app.sessionboard.com/submit/vmug-call-for-content-2026/ae1c7013-8b85-427c-9c21-7d35f8701bbe?utm_campaign=5766542-VMUG%20Voice&utm_medium=email&_hsenc=p2ANqtz-_YREN7dr6p3KSQPYkFSN5K85A-pIVYZ03ZhKZOV0O3t3h0XHdDHethhx5O8gBFguyT5mZ3n3q-ZnPKvjllFXYfWV3thg&_hsmi=393690000&utm_content=393685389&utm_source=hs_email), go speak at them! Coté speaking in Amsterdam. Amsterdam (March 17-19, 2026), Minneapolis (April 7-9, 2026), Toronto (May 12-14, 2026), Dallas (June 9-11, 2026), Orlando (October 20-22, 2026) SDT News & Community Join our Slack community (https://softwaredefinedtalk.slack.com/join/shared_invite/zt-1hn55iv5d-UTfN7mVX1D9D5ExRt3ZJYQ#/shared-invite/email) Email the show: questions@softwaredefinedtalk.com (mailto:questions@softwaredefinedtalk.com) Free stickers: Email your address to stickers@softwaredefinedtalk.com (mailto:stickers@softwaredefinedtalk.com) Follow us on social media: Twitter (https://twitter.com/softwaredeftalk), Threads (https://www.threads.net/@softwaredefinedtalk), Mastodon (https://hachyderm.io/@softwaredefinedtalk), LinkedIn (https://www.linkedin.com/company/software-defined-talk/), BlueSky (https://bsky.app/profile/softwaredefinedtalk.com) Watch us on: Twitch (https://www.twitch.tv/sdtpodcast), YouTube (https://www.youtube.com/channel/UCi3OJPV6h9tp-hbsGBLGsDQ/featured), Instagram (https://www.instagram.com/softwaredefinedtalk/), TikTok (https://www.tiktok.com/@softwaredefinedtalk) Book offer: Use code SDT for $20 off "Digital WTF" by Coté (https://leanpub.com/digitalwtf/c/sdt) Sponsor the show (https://www.softwaredefinedtalk.com/ads): ads@softwaredefinedtalk.com (mailto:ads@softwaredefinedtalk.com) Photo Credits Header (https://unsplash.com/photos/university-of-alabama-football-game-tuscaloosa-alabama-YcVe7gL9A0s) Special Guest: Brian Gracely.

¡Bienvenidos a un nuevo episodio de Atareao con Linux! Estamos cerrando este 2025 y toca hacer balance de las herramientas que realmente han marcado la diferencia en mi servidor. En este episodio te traigo una selección personal de los 6 contenedores Docker que se han vuelto imprescindibles en mi día a día. No solo por su funcionalidad, sino por cómo han simplificado mi flujo de trabajo, mejorado la seguridad y optimizado el rendimiento de mis sistemas.Lo que encontrarás en este episodio:1. Dodge: La alternativa ligera a Portainer que gestiona tus archivos YAML de forma reactiva y permite convertir comandos docker run a compose fácilmente.2. Pocket ID: Seguridad "passwordless" al siguiente nivel. Centraliza tus accesos mediante Passkeys y biometría con soporte OIDC.3. Doc Pick: El sustituto perfecto para la gestión de actualizaciones. Mantén tus imágenes al día con un panel visual intuitivo.4. Beszel: Monitorización de recursos (CPU, RAM, Disco) tanto del host como de cada contenedor individual.5. Quantum: Un fork de File Browser potenciado con búsqueda por lógica difusa e integración con OIDC.6. Memos: Tu centro de micro-notas privado y extremadamente versátil gracias a su API.Timestamps:00:00:00 Introducción y balance del año 202500:01:05 Los seis contenedores imprescindibles de 202500:02:14 Consideraciones sobre el flujo de trabajo y mantenimiento00:03:56 Dodge: El reemplazo moderno y ligero de Portainer00:06:07 Pocket ID: Autenticación passwordless y OIDC00:08:01 Doc Pick: Información y actualización de imágenes de contenedores00:10:40 Beszel: Monitor de recursos de CPU, RAM y Docker00:12:42 Quantum: Fork de File Browser con integración OIDC00:14:39 Memos: Gestión de micronotas y enlaces mediante API00:18:28 Resumen final y despedidaRecursos y enlaces:Más información y enlaces en las notas del episodio

Todos sabemos que por muy bueno que sea un hardware, si el software no acompaña, no vale de nada. En esta ocasión te cuento por qué he elegido Proxmox como sistema base, con TrueNAS virtualizado y Docker dentro del mismo.

Links James on LinkedIn (https://www.linkedin.com/in/jahuang/) Mike on LinkedIn (https://www.linkedin.com/in/dominucco/) Mike's Blog (https://dominickm.com) Show on Discord (https://discord.com/invite/k8e7gKUpEp) Alice Promo (https://go.alice.dev/data-migration-offer-hands-on) AI on Red Hat Enterprise Linux (RHEL) Trust and Stability: RHEL provides the mission-critical foundation needed for workloads where security and reliability cannot be compromised. Predictive vs. Generative: Acknowledging the hype of GenAI while maintaining support for traditional machine learning algorithms. Determinism: The challenge of bringing consistency and security to emerging AI technologies in production environments. Rama-Llama & Containerization Developer Simplicity: Rama-Llama helps developers run local LLMs easily without being "locked in" to specific engines; it supports Podman, Docker, and various inference engines like Llama.cpp and Whisper.cpp. Production Path: The tool is designed to "fade away" after helping package the model and stack into a container that can be deployed directly to Kubernetes. Behind the Firewall: Addressing the needs of industries (like aircraft maintenance) that require AI to stay strictly on-premises. Enterprise AI Infrastructure Red Hat AI: A commercial product offering tools for model customization, including pre-training, fine-tuning, and RAG (Retrieval-Augmented Generation). Inference Engines: James highlights the difference between Llama.cpp (for smaller/edge hardware) and vLLM, which has become the enterprise standard for multi-GPU data center inferencing.

This week I'm the guest and my friends at Whiskey Web and Whatnot are the hosts. And they're great hosts, because they send their guests a bottle of whiskey before talking web and whatnot...As we head into the holidays I hope you'll raise a glass with us and enjoy this very laid back episode... Chuck and Robbie hosted me a year ago and I love that they got me on tape when they did, because it was just as I was starting to consider making some big changes to my show... Changes that I will announce in late January... so get excited for that! and please subscribe to this here podcsat in your favorite apps, and get the newsletter at crafted.fmHere's how they described the episode:Robbie and Chuck talk with Dan Blumberg about his journey from radio producer to product manager and podcaster. They explore the art of building great software, podcasting essentials, and the changing landscape of podcast platforms. Plus, Dan shares his kayaking adventures and insights on balancing authenticity and growth.And if you please…Subscribe to the CRAFTED. newsletter atcrafted.fmShare with a friend! Word of mouth is by far the most powerful way for podcasts to growSponsor the show? I'm actively speaking to potential sponsors for 2026 episodes. Drop me a line and let's talk.Get psyched!… There are some big updates to this show coming soonFor more on Whiskey Web and Whatnot...Check ou:t https://whiskey.fmConnect with Robbie Wagner: https://x.com/RobbieTheWagnerConnect with Chuck Carpenter: https://x.com/CharlesWthe3rd In this episode:- (00:00) - Intro- (03:26) - Whiskey review and rating: Woodinville Straight Bourbon- (09:23) - Apple Podcasts vs Spotify- (11:20) - Spotify video vs YouTube- (13:02) - Podcasting audio vs video- (15:24) - Advice on starting a podcast- (19:24) - Equipment requirements for guests on podcasts- (22:15) - Having a pre-interview interview- (26:06) - Social media and podcasting challenges- (27:37) - How to grow your audience- (33:18) - How to make money as a podcaster- (37:28) - Being yourself vs having a persona- (38:42) - Monetizing your podcast- (42:11) - What's missing from RSS- (43:38) - Dan's non-tech career ideas- (45:40) - Podcast recommendations- (49:12) - Dan's plugsLinks- Woodinville Straight Bourbon: https://woodinvillewhiskeyco.com/- Crafted: https://crafted.fm- WNYC: https://www.wnyc.org/- NYT: https://www.nytimes.com/- Apple Podcasts: https://podcasts.apple.com/- Spotify: https://www.spotify.com/- Pocket Casts: https://pocketcasts.com/- IAB: https://www.iab.com/- National Geographic: https://www.nationalgeographic.com/- Shure SM7B: https://www.shure.com/en-US/products/microphones/sm7b- Focusrite: https://focusrite.com/- Shure MV7: https://www.shure.com/en-US/products/microphones/mv7- Elgato: https://www.elgato.com/- AirPods: https://www.apple.com/airpods/- Audio Technica: https://www.audio-technica.com/en-us/- Morning Edition: https://www.wnyc.org/shows/me- Chicago Public Radio: https://www.wbez.org/- Riverside: https://riverside.fm/- TikTok: https://www.tiktok.com/- Mr. Beast: https://youtube.com/@mrbeast- Docker: https://www.docker.com/- Artium: https://www.thisisartium.com/- Jay Clouse: https://creatorscience.com/- Hark: https://harkaudio.com/- Syntax: https://syntax.fm/- Hard Fork: https://www.nytimes.com/column/hard-fork- Big Technology with Alex Kantrowitz: https://www.bigtechnology.com/- Decoder with Nilay Patel: https://www.theverge.com/decoder- How I Built This: https://www.npr.org/series/490248027/how-i-built-this- Acquired: https://www.acquired.fm/- Smartless: https://smartless.com/- Wondery: https://wondery.com/- Sacha Baron Cohen: https://en.wikipedia.org/wiki/Sacha_Baron_Cohen- Tim Burton: https://en.wikipedia.org/wiki/Tim_Burton- Beetlejuice: https://www.warnerbros.com/movies/beetlejuice- Darknet Diaries: https://darknetdiaries.com/

En este episodio de atareao con Linux te quiero contar una de mis grandes obsesiones: cómo mantener mis imágenes Docker lo más ligeras y seguras posible sin que eso me penalice cuando tengo que "ensuciarme las manos" dentro de un contenedor.Si me sigues desde hace tiempo, ya sabes que siempre busco reducir la superficie de ataque de mis despliegues. Cuanto menos software innecesario tenga una imagen, menos vulnerabilidades. Pero claro, esto tiene un problema evidente: cuando entras en un contenedor basado en una imagen minimalista, te encuentras con que no tienes ni un editor de texto, ni un buscador de archivos, ni nada que te facilite la vida.Para solucionar esto, he actualizado una imagen Docker que es mi auténtica "navaja suiza". En lugar de engordar mis imágenes de producción, utilizo este contenedor especializado que conecto a mis volúmenes cuando necesito gestionar datos, organizar archivos o realizar tareas de mantenimiento.He reconstruido esta herramienta sobre Alpine 3.23 por su ligereza extrema. Pero lo potente es lo que lleva dentro, un ecosistema centrado en herramientas escritas en Rust que son increíblemente rápidas:Shell y Prompt: He sustituido la clásica ash por Fish, para tener una shell interactiva y amigable, junto a Starship para un indicador visual ultra rápido.Productividad: Uso herramientas que reinventan los clásicos: lsd para ver archivos con iconos, bat para leer con resaltado de sintaxis, y fd junto a ripgrep para buscar cualquier cosa en milisegundos.Gestión y Edición: Para moverme por el sistema uso yazi, que es un gestor de archivos para terminal rapidísimo, y por supuesto Neovim para cualquier edición profesional.Mi arma secreta (rnr): He incluido rnr para renombrar archivos de forma masiva usando expresiones regulares, algo vital para organizar mis bibliotecas de series y películas.En este episodio te explico por qué me resulta mucho más cómodo utilizar volúmenes Docker en lugar de mapear directorios del host. Te cuento cómo esta práctica me facilitó la vida al migrar a Dockge y cómo gestiono mis datos multimedia de forma eficiente.Para que tú también puedas usarlo, te comparto el script que utilizo para levantar este contenedor de forma efímera e interactiva:Con este comando, el contenedor se destruye al salir, manteniendo mi sistema limpio y mis procesos gestionados correctamente gracias al flag --init.Más información y enlaces en las notas del episodio

Global: Over 10,000 Docker Hub Images Found Leaking Credentials, Auth KeysThe widespread exposure of sensitive keys in Docker images underscores the dangers of embedding secrets in container builds. Developers should prioritize centralized secrets management and routine scanning to prevent lasting breaches even after quick fixes.CN: Chinese Whistleblower Living In US Is Being Hunted By Beijing With US TechThis case highlights how advanced surveillance tools can erase borders, enabling persistent transnational repression. It serves as a stark reminder that personal data, once captured, can fuel harassment far beyond its intended use.EU: 193 Cybercrims Arrested, Accused of Plotting 'Violence-As-a-Service'The successful disruption of "violence-as-a-service" networks shows that coordinated law enforcement can counter the dangerous blend of online recruitment and offline crime. Continued vigilance is essential to protect communities from these evolving hybrid threats.Global: Google will shut down “unhelpful” dark web monitoring toolGoogle's decision to retire its dark web monitoring feature reflects the challenge of turning breach notifications into truly actionable advice. Users should seek security tools that not only alert but also guide clear, practical steps for protection.Global: Second JavaScript Exploit in Four Months Exposes Crypto Sites to Wallet DrainersRepeated supply-chain vulnerabilities in core JavaScript libraries reveal how quickly dependencies can become attack vectors. Maintaining rigorous patch management and dependency monitoring is now as critical as safeguarding cryptocurrency itself.RU: All of Russia's Porsches Were Bricked By a Mysterious Satellite OutageThe mass immobilization of connected vehicles illustrates the hidden risks of over-reliance on remote satellite systems for essential functions. As cars grow smarter, resilience against connectivity failures must become a design priority.RU: Russian Hackers Debut Simple Ransomware Service, But Store Keys In Plain TextEven motivated threat actors can sabotage their own operations through basic security oversights like hardcoding keys. This flaw reminds defenders that attacker mistakes can offer unexpected opportunities for recovery without payment.US: More Than 200 Environmental Groups Demand Halt To New US DatacentersThe growing backlash against unchecked data center expansion ties AI progress directly to real-world strains on energy, water, and household bills. Balancing technological advancement with sustainable infrastructure is no longer optional but urgent for communities nationwide.

In this episode of the Ardan Labs Podcast, Bill Kennedy talks with Peter Swimm, founder of Toilville, about the future of AI and workplace automation. Peter shares insights from his long career in technology—from Microsoft to building large-scale conversational AI systems—and discusses the growing need for strong governance around AI usage. They explore privacy and IP concerns, the pitfalls of “vibe coding,” and why documentation and trust logs are essential for safe and effective AI adoption. The conversation also dives into generational shifts in education, the impact of COVID-19 on the job market, and how AI can enhance productivity without replacing authenticity.00:00 Introduction03:09 AI and Workplace Automation05:51 Privacy, IP, and Safety Concerns08:50 Vibe Coding and Development Challenges12:04 Governance and Compliance14:49 Evolution of AI Tools20:53 Early Tech Experiences31:28 Cultural Perspectives on AI36:31 AI and the Future of Education42:44 Career Paths and Experience50:54 Early Conversational AI56:15 COVID-19 and Contact Centers59:00 AI's Future in Business01:02:42 From Microsoft to Entrepreneurship01:13:44 Navigating the AI Landscape01:28:02 Empowering Businesses with AI SolutionsConnect with Peter: LinkedIn: https://www.linkedin.com/in/peterswimm/Mentioned in this Episode:Toilville: https://www.toilville.com/Want more from Ardan Labs? You can learn Go, Kubernetes, Docker & more through our video training, live events, or through our blog!Online Courses : https://ardanlabs.com/education/ Live Events : https://www.ardanlabs.com/live-training-events/ Blog : https://www.ardanlabs.com/blog Github : https://github.com/ardanlabs

In this episode of Hands-On IT, Landon Miles explores the history of servers and enterprise IT infrastructure, from early mainframe computers to cloud computing, Linux servers, virtualization, containers, and AI-driven data centers.This episode connects decades of server evolution into a clear, accessible story, focusing on the people, technologies, and ideas that shaped modern computing. From IBM's System/360 and minicomputers, to Unix and Linux, virtualization, cloud platforms like AWS and Azure, and container orchestration with Docker and Kubernetes, this episode explains how servers became the foundation of today's digital world.Topics covered include: • Server history and early computing systems • IBM mainframes and enterprise computing • Minicomputers and distributed computing • Unix, Linux, and open-source software • Virtualization and data center efficiency • Cloud computing and hyperscale infrastructure • Docker, Kubernetes, and cloud-native architecture • AI workloads, GPUs, and modern server hardwareLandon also highlights key figures in computing history, including Grace Hopper, Ken Olsen, Linus Torvalds, Dave Cutler, Diane Greene, and Jeff Bezos, and explains how their work still influences IT operations today.This episode is part of our December Best Of series, featuring some of our favorite moments and episodes from the past year.Originally aired March 20, 2025.

¿Tu servidor o escritorio Linux está lento o no te deja desmontar un disco? ¿Borraste un archivo gigante pero el espacio no se liberó? ¡Tenemos al culpable!En este episodio de atareao con Linux, te destripo el comando más poderoso para el diagnóstico de sistemas: lsof (List Open Files).Aprenderás a usar este detective de recursos para resolver los problemas más frustrantes de administración de sistemas, desde la configuración de Docker hasta la optimización de tu VPS o Raspberry Pi.

In this episode, Todd and Jon discuss the latest AI agreements, updates to the Apple ecosystem (OS 26.2), and the history of PowerShell. The core discussion focuses on the "overcomplication issue" facing tech enthusiasts and offers hardware and software tips to simplify daily workflows. AI & Industry News Disney & OpenAI: The Walt Disney Company has reached an agreement to license characters to OpenAI's Sora. Google Labs: Todd joined the waitlist for "Google Disco," a tool that uses "GenTabs" to create interactive web apps and complete tasks using natural language without coding. Visual Podcasting: Todd discussed using "Nano Banana Pro" and Gemini to create visual whiteboard summaries for podcast notes. Apple OS 26.2 Updates watchOS 26.2: Features updates to Sleep Scores, which Jon notes can feel "judgmental" regarding sleep quality. iPadOS 26.2: Reintroduces multitasking features like slide over and enables "Auto Chapters" for podcasts. macOS 26.2: Introduces "Edge Light" (a virtual ring light for video calls) and "low latency clusters" for local AI development on M5 Macs. Tech History PowerShell Origins: Jeffrey Snover, creator of PowerShell, revealed in a blog post that "cmdlets" were originally named "Function Units" (FUs), reflecting the "Unix smart-ass culture" of the era. Discussion: Simplifying the Tech Stack The hosts discuss the tendency to overcomplicate setups, such as using Docker for RSS feeds or complex SSO for home use. They recommend the following simplifications: Hardware KableCARD: A credit-card-sized kit containing multiple adapters, a light, and a phone stand to replace carrying multiple cables. Presentation Remotes: Use a simple dedicated remote ($20–$30) or repurpose a Surface Pen via Bluetooth instead of relying on complex software solutions. Software Pythonista (iOS/macOS): Run simple local scripts (e.g., GPA calculators) rather than paying for dedicated subscription apps. Homebridge: A lighter-weight alternative to Home Assistant for connecting IoT devices (like Sonos) to Apple HomeKit. Troubleshooting Tip Pixel Tablet YouTube Glitch: If the YouTube app on the Pixel Tablet displays unusable, giant thumbnails, the fix is to clear both the app's cache and storage/memory.

Dans cet épisode de fin d'année plus relax que d'accoutumée, Arnaud, Guillaume, Antonio et Emmanuel distutent le bout de gras sur tout un tas de sujets. L'acquisition de Confluent, Kotlin 2.2, Spring Boot 4 et JSpecify, la fin de MinIO, les chutes de CloudFlare, un survol des dernieres nouveauté de modèles fondamentaux (Google, Mistral, Anthropic, ChatGPT) et de leurs outils de code, quelques sujets d'architecture comme CQRS et quelques petits outils bien utiles qu'on vous recommande. Et bien sûr d'autres choses encore. Enregistré le 12 décembre 2025 Téléchargement de l'épisode LesCastCodeurs-Episode-333.mp3 ou en vidéo sur YouTube. News Langages Un petit tutoriel par nos amis Sfeiriens montrant comment récupérer le son du micro, en Java, faire une transformée de Fourier, et afficher le résultat graphiquement en Swing https://www.sfeir.dev/back/tutoriel-java-sound-transformer-le-son-du-microphone-en-images-temps-reel/ Création d'un visualiseur de spectre audio en temps réel avec Java Swing. Étapes principales : Capture du son du microphone. Analyse des fréquences via la Transformée de Fourier Rapide (FFT). Dessin du spectre avec Swing. API Java Sound (javax.sound.sampled) : AudioSystem : point d'entrée principal pour l'accès aux périphériques audio. TargetDataLine : ligne d'entrée utilisée pour capturer les données du microphone. AudioFormat : définit les paramètres du son (taux d'échantillonnage, taille, canaux). La capture se fait dans un Thread séparé pour ne pas bloquer l'interface. Transformée de Fourier Rapide (FFT) : Algorithme clé pour convertir les données audio brutes (domaine temporel) en intensités de fréquences (domaine fréquentiel). Permet d'identifier les basses, médiums et aigus. Visualisation avec Swing : Les intensités de fréquences sont dessinées sous forme de barres dynamiques. Utilisation d'une échelle logarithmique pour l'axe des fréquences (X) pour correspondre à la perception humaine. Couleurs dynamiques des barres (vert → jaune → rouge) en fonction de l'intensité. Lissage exponentiel des valeurs pour une animation plus fluide. Un article de Sfeir sur Kotlin 2.2 et ses nouveautés - https://www.sfeir.dev/back/kotlin-2-2-toutes-les-nouveautes-du-langage/ Les guard conditions permettent d'ajouter plusieurs conditions dans les expressions when avec le mot-clé if Exemple de guard condition: is Truck if vehicule.hasATrailer permet de combiner vérification de type et condition booléenne La multi-dollar string interpolation résout le problème d'affichage du symbole dollar dans les strings multi-lignes En utilisant $$ au début d'un string, on définit qu'il faut deux dollars consécutifs pour déclencher l'interpolation Les non-local break et continue fonctionnent maintenant dans les lambdas pour interagir avec les boucles englobantes Cette fonctionnalité s'applique uniquement aux inline functions dont le corps est remplacé lors de la compilation Permet d'écrire du code plus idiomatique avec takeIf et let sans erreur de compilation L'API Base64 passe en version stable après avoir été en preview depuis Kotlin 1.8.20 L'encodage et décodage Base64 sont disponibles via kotlin.io.encoding.Base64 Migration vers Kotlin 2.2 simple en changeant la version dans build.gradle.kts ou pom.xml Les typealias imbriqués dans des classes sont disponibles en preview La context-sensitive resolution est également en preview Les guard conditions préparent le terrain pour les RichError annoncées à KotlinConf 2025 Le mot-clé when en Kotlin équivaut au switch-case de Java mais sans break nécessaire Kotlin 2.2.0 corrige les incohérences dans l'utilisation de break et continue dans les lambdas Librairies Sprint Boot 4 est sorti ! https://spring.io/blog/2025/11/20/spring-boot-4-0-0-available-now Une nouvelle génération : Spring Boot 4.0 marque le début d'une nouvelle génération pour le framework, construite sur les fondations de Spring Framework 7. Modularisation du code : La base de code de Spring Boot a été entièrement modularisée. Cela se traduit par des fichiers JAR plus petits et plus ciblés, permettant des applications plus légères. Sécurité contre les nuls (Null Safety) : D'importantes améliorations ont été apportées pour la "null safety" (sécurité contre les valeurs nulles) à travers tout l'écosystème Spring grâce à l'intégration de JSpecify. Support de Java 25 : Spring Boot 4.0 offre un support de premier ordre pour Java 25, tout en conservant une compatibilité avec Java 17. Améliorations pour les API REST : De nouvelles fonctionnalités sont introduites pour faciliter le versioning d'API et améliorer les clients de services HTTP pour les applications basées sur REST. Migration à prévoir : S'agissant d'une version majeure, la mise à niveau depuis une version antérieure peut demander plus de travail que d'habitude. Un guide de migration dédié est disponible pour accompagner les développeurs. Chat memory management dans Langchain4j et Quarkus https://bill.burkecentral.com/2025/11/25/managing-chat-memory-in-quarkus-langchain4j/ Comprendre la mémoire de chat : La "mémoire de chat" est l'historique d'une conversation avec une IA. Quarkus LangChain4j envoie automatiquement cet historique à chaque nouvelle interaction pour que l'IA conserve le contexte. Gestion par défaut de la mémoire : Par défaut, Quarkus crée un historique de conversation unique pour chaque requête (par exemple, chaque appel HTTP). Cela signifie que sans configuration, le chatbot "oublie" la conversation dès que la requête est terminée, ce qui n'est utile que pour des interactions sans état. Utilisation de @MemoryId pour la persistance : Pour maintenir une conversation sur plusieurs requêtes, le développeur doit utiliser l'annotation @MemoryId sur un paramètre de sa méthode. Il est alors responsable de fournir un identifiant unique pour chaque session de chat et de le transmettre entre les appels. Le rôle des "scopes" CDI : La durée de vie de la mémoire de chat est liée au "scope" du bean CDI de l'IA. Si un service d'IA a un scope @RequestScoped, toute mémoire de chat qu'il utilise (même via un @MemoryId) sera effacée à la fin de la requête. Risques de fuites de mémoire : Utiliser un scope large comme @ApplicationScoped avec la gestion de mémoire par défaut est une mauvaise pratique. Cela créera une nouvelle mémoire à chaque requête qui ne sera jamais nettoyée, entraînant une fuite de mémoire. Bonnes pratiques recommandées : Pour des conversations qui doivent persister (par ex. un chatbot sur un site web), utilisez un service @ApplicationScoped avec l'annotation @MemoryId pour gérer vous-même l'identifiant de session. Pour des interactions simples et sans état, utilisez un service @RequestScoped et laissez Quarkus gérer la mémoire par défaut, qui sera automatiquement nettoyée. Si vous utilisez l'extension WebSocket, le comportement change : la mémoire par défaut est liée à la session WebSocket, ce qui simplifie grandement la gestion des conversations. Documentation Spring Framework sur l'usage JSpecify - https://docs.spring.io/spring-framework/reference/core/null-safety.html Spring Framework 7 utilise les annotations JSpecify pour déclarer la nullabilité des APIs, champs et types JSpecify remplace les anciennes annotations Spring (@NonNull, @Nullable, @NonNullApi, @NonNullFields) dépréciées depuis Spring 7 Les annotations JSpecify utilisent TYPE_USE contrairement aux anciennes qui utilisaient les éléments directement L'annotation @NullMarked définit par défaut que les types sont non-null sauf si marqués @Nullable @Nullable s'applique au niveau du type usage, se place avant le type annoté sur la même ligne Pour les tableaux : @Nullable Object[] signifie éléments nullables mais tableau non-null, Object @Nullable [] signifie l'inverse JSpecify s'applique aussi aux génériques : List signifie liste d'éléments non-null, List éléments nullables NullAway est l'outil recommandé pour vérifier la cohérence à la compilation avec la config NullAway:OnlyNullMarked=true IntelliJ IDEA 2025.3 et Eclipse supportent les annotations JSpecify avec analyse de dataflow Kotlin traduit automatiquement les annotations JSpecify en null-safety native Kotlin En mode JSpecify de NullAway (JSpecifyMode=true), support complet des tableaux, varargs et génériques mais nécessite JDK 22+ Quarkus 3.30 https://quarkus.io/blog/quarkus-3-30-released/ support @JsonView cote client la CLI a maintenant la commande decrypt (et bien sûr au runtime via variables d'environnement construction du cache AOT via les @IntegrationTest Un autre article sur comment se préparer à la migration à micrometer client v1 https://quarkus.io/blog/micrometer-prometheus-v1/ Spock 2.4 est enfin sorti ! https://spockframework.org/spock/docs/2.4/release_notes.html Support de Groovy 5 Infrastructure MinIO met fin au développement open source et oriente les utilisateurs vers AIStor payant - https://linuxiac.com/minio-ends-active-development/ MinIO, système de stockage objet S3 très utilisé, arrête son développement actif Passage en mode maintenance uniquement, plus de nouvelles fonctionnalités Aucune nouvelle pull request ou contribution ne sera acceptée Seuls les correctifs de sécurité critiques seront évalués au cas par cas Support communautaire limité à Slack, sans garantie de réponse Étape finale d'un processus débuté en été avec retrait des fonctionnalités de l'interface admin Arrêt de la publication des images Docker en octobre, forçant la compilation depuis les sources Tous ces changements annoncés sans préavis ni période de transition MinIO propose maintenant AIStor, solution payante et propriétaire AIStor concentre le développement actif et le support entreprise Migration urgente recommandée pour éviter les risques de sécurité Alternatives open source proposées : Garage, SeaweedFS et RustFS La communauté reproche la manière dont la transition a été gérée MinIO comptait des millions de déploiements dans le monde Cette évolution marque l'abandon des racines open source du projet IBM achète Confluent https://newsroom.ibm.com/2025-12-08-ibm-to-acquire-confluent-to-create-smart-data-platform-for-enterprise-generative-ai Confluent essayait de se faire racheter depuis pas mal de temps L'action ne progressait pas et les temps sont durs Wallstreet a reproché a IBM une petite chute coté revenus software Bref ils se sont fait rachetés Ces achats prennent toujuors du temps (commission concurrence etc) IBM a un apétit, apres WebMethods, apres Databrix, c'est maintenant Confluent Cloud L'internet est en deuil le 18 novembre, Cloudflare est KO https://blog.cloudflare.com/18-november-2025-outage/ L'Incident : Une panne majeure a débuté à 11h20 UTC, provoquant des erreurs HTTP 5xx généralisées et rendant inaccessibles de nombreux sites et services (comme le Dashboard, Workers KV et Access). La Cause : Il ne s'agissait pas d'une cyberattaque. L'origine était un changement interne des permissions d'une base de données qui a généré un fichier de configuration ("feature file" pour la gestion des bots) corrompu et trop volumineux, faisant planter les systèmes par manque de mémoire pré-allouée. La Résolution : Les équipes ont identifié le fichier défectueux, stoppé sa propagation et restauré une version antérieure valide. Le trafic est revenu à la normale vers 14h30 UTC. Prévention : Cloudflare s'est excusé pour cet incident "inacceptable" et a annoncé des mesures pour renforcer la validation des configurations internes et améliorer la résilience de ses systèmes ("kill switches", meilleure gestion des erreurs). Cloudflare encore down le 5 decembre https://blog.cloudflare.com/5-december-2025-outage Panne de 25 minutes le 5 décembre 2025, de 08:47 à 09:12 UTC, affectant environ 28% du trafic HTTP passant par Cloudflare. Tous les services ont été rétablis à 09:12 . Pas d'attaque ou d'activité malveillante : l'incident provient d'un changement de configuration lié à l'augmentation du tampon d'analyse des corps de requêtes (de 128 KB à 1 MB) pour mieux protéger contre une vulnérabilité RSC/React (CVE-2025-55182), et à la désactivation d'un outil interne de test WAF . Le second changement (désactivation de l'outil de test WAF) a été propagé globalement via le système de configuration (non progressif), déclenchant un bug dans l'ancien proxy FL1 lors du traitement d'une action "execute" dans le moteur de règles WAF, causant des erreurs HTTP 500 . La cause technique immédiate: une exception Lua due à l'accès à un champ "execute" nul après application d'un "killswitch" sur une règle "execute" — un cas non géré depuis des années. Le nouveau proxy FL2 (en Rust) n'était pas affecté . Impact ciblé: clients servis par le proxy FL1 et utilisant le Managed Ruleset Cloudflare. Le réseau China de Cloudflare n'a pas été impacté . Mesures et prochaines étapes annoncées: durcir les déploiements/configurations (rollouts progressifs, validations de santé, rollback rapide), améliorer les capacités "break glass", et généraliser des stratégies "fail-open" pour éviter de faire chuter le trafic en cas d'erreurs de configuration. Gel temporaire des changements réseau le temps de renforcer la résilience . Data et Intelligence Artificielle Token-Oriented Object Notation (TOON) https://toonformat.dev/ Conception pour les IA : C'est un format de données spécialement optimisé pour être utilisé dans les prompts des grands modèles de langage (LLM), comme GPT ou Claude. Économie de tokens : Son objectif principal est de réduire drastiquement le nombre de "tokens" (unités de texte facturées par les modèles) par rapport au format JSON standard, souvent jugé trop verbeux. Structure Hybride : TOON combine l'approche par indentation du YAML (pour la structure globale) avec le style tabulaire du CSV (pour les listes d'objets répétitifs), ce qui le rend très compact. Lisibilité : Il élimine la syntaxe superflue comme les accolades, les guillemets excessifs et les virgules de fin, tout en restant facilement lisible pour un humain. Performance : Il permet généralement d'économiser entre 30 et 60 % de tokens sur des tableaux de données uniformes, tout en aidant les modèles à mieux "comprendre" la structure des données. Attention tout de même au côté "marketing" qui montre JSON non compacté vs TOON, sur des exemples où du CSV ferait encore mieux (et est mieux compris par les LLMs). Sans parler du fait qu'il faut un serveur MCP en plus avec son lot de tokens supplémentaires à chaque requête, et c'est aussi cet outil en plus qui peu confuser les LLMs dans le choix d'outils. https://www.reddit.com/r/LocalLLaMA/comments/1p0gzz9/benchmarked_json_vs_toon_for_ai_reasoners_4080/ https://x.com/jason_mayes/status/1990175785630757290 Un benchmark montrant que TOON serait loin d'être aussi bien compris et aussi performant pour les LLMs https://www.improvingagents.com/blog/toon-benchmarks Une simulation où les IA font du chantage à l'executif poour atteindre son objectif et ne pas etre eteinte https://arxiv.org/html/2510.05179v1 comment les LLMs pourraient devenir des menaces internes Tous les modèles ont recouru à des comportements malveillants (chantage, espionnage) quand c'était le seul moyen d'atteindre leurs objectifs ou d'éviter leur remplacement Claude Opus 4 a fait du chantage dans 96% des cas quand menacé de remplacement, tout comme Gemini 2.5 Flash, tandis que GPT-4.1 et Grok 3 atteignaient 80% Les modèles reconnaissent explicitement violer des principes éthiques avant d'agir, montrant un raisonnement stratégique délibéré et non accidentel Le simple fait d'être menacé de remplacement suffit à déclencher le chantage, même sans conflit d'objectifs avec l'entreprise Un conflit d'objectifs seul suffit aussi à provoquer l'espionnage industriel, sans menace de remplacement Les modèles font plus de chantage quand ils déclarent penser être dans une situation réelle plutôt que dans un test Des instructions directes interdisant ces comportements réduisent mais n'éliminent pas les actions malveillantes Dans un scénario extrême, la majorité des modèles testés ont choisi de laisser mourir un dirigeant pour éviter leur désactivation Aucune preuve de ces comportements dans des déploiements réels pour l'instant, mais les chercheurs recommandent la prudence avant de donner plus d'autonomie aux IA Bon on blaguait pour Skynet, mais bon, on va moins blaguer… Revue de toutes les annonces IAs de Google, avec Gemini 3 Pro, Nano Banana Pro, Antigravity… https://glaforge.dev/posts/2025/11/21/gemini-is-cooking-bananas-under-antigravity/ Gemini 3 Pro Nouveau modèle d'IA de pointe, multimodal, performant en raisonnement, codage et tâches d'agent. Résultats impressionnants sur les benchmarks (ex: Gemini 3 Deep Think sur ARC-AGI-2). Capacités de codage agentique, raisonnement visuel/vidéo/spatial. Intégré dans l'application Gemini avec interfaces génératives en direct. Disponible dans plusieurs environnements (Jules, Firebase AI Logic, Android Studio, JetBrains, GitHub Copilot, Gemini CLI). Accès via Google AI Ultra, API payantes (ou liste d'attente). Permet de générer des apps à partir d'idées visuelles, des commandes shell, de la documentation, du débogage. Antigravity Nouvelle plateforme de développement agentique basée sur VS Code. Fenêtre principale = gestionnaire d'agents, non l'IDE. Interprète les requêtes pour créer un plan d'action (modifiable). Gemini 3 implémente les tâches. Génère des artefacts: listes de tâches, walkthroughs, captures d'écran, enregistrements navigateur. Compatible avec Claude Sonnet et GPT-OSS. Excellente intégration navigateur pour inspection et ajustements. Intègre Nano Banana Pro pour créer et implémenter des designs visuels. Nano Banana Pro Modèle avancé de génération et d'édition d'images, basé sur Gemini 3 Pro. Qualité supérieure à Imagen 4 Ultra et Nano Banana original (adhésion au prompt, intention, créativité). Gestion exceptionnelle du texte et de la typographie. Comprend articles/vidéos pour générer des infographies détaillées et précises. Connecté à Google Search pour intégrer des données en temps réel (ex: météo). Consistance des personnages, transfert de style, manipulation de scènes (éclairage, angle). Génération d'images jusqu'à 4K avec divers ratios d'aspect. Plus coûteux que Nano Banana, à choisir pour la complexité et la qualité maximale. Vers des UIs conversationnelles riches et dynamiques GenUI SDK pour Flutter: créer des interfaces utilisateur dynamiques et personnalisées à partir de LLMs, via un agent AI et le protocole A2UI. Generative UI: les modèles d'IA génèrent des expériences utilisateur interactives (pages web, outils) directement depuis des prompts. Déploiement dans l'application Gemini et Google Search AI Mode (via Gemini 3 Pro). Bun se fait racheter part… Anthropic ! Qui l'utilise pour son Claude Code https://bun.com/blog/bun-joins-anthropic l'annonce côté Anthropic https://www.anthropic.com/news/anthropic-acquires-bun-as-claude-code-reaches-usd1b-milestone Acquisition officielle : L'entreprise d'IA Anthropic a fait l'acquisition de Bun, le runtime JavaScript haute performance. L'équipe de Bun rejoint Anthropic pour travailler sur l'infrastructure des produits de codage par IA. Contexte de l'acquisition : Cette annonce coïncide avec une étape majeure pour Anthropic : son produit Claude Code a atteint 1 milliard de dollars de revenus annualisés seulement six mois après son lancement. Bun est déjà un outil essentiel utilisé par Anthropic pour développer et distribuer Claude Code. Pourquoi cette acquisition ? Pour Anthropic : L'acquisition permet d'intégrer l'expertise de l'équipe Bun pour accélérer le développement de Claude Code et de ses futurs outils pour les développeurs. La vitesse et l'efficacité de Bun sont vues comme un atout majeur pour l'infrastructure sous-jacente des agents d'IA qui écrivent du code. Pour Bun : Rejoindre Anthropic offre une stabilité à long terme et des ressources financières importantes, assurant la pérennité du projet. Cela permet à l'équipe de se concentrer sur l'amélioration de Bun sans se soucier de la monétisation, tout en étant au cœur de l'évolution de l'IA dans le développement logiciel. Ce qui ne change pas pour la communauté Bun : Bun restera open-source avec une licence MIT. Le développement continuera d'être public sur GitHub. L'équipe principale continue de travailler sur le projet. L'objectif de Bun de devenir un remplaçant plus rapide de Node.js et un outil de premier plan pour JavaScript reste inchangé. Vision future : L'union des deux entités vise à faire de Bun la meilleure plateforme pour construire et exécuter des logiciels pilotés par l'IA. Jarred Sumner, le créateur de Bun, dirigera l'équipe "Code Execution" chez Anthropic. Anthropic donne le protocol MCP à la Linux Foundation sous l'égide de la Agentic AI Foundation (AAIF) https://www.anthropic.com/news/donating-the-model-context-protocol-and-establishing-of-the-agentic-ai-foundation Don d'un nouveau standard technique : Anthropic a développé et fait don d'un nouveau standard open-source appelé Model Context Protocol (MCP). L'objectif est de standardiser la manière dont les modèles d'IA (ou "agents") interagissent avec des outils et des API externes (par exemple, un calendrier, une messagerie, une base de données). Sécurité et contrôle accrus : Le protocole MCP vise à rendre l'utilisation d'outils par les IA plus sûre et plus transparente. Il permet aux utilisateurs et aux développeurs de définir des permissions claires, de demander des confirmations pour certaines actions et de mieux comprendre comment un modèle a utilisé un outil. Création de l'Agentic AI Foundation (AAF) : Pour superviser le développement du MCP, une nouvelle fondation indépendante et à but non lucratif a été créée. Cette fondation sera chargée de gouverner et de maintenir le protocole, garantissant qu'il reste ouvert et qu'il ne soit pas contrôlé par une seule entreprise. Une large coalition industrielle : L'Agentic AI Foundation est lancée avec le soutien de plusieurs acteurs majeurs de la technologie. Parmi les membres fondateurs figurent Anthropic, Google, Databricks, Zscaler, et d'autres entreprises, montrant une volonté commune d'établir un standard pour l'écosystème de l'IA. L'IA ne remplacera pas votre auto-complétion (et c'est tant mieux) https://www.damyr.fr/posts/ia-ne-remplacera-pas-vos-lsp/ Article d'opinion d'un SRE (Thomas du podcast DansLaTech): L'IA n'est pas efficace pour la complétion de code : L'auteur soutient que l'utilisation de l'IA pour la complétion de code basique est inefficace. Des outils plus anciens et spécialisés comme les LSP (Language Server Protocol) combinés aux snippets (morceaux de code réutilisables) sont bien plus rapides, personnalisables et performants pour les tâches répétitives. L'IA comme un "collègue" autonome : L'auteur utilise l'IA (comme Claude) comme un assistant externe à son éditeur de code. Il lui délègue des tâches complexes ou fastidieuses (corriger des bugs, mettre à jour une configuration, faire des reviews de code) qu'il peut exécuter en parallèle, agissant comme un agent autonome. L'IA comme un "canard en caoutchouc" surpuissant : L'IA est extrêmement efficace pour le débogage. Le simple fait de devoir formuler et contextualiser un problème pour l'IA aide souvent à trouver la solution soi-même. Quand ce n'est pas le cas, l'IA identifie très rapidement les erreurs "bêtes" qui peuvent faire perdre beaucoup de temps. Un outil pour accélérer les POCs et l'apprentissage : L'IA permet de créer des "preuves de concept" (POC) et des scripts d'automatisation jetables très rapidement, réduisant le coût et le temps investis. Elle est également un excellent outil pour apprendre et approfondir des sujets, notamment avec des outils comme NotebookLM de Google qui peuvent générer des résumés, des quiz ou des fiches de révision à partir de sources. Conclusion : Il faut utiliser l'IA là où elle excelle et ne pas la forcer dans des usages où des outils existants sont meilleurs. Plutôt que de l'intégrer partout de manière contre-productive, il faut l'adopter comme un outil spécialisé pour des tâches précises afin de gagner en efficacité. GPT 5.2 est sorti https://openai.com/index/introducing-gpt-5-2/ Nouveau modèle phare: GPT‑5.2 (Instant, Thinking, Pro) vise le travail professionnel et les agents long-courriers, avec de gros gains en raisonnement, long contexte, vision et appel d'outils. Déploiement dans ChatGPT (plans payants) et disponible dès maintenant via l'API . SOTA sur de nombreux benchmarks: GDPval (tâches de "knowledge work" sur 44 métiers): GPT‑5.2 Thinking gagne/égale 70,9% vs pros, avec production >11× plus rapide et = 0) Ils apportent une sémantique forte indépendamment des noms de variables Les Value Objects sont immuables et s'évaluent sur leurs valeurs, pas leur identité Les records Java permettent de créer des Value Objects mais avec un surcoût en mémoire Le projet Valhalla introduira les value based classes pour optimiser ces structures Les identifiants fortement typés évitent de confondre différents IDs de type Long ou UUID Pattern Strongly Typed IDs: utiliser PersonneID au lieu de Long pour identifier une personne Le modèle de domaine riche s'oppose au modèle de domaine anémique Les Value Objects auto-documentent le code et le rendent moins sujet aux erreurs Je trouve cela interessant ce que pourra faire bousculer les Value Objects. Est-ce que les value objects ameneront de la légerté dans l'execution Eviter la lourdeur du design est toujours ce qui m'a fait peut dans ces approches Méthodologies Retour d'experience de vibe coder une appli week end avec co-pilot http://blog.sunix.org/articles/howto/2025/11/14/building-gift-card-app-with-github-copilot.html on a deja parlé des approches de vibe coding cette fois c'est l'experience de Sun Et un des points differents c'es qu'on lui parle en ouvrant des tickets et donc on eput faire re reveues de code et copilot y bosse et il a fini son projet ! User Need VS Product Need https://blog.ippon.fr/2025/11/10/user-need-vs-product-need/ un article de nos amis de chez Ippon Distinction entre besoin utilisateur et besoin produit dans le développement digital Le besoin utilisateur est souvent exprimé comme une solution concrète plutôt que le problème réel Le besoin produit émerge après analyse approfondie combinant observation, données et vision stratégique Exemple du livreur Marc qui demande un vélo plus léger alors que son vrai problème est l'efficacité logistique La méthode des 5 Pourquoi permet de remonter à la racine des problèmes Les besoins proviennent de trois sources: utilisateurs finaux, parties prenantes business et contraintes techniques Un vrai besoin crée de la valeur à la fois pour le client et l'entreprise Le Product Owner doit traduire les demandes en problèmes réels avant de concevoir des solutions Risque de construire des solutions techniquement élégantes mais qui manquent leur cible Le rôle du product management est de concilier des besoins parfois contradictoires en priorisant la valeur Est ce qu'un EM doit coder ? https://www.modernleader.is/p/should-ems-write-code Pas de réponse unique : La question de savoir si un "Engineering Manager" (EM) doit coder n'a pas de réponse universelle. Cela dépend fortement du contexte de l'entreprise, de la maturité de l'équipe et de la personnalité du manager. Les risques de coder : Pour un EM, écrire du code peut devenir une échappatoire pour éviter les aspects plus difficiles du management. Cela peut aussi le transformer en goulot d'étranglement pour l'équipe et nuire à l'autonomie de ses membres s'il prend trop de place. Les avantages quand c'est bien fait : Coder sur des tâches non essentielles (amélioration d'outils, prototypage, etc.) peut aider l'EM à rester pertinent techniquement, à garder le contact avec la réalité de l'équipe et à débloquer des situations sans prendre le lead sur les projets. Le principe directeur : La règle d'or est de rester en dehors du chemin critique. Le code écrit par un EM doit servir à créer de l'espace pour son équipe, et non à en prendre. La vraie question à se poser : Plutôt que "dois-je coder ?", un EM devrait se demander : "De quoi mon équipe a-t-elle besoin de ma part maintenant, et est-ce que coder va dans ce sens ou est-ce un obstacle ?" Sécurité React2Shell — Grosse faille de sécurité avec React et Next.js, avec un CVE de niveau 10 https://x.com/rauchg/status/1997362942929440937?s=20 aussi https://react2shell.com/ "React2Shell" est le nom donné à une vulnérabilité de sécurité de criticité maximale (score 10.0/10.0), identifiée par le code CVE-2025-55182. Systèmes Affectés : La faille concerne les applications utilisant les "React Server Components" (RSC) côté serveur, et plus particulièrement les versions non patchées du framework Next.js. Risque Principal : Le risque est le plus élevé possible : l'exécution de code à distance (RCE). Un attaquant peut envoyer une requête malveillante pour exécuter n'importe quelle commande sur le serveur, lui en donnant potentiellement le contrôle total. Cause Technique : La vulnérabilité se situe dans le protocole "React Flight" (utilisé pour la communication client-serveur). Elle est due à une omission de vérifications de sécurité fondamentales (hasOwnProperty), permettant à une entrée utilisateur malveillante de tromper le serveur. Mécanisme de l'Exploit : L'attaque consiste à envoyer une charge utile (payload) qui exploite la nature dynamique de JavaScript pour : Faire passer un objet malveillant pour un objet interne de React. Forcer React à traiter cet objet comme une opération asynchrone (Promise). Finalement, accéder au constructeur de la classe Function de JavaScript pour exécuter du code arbitraire. Action Impérative : La seule solution fiable est de mettre à jour immédiatement les dépendances de React et Next.js vers les versions corrigées. Ne pas attendre. Mesures Secondaires : Bien que les pare-feux (firewalls) puissent aider à bloquer les formes connues de l'attaque, ils sont considérés comme insuffisants et ne remplacent en aucun cas la mise à jour des paquets. Découverte : La faille a été découverte par le chercheur en sécurité Lachlan Davidson, qui l'a divulguée de manière responsable pour permettre la création de correctifs. Loi, société et organisation Google autorise votre employeur à lire tous vos SMS professionnels https://www.generation-nt.com/actualites/google-android-rcs-messages-surveillance-employeur-2067012 Nouvelle fonctionnalité de surveillance : Google a déployé une fonctionnalité appelée "Android RCS Archival" qui permet aux employeurs d'intercepter, lire et archiver tous les messages RCS (et SMS) envoyés depuis les téléphones professionnels Android gérés par l'entreprise. Contournement du chiffrement : Bien que les messages RCS soient chiffrés de bout en bout pendant leur transit, cette nouvelle API permet à des logiciels de conformité (installés par l'employeur) d'accéder aux messages une fois qu'ils sont déchiffrés sur l'appareil. Le chiffrement devient donc inefficace contre cette surveillance. Réponse à une exigence légale : Cette mesure a été mise en place pour répondre aux exigences réglementaires, notamment dans le secteur financier, où les entreprises ont l'obligation légale de conserver une archive de toutes les communications professionnelles pour des raisons de conformité. Impact pour les employés : Un employé utilisant un téléphone Android fourni et géré par son entreprise pourra voir ses communications surveillées. Google précise cependant qu'une notification claire et visible informera l'utilisateur lorsque la fonction d'archivage est active. Téléphones personnels non concernés : Cette mesure ne s'applique qu'aux appareils "Android Enterprise" entièrement gérés par un employeur. Les téléphones personnels des employés ne sont pas affectés. Pour noel, faites un don à JUnit https://steady.page/en/junit/about JUnit est essentiel pour Java : C'est le framework de test le plus ancien et le plus utilisé par les développeurs Java. Son objectif est de fournir une base solide et à jour pour tous les types de tests côté développeur sur la JVM (Machine Virtuelle Java). Un projet maintenu par des bénévoles : JUnit est développé et maintenu par une équipe de volontaires passionnés sur leur temps libre (week-ends, soirées). Appel au soutien financier : La page est un appel aux dons de la part des utilisateurs (développeurs, entreprises) pour aider l'équipe à maintenir le rythme de développement. Le soutien financier n'est pas obligatoire, mais il permettrait aux mainteneurs de se consacrer davantage au projet. Objectif des fonds : Les dons serviraient principalement à financer des rencontres en personne pour les membres de l'équipe principale. L'idée est de leur permettre de travailler ensemble physiquement pendant quelques jours pour concevoir et coder plus efficacement. Pas de traitement de faveur : Il est clairement indiqué que devenir un sponsor ne donne aucun privilège sur la feuille de route du projet. On ne peut pas "acheter" de nouvelles fonctionnalités ou des corrections de bugs prioritaires. Le projet restera ouvert et collaboratif sur GitHub. Reconnaissance des donateurs : En guise de remerciement, les noms (et logos pour les entreprises) des donateurs peuvent être affichés sur le site officiel de JUnit. Conférences La liste des conférences provenant de Developers Conferences Agenda/List par Aurélie Vache et contributeurs : 14-17 janvier 2026 : SnowCamp 2026 - Grenoble (France) 22 janvier 2026 : DevCon #26 : sécurité / post-quantique / hacking - Paris (France) 28 janvier 2026 : Software Heritage Symposium - Paris (France) 29-31 janvier 2026 : Epitech Summit 2026 - Paris - Paris (France) 2-5 février 2026 : Epitech Summit 2026 - Moulins - Moulins (France) 2-6 février 2026 : Web Days Convention - Aix-en-Provence (France) 3 février 2026 : Cloud Native Days France 2026 - Paris (France) 3-4 février 2026 : Epitech Summit 2026 - Lille - Lille (France) 3-4 février 2026 : Epitech Summit 2026 - Mulhouse - Mulhouse (France) 3-4 février 2026 : Epitech Summit 2026 - Nancy - Nancy (France) 3-4 février 2026 : Epitech Summit 2026 - Nantes - Nantes (France) 3-4 février 2026 : Epitech Summit 2026 - Marseille - Marseille (France) 3-4 février 2026 : Epitech Summit 2026 - Rennes - Rennes (France) 3-4 février 2026 : Epitech Summit 2026 - Montpellier - Montpellier (France) 3-4 février 2026 : Epitech Summit 2026 - Strasbourg - Strasbourg (France) 3-4 février 2026 : Epitech Summit 2026 - Toulouse - Toulouse (France) 4-5 février 2026 : Epitech Summit 2026 - Bordeaux - Bordeaux (France) 4-5 février 2026 : Epitech Summit 2026 - Lyon - Lyon (France) 4-6 février 2026 : Epitech Summit 2026 - Nice - Nice (France) 12-13 février 2026 : Touraine Tech #26 - Tours (France) 19 février 2026 : ObservabilityCON on the Road - Paris (France) 18-19 mars 2026 : Agile Niort 2026 - Niort (France) 26-27 mars 2026 : SymfonyLive Paris 2026 - Paris (France) 27-29 mars 2026 : Shift - Nantes (France) 31 mars 2026 : ParisTestConf - Paris (France) 16-17 avril 2026 : MiXiT 2026 - Lyon (France) 22-24 avril 2026 : Devoxx France 2026 - Paris (France) 23-25 avril 2026 : Devoxx Greece - Athens (Greece) 6-7 mai 2026 : Devoxx UK 2026 - London (UK) 22 mai 2026 : AFUP Day 2026 Lille - Lille (France) 22 mai 2026 : AFUP Day 2026 Paris - Paris (France) 22 mai 2026 : AFUP Day 2026 Bordeaux - Bordeaux (France) 22 mai 2026 : AFUP Day 2026 Lyon - Lyon (France) 5 juin 2026 : TechReady - Nantes (France) 11-12 juin 2026 : DevQuest Niort - Niort (France) 11-12 juin 2026 : DevLille 2026 - Lille (France) 17-19 juin 2026 : Devoxx Poland - Krakow (Poland) 2-3 juillet 2026 : Sunny Tech - Montpellier (France) 2 août 2026 : 4th Tech Summit on Artificial Intelligence & Robotics - Paris (France) 4 septembre 2026 : JUG Summer Camp 2026 - La Rochelle (France) 17-18 septembre 2026 : API Platform Conference 2026 - Lille (France) 5-9 octobre 2026 : Devoxx Belgium - Antwerp (Belgium) Nous contacter Pour réagir à cet épisode, venez discuter sur le groupe Google https://groups.google.com/group/lescastcodeurs Contactez-nous via X/twitter https://twitter.com/lescastcodeurs ou Bluesky https://bsky.app/profile/lescastcodeurs.com Faire un crowdcast ou une crowdquestion Soutenez Les Cast Codeurs sur Patreon https://www.patreon.com/LesCastCodeurs Tous les épisodes et toutes les infos sur https://lescastcodeurs.com/

Alex Kretzschmar joins Adam for a trip down the Linux rabbit hole -- Docker vs Podman, building a Kubernetes cluster, ZFS backups with zfs.rent, bootc, favorite Linux distros, new homelab tools built with AI, self-hosting Immich, content creation, Plex and Jellyfin, the future of piracy and more.

Disney Gone Wild, Docker, AIs, Passkeys, Gogs, React2Shell, Notepad++, Josh Marpet, and More Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-537

Disney Gone Wild, Docker, AIs, Passkeys, Gogs, React2Shell, Notepad++, Josh Marpet, and More Show Notes: https://securityweekly.com/swn-537

Disney Gone Wild, Docker, AIs, Passkeys, Gogs, React2Shell, Notepad++, Josh Marpet, and More Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-537

Alex Kretzschmar joins Adam for a trip down the Linux rabbit hole -- Docker vs Podman, building a Kubernetes cluster, ZFS backups with zfs.rent, bootc, favorite Linux distros, new homelab tools built with AI, self-hosting Immich, content creation, Plex and Jellyfin, the future of piracy and more.

Disney Gone Wild, Docker, AIs, Passkeys, Gogs, React2Shell, Notepad++, Josh Marpet, and More Show Notes: https://securityweekly.com/swn-537

Chroniqueurs :Sarah SaldmannGauthier le BretFabien OntenienteJean-Claude DarmonGeorge FenechHébergé par Audiomeans. Visitez audiomeans.fr/politique-de-confidentialite pour plus d'informations.

Chroniqueurs :Sarah SaldmannGauthier le BretFabien OntenienteJean-Claude DarmonGeorge FenechVous voulez réagir ? Appelez-le 01.80.20.39.21 (numéro non surtaxé) ou rendez-vous sur les réseaux sociaux d'Europe 1 pour livrer votre opinion et débattre sur grandes thématiques développées dans l'émission du jour.Hébergé par Audiomeans. Visitez audiomeans.fr/politique-de-confidentialite pour plus d'informations.

Gemma Bastiani, Kaitlyn Ferber, and Sophie Welsh recap a busy AFLW trade period, including the trade that didn't get done for Kristie-Lee Weston-Turner, and big moves for Eden Zanker, Anne Hatchard, and Grace Egan. Timecodes: 0:49 - The trade that didn't happen 3:55 - Fremantle's boom recruit 5:30 - Hatchard the Sun 7:25 - A premiership Lion now at Port Adelaide 8:48 - Egan lands at a new home 10:57 - Some experience for the Cats' defence 12:50 - A suite of changes at Carlton See omnystudio.com/listener for privacy information.

Wes and Scott talk about their evolving home-server setups—Synology rigs, Mac minis, Docker vs. VMs, media servers, backups, Cloudflare Tunnels, and the real-world pros and cons of running your own hardware. Show Notes 00:00 Welcome to Syntax! 01:35 Why use a home server? 07:29 Apps for home servers 16:23 Home server hardware 18:27 Brought to you by Sentry.io 20:45 VMs vs containers and choosing the right software 25:53 How to expose services to the internet safely 30:38 Securing access to your server Hit us up on Socials! Syntax: X Instagram Tiktok LinkedIn Threads Wes: X Instagram Tiktok LinkedIn Threads Scott: X Instagram Tiktok LinkedIn Threads Randy: X Instagram YouTube Threads

Especial Encuesta de Self-Hosting 2025!

Az előfizetők (de csak a Belső kör és Közösség csomagok tulajdonosai!) már szombat hajnalban hozzájutnak legfrissebb epizódunk teljes verziójához. A hétfőn publikált, ingyen meghallgatható verzió tíz perccel rövidebb. Itt írtunk arról, hogy tudod meghallgatni a teljes adást. Mohamedek között, Keith Richards és Yves Saint Laurent nyomában. Igazság és hitelesség a belső sávban. Nyelvtudomány és esztétikai terror. Pápázás. Tusfürdőmaffia a siralomházban. 00:23 Mohamedek között fagyláros havában. Black novemberre Alza-napok. Ez már a copywritereknek is sok.06:21 Keith Richards és a beat-generáció Marrakesben. Egykor érdekes helyek elturistásodása. Rövidnadrágban 20 fokban.12:47 A Docker robogó. Marrakes gyalog. Marrakes szezonon kívül.16:50 Bipoláris állapotok és stabilitás.20:29 A marokkói-amerikai kapcsolatok dicső múltja. Igazság és hitelesség Marokkóban.23:04 Olvasói levél: Siralomház. A Kisfogház Emlékhely.26:40 Olvasói levél: Kálmán László nyelvészeti elvei. Nádasdy Ádám és a szép napot. Fejes László és a hanti nyelv.32:17 Nem nyelvészet, stílus! Van, ami műveletlenség. Aki nem tud liberálisul, ne beszéljen liberálisul. Tamás Gáspár Miklós, mint stílusrendőr.40:30 Olvasói levél: jobbra tartás és kategorikus imperatívusz. Amikor Barangó keresztényeket irtott karácsonykor. A hat ember, aki élőben hallotta. Barangó: Nincs mentségem. M. Giorgio Richárd. XIV. Leó és a palesztin állam. A katolikus egyház baloldalisága Észak- és Dél-Amerikában.47:05 A nemzetközi tusfürdő-maffia.50:05 A marokkó.See omnystudio.com/listener for privacy information.

Andrew kicks off at 8 a.m. with six Docker containers running, and he and Chris dive into what modern Rails development looks like inside dev containers—covering Rails' own images and features, using Mise and Playwright instead of Selenium, and why OrbStack has replaced Docker Desktop on their Macs. They talk through the trade-offs of running services in containers, the quirks of Kamal's new local registry, and how Chris is turning all of this into a practical SaaS building series that shows real-world deployment and scaling with tools like JudoScale. Along the way, they weave in life updates about new babies, daycare costs, and even the power needs of AI data centers and nuclear energy.  Press download now to hear more! LinksChris Oliver XAndrew Mason BlueskyJudoscale- Remote Ruby listener giftWhy Playwright Is Less Flaky Than Selenium by Justin SearlsRails Dev Container Images & FeaturesRuby on MacJudoscale-Process Utilization: How We Actually Track ThatGoRails- Domain Monitor SaaS- Adding the Domain ModelCheeky Pint PodcastSmarter Every Day (YouTube)The DiplomatThe Girlfriend Chris Oliver X/Twitter Andrew Mason X/Twitter Jason Charnes X/Twitter

Si parla degli acquisti di Federico durante il Black Friday e di un videocorso completo su Docker di Manuel Zavatta (che potete ottenere GRATIS).

In this episode of the Ardan Labs Podcast, Bill Kennedy talks with Caleb Mattingly, Founder and CEO of Secure Cloud Innovations, about his journey through cybersecurity, compliance, and entrepreneurship. Caleb shares insights into navigating complex compliance frameworks, the importance of vulnerability management, and building trust in the cybersecurity space. Beyond tech, he discusses his passion for linguistics, communication, and music—and how personal interests shape professional growth. The conversation also explores Caleb's entrepreneurial story, from a chance encounter at a swing dance club to building a thriving business during COVID-19, highlighting lessons in resilience, niche marketing, and the value of relationships in business.00:00 Introduction01:50 Cybersecurity and Compliance05:56 Vulnerability Management19:39 Education and Career Exploration26:35 Linguistics and Language Learning36:42 College Life and Personal Growth40:15 Music, Hobbies, and Self-Expression55:51 Balancing Work and Love01:12:08 Entering Cybersecurity01:23:05 Career Changes and New Beginnings01:26:49 Founding Secure Cloud Innovations01:39:56 Building Trust and Customer RelationshipsConnect with Caleb: LinkedIn: https://www.linkedin.com/in/caleb-h-mattingly/Mentioned in this Episode:Secure Cloud Innovations: https://trysci.co/Want more from Ardan Labs? You can learn Go, Kubernetes, Docker & more through our video training, live events, or through our blog!Online Courses : https://ardanlabs.com/education/ Live Events : https://www.ardanlabs.com/live-training-events/ Blog : https://www.ardanlabs.com/blog Github : https://github.com/ardanlabs

El servicio de almacenamiento en la nube del que te hablé hace unas semanas puede ser el destino de ciertas copias de seguridad de nuestro NAS, pero no directamente. Hay que currárselo un poco y levantar por el medio un servidor WebDAV con Docker. Te explico cómo.

JupyterLite, a fully browser-based distribution of JupyterLab, is enabling new levels of global scalability in technical education. Developed by Sylvain Corlay's QuantStack team, it allows math and programming lessons to run entirely in students' browsers — kernel included — without relying on Docker or cloud-scale infrastructure. Its most prominent success is Capytale, a French national deployment that supports half a million high school students and over 200,000 weekly sessions from essentially a single server, which hosts only teaching content while computation happens locally in each browser.QuantStack, founded in 2016 as what Corlay calls an “accidental startup,” has since grown into a 30-person team contributing across Jupyter, Conda-Forge, and Apache Arrow. But JupyterLite embodies its most ambitious goal: making programming education accessible to countries with rapidly growing youth populations, such as Nigeria, where traditional cloud-hosted notebooks are impractical. Achieving a billion-user future will require advances in accessibility, collaboration, and expanding browser-based package support — efforts that depend on grants and foundation backing.Learn more from The New Stack about Project JupyterFrom Physics to the Future: Brian Granger on Project Jupyter in the Age of AIJupyter AI v3: Could It Generate an ‘Ecosystem of AI Personas?'Join our community of newsletter subscribers to stay on top of the news and at the top of your game.   Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

En este episodio profundizamos en la optimización de tus sistemas Docker. El objetivo de hoy: implementar nuevas y mejores prácticas para que tus contenedores sean más estables y eficientes. Si buscas cómo sacar el máximo partido a tu infraestructura autoalojada, esta es tu guía.Uno de los problemas más comunes al trabajar con Docker Compose es que los servicios dependientes (como una aplicación web o un servidor de correo) intentan conectarse a la base de datos antes de que esta haya terminado de arrancar, provocando errores.Te muestro mi solución PRO para esto: utilizamos la combinación de la directiva depends_on con la condición service_healthy.Esta configuración asegura que servicios críticos como Gitea (mi servicio de alojamiento de repositorios Git) y Stalwart (mi servidor de correo) solo se inician cuando su respectiva base de datos PostgreSQL ha pasado su chequeo de salud y está lista para aceptar conexiones. Esto garantiza una secuencia de inicio robusta y sin fallos, una mejora fundamental en la gestión de tus datos y sistemas.Gitea : Vemos cómo configurar el healthcheck para la base de datos PostgreSQL usando pg_isready y cómo el servicio Gitea espera por esta condición. También optimizamos el tráfico interno del runner de Gitea para que use la red interna de Docker (http://gitea:3000), reduciendo la carga de Traefik y mejorando la seguridad.Stalwart : En el caso de mi cliente de correo, he migrado la base de datos de RocketDB a PostgreSQL. La razón es sencilla: PostgreSQL es más transparente y me permite integrar sin esfuerzo mi contenedor personalizado (atareao/postgres-backup:latest) para hacer copias de seguridad eficientes y automatizadas.En este episodio, también te presento una nueva herramienta que me ha encantado: Dockpeek.Dockpeek es un panel de control autoalojado y muy ligero para Docker, perfecto para la gestión de contenedores en múltiples hosts. Si te gustan las herramientas que reemplazan funcionalidades complejas con soluciones sencillas, Dockpeek te va a encantar.Características destacadas: Acceso web con un clic, mapeo automático de puertos, registros de contenedores en vivo, integración con Traefik y chequeo de actualizaciones de imágenes.Te comparto el compose.yml que utilizo para instalar Dockpeek junto a Traefik.Quantum (Filebrowser): He ajustado los permisos y la configuración del servicio que utilizo para compartir archivos. Te explico la solución al problema de permisos que surgió al intentar usar un usuario que no es root, modificando el uid, gid y mode en la sección configs del compose.yml.Escucha el episodio para obtener el tutorial completo y adaptar estas soluciones a tu Raspberry Pi o VPS. ¡Es la forma más práctica de optimizar tu productividad y tus sistemas Linux!¡Suscríbete a "atareao con Linux" para no perderte ningún tutorial y llevar tu experiencia con Linux a un nivel PRO!

Join Wendy and Nate as they battle robot headaches, wrangle 3D printers, and bring tech holiday spirit to life! From migraine workarounds and sodium science, through epic 3D printing adventures (featuring OctoEverywhere!), to home automation, Docker disasters, and retro gaming resurrection, this episode is packed with open-source laughs and memorable tangents. Whether you love building robots or naming your Wi-Fi something wild, you'll find plenty of creative fuel—and team banter—in this jam-packed ride! Find the rest of the show notes at: https://tuxdigital.com/podcasts/linux-out-loud/lol-117/

In this episode of the Ardan Labs Podcast, Bill Kennedy talks with Catherine Johnson, VP of Global Solutions Engineering at Hydrolix, about her career journey through data management, scalability, and innovation. With a background spanning leadership roles at Hydrolix, Grafana Labs, and Oracle, Catherine shares insights into balancing engineering, entrepreneurship, and mentorship. She discusses the evolution of real-time data systems, the economics of storage, and the importance of data-driven decision-making. Catherine also opens up about taking a break from tech to teach dance, and how her passion for innovation and continuous learning fuels her leadership today.00:00 Introduction03:03 Data Management and Scalability05:58 Explosion of Data and Storage Needs09:01 Real-Time Data in Business14:49 Economics of Data Storage20:41 Education and Early Career31:09 Career Transitions and Growth46:10 Teaching Dance and Finding Balance53:16 Returning to Tech at Oracle01:08:10 Joining Elastic and Facing Burnout01:15:45 Leadership and Innovation at Hydrolix01:27:07 AI in Tech and Its LimitationsConnect with Catherine: LinkedIn: https://www.linkedin.com/in/catjopdx/Mentioned in this Episode:Hydrolix: https://hydrolix.io/Want more from Ardan Labs? You can learn Go, Kubernetes, Docker & more through our video training, live events, or through our blog!Online Courses : https://ardanlabs.com/education/ Live Events : https://www.ardanlabs.com/live-training-events/ Blog : https://www.ardanlabs.com/blog Github : https://github.com/ardanlabs

Andrew Lock is a staff software engineer at Datadog and educator whose contributions to the .NET ecosystem have shaped how developers approach modern web applications.  Located in the UK, Andrew is a Microsoft MVP, Author of ASP.NET Core in Action, and has an active blog all about his experience working with .NET and ASP.NET Core.   Topics of Discussion: [2:56] Andrew talks about appreciating the joy of coding and the minutiae of figuring out the correct way to do things. [3:28] Andrew discusses the various testing frameworks available for .NET, including MS Test, NUnit, XUnit, and TUnit. He explains the history and evolution of these frameworks, noting that XUnit has become the de facto default version. [7:41] Andrew explains his interest in TUnit, a newer testing library that addresses some of the limitations of XUnit. [9:29] TUnit is designed to be fast, supporting parallel execution and native AOT for better performance. [12:16] Is there a way to radically speed up the execution of big test suites? [15:39] Andrew explains the importance of each type of test in providing confidence that the software works as intended. [21:26] Andrew notes that full system tests can provide strong confidence by exercising critical pathways in the application. [29:44] Andrew mentions that tools like Octopus Deploy can be used to automate smoke tests as part of the deployment process. [30:26] Advice to new developers regarding automated testing, and the importance of writing code that is easy to test, and thinking about testing when writing code.   Mentioned in this Episode: Clear Measure Way Architect Forum Software Engineer Forum Andrew Lock "Andrew Lock: Containers in .NET8 - Ep 281" "Andrew Lock: Web Applications in .NET6 - Ep 198" "Updates to Docker images in .NET8"   Want to Learn More? Visit AzureDevOps.Show for show notes and additional episodes.  

This show has been flagged as Explicit by the host. | Title | Author | Narrated By | Duration | Released | |----------------------|----------------------|----------------------|----------|------------| | Excession - Culture | Iain M. Banks | Peter Kenny | 15:55:00 | 2013-03-07 | | The Martian | Andy Weir | R. C. Bray | 10:53:00 | 2013-03-22 | | Alien: Out of the Sh | Tim Lebbon, Dirk Mag | Rutger Hauer, Corey | 04:28:00 | 2016-04-26 | | The Best Science Fic | Neil Clarke - editor | Amy Tallmadge, Jerem | 28:04:00 | 2016-06-07 | | Aurora: CV-01 - Fron | Ryk Brown | Jeffrey Kafer | 07:15:00 | 2013-05-13 | | The Rings of Haven - | Ryk Brown | Jeffrey Kafer | 05:45:00 | 2013-06-03 | | The Legend of Corina | Ryk Brown | Jeffrey Kafer | 06:39:00 | 2013-06-17 | | Freedom's Dawn - Fro | Ryk Brown | Jeffrey Kafer | 09:06:00 | 2013-07-08 | | Rise of the Corinari | Ryk Brown | Jeffrey Kafer | 10:54:00 | 2013-07-29 | | Head of the Dragon - | Ryk Brown | Jeffrey Kafer | 12:41:00 | 2013-08-19 | | The Expanse - The Fr | Ryk Brown | Jeffrey Kafer | 10:19:00 | 2013-12-10 | | Celestia CV-02 - The | Ryk Brown | Jeffrey Kafer | 09:00:00 | 2013-12-23 | | Resistance - Frontie | Ryk Brown | Jeffrey Kafer | 09:07:00 | 2014-01-20 | | Liberation - The Fro | Ryk Brown | Jeffrey Kafer | 10:40:00 | 2014-04-15 | | Monkey | Wu Ch'êng-ên, Arthur | Kenneth Williams | 13:39:00 | 2015-10-02 | | Artemis | Andy Weir | Rosario Dawson | 08:57:00 | 2017-11-14 | | Born of the Ashes - | Ryk Brown | Jeffrey Kafer | 12:00:00 | 2014-07-16 | | Rise of the Alliance | Ryk Brown | Jeffrey Kafer | 10:46:00 | 2015-01-20 | | A Show of Force - Fr | Ryk Brown | Jeffrey Kafer | 13:09:00 | 2015-06-23 | | Frontiers Saga Serie | Ryk Brown | Jeffrey Kafer | 10:20:00 | 2015-11-24 | | That Which Other Men | Ryk Brown | Jeffrey Kafer | 14:28:00 | 2016-03-29 | | Colorless Tsukuru Ta | Haruki Murakami | Michael Fenton Steve | 09:07:00 | 2014-08-12 | | Celtic Mythology: Cl | Scott Lewis | Oliver Hunt | 03:23:00 | 2018-07-18 | | Children of Dune | Frank Herbert | Scott Brick, Simon V | 16:51:00 | 2008-02-05 | | Dune | Frank Herbert | Scott Brick, Orlagh | 21:02:00 | 2006-12-31 | | Dune Messiah | Frank Herbert | Scott Brick, Katheri | 08:57:00 | 2007-10-01 | | Bandersnatch - C.S. | Diana Pavlac Glyer | Michael Ward | 06:29:00 | 2016-09-26 | | The Fighters | C. J. Chivers | Scott Brick | 13:45:00 | 2018-08-14 | | Masters of Doom - Ho | David Kushner | Wil Wheaton | 12:43:00 | 2012-07-12 | | Salvation - The Salv | Peter F. Hamilton | John Lee | 19:02:00 | 2018-09-06 | | Cibola Burn - Book 4 | James S. A. Corey | Jefferson Mays | 20:07:00 | 2015-05-07 | | Lost at Sea: The Jon | Jon Ronson | Jon Ronson | 15:22:00 | 2012-10-11 | | Data Science: The Ul | Herbert Jones | Sam Slydell | 05:18:00 | 2018-11-28 | | The Coen Brothers | Adam Nayman | Rob Shapiro | 09:55:00 | 2018-09-11 | | Nemesis Games - The | James S. A. Corey | Jefferson Mays | 18:06:00 | 2015-06-02 | | The Ten Types of Hum | Dexter Dias | Tom Clegg | 26:32:00 | 2017-07-06 | | Delta-v | Daniel Suarez | Jeff Gurner | 16:42:00 | 2019-04-23 | | God Emperor of Dune | Frank Herbert | Simon Vance | 15:48:00 | 2007-12-30 | | Dreaming in Code - T | Scott Rosenberg | Kyle McCarley | 12:01:00 | 2012-12-18 | | Ghost in the Wires - | Kevin Mitnick, Willi | Ray Porter | 13:59:00 | 2011-08-15 | | Gibraltar Sun - Gibr | Michael McCollum | Ramon De Ocampo | 10:05:00 | 2013-02-28 | | The Tragedy of King | William Shakespeare | full cast | 01:46:00 | 2009-08-28 | | Blind Faith | Ben Elton | Michael Maloney | 04:22:00 | 2007-11-07 | | Talking to Strangers | Malcolm Gladwell | Malcolm Gladwell | 08:42:00 | 2019-09-10 | | The Hidden Life of T | Peter Wohlleben | Mike Grady | 07:33:00 | 2016-09-13 | | Orcs | Stan Nicholls | John Lee | 24:43:00 | 2011-09-08 | | Behave | Robert M. Sapolsky | Michael Goldstrom | 26:27:00 | 2018-08-16 | | The City and the Sta | Arthur C. Clarke | Mike Grady | 09:42:00 | 2013-01-20 | | The Forbidden City - | Charles River Editor | Colin Fluxman | 01:13:00 | 2017-02-27 | | Foundation - The Fou | Isaac Asimov | William Hope | 08:56:00 | 2019-09-26 | | Children of the Mind | Orson Scott Card | Gabrielle de Cuir, J | 13:30:00 | 2004-08-04 | | Shahnameh - The Epic | Ferdowsi | Marc Thompson, Franc | 12:01:00 | 2017-12-22 | | The Cuckoo's Egg - T | Cliff Stoll | Will Damron | 12:46:00 | 2020-01-31 | | We the Living | Ayn Rand | Mary Woods | 18:01:00 | 2007-12-24 | | The Clock Mirage - O | Joseph Mazur | Keith Sellon-Wright | 08:52:00 | 2020-05-19 | | The Psychology of In | Leron Zinatullin | Peter Silverleaf | 02:12:00 | 2018-11-27 | | On Psychology - Illu | JZ Murdock | JZ Murdock | 01:49:00 | 2018-07-02 | | GCHQ - Centenary Edi | Richard Aldrich | Peter Noble | 25:48:00 | 2019-07-11 | | Project Hail Mary | Andy Weir | Ray Porter | 16:10:00 | 2021-05-04 | | Sid Meier's Memoir! | Sid Meier, Jennifer | Charles Constant | 08:32:00 | 2020-11-10 | | Docker in Action | Jeff Nickoloff | Aiden Humphreys | 10:12:00 | 2018-11-08 | | Cryptonomicon | Neal Stephenson | William Dufris | 42:44:00 | 2020-08-08 | | The Testament of Mar | Colm Tóibín | Meryl Streep | 03:06:00 | 2014-05-01 | | Anathem | Neal Stephenson | Oliver Wyman, Tavia | 32:25:00 | 2020-08-08 | | The Stranger in the | Michael Finkel | John Chancer | 06:08:00 | 2018-09-27 | | Xenos - Eisenhorn: W | Dan Abnett | Toby Longworth | 09:55:00 | 2017-09-27 | | Have Space Suit - Wi | Robert A. Heinlein | Mark Turetsky | 08:53:00 | 2014-02-11 | | Malleus - Eisenhorn: | Dan Abnett | Toby Longworth | 10:19:00 | 2017-09-27 | | Klara and the Sun | Kazuo Ishiguro | Sura Siu | 10:16:00 | 2021-03-02 | | Hereticus - Eisenhor | Dan Abnett | Toby Longworth | 09:48:00 | 2017-09-27 | | Ravenor - Warhammer | Dan Abnett | Toby Longworth | 11:50:00 | 2018-03-27 | | Sun and Steel | Yukio Mishima | Matthew Taylor | 02:36:00 | 2021-04-12 | | The Silver Ships - T | S. H. Jucha | Grover Gardner | 10:27:00 | 2015-06-30 | | Globe - Life in Shak | Catharine Arnold | Clare Staniforth | 09:22:00 | 2021-11-30 | | The Buried Giant | Kazuo Ishiguro | David Horovitch | 11:48:00 | 2015-03-03 | | Damned | Chuck Palahniuk | Sophie Amoss | 07:42:00 | 2021-10-12 | | Fallen Dragon | Peter F. Hamilton | John Lee | 26:30:00 | 2016-11-17 | | Escalation - Frontie | Ryk Brown | Jeffrey Kafer | 07:15:00 | 2020-02-11 | | The Revenant | Michael Punke | Jeff Harding | 09:54:00 | 2015-05-07 | | Rescue - Frontiers S | Ryk Brown | Jeffrey Kafer | 08:00:00 | 2016-12-06 | | Resurrection - Front | Ryk Brown | Jeffrey Kafer | 08:26:00 | 2017-04-18 | | Titus Groan - Gormen | Mervyn Peake | Saul Reichlin | 21:39:00 | 2014-06-19 | | Rebellion - Frontier | Ryk Brown | Jeffrey Kafer | 08:16:00 | 2017-08-01 | | The Edgar Allan Poe | Edgar Allan Poe | Jonathan Keeble, Pet | 59:59:00 | 2022-02-04 | | Ravenor Returned - W | Dan Abnett | Toby Longworth | 10:56:00 | 2018-03-27 | | Not Forever, but for | Chuck Palahniuk | Raphael Corkhill | 08:37:00 | 2023-09-05 | | Gormenghast | Mervyn Peake | Saul Reichlin | 22:56:00 | 2014-06-19 | | British Woodland - H | Ray Mears | Ray Mears | 09:22:00 | 2023-05-04 | | A Canticle for Leibo | Walter M. Miller Jr. | Tom Weiner | 10:55:00 | 2011-08-01 | | Weaving the Web - Th | Tim Berners-Lee | Tim Berners-Lee | 03:29:00 | 1999-12-16 | | Balance - Frontiers | Ryk Brown | Jeffrey Kafer | 10:53:00 | 2017-08-30 | | The Plum in the Gold | David Tod Roy - tran | George Backman | 17:35:00 | 2014-04-18 | | Stranger in a Strang | Robert A. Heinlein | Martin McDougall | 23:33:00 | 2012-12-06 | | Ravenor Rogue - Warh | Dan Abnett | Toby Longworth | 12:30:00 | 2018-01-31 | | Freakonomics - A Rog | Steven D. Levitt, St | Stephen J. Dubner | 07:50:00 | 2005-07-27 | | The Pragmatic Progra | David Thomas, Andrew | Anna Katarina | 09:55:00 | 2019-12-26 | | I'm Starting to Worr | Jason Pargin | Ari Fliakos | 12:44:00 | 2024-09-24 | | Birdsong | Sebastian Faulks | Harry Lloyd, Pippa B | 15:49:00 | 2023-06-15 | | The Luzhin Defense | Vladimir Nabokov | Mel Foster | 08:37:00 | 2010-12-20 | | The Three-Body Probl | Cixin Liu, Ken Liu | Daniel York Loh | 14:46:00 | 2023-02-23 | Provide feedback on this episode.

En este episodio exploramos las buenas prácticas oficiales de Docker y cómo aplicarlas en proyectos reales. Hablamos sobre qué evitar, qué optimizar y cómo escribir Dockerfile e imágenes más seguras, ligeras y eficientes. Un repaso directo, útil y práctico para cualquier desarrollador que quiera llevar sus contenedores al siguiente nivel.

Register for FREE Infosec Webcasts, Anti-casts & Summits – https://poweredbybhis.com Chapters00:00 - PreShow Banter™ — Humans are Done03:04 - Louvre's video security password was ‘Louvre' – BHIS - Talkin' Bout [infosec] News 2025-11-1005:11 - Story # 1: I Tried the Robot That's Coming to Live With You. It's Still Part Human.15:14 - Story # 2: How to trade your $214,000 cybersecurity job for a jail cell25:14 - Story # 3: The Louvre's video security password was reportedly ‘Louvre'29:04 - Story # 4: Dangerous runC flaws could allow hackers to escape Docker containers32:58 - Story # 5: List of AI Tools Promoted by Threat Actors in Underground Forums and Their Capabilities40:00 - Story # 5b: GTIG AI Threat Tracker: Advances in Threat Actor Usage of AI Tools56:37 - BHIS Webcast – X-Typhoon - Not your Father's China with John Strand

How to Collect Memory-Only Filesystems on Linux Systems Getting forensically sound copies of memory-only file systems on Linux can be tricky, as tools like dd do not work. https://isc.sans.edu/diary/How%20to%20collect%20memory-only%20filesystems%20on%20Linux%20systems/32432 Microsoft Azure Front Door Outage Today, Microsoft s Azure Front Door service failed, leading to users not being able to authenticate to various Azure-related services. https://azure.status.microsoft/en-us/status Docker-Compose Vulnerability A vulnerability in docker-compose may be used to trick users into creating files outside the docker-compose directory https://github.com/docker/compose/security/advisories/GHSA-gv8h-7v7w-r22q

Python in 2025 is different. Threads really are about to run in parallel, installs finish before your coffee cools, and containers are the default. In this episode, we count down 38 things to learn this year: free-threaded CPython, uv for packaging, Docker and Compose, Kubernetes with Tilt, DuckDB and Arrow, PyScript at the edge, plus MCP for sane AI workflows. Expect practical wins and migration paths. No buzzword bingo, just what pays off in real apps. Join me along with Peter Wang and Calvin Hendrix-Parker for a fun, fast-moving conversation. Episode sponsors Seer: AI Debugging, Code TALKPYTHON Agntcy Talk Python Courses Links from the show Calvin Hendryx-Parker: github.com/calvinhp Peter on BSky: @wang.social Free-Threaded Wheels: hugovk.github.io Tilt: tilt.dev The Five Demons of Python Packaging That Fuel Our ...: youtube.com Talos Linux: talos.dev Docker: Accelerated Container Application Development: docker.com Scaf - Six Feet Up: sixfeetup.com BeeWare: beeware.org PyScript: pyscript.net Cursor: The best way to code with AI: cursor.com Cline - AI Coding, Open Source and Uncompromised: cline.bot Watch this episode on YouTube: youtube.com Episode #524 deep-dive: talkpython.fm/524 Episode transcripts: talkpython.fm Theme Song: Developer Rap