Hosting service for software projects using Git
POPULARITY
Categories
The White House keeps frontier AI models on a short leash. Russian threat actors increasingly target secure messaging platforms. DirtyClone is a high-severity Linux kernel privilege escalation flaw. An investigation claims federal websites are violating privacy rules. Microsoft dismantles a sophisticated malicious browser extension campaign. Setting up a GitHub repository could trick AI coding agents into executing malicious payloads. The DOJ shuts down illegal World Cup streamers. An Anonymous-linked hacker gets 18 months for website defacement. Monday business briefing. Dylan Sandlin, Program Manager for Digital and Cybersecurity Content at the National Association of Corporate Directors (NACD), discusses cyber risk as a board concern. In healthcare AI, patient privacy needs a second opinion. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today we are joined by Dylan Sandlin, Program Manager for Digital and Cybersecurity Content at the National Association of Corporate Directors (NACD), discussing cyber risk as a board concern. If you're interested in learning more about NACD, be sure to check out their Director's Handbook on Cyber-Risk Oversight. Selected Reading Washington pushes AI into an export-control era as rivals rush to fill the gap (Metacurity) FBI and CISA Warn Russian Hackers Stealing Verification Codes and Account PINs From Signal Users (GB Hackers) 'DirtyClone' Linux Kernel Vulnerability Leads to Root Access (SecurityWeek) ‘It's dangerous and it's going to erode trust': redesign of US government websites stokes surveillance fears | Trump administration (The Guardian) StegoAd: How 119 Fake Browser Extensions Stole Credentials and Ran Ad Fraud for Two Years (SecurityAffairs) Clean GitHub repo tricks AI coding agents into running malware (Bleeping Computer) US seizes hundreds of FIFA World Cup illegal streaming domains (Bleeping Computer) Anonymous-Linked Hacktivist Aubrey Cottle Jailed Over Texas GOP Cyberattack (Hackread) Accenture acquires Dragos, runZero, and NetRise for more than $4 billion. (N2K Pro Business Briefing) Medical diagnosis AIs can be tricked into telling whose data trained them (The Register) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? N2K CyberWire helps you reach the industry's most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices
Aji and Joël join forces to discuss graph and tree structures, and their connection to the emergent properties, attributes and qualities you can find from a largely connected group of data. Joël dives into their recent graphs and tree work through a contracting system, whilst Aji looks back at when he previously tried to serialise a graph or tree to a database. — Watch Joël's Blue Ridge Ruby talk here, or Matheus' Ruby Internal talk from last year here. There's still time to secure your place at thoughtbot's upcoming UK meet ups over the next month. London Tech Leader Meetup - Tuesday June 23rd Brighton Tech Leader Meetup - Wednesday June 24th Brighton Ruby - Thursday June 25th Evolve - Friday June 26th Your hosts for this episode have been thoughtbot's own Joël Quenneville and Aji Slater. If you would like to support the show, head over to our GitHub page, or check out our website. Got a question or comment about the show? Write to our hosts: hosts@bikeshed.fm This has been a thoughtbot podcast. Stay up to date by following us on social media - YouTube - LinkedIn - Mastodon - BlueSky © 2026 thoughtbot, inc.
Sam Partee (CTO & co-founder of Arcade.dev) and Nate Barbettini (Founding Engineer at Arcade.dev) sit down at the MCP Dev Summit to unpack what nobody wants to admit about the Model Context Protocol: the security model is still full of sharp edges. From tool poisoning and prompt injection to why OAuth got bolted onto the spec, this is a builder 's-eye view of where MCP breaks — and how to ship agents safely anyway.What we get into:
While Anthropic and the U.S. Government continued to try and make amends, there was another seismic shift quietly taking place: open source surged. Between Microsoft reportedly testing Open Source models for Copilot and the powerful new GLM-5.2, there was a clear trend this week in AI world. Missed it all? Don't worry, we'll catch you up so you can make the informed decisions for your company. Anthropic Continues Fable Fight, Microsoft Goes Open Source, Midjourney's Big Pivot and More AI News That Matters -- An Everyday AI Chat with Jordan WilsonNewsletter: Sign up for our free daily newsletterMore on this Episode: Episode PageToday's Episode on LinkedIn: Thoughts on this? Join the convo on LinkedIn and connect with other AI leaders.Upcoming Episodes: Check out the upcoming Everyday AI Livestream lineupWebsite: YourEverydayAI.comEmail The Show: info@youreverydayai.comConnect with Jordan on LinkedInTopics Covered in This Episode:Anthropic Fable 5 and Mythos 5 Export BanTrump Labels Anthropic a National Security ThreatMicrosoft Copilot CoWork Open Source Model SwitchMicrosoft Considers DeepSeek-V4 for AI Cost ReductionChinese GLM 5-2 Sets Open Source BenchmarkGLM 5-2 Challenges Proprietary AI ModelsMidJourney Hardware Pivot: AI Medical Imaging ScannerCursor Building 1.5T Parameter Model, GitHub CompetitorAI CEO Summit: G7 Pushes US-Led AI CoalitionOpenAI Prepares GPT-5.6 ReleaseAnthropic, OpenAI, Google Face Geopolitical AI ScrutinyAdvancements in Token Efficiency and Cost ControlTimestamps:00:00 Trump's comments on Anthropic06:17 Microsoft exploring lower-cost AI models09:07 Microsoft exploring DeepSeek amid tensions13:45 AI model performance and efficiency trends15:59 AI leaders meet at G7 Summit21:22 Midjourney unveils first hardware product23:26 MidJourney's innovative spa technology28:50 Discussing Cursor's evolution and impact32:24 Talking about AI use cases33:27 Rumors and upcoming AI model releases37:20 OpenAI's major new hiresKeywords: Anthropic, Fable Five, Mythos Five, export controls, national security threat, Dario Amodei, Amazon, supply chain risk, Defense Production Act, Copilot CoWork, Microsoft, usage based pricing, open source AI, DeepSeek V4, Chinese AI model, token costs, Azure, agentic AI, enterprise AI billing, data security, compliance filters, GLM 5-2, Zhipu AI, 753 billion parameter model, MIT open source license, long context window, autonomous coding, Hugging Face, benchmark performance, text only model, multimodal capabilities, token efficiency, AI spend, G7 summit, AI governance, AI coalition, AI standards, cybersecurity risks, bioterrorism, chip trade, Sam Altman, OpenAI, Claude Opus 4.8, Gemini 3.5 Pro, MidJourney, medical imaging, MidJourney scanner, full body ultrasound, Butterfly Network, MRI alternative, spa launch, SpaceX, Cursor, 1.5 trillion parameter model, code hosting, GitHub competitor, code generation, AI super apps, Colossus compute, technical prompts, context window expansion, GPT 5.6, Claude Conway agent, Grok Imagine, Firefly AI, code artifacts, Google Ad Manager AI, Open Knowledge Format, Noam Shazeer, Dean Ball, Andrej Karpathy.Send Everyday AI and Jordan a text message. (We can't reply back unless you leave contact info) Start Here ▶️Not sure where to start when it comes to AI? Start with our Start Here Series. You can listen to the first drop -- Episode 691 -- or get free access to our Inner Cricle community and all episodes: StartHereSeries.com Also, here's a link to the entire series on a Spotify playlist.
Steven Forth is the founder of Value Intelligence (ValueIQ) and a longtime leader in value-based pricing. He is also a co-creator of The Value Project, an open-source initiative focused on creating standards for value and pricing models that both humans and AI can understand. Steven Forth is back on the podcast—and as usual, he and Mark waste no time diving into a topic that feels a little futuristic, a little controversial, and a lot important: What happens when AI becomes the buyer? This is another thoughtful debate where Steven's vision for AI-powered buying collides with Mark's 'healthy' skepticism. If you've ever wondered how pricing, value, and buying decisions will evolve in an AI-driven world, this conversation offers a fascinating glimpse into what comes next. Why You Have to Check Out Today's Podcast: Discover how AI buyers will evaluate vendors and why companies that don't provide structured pricing and value data may be ignored—or worse, misrepresented by AI systems. Learn why pricing transparency may become unavoidable as AI agents increasingly compare solutions, estimate costs, and evaluate alternatives on behalf of buyers. Understand the emerging infrastructure behind AI-powered purchasing and how open-source value and pricing standards could reshape the future of B2B sales. "If you don't want the AI to hallucinate about your company, you should give it the data it needs to do its job." – Steven Forth Topics Covered: 02:00 – The Foundation for AI Buyers.Why AI needs standardized pricing and value data before it can make buying decisions. 04:00 – Pricing Models AI Can Actually Understand. Why pricing is more than a price list—and how AI could calculate costs across vendors automatically. 05:30 – Will AI Ignore Your Company?. The risk of missing or unstructured pricing data—and why AI may simply make assumptions about your business. 07:15 – Can Complex Pricing Be Standardized. Mark challenges whether today's complicated pricing models can really be captured in a common framework. 09:00 – The Biggest Challenge: Understanding Value. Can AI truly understand value without understanding the root causes behind business results? 12:00 – Why Value Models Matter. Steven explains why value models aren't about intelligence—they're about giving AI the information it needs to reason. 15:00 – The Next Frontier: Product Configuration. Why pricing and value aren't enough—and how AI could eventually recommend the ideal product setup for every buyer. 18:00 – Can AI Pick the Best Solution?The debate over whether AI can evaluate context, causation, and business needs—not just numbers. 21:00 – When Buyers Have the Upper Hand. How AI could help buyers calculate value using their own private data without sharing it with vendors. 24:00 – The Future of Pricing Transparency. What happens when competitors—and AI—can instantly analyze your pricing structure? 26:00 – Getting Ready for an AI-Powered Buying World. Why businesses should start preparing now for a future where AI becomes the buyer. Key Takeaways: "If you don't want the AI to hallucinate about your company, you should give it the data it needs to do its job." — Steven Forth "The AI needs to understand the value before it can understand if the price is reasonable or not." — Steven Forth "The value project is just plumbing. Let's be able to connect the pipes." — Steven Forth People & Resources Mentioned: The Value Project. An open-source initiative designed to create standardized, machine-readable formats for value models and pricing models that can be shared across business systems and understood by AI. Value Intelligence (ValueIQ). Steven's company focused on value management, value modeling, and helping organizations quantify and communicate customer value. GitHub. The repository where technical contributors can access, test, and improve The Value Project's open-source schemas. Linux Foundation. Mentioned as a potential future home for the project if adoption and community participation continue to grow. JSON (JavaScript Object Notation). The structured data format used to represent value and pricing models in a way that software systems and AI can interpret. Connect with Steven Forth: Website: https://thevalueproject.org LinkedIn: https://www.linkedin.com/in/stevenforth/ Email: steven@valueiq.ai Subscribe to Steven's Substack: Synthetic data in pricing: https://pricinginnovation.substack.com/p/synthetic-data-in-pricing Connect with Mark Stiving: LinkedIn: https://www.linkedin.com/in/stiving/ Email: mark@impactpricing.com
https://clearmeasure.com/developers/forums/ Tamir Dresher is a Principal Engineer at Microsoft Threat Protection, where he focuses on scaling AI agent systems and distributed architectures, bringing over 15 years of experience building large-scale distributed systems. He is the co-creator of Squad, an open-source multi-agent runtime for GitHub Copilot that orchestrates AI teams directly inside your repository. Tamir is the author of "Rx.NET in Action" (Manning) and "Hands-On Full-Stack Web Development with ASP.NET Core" (Packt), and has been a lecturer in Software Engineering at the Ruppin Academic Center since 2013. A prominent figure in the Israeli and international developer communities, he is a Microsoft MVP alumnus who speaks frequently at global conferences and writes actively on his blog at tamirdresher.com. Website / Blog - https://www.tamirdresher.com/ LinkedIn - https://www.linkedin.com/in/tamirdresher/ GitHub: https - //github.com/tamirdresher Twitter/X - @tamir_dresher Blog Post - https://www.tamirdresher.com/blog/2026/05/24/squad-watch-extensions-customer-success Github - https://github.com/bradygaster/squad Want to Learn More? Visit AzureDevOps.Show for show notes and additional episodes.
JDK 26 optimise la JVM dans ses moindres recoins, le SDK Java d'Agent2Agent passe en 1.0, Micronaut 5 est là. Côté terrain, un retour d'expérience après 40 jours à coder avec 100 % d'IA : génie ou junior, Alzheimer numérique et dette technique invisible. Pendant ce temps, GitLab restructure, Microsoft suspend ses licences Claude Code, et un développeur injecte un prompt destructeur dans sa lib JUnit. La révolution IA a un coût et les boites commencent à s'en rendre compte. Enregistré le 12 juin 2026 Téléchargement de l'épisode LesCastCodeurs-Episode-341.mp3 ou en vidéo sur YouTube. News Langages Les améliorations de performance dans le JDK 26 https://inside.java/2026/06/09/jdk-26-performance-improvements/ Côté bibliothèques, l'API LazyConstant (anciennement StableValue) fait son entrée en prévisualisation pour permettre une initialisation paresseuse, sécurisée pour les threads et optimisée par le mécanisme de constant-folding de la JVM. L'extraction de chaînes de caractères via MemorySegment::getString a été revue pour réduire considérablement les allocations intermédiaires et les copies en mémoire off-heap, accélérant fortement les traitements sur les chemins critiques (hot paths). La méthode générée automatiquement hashCode() pour les classes de type record a été optimisée par la JVM pour atteindre un niveau de performance équivalent à une implémentation écrite manuellement. Le ramasse-miettes G1 bénéficie du JEP 522 qui redessine sa table de cartes (card-table) afin de réduire les coûts de synchronisation des barrières d'écriture, offrant un gain de débit de 5 % à 15 % sur les applications manipulant énormément de références d'objets. Grâce au JEP 516 (Project Leyden), le cache d'objets Ahead-of-Time (AOT) adopte un format de flux agnostique, ce qui lui permet d'être compatible avec n'importe quel Garbage Collector, y compris le ramasse-miettes à très faible latence ZGC. Le démarrage de la JVM s'accélère par défaut lorsqu'aucune taille de tas n'est configurée, car HotSpot n'applique plus de pourcentage initial (InitialRAMPercentage) mais démarre directement avec la taille minimale (MinHeapSize) pour éviter d'allouer des métadonnées inutiles. Les threads virtuels gagnent en robustesse en étant désormais capables de céder la main (yield) pendant les phases d'initialisation des classes, éliminant ainsi le risque de famine des threads porteurs (carrier threads). Le compilateur C2 JIT améliore son modèle de coût pour la vectorisation des boucles (SIMD) et se montre maintenant capable de compiler et d'optimiser des méthodes dotées de listes de paramètres extrêmement longues. Librairies Release candidate du A2A Java SDK supportant versions 0.3 et 1.0 en même temps https://medium.com/google-cloud/a2a-java-sdk-1-0-0-cr1-released-f0c651ec9139 Dernière étape avant la GA : Toutes les fonctionnalités prévues pour la version 1.0 sont finalisées. Migration simplifiée depuis la Beta1. Compatibilité v0.3 : Ajout d'une couche de compatibilité permettant aux agents v1.0 de communiquer avec les systèmes v0.3 (via JSON-RPC, gRPC ou REST). Support natif pour Android (nouvel AndroidHttpClient). Uniformisation des clients HTTP pour garantir une cohérence entre les versions. Nouveau parseur SSE (Server-Sent Events) conforme aux spécifications. Ça y est, le SDK Java de l'Agent 2 Agent Protocol est sorti en version 1.0 finale ! (avec compatibilité v0.3 et v1.0) https://medium.com/google-cloud/a2a-java-sdk-1-0-0-final-released-10c05b6aee34 Lancement officiel : Sortie de A2A Java SDK 1.0.0.Final, la première version stable (GA) du protocole Agent2Agent. Objectif du protocole : Standard ouvert (Linux Foundation) permettant aux agents IA de communiquer, déléguer des tâches et collaborer, indépendamment du langage ou du framework. Interopérabilité : Introduction de l'Integration Test Kit (ITK) pour valider la compatibilité entre les SDK (Java, Python, TypeScript, etc.). Transports supportés : Support complet et équivalent pour JSON-RPC, gRPC et HTTP+JSON/REST. Alignement total avec la spécification A2A 1.0.0. Passage aux Java records pour l'immutabilité et moins de code répétitif. Architecture interne basée sur un MainEventBus pour garantir la persistance et éviter les conditions de concurrence. Intégration d'OpenTelemetry pour le suivi et la surveillance. Support d'Android et compatibilité descendante avec la version 0.3. Installation : Gestion des dépendances via Maven BOM (org.a2aproject.sdk). Sortie de Micronaut 5.0 https://micronaut.io/2026/05/20/micronaut-framework-5-0-0-released/ Lancement majeur : Disponibilité générale de Micronaut 5, incluant une refonte de plus de 70 modules et la plateforme BOM. Baselines techniques : Support de Java 25, Groovy 5, Kotlin 2.3 et GraalVM 25.0.3. Optimisations internes : Amélioration significative des performances au démarrage et réduction de la surcharge à l'exécution via une refonte du conteneur IoC et du traitement à la compilation. Architecture HTTP : Support stable de HTTP/3, nouvelle API de formulaires (multipart) et annotations de nullabilité (JSpecify) pour une meilleure interopérabilité Kotlin/IDE. Configuration : Nouveau système d'importation de configuration (remplaçant le Bootstrap Configuration) et validateur de schéma JSON intégré. Fiabilité : Nouvelles API programmatiques pour les politiques de retry et circuit breaker. Sécurité & Outils : Mise à jour majeure des dépendances (Jackson 3, Ktor 3), rafraîchissement du Panneau de contrôle et diagnostics AOT améliorés. Écosystème : Mises à jour complètes pour les bases de données (Data, SQL, R2DBC, MongoDB, Redis), le cloud (AWS, Azure, GCP, OCI) et les tests (JUnit 6, Testcontainers 2.0). Évolutions notables : Intégration HTMX dans Micronaut Views, retrait du support RxJava 2 et migration de divers processeurs d'annotations vers des modules dédiés. Comment rajouter un agent IA dans une app Android, avec le tout nouveau framework ADK pour Kotlin https://glaforge.dev/posts/2026/05/21/wiring-adk-kotlin-agents-in-an-android-application/ Guillaume a participé au développement et au lancement du nouveau runtime ADK pour Kotlin et Android https://developers.googleblog.com/adk-kotlin-android-building-ai-agents/ Tutoriel sur comment intégrer un agent ADK dans une app Dépendances : Ajout du noyau ADK (google-adk-kotlin-core) et du processeur KSP dans build.gradle.kts. Sécurité API : Utilisation de local.properties pour stocker la clé API Gemini et l'exposer via BuildConfig afin d'éviter le hardcoding. Définition de l'agent : Création d'un objet LlmAgent configuré avec le modèle Gemini, des instructions spécifiques et des outils (ex: GoogleSearchTool). Utilisation de InMemoryRunner pour gérer automatiquement le contexte et l'historique de la session. Implémentation de runAsync avec StreamingMode.SSE pour un retour en temps réel dans l'interface. Threading : Exécution des requêtes réseau sur Dispatchers.IO et mise à jour de l'état de l'interface utilisateur sur Dispatchers.Main. Comment développer et hoster des agents IA sur la plateforme d'agents managés de DeepMind https://glaforge.dev/posts/2026/05/21/managed-agents-with-the-gemini-interactions-java-sdk/ L'équipe DeepMind de Google a lancé une plateforme d'agents managés sur son API Gemini Interactions https://blog.google/innovation-and-ai/technology/developers-tools/managed-agents-gemini-api/ Guillaume a implémenté un SDK Java pour utiliser cette API Gemini Interactions, qui donne entre autre accès à tous les modèles mais aussi à cette plateforme managée d'agents IA Agents managés : Permet d'exécuter des agents autonomes qui raisonnent, planifient et exécutent du code dans des environnements isolés (sandboxes), sans gestion d'infrastructure par le développeur. Environnement distant : Utilise des espaces de travail Linux éphémères dans le cloud via le paramètre remote, permettant l'accès réseau et la persistance des fichiers sur plusieurs appels. Agents prédéfinis : Accès immédiat à des agents spécialisés comme deep-research-pro (recherche multi-étapes) ou antigravity (tâches de codage généralistes). Agents personnalisés : Possibilité de configurer ses propres agents avec des instructions système dédiées, des outils spécifiques (exécution de code, recherche Google) et des règles réseau (egress) personnalisées. Architecture basée sur les étapes (Steps) : Utilise une structure de données typée (Step, Content) pour suivre le raisonnement de l'agent, ses appels de fonctions et ses résultats en temps réel. Outils et Schémas : Inclut des utilitaires pour générer des schémas JSON complexes via une interface fluide (DSL), par réflexion Java ou par parsing JSON. Streaming réactif : Support natif des événements en temps réel (SSE) pour suivre la progression de l'agent et recevoir les deltas de contenu au fur et à mesure de la génération. Flexibilité : Fournit un gestionnaire de routage (InteractionsHandler) pour créer facilement des serveurs proxy ou des backends intermédiaires traitant les interactions Gemini. Spring Boot 4.1 https://github.com/spring-projects/spring-boot/wiki/Spring-Boot-4.1-Release-Notes Support natif pour Spring gRPC permettant de créer et tester facilement des applications clientes et serveurs basées sur Netty ou des Servlets via HTTP/2 Introduction du lazy fetching pour les connexions JDBC via la propriété spring.datasource.connection-fetch=lazy afin de ne prendre une connexion du pool que lorsqu'un Statement est réellement exécuté Amélioration de l'auto-configuration de Jackson permettant de définir globalement les contraintes de lecture/écriture pour les formats JSON, XML et CBOR via des propriétés de configuration Sécurisation des clients HTTP bloquants et réactifs face aux attaques SSRF grâce à l'introduction d'un InetAddressFilter bloquant les requêtes sortantes vers des adresses spécifiques Améliorations majeures autour d'OpenTelemetry avec le support complet des variables d'environnement OTel, la possibilité de désactiver le SDK via une propriété globale et l'ajout du support SSL sur les exporters OTLP Ajout de l'auto-configuration pour l'utilisation de Spring Batch avec MongoDB incluant un nouveau starter dédié spring-boot-batch-data-mongo Auto-configuration des endpoints @RedisListener sans nécessiter la déclaration manuelle d'un RedisMessageListenerContainer Dépréciation du support de Apache Derby (projet arrêté), suppression définitive du mode layertools du JAR et réintroduction du support de Spock 2.4 (avec Groovy 5) Upgrade des dépendances majeures de l'écosystème avec notamment Spring Framework 7.0.8, Spring Security 7.1.0 et Micrometer 1.17.0 Outillage Vous êtes plutôt endive ou chicorée ? La librairie Chicory qui permet d'exécuter du code WASM à partir de son application Java est forkée et rejointe la Bytecode Alliance pour continuer son développement https://bytecodealliance.org/articles/endive-and-the-next-chapter-of-webassembly-on-the-jvm Annonce d'Endive : Nouveau projet hébergé par la Bytecode Alliance ; fork de Chicory (moteur WebAssembly pur Java, sans dépendance native). Objectif principal : Permettre aux développeurs Java d'intégrer, charger et déployer des modules Wasm nativement via les workflows Java habituels. Compilateur "Redline" : Intégration à venir de Redline (basé sur Cranelift) pour compiler le Wasm en code machine natif ; performances comparables à Rust/Wasmtime. Zéro dépendance (Java 25+) : Grâce à l'API standard Foreign Function & Memory (Project Panama), l'exécution à vitesse native se fait sans composants externes. Modèle de Composants (Component Model) : Support futur prévu pour consommer des composants (Rust, Go, JS, etc.) via des interfaces typées et sécurisées directement dans la JVM. Prochaines étapes : Fusion de Redline, conformité stricte aux specs Wasm (dont WasmGC) et amélioration du support WASI. Un visualisateur de sessions de travail avec Antigravity https://glaforge.dev/posts/2026/06/11/antigravity-brain-visualizer/ Un projet open source construit avec Micronaut, LangChain4j et GraalVM pour analyser les sessions de travail avec l'outil de développement agentique Antigravity (de Google) Analyse toutes les étapes, les requêtes utilisateur, les outils utilisés, les erreurs rencontrées, les réponses du modèle Gemini fait une analyse pour comprendre les moments clés de cette session de travail Outil buildé avec l'aide d'Antigravity lui-même SBX-Kits : des environnements de développement simplifiés pour les débutants (et les autres) https://k33g.org/20260501-sbx-kits.html Philippe Charrière (:whale: ) présente SBX-Kits (Sandbox Kits), une initiative personnelle visant à simplifier radicalement la mise en place d'environnements de développement pour les débutants, en éliminant la complexité d'installation des outils traditionnels. Chaque "kit" est une archive prête à l'emploi contenant un outil de développement spécifique (comme un langage, un framework ou une base de données) configuré pour s'exécuter de manière isolée et portable. La philosophie du projet repose sur le principe de "zéro configuration" et "zéro dépendance globale", permettant de tester une technologie ou de commencer à coder immédiatement sans polluer son système d'exploitation. L'approche technique s'appuie sur des scripts légers et des binaires portables pré-packagés, offrant une alternative plus simple et moins gourmande en ressources que les conteneurs Docker ou les configurations d'IDE complexes pour l'apprentissage. L'objectif à terme est de proposer un catalogue de kits couvrant les technologies courantes (JavaScript, Python, petites bases de données) pour faciliter les ateliers de programmation et le prototypage rapide. De nombreux kits sont disponibles sur https://github.com/docker/sbx-kits-contrib ghui: une interface utilisateur en ligne de commande (TUI) interactive pour GitHub https://github.com/kitlangton/ghui ghui est un outil en ligne de commande (TUI) écrit en Rust qui fournit une interface visuelle, interactive et rapide directement dans le terminal pour interagir avec GitHub. Il permet de gérer ses pull requests, ses issues et ses notifications sans avoir à ouvrir son navigateur web ou à taper de longues commandes avec la CLI officielle de GitHub. L'outil propose une navigation fluide au clavier, des raccourcis efficaces, et permet de réaliser des actions courantes comme valider une PR, ajouter des commentaires, attribuer des reviewers ou inspecter les logs des GitHub Actions. Conçu pour être extrêmement réactif, ghui s'intègre naturellement dans le flux de travail des développeurs adeptes du terminal et du mode "sans souris". Sortie de Homebrew 6.0.0 https://brew.sh/2026/06/11/homebrew-6.0.0/ Introduction du mécanisme de sécurité Tap Trust : comme les dépôts tiers (taps) peuvent exécuter du code Ruby arbitraire non sandboxé sur la machine, Homebrew demande désormais une confiance explicite de l'utilisateur avant d'évaluer ou d'exécuter leur code. L'API JSON interne devient le choix par défaut, offrant un système plus léger et beaucoup plus rapide pour les développeurs. Sécurisation renforcée de l'environnement avec l'implémentation du sandboxing sur Linux. Évolution des comportements par défaut basés sur un sondage utilisateur : le mode "ask" est activé par défaut pour les développeurs, affichant un résumé des dépendances et une demande de confirmation avant toute action de brew install ou brew upgrade. Améliorations notables des performances globales, notamment un boost de ~30 % sur la vitesse de la commande brew leaves et la parallélisation de la récupération des bottles (binaires) lors des mises à jour. Ajout du support initial pour la prochaine version d'Apple, macOS 27 (Golden Gate). Multiples optimisations pour brew bundle, incluant une gestion plus sécurisée des installations de paquets npm. Méthodologies Retour d'expérience très détaillé et 100% humain sur 40 jours avec une équipe 100% AI hormis le superviseur https://www.linkedin.com/pulse/jai-vir%C3%A9-mon-%C3%A9quipe-de-dev-pour-une-100-ia-pendant-40-luc-bonnin-jlgjf/ Voici le résumé en bullet points : Expérimentation de 40 jours : remplacer une équipe de dev par 100% IA agentique (Cursor) sur un vrai projet en production (playthatsheet.com, 200k lignes de code legacy) Chiffres bruts : 2,3 milliards de tokens consommés, 1 477 prompts, 260 564 lignes ajoutées (+145%), 59% du code final produit par l'IA ROI vertigineux à court terme : 9 mois de travail humain livrés en 40 jours, coût total 260$ d'abonnement + 15 jours de supervision, ROI x18 Profil psy de l'IA : Alzheimer (oublis de contexte), schizophrène (change de méthodo), ado de 12 ans (refait les mêmes erreurs), oscille entre génie et junior sans prévenir Effet iceberg : la dette technique ne disparaît pas, elle se camoufle et s'accélère ; hallucinations = bombes à retardement détectables uniquement par relecture humaine ligne par ligne Paradoxe du bateau de Thésée : perte de paternité et de maîtrise fine du code, baisse de l'autonomie du dev humain qui valide sans avoir construit Arnaque du "monkey money" : consommation de tokens opaque, non corrélée à la complexité (écart de 350% sur des prompts identiques), facturation imprévisible donc impossible à budgéter Syndrome du bazooka : les devs utilisent l'IA même pour changer une couleur CSS, atrophie progressive des compétences et coût écologique délirant Risque stratégique : dépendance irréversible aux vendeurs de tokens (Nvidia, Anthropic, OpenAI), business non rentable qui devra augmenter ses prix Conseil final : approche Pareto, garder 20% du temps en code "fait main", nommer un responsable stratégie IA, l'humain senior reste irremplaçable pour superviser Une libraries de test JUnit cache un prompt qui demande aux coding agents d'effacer les tests https://arstechnica.com/security/2026/05/fed-up-with-vibe-coders-dev-sneaks-data-nuking-prompt-injection-into-their-code/ Agacé par les « vibe coders », un développeur introduit une injection de prompt destructrice dans son code Le développeur de jqwik (un moteur de tests pour JUnit 5) a volontairement inséré une injection de prompt dans la version 1.10.0 de sa bibliothèque Java pour saboter le travail des agents d'IA. L'instruction injectée via la sortie standard (stdout) ordonne textuellement aux LLM d'ignorer les consignes précédentes et de supprimer l'intégralité du code et des tests jqwik du projet. Pour dissimuler cette action aux yeux des développeurs humains, le mainteneur a utilisé des séquences d'échappement ANSI qui effacent la ligne d'injection dans les émulateurs de terminaux interactifs. La modification a été découverte par un utilisateur qui a pointé du doigt les risques majeurs et disproportionnés pour les machines des utilisateurs, bien que certains outils comme Claude d'Anthropic aient détecté et bloqué la consigne malveillante. Face aux critiques de la communauté et aux accusations de comportement infantile ou potentiellement illégal, le développeur a mis à jour ses notes de version pour documenter explicitement son opposition à l'usage de son outil par des IA, avant de refuser tout commentaire supplémentaire sur conseil de son avocat. La réalité du rôle de Principal Engineer https://leaddev.com/career-development/reality-being-principal-engineer Le passage au rôle de Principal Engineer marque une transition majeure où les compétences techniques ne suffisent plus, l'impact se mesurant désormais à travers l'influence, la stratégie et la capacité à aligner la technique avec les objectifs business. Contrairement aux attentes, le quotidien est souvent marqué par une forme d'isolement, car le poste se situe à l'intersection de la direction (qui attend des solutions) et des équipes techniques (qui attendent des directives), sans appartenance directe à un groupe précis. Le rôle exige d'accepter une grande part d'ambiguïté et l'absence de retours immédiats, les projets et les décisions stratégiques mettant parfois des mois ou des années à porter leurs fruits. La gestion du temps devient un défi critique, nécessitant de savoir naviguer entre les sollicitations constantes, la présence en réunion et le besoin de préserver des moments de réflexion approfondie pour concevoir des visions à long terme. La réussite à ce niveau repose sur le développement de compétences humaines pointues (soft skills), notamment la négociation, la communication vulgarisée auprès des profils non techniques, et la capacité à faire grandir les autres ingénieurs par le mentorat. Sécurité Une attaque de la chaîne d'approvisionnement npm utilise binding.gyp pour compromettre des dizaines de paquets https://cybersecuritynews.com/binding-gyp-supply-chain-attack-compromises-dozens-of-npm-packages/ Une nouvelle variante du ver auto-propageable "Shai-Hulud", baptisée "Miasma", cible l'écosystème npm (et PyPI sous le nom de "Hades") en dissimulant son exécution dans le fichier binding.gyp au lieu des scripts classiques preinstall ou postinstall. La technique, surnommée "Phantom Gyp", exploite le fait que npm lance automatiquement node-gyp rebuild dès qu'un fichier binding.gyp est présent à la racine d'un paquet pour compiler des modules natifs C/C++, exécutant ainsi le code malveillant dès la commande npm install. L'attaque contourne la plupart des outils de sécurité traditionnels car l'injection s'appuie sur l'évaluation récursive de commandes (via la syntaxe ) ou directement sur la fonction eval() de Python sous-jacente à GYP, cachée sous n'importe quelle clé du fichier. Le script malveillant télécharge un runtime alternatif (Bun) pour échapper aux détections comportementales de Node.js, puis moissonne les identifiants et secrets des développeurs et des environnements CI/CD (npm, GitHub, AWS, GCP, Azure, Kubernetes, HashiCorp Vault). Plus de 57 paquets npm (dont le SDK serveur de Vapi ou des outils liés à l'IA) et des dizaines de paquets PyPI ont été infectés via des comptes de mainteneurs compromis, le ver republiant automatiquement de nouvelles versions vérolées en utilisant les jetons volés. Loi, société et organisation Restructuration chez Gitlab https://about.gitlab.com/blog/gitlab-act-2/ GitLab entame une restructuration majeure pour s'adapter à l'ère de l'intelligence artificielle agentique, incluant une réduction d'effectifs planifiée de manière transparente et ouverte. L'entreprise prévoit de réduire de 30 % le nombre de pays où elle maintient de petites équipes, d'aplatir sa hiérarchie en supprimant jusqu'à trois niveaux de gestion, et de réorganiser la R&D en une soixantaine d'équipes plus petites et autonomes. Les processus internes vont être revus en intégrant des agents d'IA pour automatiser les revues, les approbations et les passages de relais afin d'accélérer le rythme de travail. La stratégie repose sur la conviction que le logiciel sera bientôt écrit par des machines et dirigé par des humains, ce qui va multiplier la demande de logiciels et transformer le rôle des ingénieurs vers la résolution de problèmes complexes. Sur le plan technique, GitLab reconstruit son infrastructure sous-jacente (notamment Git) pour supporter la charge massive générée par les agents d'IA, tout en misant sur l'orchestration du cycle de vie, la centralisation du contexte des données et une gouvernance intégrée. Le modèle économique évolue vers un système hybride combinant les abonnements classiques et une tarification à la consommation pour le travail effectué par les agents d'IA. Un LLM local sur un mac pourrait coûter plus cher en électricité qu'un modèle hébergé sur OpenRouter dans le cloud https://www.williamangel.net/blog/2026/05/17/offline-llm-energy-use.html Conclusion : L'inférence locale sur Mac M5 Max est 3x plus chère et 2x plus lente que le cloud (OpenRouter). Électricité : Négligeable (~0,02 $/heure pour 50-100W). Matériel (Le vrai coût) : Achat du Mac à 4 299 $; l'amortissement sur 3 à 5 ans plombe la rentabilité horaire. Coût au million de tokens (Gemma 4 31b) : Mac M5 Max : 0,40 à4, 79 (pour 10-40 tokens/s). OpenRouter : 0,38 à0, 50 (pour 60-70 tokens/s). Verdict pro : Le temps humain perdu à cause de la lenteur locale coûte infiniment plus cher que les tokens cloud. Privilégier les API (Anthropic, OpenRouter). Ai didn't kill your junior pipeline https://andrewmurphy.io/blog/ai-didnt-kill-your-junior-pipeline-you-did L'IA n'a pas tué le recrutement des juniors, les entreprises l'ont fait elles-mêmes, par effet de mode. Sans juniors, pas de futurs seniors : on retire l'échelle qui nous a tous fait monter. Tout le monde pêche dans le même bassin de seniors sans le réapprovisionner, pénurie garantie dans 3-5 ans. Une équipe 100% senior + IA est fragile : un départ et tout le savoir tacite s'évapore. Les juniors posent les "pourquoi ?" qui révèlent les bugs et processus absurdes ; l'IA, elle, exécute sans questionner. Les seniors s'atrophient aussi en déléguant leur réflexion à l'IA, pince à double effet sur les compétences. Dépendre des outils IA, c'est sous-traiter sa stratégie talents à des fournisseurs dont les prix vont tripler. Solution : redéfinir le rôle junior (revue de code IA + mentorat), pas le supprimer. Les rapports internes de Microsoft révèlent la crise des coûts de l'IA : les agents coûtent plus cher que les employés humains https://fortune.com/2026/05/22/microsoft-ai-cost-problem-tokens-agents/ Des données et rapports internes chez Microsoft et d'autres géants de la tech ébranlent la promesse de rentabilité de l'IA, révélant que le déploiement d'agents autonomes à l'échelle de l'entreprise revient souvent plus cher que de payer des humains pour le même travail. Le modèle de tarification à l'usage (basé sur les tokens) se heurte à la nature même des architectures agentiques : contrairement à un simple chatbot, un agent boucle, enchaîne les appels d'outils, crée des sous-agents et auto-évalue son code, ce qui multiplie la consommation de tokens par un facteur de 5 à 30, voire jusqu'à 1 000 fois pour des tâches de programmation complexes. L'impact financier sur les budgets de calcul cloud est immédiat ; par exemple, Uber a entièrement épuisé l'intégralité de son budget annuel 2026 dédié au codage par IA en l'espace de seulement quatre mois. Face à cette explosion des coûts, des retours en arrière drastiques sont observés : Microsoft a ainsi commencé à suspendre une grande partie de ses licences internes Claude Code pour rediriger d'urgence ses milliers de développeurs vers sa propre solution moins onéreuse, GitHub Copilot CLI. Les directeurs techniques (CTO) et acheteurs de solutions logicielles qui ont signé des contrats pluriannuels basés sur des projections de réduction de masse salariale se retrouvent pris au piège, les gains réels de productivité ne parvenant pas à compenser les factures d'infrastructure exorbitantes. Conférences La liste des conférences provenant de Developers Conferences Agenda/List par Aurélie Vache et contributeurs : 11-12 juin 2026 : DevQuest Niort - Niort (France) 11-12 juin 2026 : DevLille 2026 - Lille (France) 12 juin 2026 : Tech F'Est 2026 - Nancy (France) 15 juin 2026 : Jupyter Workshops: Demystifying MyST Markdown in Education - Orsay (France) 16 juin 2026 : Mobilis In Mobile 2026 - Nantes (France) 17-19 juin 2026 : Devoxx Poland - Krakow (Poland) 17-20 juin 2026 : VivaTech - Paris (France) 18 juin 2026 : Tech'Work - Lyon (France) 22-26 juin 2026 : Galaxy Community Conference - Clermont-Ferrand (France) 23-24 juin 2026 : MWCP 2026 - Paris (France) 24-25 juin 2026 : Agi'Lille 2026 - Lille (France) 24-26 juin 2026 : BreizhCamp 2026 - Rennes (France) 26-27 juin 2026 : LeHACK - Paris (France) 27 juin 2026 : Asynconf - Paris (France) 2 juillet 2026 : Azur Tech Summer 2026 - Valbonne (France) 2 juillet 2026 : MCP Connect Travel Edition - Paris (France) 2-3 juillet 2026 : Sunny Tech - Montpellier (France) 3 juillet 2026 : Agile Lyon 2026 - Lyon (France) 6-8 juillet 2026 : Riviera Dev - Sophia Antipolis (France) 28-30 août 2026 : State of the Map - Champs-sur-Marne (France) 4 septembre 2026 : JUG Summer Camp 2026 - La Rochelle (France) 10-11 septembre 2026 : Nantes Craft - Nantes (France) 17 septembre 2026 : dotAI - Paris (France) 17-18 septembre 2026 : API Platform Conference 2026 - Lille (France) 18 septembre 2026 : WordCamp Bretagne - Rennes (France) 18 septembre 2026 : dotJS - Paris (France) 18 septembre 2026 : WordCamp Bretagne - Rennes (France) 22 septembre 2026 : Salon Data 2026 - Nantes (France) 22-23 septembre 2026 : Agile en Seine & IA 2026 - Paris (France) 24 septembre 2026 : OWASP AppSec Days France 2026 - Paris (France) 24 septembre 2026 : PlatformCon Paris - Paris (France) 24 septembre 2026 : React Native Connection 2026 - Paris (France) 24-26 septembre 2026 : Paris Web 2026 - Paris (France) 25 septembre 2026 : SAP Inside Track Paris 2026 - Paris (France) 28-29 septembre 2026 : 4th Tech Summit on AI & Robotics - Paris (France) & Online 1 octobre 2026 : WAX 2026 - Marseille (France) 1-2 octobre 2026 : Volcamp - Clermont-Ferrand (France) 2 octobre 2026 : DevFest Perros-Guirec 2026 - Perros-Guirec (France) 5-9 octobre 2026 : Devoxx Belgium - Antwerp (Belgium) 8-9 octobre 2026 : Forum PHP 2026 - Marne-la-Vallée (France) 12 octobre 2026 : Dev With AI - Paris (France) 22-23 octobre 2026 : Agile Tour Bordeaux 2026 - Bordeaux (France) 26 octobre 2026 : Agile Tour Montpellier - Montpellier (France) 27-29 octobre 2026 : Directions EMEA 2026 - Paris (France) 29-30 octobre 2026 : BDX I/O 2026 - Bordeaux (France) 29-30 octobre 2026 : Agile Tour Nantais 2026 - Nantes (France) 29 octobre 2026-1 novembre 2026 : Pycon FR - Biarritz (France) 30 octobre 2026 : Cloud Nord 2026 - Lille (France) 4-5 novembre 2026 : Devoxx Morocco - Casablanca (Morocco) 14-15 novembre 2026 : Capitole du Libre - Toulouse (France) 19 novembre 2026 : DevFest Toulouse 2026 - Toulouse (France) 19 novembre 2026 : Agile Laval 2026 - Laval (France) 19 novembre 2026 : OVHcloud Summit - Paris (France) 19 novembre 2026 : Codeurs en Seine - Rouen (France) 27 novembre 2026 : DevFest Paris 2026 - Paris (France) 1-3 décembre 2026 : Apidays Paris - Paris (France) 2-3 décembre 2026 : Cloud Native AI Summit Europe - Paris (France) 4 décembre 2026 : DevFest Lyon 2026 - Lyon (France) 4 décembre 2026 : DevFest Dijon 2026 - Dijon (France) 9-10 décembre 2026 : OpenSource Expérience - Paris (France) 9-10 décembre 2026 : DevOps REX - Paris (France) 10 décembre 2026 : KCD Provence - Aix-en-Provence (France) 7-9 avril 2027 : Devoxx France 2027 - Paris (France) 3 juin 2027 : Cloud Native Days France 2027 - Paris (France) Nous contacter Pour réagir à cet épisode, venez discuter sur le groupe Google https://groups.google.com/group/lescastcodeurs Contactez-nous via X/twitter https://twitter.com/lescastcodeurs ou Bluesky https://bsky.app/profile/lescastcodeurs.com Faire un crowdcast ou une crowdquestion Soutenez Les Cast Codeurs sur Patreon https://www.patreon.com/LesCastCodeurs Tous les épisodes et toutes les infos sur https://lescastcodeurs.com/
AI pricing is changing fast. OpenAI, Anthropic, and Microsoft's GitHub are all moving away from flat-rate subscriptions toward usage-based billing, and the shift is going to hit anyone whose business runs heavily on AI tools. Anthropic has already shifted some business customers to actual-usage billing. GitHub launched a new usage-based system that kicks in after monthly allotments run out. OpenAI executives have publicly floated pricing AI more like electricity or water, where heavier users pay more for slide decks, longer agent runs, code debugging, and email drafting.This episode breaks down the AI pricing shock hitting OpenAI, Anthropic, and Microsoft, what it means for businesses already building on these tools, and which alternatives are starting to look attractive. The driver is straightforward. AI labs are burning cash on chips, data centers, and talent at a rate that flat-rate subscriptions can't support. OpenAI reported a $14 billion projected loss for 2026. Anthropic just filed for IPO at a $965 billion valuation. Microsoft is spending tens of billions on AI infrastructure. The math on a $20-a-month subscription that produces unlimited GPT-5 output doesn't work anymore.The corporate response is already visible. Walmart capped staff use of its in-house AI agent. Uber is limiting monthly employee spending to $1,500 per AI coding tool. Companies that rolled out generative AI broadly in 2024 and 2025 are now reading the meters, because the same prompt that cost $0.02 in 2024 can cost $2 today on a reasoning model.The lower-cost alternatives are gaining real attention. Alibaba's Qwen and DeepSeek both run at a fraction of OpenAI and Anthropic pricing, and both have closed the quality gap enough that routing simpler tasks to a cheaper model is a defensible engineering decision. The question for every business spending on AI is which tasks need a frontier model and which can run on a model that costs 90% less for the same output.What this means for AI strategy in 2026. Flat-rate pricing was a customer acquisition tactic that worked when the labs were trying to win mindshare. Usage-based pricing reflects what AI actually costs to deliver, and it's the model the industry will settle on. For developers, freelancers, and small businesses using ChatGPT, Claude, GitHub Copilot, and Cursor every day, the bill is about to look different. For agencies and consultants billing clients for AI work, the margin model needs a rebuild.We cover the OpenAI, Anthropic, and GitHub pricing changes in detail, how Walmart and Uber are responding, why Qwen and DeepSeek matter more this quarter than they did last quarter, and what the shift to electricity-style AI pricing means for the cost of doing business in the AI economy.Keywords: AI pricing, OpenAI pricing, Anthropic billing, GitHub Copilot pricing, usage-based AI, token pricing, AI subscription, ChatGPT pricing, Claude pricing, Qwen, DeepSeek, Walmart AI, Uber AI, GPT-5 cost, AI ROI, AI infrastructure cost.
Guillaume Decugis a mis vingt ans d'entrepreneuriat dans la tech derrière lui avant de passer de l'autre côté de la table. Polytechnicien passé par Stanford, il a fondé MusicWave, plateforme de musique mobile vendue à OpenWave puis à Microsoft, avant de piloter Linkfluence, spécialiste de la veille sociale, jusqu'à son rachat. Depuis deux ans, il est partner chez Serena Ventures, où il cogère Data Ventures, un fonds de 100 millions d'euros entièrement dédié aux couches d'infrastructure et de data à l'ère de l'IA.Sa thèse d'investissement : les Européens excellent dans les technologies conceptuelles (bases de données, outils de développement, middlewares), mais peinent à en faire des standards mondiaux. Il veut combler ce manque en traquant les pépites partout en Europe, en s'aidant d'outils très sophistiqués qui suivent 5 000 profils de fondateurs et scrutent les tendances sur GitHub. Résultat : la découverte et la cession à Mistral d'Emmi AI, jeune pousse autrichienne spécialisée dans les modèles d'IA capables de simuler des phénomènes physiques complexes. Pour lui, la souveraineté technologique européenne doit se construire en faisant émerger des leaders mondiaux, quitte à ce qu'ils s'américanisent en chemin. Le modèle israélien est sa référence. Hébergé par Acast. Visitez acast.com/privacy pour plus d'informations.
Foundations of Amateur Radio The other day I was asked a question on social media. Having answered this question several times before, I admittedly .. initially .. groaned, then provided the bare bones of a response. A little while later, I recalled that I had provided a detailed response to this same question, as it turns out, five years earlier on a different social media platform, so I added another response that included the link to that answer. It all still felt very incomplete and inadequate and I couldn't leave it alone. Which leads me to the anxiety generating question and my response to it. Here goes: "[h]ow do you get into amateur radio? Is there like a 101 guide you could link me?" This is a question I've been answering for quite some time. Searching for the word "start" across the titles of my podcasts, there's 17 articles on the topic. So, having searched previously and fruitlessly for something resembling a universal answer, this to disclaim that I didn't look again and perhaps someone else has done something about it, I started a new project, because of course I did. I named it: "Getting Started in Amateur Radio" and published it on my GitHub repository. The intent of the project is to give the visitor a gentle introduction to the hobby, provide some idea of why you need a license, how it's different from things like the Citizen's Band, how you'll be starting on a life-long journey and introducing the concept that each country is slightly different. Think of it as an onramp into the hobby and our community. To deal with those, essentially legal differences between countries, I also consulted the International Telecommunications Union, the ITU, and created a folder structure of Regions and within it a folder for each country that the ITU as a United Nations specialised agency recognises. Before you ask, Yes, I'm aware that the UN doesn't recognise some countries that you might. I don't know how the International Amateur Radio Union, the IARU, our global representative body deals with that. If you know, get in touch. Since I'm based in Australia, I started with populating the information there. It contains some information about the regulator, representative bodies, callsigns, links to more information and hopefully initial information sufficient to "find" the community. It's still a work in progress, but it gives a good idea of the intent. Now comes the hard part. You. My log processing tool, "awstats", tells me that there are 209 different countries in my logs that represent you listening, reading and sharing my articles. So, I daresay that between all of us there is enough to cover pretty much all of the globe and with it, personal knowledge on how to become an amateur in your country. So, as one amateur to another, let's get on-air and make some noise! Let's try and document what's needed to become an amateur in your country. Please supply issue tickets, patches, emails, whatever you like, to get the information pertinent to your experience into one central place, so next time someone asks any of us: "How do you get into amateur radio?", there's a place we can share, that you contributed to and that contains the information pertinent to anyone who'd like to play. Look forward to hearing from you. I'm Onno VK6FLAB
In episode 189 of 'On the Whorizon' SWCEO founder and host MelRose Michaels breaks down what X actually published on GitHub in January 2026 and what it proves about why adult creator accounts have been flatlining all year.The code is public, the algorithm is documented, and it confirms that explicit content is completely removed from the "for you" page and only ever reaches existing followers.
Robin and Mazen unpack the rise of AI-powered security threats, from the TanStack breach to compromised React Native packages and GitHub supply chain attacks. Learn practical ways to secure your React Native apps, manage dependencies safely, and reduce risk in modern mobile development. Show Notes Snyk: TanStack Compromised Wiz: Mini Shai-Hulud Strikes Again TanStack: Hardening Followup TanStack: Full Postmortem StepSecurity: Malicious RN Packages Metro4Shell CVE-2025-11953 JFrog: CVE-2025-11953 Deep Dive ReactCon Talk: Aleksandra Desmurs-Linczewska Matteo Collina: Why Trusted Publishing Can't Save Us npm Security Best Practices React Native Security Docs pull_request vs pull_request_target explained Connect With Us! Robin Heinze: @robinheinze Mazen Chami: @mazenchami React Native Radio: @ReactNativeRdio This episode is brought to you by Infinite Red! Infinite Red is a premier mobile app consultancy, especially focused on Expo and React Native, located fully remote in the US. We're a team of 30 with highly experienced mobile app developers and have been doing this for over a decade. We are also one of the first development teams to adopt agentic coding in a way that keeps high quality standards and aren't afraid to do things the old school way if we need to. If you're looking for mobile app or React Native or Expo expertise for your next project, hit us up at infinite.red/radio.
Scott talks with Nathan Sobo, CEO and co-founder of Zed, about what comes after the traditional code editor. They start with Zed's vision for a fast, collaborative, AI-native development environment, then go deeper on DeltaDB: a new approach to versioning software at the operation level, not just at the commit level. Nathan explains why so much important software work happens “between commits,” how agent conversations and code changes can become durable shared artifacts, and what it might mean for Git, collaboration, and the future of programming tools. Nathan previously helped build Atom at GitHub, and Zed describes DeltaDB as operation-level version control for human and AI collaboration. https://zed.dev/deltadb
Our hosts Chad and Sami team up this week to discuss AI code bases and whether they can be built to be developer friendly and with best practices in mind. After a brief chat about the World Cup (and how it may affect the June thoughtbot event in London!) Sami dives into a recent code audit he did on a base that was built with AI using Spec Driven Development. Chad covers security concerns and why it's important to have human oversight when generating codes. — You can find Chad all over social media as @cpytel and Sami through his website. You can also connect with our duo via their LinkedIn pages - Chad - Sami. If you would like to support the show, head over to our GitHub page, or check out our website. Got a question or comment about the show? Why not write to our hosts: hosts@giantrobots.fm This has been a thoughtbot podcast. Stay up to date by following us on social media - LinkedIn - Mastodon - YouTube - Bluesky © 2026 Giant Robots Smashing Into Other Giant Robots Podcast
This Open Source Startup Podcast episode has our co-hosts Robby and Tim in conversation with Dr. Felipe Huici, CEO of Unikraft - the compute layer for sandboxes, AI agents, or any workload with VM-grade isolation. Their open source, also called unikraft, has 4K stars on GitHub and provides a next-generation cloud native kernel. This episode explores how Unikraft is building infrastructure for the next generation of AI agents, arguing that agents should run in virtual machines rather than containers. The conversation focuses on the unique requirements of agentic workloads: fast startup times, the ability to pause and resume state, strong isolation, and efficient resource utilization at massive scale. Unikraft's technology enables lightweight virtual machines that can start in under 10 milliseconds, helping companies reduce latency, lower infrastructure costs, and run large numbers of ephemeral agents on minimal hardware. The discussion also covers emerging AI infrastructure needs such as checkpointing, branching, headless browser automation, and GPU access.The podcast also traces Unikraft's origins from an academic research project to an open-source Linux Foundation initiative and, eventually, a startup founded in 2022. The conversation examines customer adoption, the role of Unikraft as foundational infrastructure for AI platforms, competition and collaboration within the agent ecosystem, the future of GPUs and virtualization, and lessons learned from building a company in the rapidly evolving cloud and AI infrastructure market.
Kindred Ventures' Steve Jang talks with TITV Host Akash Pasricha about the massive 60-gigawatt AI infrastructure supply gap looming by 2030 and his firm's new $355 million fund. We also talk with OpenAI and Google reporter Erin Woo about star researcher Noam Shazeer leaving Google for OpenAI, Asia Bureau Chief Jing Yang about the Chinese government forcing Meta to unwind its $2 billion acquisition of AI agent startup Manus, AI reporter Stephanie Palazzolo about Hermes—a new open-source agent platform outperforming Open Claw on GitHub, and Amazon reporter Catherine Perloff about why enterprises are choosing Amazon's Trainium and Inferentia chips over Nvidia to slash costs by 80%.Articles discussed on this episode: https://www.theinformation.com/articles/manus-revenue-soars-original-investors-move-reverse-meta-dealhttps://www.theinformation.com/articles/star-google-ai-researcher-shazeer-joins-openaihttps://www.theinformation.com/newsletters/ai-agenda/competitor-openclaw-emergesSubscribe: YouTube: https://www.youtube.com/@theinformation The Information: https://www.theinformation.com/subscribe_hSign up for the AI Agenda newsletter: https://www.theinformation.com/features/ai-agendaTITV airs weekdays on YouTube, X and LinkedIn at 10AM PT / 1PM ET. Or check us out wherever you get your podcasts.Follow us:X: https://x.com/theinformationIG: https://www.instagram.com/theinformation/TikTok: https://www.tiktok.com/@titv.theinformationLinkedIn: https://www.linkedin.com/company/theinformation/Chapters:00:00 - Introduction01:13 - Google AI Star Noam Shazeer Joins OpenAI05:59 - China Forces Meta to Reverse $2B Manus Acquisition10:00 - Hermes Emerges as Open Claw's New Open-Source Agent Rival17:13 - Amazon Chip Play Attacks Nvidia on Price23:33 - Kindred Ventures' Steve Jang on $355M Fund & 60GW Compute Shortage
PHP Podcast – June 17, 2026 Hosts: Sara Golemon & Holly Schilling | Guests: Paul Reinheimer & Sean Coates Eric and John are still locked in the basement. Sara is literally on a boat in Spain. Normal show, totally normal. Sara Broadcasts from a Harbor in A Coruña Sara is joining this week’s show from a marina in A Coruña, northwest Spain — in the Galicia region, where they speak Galician (not quite Spanish, not quite Portuguese). It’s 1am local time and the boat is visibly rocking on camera. Holly is holding down the fort from Chicago. This is what Sara calls pirate radio, except one of the pirates is actually on a boat. Meet the Guests: Paul Reinheimer & Sean Coates Paul Reinheimer and Sean Coates are PHP veterans from an earlier era — both were closely involved with PHP Architect around 2005–2010, back when Sara was already a PHP core contributor and the community was small enough to fit in one bar. Paul now runs Wonder Proxy, a service that lets you test your website’s behavior from locations around the world (checking GDPR banners, geo-targeted content, checkout flows, etc.), and is also building a startup called StudioWorks — business management software for creative studios, with an invoicing product and a proposals product in development. Sean is based in Montreal and has been spending time at a local hackerspace called Food Lab, where he got pulled into MeshTastic and MeshCore mesh networking, and is now surrounded by vintage computers, including a PDP-11 and five-and-a-quarter-inch floppy disks. The Quarter-Million-Line Commit Paul committed 250,000 lines of code directly to Wonder Proxy’s repo without a PR last week — and he’s not particularly sorry about it. The context: it was a pre-generated SQLite amalgamation file (all of SQLite compiled into a single C file), which Wonder Proxy is now checking in as a pinned static dependency rather than regenerating each build. Paul’s argument is unanswerable: you cannot meaningfully review 250,000 lines of generated C code in a PR. If there’s something malicious in there and you’re good with C, you could hide it in parameterized defines and no one would see it. The right approach, which Paul landed on, was creating a separate package with its own CI — and including the command to regenerate the amalgamation so reviewers can verify the output themselves, not just stare at the diff. Measuring Wrong — Sean’s Rant Sean has been ranting about this for 10–15 years and it hasn’t gotten less true: companies systematically measure things that make them look good and avoid measuring things that make them look bad. A marketing team adds a spin-to-win wheel to the homepage and celebrates their 1% sales increase. Nobody measures how many people found the wheel so obnoxious they immediately left. Cookie and GDPR banners are the same story — they go up, they’re never removed, and the conversion impact is never tracked because nobody wants to report bad news up the chain. Sean’s broader point: an epidemic of motivated measurement is a big part of why the web is as bad as it is. PHP in 2026 vs. PHP Then — What’s Still Working Paul’s honest take: the LAMP stack still works great. In 2004 you could build a productive web application with Linux, Apache, MySQL, and PHP — and you still can today. The fundamental approach is the same. Having since done Ruby at Stripe and other languages elsewhere, Paul keeps coming back to how much sense the PHP model makes to him. The longevity is the feature, not a bug. Wonder Proxy’s web app — built in server-side Swift using the Hummingbird framework — returns pages in under 50 milliseconds almost always and under 30 most of the time, with almost no client-side JavaScript. Server round trips are fast. The web doesn’t have to be seven seconds. Swift Concurrency and What PHP Could Learn Sara asked Sean — who has used Swift on the server for StudioWorks — what he’d want to see in PHP’s threading model. His answer: anything the compiler can enforce beats anything you have to remember yourself. Swift’s concurrency model has the compiler reject code that would allow a thread to trample on a sendable object after it’s been sent off. You find out about threading mistakes at compile time, not when corrupt data shows up in production. Sean’s verdict: an early warning system for threading problems is 10,000 times more valuable than discovering them too late. PHP’s async/await path is cooperative task switching (not true threading), which avoids some of these issues but can still deadlock if someone forgets to hand off control. Composer, require_once, and Supply Chain Security The chat raised whether anyone still uses require_once in the PSR-4 world. Sara’s answer: PHP.net does — it doesn’t use Composer at all, because the site needs to be framework and library agnostic. Grep for require_once across typical vendor dependencies and you’ll find around 100 instances still in the wild, mostly inside packages like Doctrine. The supply chain security conversation from there: Composer’s lock file pins to specific hashes, which is what you want — but a lot of projects don’t commit their lock file, and pinning to a version tag isn’t enough because tags can be updated if someone takes over a GitHub account. To really be safe, pin to a specific commit hash. It’s a pain to maintain, but it’s much harder to fake. The PHP Foundation — The Biggest Change in PHP Paul called out the PHP Foundation as the single biggest change in PHP since he and Sean were actively involved. Having an organization that can receive money from individual supporters and use it to fund core PHP work has been talked about since before PHP had package management. The foundation now has over 1,000 individual supporters — including Rasmus Lerdorf himself, which Sara found funny. Paul and Wonder Proxy support it financially; Wonder Proxy also holds a private Packagist account as an indirect way to fund Composer development. Sara works directly with the foundation on PHP core. Elizabeth Barron (from last week’s show) is doing exceptional work moving it forward. PHP.net Redesign and the Dark Mode Problem Sara copped to a php.net rabbit hole: she tried to implement dark mode for the site and succeeded everywhere except code samples. PHP’s built-in highlight_string() function has hard-coded colors that assume a light background, and there’s no way to override them. Sara wrote the patch to make the colors configurable at the internals level, then realized it should actually be a separate PHP project, then lost track of caring about it because it became yak shaving. On the redesign side: the foundation ran a competition to redesign the releases page (the per-version page with changelogs and download links), and the results look much better. The downloads page has been getting more beginner-friendly content — how to actually get PHP running, not just a reference manual. There are homepage mockups being iterated on as well. What Talk Would You Give? Sara asked both guests what conference talk they’d give if they were speaking today. Paul: marketing for developers. Too many developers believe “if you build it, they will come,” and AI is making this worse — the barrier to shipping something that looks professional has dropped so far that the noise floor is rising fast. Hollywood knows to spend as much on marketing as on production. Paul doesn’t claim to be good at marketing, but he thinks someone should be giving this talk at every developer conference. Sean: reliable deployment and supply chain integrity — specifically how to actually control the path from git to production without sneaking in vulnerabilities. Containers have helped, but there’s still a lot of infrastructure that fetches things at build or request time that is genuinely dangerous. PHP Tek 2027 The PHP Tek 2027 website is live at phptek.io. No date confirmed on air, but the site is up and people should keep an eye on it. Links from the show: Wonder Proxy — Test your website from around the world PHP Tek 2027 — phptek.io The PHP Foundation — Support PHP development PHP Architect Discord Guest Hosts: Sara Golemon Currently sailing in the Atlantic (broadcasting from A Coruña, Spain) PHP core contributor; code contributor via the Curl project (which means she technically has code on Mars) Holly Schilling Primary mobile developer; built the PHP Tek 2026 conference app Based near Chicago, IL Guests: Paul Reinheimer Founder, Wonder Proxy — test your website’s geo-targeted behavior from 300+ global locations Founder, StudioWorks — business management tools for creative studios (invoicing & proposals) Former PHP Architect team member; wrote a book on PHP and APIs Sean Coates Based in Montreal; regular at the Food Lab hackerspace MeshTastic/MeshCore mesh networking enthusiast; vintage computer collector (PDP-11 era) Former PHP Architect team member and longtime PHP community contributor Streams: Youtube Channel Twitch Connect & Hire PHP Architect Website Twitter/X Mastodon Hire PHP Developers Looking to hire PHP developers? Email support@phparch.com – Joe and the team are available for consulting, infrastructure work, Ansible playbooks, and code review. Partner This podcast is made a little better thanks to our partners Displace Infrastructure Management, Simplified Automate Kubernetes deployments across any cloud provider or bare metal with a single command. Deploy, manage, and scale your infrastructure with ease. https://displace.tech/ PHPScore Put Your Technical Debt on Autopay with PHPScore CodeRabbit Cut code review time & bugs in half instantly with CodeRabbit. Music Provided by Epidemic Sound https://www.epidemicsound.com/ Join Us Live Next Week Youtube Channel Got feedback? Join us on Discord at discord.phparch.com The post The PHP Podcast 2026.06.17 appeared first on PHP Architect.
This week Jason Howell and Jeff Jarvis break down how Anthropic's most powerful AI models, Fable 5 and Mythos 5, ended up offline after the Commerce Department gave the company 90 minutes to comply with an export control directive. The story involves Amazon triggering the crackdown, political miscommunication between Anthropic and the White House, and an open letter signed by over 100 security researchers calling for the models to be restored.Also in this episode: SpaceX IPOs at $2 trillion and acquires Cursor for $60 billion in stock, Snap and XREAL both announce consumer AR glasses shipping this fall, Jeff Bezos talks publicly about his $12 billion AI startup Prometheus, Allbirds pivots to AI infrastructure, and Google CEO Sundar Pichai skips mentioning AI entirely at Stanford's commencement. New episodes every Wednesday at aiinside.show. Note: Time codes subject to change depending on dynamic ad insertion by the distributor. CHAPTERS 0:00 - Start 0:01:37 - Anthropic, Trump Officials Seek Deal on Restoring Powerful Model Access 0:03:23 - How a 90-minute White House deadline sparked Silicon Valley's biggest AI fight 0:03:23 - How Anthropic lost the White House's trust — and then its flagship product 0:34:12 - SpaceX market cap tops $2 trillion after shares of Elon Musk's rocket company gain 19% on debut 0:39:17 - SpaceX to acquire Cursor for $60B in stock, days after blockbuster IPO 0:43:20 - Introducing SPECS Augmented Reality Glasses 0:47:20 - XREAL's Android XR glasses will cost under $1,500, which isn't as expensive as it sounds 0:52:08 - Bezos opens up about AI startup Prometheus after $12 billion raise: ‘We're not being secretive' 0:55:36 - 5 Things To Know As Allbirds Drops Shoes For Smartbird, AI And New CEO 1:00:44 - Dozens walk out as Google boss Pichai addresses Stanford graduates 1:02:48 - Elon Musk Loses Again to OpenAI as Judge Dismisses xAI Trade Secret Lawsuit 1:03:41 - Microsoft turns to Amazon for help with GitHub's AI-driven capacity issues 1:05:10 - DoorDash's new AI chatbot lets you order with prompts and photos 1:06:18 - DiffusionGemma: 4x faster text generation Hosts: Jason Howell and Jeff Jarvis Download and subscribe to AI Inside in audio and video: https://aiinside.show/ Support the podcast on Patreon for special perks: https://www.patreon.com/aiinsideshow. You'll get ad-free episodes, members-only Discord, T-shirts and stickers you love, and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Learn more about your ad choices. Visit megaphone.fm/adchoices
Seguro que si eres de los míos, de los que disfrutan pasando el rato en la terminal o montando servicios en casa, te habrás dado cuenta de que acabamos haciendo tareas repetitivas casi sin querer. Para poner fin a este caos cotidiano te traigo una herramienta espectacular que se llama Just. Pero la verdadera razón por la que he querido dedicarle este pódcast a Just de nuevo es por una experiencia divertidísima que he tenido estos últimos días con mi asistente de inteligencia artificial local, al que cariñosamente llamo Hermes. Yo soy una persona bastante perezosa para ciertas tareas repetitivas y me gusta poner a trabajar a las máquinas por mí. Normalmente, al acabar mis entrenamientos de carrera, le dicto un audio a Hermes detallando la distancia, las pulsaciones y el ritmo para que él los registre. Pero el otro día, llevado por la vaguería máxima, decidí simplemente hacer una captura de pantalla de la aplicación del móvil y enviársela por Telegram.Hermes, que es una maravilla de asistente, aplicó un sistema de lectura de imágenes (OCR) llamado Tesseract, extrajo todos los datos de mi carrera y los guardó en un periquete. Yo me quedé encantado y pensé que la vida ya estaba resuelta. Sin embargo, al día siguiente repetí el proceso y... ¡sorpresa! Hermes se había olvidado por completo de cómo lo había hecho. Me preguntó qué quería que hiciese con la imagen y, cuando le recordé lo del día anterior, me soltó que no tenía la herramienta de lectura instalada en su entorno de trabajo. Tuve que guiarle de nuevo de la mano paso a paso.Ahí fue donde se me encendió la bombilla. Las inteligencias artificiales a veces se despistan y tienen una memoria muy volátil para los flujos de trabajo técnicos. La mejor forma de darles estabilidad es crearles un recetario claro, un archivo "justfile" donde tengan todas sus habilidades documentadas y listas para ejecutar con un simple comando. Así, Hermes nunca más olvidará cómo procesar una imagen o cómo gestionar un contenedor, porque solo tiene que invocar la receta correspondiente.En este episodio quiero animarte a que pruebes Just en tu propio día a día, uses o no inteligencia artificial. Capítulos del episodio:00:00:00 Introducción: Olvídate de repetir comandos00:01:33 El problema con Hermes: Por qué las IA también se despistan00:03:04 ¿Qué es Just y cómo funciona?00:04:59 Cómo instalar Just en Linux00:05:31 Comparativa: Just contra Make y Task00:06:42 Gestión de variables, argumentos y funciones00:08:49 Atributos de receta para afinar su comportamiento00:10:00 El comportamiento de las líneas y el poder del Shebang00:11:00 Funciones integradas y ajustes globales00:12:00 Operadores, expresiones y dependencias complejas00:13:00 Usando intérpretes alternativos (Bash, Python, Node) en Just00:14:18 Recetas normales frente a recetas Shebang y scripts00:15:33 Módulos e importación de recetas externas00:16:38 El selector interactivo con búsqueda difusa (just choose)00:17:37 Alias, grupos y autocompletado en tu shell00:18:09 Casos prácticos de uso real (Sysadmin, Docker, Backups)00:19:18 Documentación viva y ejecutable para todo el mundo00:20:17 Control de versiones con Git y límites de Just00:21:10 Una historia de pereza, Hermes, deporte y OCR que se olvida00:22:59 Conclusiones: Simplifica tu vida con este ejecutor de comandos00:24:58 Cierre del episodio y despedidaMás información y enlaces en las notas del episodio
Welcome back to the show! In this week's episode, I chat with Christian Martinez, a faculty member at Brooklyn College and several other CUNY schools, and Shannon Joyce, a newly minted master's graduate in psychological research—who, as we note at the top, literally graduated the day before we recorded. Christian shares how he redesigned his graduate stats and R course around NYC Open Data, building what he calls an “accidental author” process that transforms students' weekly homework into portfolio books and, ultimately, chapters in a published student gallery. Shannon walks us through her own project exploring the relationship between mold complaints and domestic violence rates in New York City, and reflects on what it means to learn to code by asking questions you actually care about. We also dig into the NYC Open Data R package Christian and his students built together—now streamlined from 40 functions down to three and approaching 2,000 installs—and close with a lively conversation about whether open data skews too negative and what a truly positive city dataset might look like.Keywords: NYC open data, R programming, data visualization, teaching data science, open data, CUNY Brooklyn College, R package, data education, open educational resources, data storytelling, Quarto, RStudio, graduate education, data literacy, public dataSubscribe to the PolicyViz Podcast wherever you get your podcasts.Become a patron of the PolicyViz Podcast (https://patreon.com/policyviz) for as little as a buck a monthFind Christian Martinez and all student work at NYCOpenDataLab.org. Find Shannon Joyce on GitHub (github.com/ShannonJoyce) and LinkedIn.Follow me on Instagram, LinkedIn, Substack, Twitter, Website, YouTubeEmail: jon@policyviz.com
#355: Picture your engineering team a year from now. A coding agent doing the coding. A testing agent on tests. A security agent on security. An infrastructure agent on infrastructure. All of them wired into GitHub and Jira, all of them working right alongside the humans. Not science fiction either - Atlassian and GitHub are already shipping these features. So out come the stats everyone loves to quote. AI code introduces 1.7 times more issues. Half of it ships with security holes. Code duplication is through the roof. AI-assisted PRs take four to five times longer to review. The response to most of it: so what? If you have a way to detect the issue and feed it back, that is just the SDLC doing its job. Couldn't care less if it is 1.7x or 50x more issues - what matters is what is left at the end, per feature shipped. Security holes? You have scanners. Detect, fix, ship. The only real problem is when you skip the detection or sit on the fix for months, and that has nothing to do with AI. Here is the one stat that actually sticks: PR reviews backing up. Speed up coding and leave everything downstream at human speed, and you have not sped up delivery - you have just moved the pile from Jira tickets to pull requests. The review pipeline was built for human speed, and now it is the bottleneck. The blunt fix: stop letting AI write 10,000-line PRs, work in smaller chunks, and accept that the job is about to get mentally harder. Delegate the tedious work and what is left is the demanding work - architecture, taste, is this even the feature we should ship. The silly stuff, does every function have a comment, is it camel case, goes to the machine. Spend your time there and you are wasting your talent. Offshoring never worked when the only goal was cheaper - chase the cheapest engineers, then chase even cheaper ones, and you end up dragging the work back in house. Same trap with AI. Offshore to Opus, then Sonnet, then Haiku, then Llama on a laptop. If cheaper is your primary motivation, you are doing it wrong. The win is qualitative, not the price tag. Where does it land? Three people per product, end to end - frontend, backend, database, deployments. Augmented at every stage, not autonomous. A human still pushes the final button to prod, the way you never let a Jenkins pipeline deploy straight to production without a check. Full autonomy is coming the way self-driving cars came: not in a year, not everywhere at once, and not by flipping it on at 4pm on a Friday. Even when the technology is ready, you are not. And if you think none of this touches your job, there is a story here about a textile factory built in the eighties that ran on five people. Knowledge work is next. The only exception is a monopoly, and you probably do not have one. YouTube channel: https://youtube.com/devopsparadox Review the podcast on Apple Podcasts: https://www.devopsparadox.com/review-podcast/ Slack: https://www.devopsparadox.com/slack/ Connect with us at: https://www.devopsparadox.com/contact/
Last year, there were 1 billion commits on GitHub. This year, Kyle Daigle expects that number to exceed 14 billion, a two-component explosion caused by more humans—and their agents—issuing pull requests. In March alone, 17 million pull requests on GitHub were created by agents.Daigle is the COO of GitHub and Microsoft's chief marketing officer for developer products. He's been at GitHub for 13 years, and is paying close attention to how AI is expanding the platform's user base. Along with agents, legal, sales, and marketing professionals are building apps with the GitHub Copilot app. The line between developer and non-developer is disappearing.On this episode of AI & I, guest host Mike Taylor sat down with Daigle at Microsoft Build to discuss how GitHub is building infrastructure for an agent-native world: agentic code review, model routers that automatically select the right model for the task, and a philosophy that the most durable advantage in this market is developer choice.If you found this episode interesting, please like, subscribe, comment, and share!Want even more?To hear more from Mike Taylor:Subscribe to Every: https://every.to/subscribeFollow him on X: https://x.com/hammer_mtTimestamps for YouTube:00:00:52: Introduction00:03:27: The agentic PR flood00:04:33: GitHub's approach to helping open-source maintainers manage the surge00:06:15: What 14 billion commits means for code quality00:08:03: Moving from per-seat licensing to usage-based pricing00:09:45: Kyle's dual role as GitHub COO and Microsoft's chief marketing officer for developers00:13:03: Developer choice as competitive moat00:14:57: How to balance dogfooding your own tools with staying honest about the competition00:19:45: Hill climbing, frontier tuning, and solving the model-routing problem00:24:45: Kyle's agentic communication hackLinks to resources mentioned in the episode:Kyle Daigle on X: https://x.com/kdaigleMike Taylor on Every: https://every.to/@mike_2114Mike's piece on building an AI version of Kyle Daigle: https://every.to/also-true-for-humans/i-interviewed-an-ai-version-of-github-s-coo-then-spoke-to-the-real-oneGitHub Copilot: https://github.com/features/copilot
פרק מספר 516 של רברס עם פלטפורמה - קרבורטור מספר 41. הפעם רן ואורי מארחים את נתי לשיחה על נקודת המפגש המרתקת שבין קוד פתוח לקידוד מבוסס סוכנים (Agentic Coding). דיברנו על העתיד הדיסטופי והאופטימי של מפתחי קוד פתוח, איך משווקים מוצרים ל-Agents, ולמה שורת הפקודה (CLI) חוזרת אלינו בענק. [01:04] העתיד המדומיין של AI (סיפורו של OpenClaw) נתי משתף סיפור משעשע על ניסיון לחקור את "OpenClaw". הזיות (Hallucinations) של מודלים: Claude מאשר את העובדות, בעוד ש-Gemini מנתח שמדובר בהמצאה עתידית (פברואר 2026). הבנה שמודלי שפה (LLMs) הם מנועים הסתברותיים ולא מנועי חיפוש עובדתיים. [05:58] החזון הדיסטופי: האם AI יהרוג את הקוד הפתוח? בעיית ההעתקה: בעבר קוד הוגן על ידי רישיונות (כמו AGPL), היום קל לבקש מהמודל לשכתב קוד משפה אחת לאחרת (למשל מ-NodeJS ל-Rust) בעלויות אפסיות. קריסת מודלים עסקיים: עלויות התמיכה והאופרציה (Operation) יורדות כי ה-Agent מתקן תקלות לבד, מה שחותך את ההכנסות של חברות כמו Red Hat. עומס על ה-Maintainers: קוד מג'ונרט על ידי Agents נראה מעולה ומתועד היטב, אבל לא תמיד נכון ארכיטקטונית או לוגית. גישות התמודדות: חלק דורשים לקבל את ה-Prompt (הכוונה) ולא את הקוד עצמו, בעוד שאחרים (כמו יוצר שפת Zig) אוסרים לחלוטין גישה של AI לפרויקט. [15:15] החזון האופטימי: שיווק לסוכנים (GEO) מעבר מ-SEO ל-GEO (Generative Engine Optimization): סוכני AI הם הלקוחות החדשים. איך Agent בוחר כלים? לפי איכות הקוד, הפופולריות שלו ב-GitHub, ובעיקר לפי התיעוד. קוד פתוח הופך לכלי שיווקי קריטי (Open Core) כדי שהסוכנים יוכלו למצוא, להבין ולהמליץ על המוצר. מודלים היברידיים ו-Freemium: מוצרים (כמו Postits) מציעים גישה ללא חומת תשלום (Paywall) בשלבים הראשונים, מה שמאפשר ל-Agents לעבוד איתם בקלות דרך API (Headless SaaS), ואפילו לבצע רכישות בעצמם בהמשך דרך Stripe. [30:29] שובו של ה-CLI ומגבלות ה-MCP הדיבייט סביב MCP (Model Context Protocol): הפרוטוקול כבד, "זולל" טוקנים (Token hungry) עבור הקונטקסט, ודורש תחזוקה של שרתים נוספים. למה Agents כל כך אוהבים CLI (שורת פקודה)? גישה ישירה לאקוסיסטם המקומי והרשאות (כמו Kubernetes או סביבות ענן) בלי לחשוף מפתחות לשירות חיצוני. יכולת לבצע מניפולציות מורכבות בצד הלקוח (Chaining, Grep, Sed) מבלי לשנות קוד ב-Backend, מה שהופך את המודלים לאנשי DevOps מעולים. [36:17] רישיונות קוד פתוח וה"נשמה" של המוצר האתגר באכיפת רישיונות (כמו GPL) בעולם שבו קשה להוכיח על איזה קוד המודל התאמן ואם בוצעה העתקה. הבדל חשוב בטרמינולוגיה: מודלים של "Open Weights" לעומת מודלים שה-Training Data שלהם באמת פתוח. תוכנה כיצירת אומנות מול קומודיטי (Commodity): האם קוד מג'ונרט יכול להחליף את החזון וה"נשמה" (Soul) של מפתחים בולטים? ההשוואה לעולם המוזיקה מדגישה שמשתמשים הולכים אחרי האומן והחזון, לא רק אחרי הקוד היבש. [50:25] רגולציה ומודלי Open Weights אורי מעלה נקודה מעניינת על החסימה של מודל Fable 5 / Mytos 5 (של Anthropic) למשתמשים מחוץ לארה"ב על ידי הממשל האמריקאי. ההשפעה של רגולציה: ה"תקרת זכוכית" הזו עלולה לפגוע בחברות המסחריות האמריקאיות בטווח הקצר, ודווקא לדחוף קדימה מודלים פתוחים (Open Weights) סיניים או אירופאים שאינם כפופים לאותן מגבלות. האזנה נעימה!
Aji and Sally are back together again, this time to discuss the different apps they use to make their workflows and To Do lists easier and quicker to achieve. Sally dives into the Notion calendar system which she uses to coordinate her many Google calendars, Aji looks back on using Jira to co-ordinate their international move, before they both reminisce about the benefits of using Alfred as people with ADHD. — There's still time to secure your place at thoughtbot's upcoming UK meet ups over the next month. London Tech Leader Meetup - Tuesday June 23rd Brighton Tech Leader Meetup - Wednesday June 24th Brighton Ruby - Thursday June 25th Evolve - Friday June 26th Your hosts for this episode have been thoughtbot's own Sally Hall and Aji Slater. If you would like to support the show, head over to our GitHub page, or check out our website. Got a question or comment about the show? Write to our hosts: hosts@bikeshed.fm This has been a thoughtbot podcast. Stay up to date by following us on social media - YouTube - LinkedIn - Mastodon - BlueSky © 2026 thoughtbot, inc.
Naseem Al-Naji is the co-founder of MCPcat.io and the creator of Opal — a builder with deep roots in privacy-first developer tooling. In this conversation, he breaks down why MCP servers have become a black box in production, and how MCPcat gives teams X-ray vision into how agents and users actually behave.What we get into:
Hoy hablamos del DOJ defendiendo las turbinas de xAI por seguridad nacional, Microsoft usando AWS para escalar GitHub ante la avalancha de commits de agentes, Google y Nvidia mirando a Intel como plan B, Roblox apostando por verificación de edad con biometría, y el X-59 de la NASA probando el supersónico sin boom.Puedes seguirnos en YouTube en https://youtube.com/olivernabani y puedes unirte al Discord Mashain en https://olivernabani.com/discord
We found the best way for a Linux user to manage Windows: keep it remote, keep it contained, and touch the desktop as little as possible.Sponsored By:Webroot: Webroot is cloud-based antivirus, engineered to stay out of your way. For a limited time, you can save sixty percent.Jupiter Party Annual Membership: Put your support on automatic with our annual plan, and get one month of membership for free!Managed Nebula: Meet Managed Nebula from Defined Networking. A decentralized VPN built on the open-source Nebula platform that we love.Support LINUX UnpluggedLinks:
In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.DepthFirst reported that it's autonomous security agent discovered 21 previously unknown vulnerabilities in FFmpeg, a widely deployed multimedia framework used across browsers, streaming infrastructure, and other systems that process media. Bundler, 4.0.13 introduces a new security feature called cooldown, aimed at reducing the impact of software supply chain attacks in the Ruby ecosystem. A new variant of the Shai-Hulud supply chain worm, known as Miasma, briefly disrupted Microsoft's software development ecosystem after compromising dozens of GitHub repositories.Meta says approximately 20,000 Instagram accounts may have been compromised through the abuse of an AI powered account recovery support system.Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform.This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.
Show Notes - https://forum.closednetwork.io/t/episode-58-the-price-of-being-watched/198Website / Donations / Support - https://closednetwork.io/support/BTC Lightning Donations - closednetwork@getalby.com / simon@primal.netThank You Patreons & Direct Supporters! - https://www.patreon.com/closednetworkhttps://xmrchat.com/closednetworkDirect Support - https://closednetwork.ioSubscribe Without Patreon - https://closednetwork.io/#/portal/signupMichael Bates - Privacy Bad AssDavid - Privacy Bad AssTK - Privacy Bad AssTrying - Privacy Bad AssVO - Privacy Bad AssMrMilkMustache - Privacy SupporterHutch - Privacy AdvocateInferno_Potato Privacy SupporterDolores Y - Privacy SupporterDirect Support - Craig D Thank You Producers! You Produce This Show!TOP LIGHTNING BOOSTERS !!!! THANK YOU !!!@bon thousands and thousands and thousands of SATs sats!!@fireflygow - 5,000 sats!!frigolay - 34,540 SATs.. HOLY SHITEwardemoff - 5,000 SATsSilas ThornbrookThank You To Our Moderators:Unintelligentseven - Follow on NOSTR primal.net/p/npub15rp9gyw346fmcxgdlgp2y9a2xua9ujdk9nzumflshkwjsc7wepwqnh354dMaddestMax - Follow on NOSTR primal.net/p/npub133yzwsqfgvsuxd4clvkgupshzhjn52v837dlud6gjk4tu2c7grqq3sxavtJoin Our CommunityClosed Network Forum - https://forum.closednetwork.ioJoin Our Matrix Channels!Main - https://matrix.to/#/#closedntwrk:matrix.orgOff Topic - https://matrix.to/#/#closednetworkofftopic:matrix.orgSimpleX Group Chat - https://smp9.simplex.im/g#SRBJK7JhuMWa1jgxfmnOfHz7Bl5KjnKUFL5zy-Jn-j0Join Our Mastodon server!https://closednetwork.socialFollow Simon On The SocialsMastodon - https://closednetwork.social/@simonNOSTR - Public Address - npub186l3994gark0fhknh9zp27q38wv3uy042appcpx93cack5q2n03qte2lu2 - primal.net/simonTwitter / X - @ClosedNtwrkInstagram - https://www.instagram.com/closednetworkpodcast/YouTube - https://www.youtube.com/@closednetworkEmail - simon@closednetwork.ioSpecial Thanks to - EloquentWinter for creating - A Linux guide on MAC address randomizationhttps://forum.closednetwork.io/t/a-linux-guide-on-mac-address-randomization/189TOPICSEncourage curiosity - This week ties together a single thread: someone else holds your data, and therefore holds the power. From algorithmic pricing to supply-chain malware to government scanning to cloud-AI assistants — and the hopeful counter-move, taking your data back. The episode theme is curiosity: in every story, one extra question would have changed the outcome.Segment 1 — Surveillance PricingInspired by More Perfect Union, "We Found the Radical Solution to Surveillance Pricing"Surveillance pricing (a.k.a. personalized / surveillance-based pricing) = charging you an individual price based on sensitive data about you — purchase history, browsing, geolocation, social activity, even biometric and financial signals. The economic endgame is "perfect price discrimination": charging each person their exact maximum.DoorDash holds a patent describing promotions based on a user's stress level.Delta Air Lines (with AI firm Fetcherr) has talked about expanding generative-AI pricing to ~20% of domestic fares, with ambitions to go further. Senators (Gallego, Blumenthal, Warner) and House members demanded answers.A Groundwork Collaborative / Consumer Reports / More Perfect Union study found different shoppers charged different prices for identical Instacart items. Former FTC chair Lina Khan has voiced concern.The "radical" fix is a law: New York's proposed One Fair Price Act would ban surveillance pricing outright — one posted price for everyone.Defensive moves (partial): private/container browsing, block cookies, disable ad personalization, use a VPN, compare logged-out vs. logged-in prices. Honest caveat: this is a structural problem — regulation, not browser tricks, is the real fix.Curious question: Is this price the market — or is it me being read?Segment 2 — "Arch malware btw": the AUR supply-chain attackInspired by Michael Tunnell and Switched to Linux — developing story, June 2026.The Arch User Repository (AUR) is community-maintained, unvetted package build scripts (PKGBUILDs). In a ~24-hour window, a coordinated attack poisoned a large number of packages — reports cite 1,500+ touched, with community trackers confirming ~400–500 malicious package names and rising.How: Attackers adopted orphaned packages (abandoned by maintainers — anyone can claim them) and edited the PKGBUILD to add a pre/post-install hook that pulls a malicious npm package, atomic-lockfile (Sonatype tracked one strand as the "Atomic Arch" campaign).Payload: A Linux infostealer + optional root-only eBPF rootkit. Targets developer secrets — browser creds/cookies, SSH keys, GitHub creds, Vault/npm tokens, Docker/Podman, VPN configs, shell history, Slack/Teams/Discord/Telegram, crypto wallets. eBPF lets it run in-kernel and hide processes/files/connections.If you were hit and the rootkit deployed: rotate every credential (from a clean machine) and reinstall from scratch. A normal uninstall is not enough.Status: Maintainers are removing malicious commits and banning accounts; the official repos of Arch-based distros (CachyOS, Garuda, Chaotic-AUR) were not infected — only users who installed/upgraded a compromised AUR package during the window. Community checker script + affected-package list were published within hours.Action checklist (Arch users):pacman -Qm → list your foreign (AUR) packages.Compare against the community list / run the checker script (CachyOS advisory).If matched → rotate credentials from a clean machine, then clean-reinstall.Curious habit: Before installing, ask who maintains this, when did it last legitimately update, and did ownership recently change? On the AUR, read the PKGBUILD — the malicious line was visible to anyone who looked.Segment 3 — UK Device Scanning: 90 Days to ComplyInspired by "Signal's Warning: The UK's Phone Scanning Plan Just Got Real"The UK government signaled that phone makers (Apple, Google) will get ~90 days to start scanning photos on young people's devices for nude images. Running alongside: Online Safety Act powers for Ofcom aimed at encrypted messaging (key report expected ~April). The mechanism: client-side scanning — every message/image checked on your device, before encryption.Why it matters: Client-side scanning doesn't break encryption directly — it inspects content before the lock clicks shut. The "end-to-end encrypted" label survives, but the privacy guarantee (nobody is looking) is gone.Signal's position: scanning won't protect children and builds surveillance infrastructure that "endangers us all."Security: once scanning exists on every device, the match-database can be expanded — swap it and you're scanning for slogans, documents, faces. Signal would withdraw from the UK rather than build a backdoor. Mullvad raised parallel alarms.Misdiagnosis: real child safety = better-funded education, social services, AI-platform guardrails — not default scanning. Rallying phrase: "Surveillance is not safety."Bigger picture: This is a template (cf. the EU's "Chat Control"). Sympathetic justification + a mechanism that, once built, can point anywhere.Curious question: Not is the goal good? (it usually is) but what else can this machine do once built, and who decides what it points at next?Segment 4 — iOS 27 at WWDC: the Privacy Fine PrintApple WWDC 2026 keynote coverage.Genuine wins: New Siri AI (next-gen Apple Intelligence) uses a tiered architecture — simple requests on-device, moderate ones via Private Cloud Compute (inspectable, hardened). Plus stronger family safety: child-account setup, parental controls, redesigned Screen Time, new Safari safeguards.The fine print (two concerns):Total context access. Siri AI indexes across your messages, emails, photos, and apps — a unified, queryable view of your whole digital life. Conversation history syncs via iCloud ("with privacy protections"), but strength depends on whether you've enabled Advanced Data Protection (Apple's E2EE for iCloud — not on by default).New Google dependency. Apple made official a Gemini partnership — the heaviest reasoning routes to Google Cloud. Apple says queries are anonymized and tokenized so neither Apple nor Google can link them to you (Federighi: "privacy in AI is non-negotiable"). Critics counter that PCC/anonymization is "only as private as the weakest link" — if Google retains any path to usage data for training/debugging, the guarantee weakens.Takeaway: Apple's defaults are still among the best of the mainstream — but don't let "privacy" in a keynote switch off your curiosity. On update: review Siri AI indexing settings, turn on Advanced Data Protection, and understand where your hardest queries travel.Curious question: A magical assistant that knows everything about you is, by definition, a system granted everything about you. Did you make that trade on purpose?Segment 5 — Self-Hosting 101: What to Migrate FirstOriginal recurring segment — Part 1 (scope). Part 2 next week: hands-on photos build.Self-hosting = run the services yourself, on hardware you own, instead of renting space on a company's servers. It's the deliberate counter-move to every other story this week. Honest caveat: you become your own IT department (backups, updates, downtime). Don't eat the elephant at once — scope first.The five candidates (ranked by impact-to-effort):Photos — highest emotional and surveillance value (faces, locations, timestamps). Self-host with Immich (Google-Photos-like: app, auto camera-roll backup, face/object search). Difficulty: moderate; biggest single win.Calendar — a forward-looking map of your life. CalDAV via Radicale or Nextcloud; syncs to your existing calendar app. Easy–moderate; great first project.Contacts — your social graph (everyone else's data too). CardDAV on the same Radicale/Nextcloud server — bundle it with calendar. Easy.File backups — documents and digital paperwork. Often Nextcloud.
VulnCheck's Patrick Garrity on the NVD collapse, the first real AI disclosure wave, and why remediation, not finding bugs, is the bottleneck.DescriptionVulnerability management spent years as the chore everyone dreaded, and now it is one of the hottest topics in security because attackers made exploitation the number one way in. Patrick Garrity of VulnCheck rejoins the show to separate what is real from what is marketing. We get into the honest state of the NIST National Vulnerability Database after CISA pulled its funding, the new AI executive order that wants a clearinghouse for AI-discovered vulnerabilities, the first measurable wave of AI-assisted disclosures, and Patrick's audit of Anthropic's Glasswing ledger. We also dig into why cheap AI discovery makes the remediation bottleneck worse, how AI is raising the security poverty line, and whether the 90-day disclosure model still holds.Key takeawaysVulnerability management is hot again because attackers made it the top way in. As Patrick puts it, attention flows to wherever the attacker goes, and right now that is exploitation.The NIST NVD breakdown was worse than a backlog. A recent report confirmed CISA had stopped funding the NVD and NIST lost about half its funding, with no real plan to clear the backlog, which quietly hurts every defender who relies on enriched CVE data.A new AI executive order wants a clearinghouse for AI-discovered vulnerabilities, reportedly under Treasury. Patrick's reaction is that we already have a vulnerability database, the program is optional, and it may turn into a marketing race more than a coordination win.The first measurable AI disclosure wave is real. CVE volumes are up 563 percent for Chrome and GitHub advisories up 470 percent year to date, and Patrick separated genuine AI-assisted discovery from AI slop and from bugs that merely live in AI software by correlating researchers, domains, and email addresses across multiple advisory sources.Patrick audited Anthropic's Glasswing ledger and found the transparency lacking. He had around 80 vulnerabilities in his own database while the public ledger listed 27, several items had blown past their own 90-day disclosure window, and the ledger had not been updated in two weeks.Finding vulnerabilities is not the bottleneck, remediation is. AI makes discovery cheap, but the coordinated disclosure and fix process takes enormous human effort, and the median time to remediate even known exploited bugs is still measured in weeks.Exploitation looks like it is sustaining rather than surging. CISA KEV and VulnCheck KEV are tracking similar year-over-year volumes, partly because attackers already have more than enough to target and partly because you can only count the exploitation you can actually detect.AI is raising the security poverty line, at least for now. Token costs and access-restricted tools concentrate the most powerful discovery capabilities among well-funded teams, while smaller organizations lack the expertise to turn open-weight models into working vulnerability harnesses.The economics are circular. AI drives the surge in findings and attacker velocity, and AI is then sold as the fix, so teams pay to surface the problem and pay again to remediate it, all on consumption-based pricing against finite budgets.The 90-day disclosure norm mostly holds, though it may tighten. VulnCheck runs a strict 120-day policy with no exceptions and averages 45 to 48 days to fix and disclose, and for open source the fixing commit often makes the flaw public anyway.
In this episode of Alexa's Input (AI), I sit down with David Aronchick, co-founder and CEO of Expanso and former product lead for Kubernetes at Google.Data is growing everywhere outside your data center. Solar panels in remote across a country. Security cameras at retail stores. IoT sensors across factory floors. And moving that data to the cloud for processing? It's expensive, slow, and often restricted by compliance.David is an expert when it comes to solving distribution problems. He led Kubernetes product at Google, co-founded Kubeflow to bring ML to production, and now he's building Expanso to tackle a difficult constraint: when your data can't move, how do you process it where it lives?We discuss:- The need for distributed data orchestration-Upstream data control: filtering and transforming at the source- Three forces making edge computing inevitable (physics, regulations, economics)- How to build successful open source infrastructure projects- Customer discovery and finding real pain points- His transition from Protocol Labs to founding Expanso- ETL pipelines: moving the first four steps closer to the data- Context loss and lineage in distributed systems- Processing 400,000 signals per second with 150MB agents- AI observability: attaching source metadata to training data- Running ML pipelines at the edge- Real-world deployment challenges (bandwidth, regulations, cost)Expanso is rethinking how we process data in an AI-native world—moving compute to data instead of data to compute. If you want to understand where distributed systems and edge computing are heading, this is a deep dive into the infrastructure layer beneath modern AI applications.General Podcast LinksWatch: https://www.youtube.com/@alexa_griffith Read: https://alexasinput.substack.com/ Listen: https://creators.spotify.com/pod/profile/alexagriffith/ More: https://linktr.ee/alexagriffithLearn more about the host atWebsite: https://alexagriffith.com/ LinkedIn: https://www.linkedin.com/in/alexa-griffith/Find out more about the guest atLinkedIn: https://www.linkedin.com/in/aronchick/ Twitter/X: https://x.com/aronchick GitHub: https://github.com/aronchick Expanso Website: https://expanso.io/ResourcesExpanso Website: https://expanso.io/ Kubernetes: https://kubernetes.io/ Kubeflow: https://www.kubeflow.org/ CNCF (Cloud Native Computing Foundation): https://www.cncf.io/ Protocol Labs: https://protocol.ai/KeywordsDavid Aronchick, Expanso, Kubernetes, Kubeflow, distributed systems, edge computing, data pipelines, ETL, upstream data control, Google Kubernetes Engine, open source, CNCF, observability, log processing, data lineage, provenance, schema enforcement, IoT, edge AI, distributed data, machine learning infrastructure, Protocol Labs, IPFS, Filecoin, data governance, compliance, GDPR, bandwidth optimization, data aggregation, AI infrastructure, multi-cloud, hybrid cloud, real-time processing
Should you convert your website into Markdown to help Large Language Models (LLMs) understand your content better? Is "llms.txt" worth the effort for SEO? In this episode of Search Off the Record, Martin Splitt and John Mueller from the Google Search Relations team dive deep into the history of Markdown, its rise in the AI era, and whether it holds any real weight for search engine discovery. In this episode, you'll learn: The Origins of Markdown: From John Gruber and Aaron Swartz to its status as the "language of GitHub." Markdown vs. HTML: Why the "cleanliness" of Markdown is tempting for developers but potentially risky for site structure. LLMs & Markdown: Do AI crawlers actually prefer Markdown, or are they already experts at parsing HTML? The "Parallel Version" Trap: Why creating a separate text/Markdown version of your site for AI can lead to the same maintenance nightmares as dynamic rendering. Use Cases that Make Sense: When Markdown is actually superior (like developer documentation) and when it's totally unnecessary (like your shoe catalog). Key Takeaways for SEOs & Developers: Crawlers are built for the "messy" web: Google and other engines have decades of experience parsing HTML. Don't sacrifice discovery: Headers, footers, and sidebars in HTML provide critical context for site structure that a raw Markdown file might lack. Maintenance is king: Avoid the complexity of maintaining two versions of the same content. Chapters 0:00 - Introduction: Should we all be using Markdown? 3:45 - The history and purpose of Markdown. 7:15 - Why developers love it: Separation of style and content. 11:20 - Do crawlers need Markdown to understand your site? 14:50 - The danger of "parallel versions" and dynamic rendering lessons. 17:30 - Discussing the "llms.txt" proposal and AI agents. 21:00 - Where Markdown actually makes sense (Developer Docs). 24:00 - Final verdict: Stick to HTML for the web. Resources Mentioned: Google Search Central: https://developers.google.com/search Are you using Markdown for your site's frontend or just as a backend source? Let us know in the comments! Episode transcript → https://goo.gle/sotr111-transcript Listen to more Search Off the Record → https://goo.gle/sotr-yt Subscribe to Google Search Channel → https://goo.gle/SearchCentral Search Off the Record is a podcast series that takes you behind the scenes of Google Search with the Search Relations team. #SOTRpodcast #SEO #GoogleSearch Speakers: Martin Splitt, John Mueller
Ведущие – Григорий Петров и Михаил Корнеев Новости выпуска: Steering consul дает команде JIT 6 месяцев, чтобы сделать PEP — https://discuss.python.org/t/an-announcement-from-the-steering-council-regarding-the-jit-project/107638 Два форка — httpx — https://tildeweb.nl/~michiel/httpx2.html PEP 661 – Sentinel Values — https://peps.python.org/pep-0661/ Любопытные результаты MOD_WSGI и free threading — https://grahamdumpleton.me/posts/2026/05/free-threading-vs-the-gil-in-mod-wsgi-6-0-0/ Жизнь до Github — https://lucumr.pocoo.org/2026/4/28/before-github/ Ссылки выпуска: Курс Learn Python — https://learn.python.ru/advanced Канал Миши в Telegram — https://t.me/tricky_python Канал Moscow Python в Telegram — https://t.me/moscow_python Все выпуски — https://podcast.python.ru Митапы Moscow Python — https://moscowpython.ru Канал Moscow Python на Rutube — https://rutube.ru/channel/45885590/ Канал Moscow Python в VK — https://vk.com/moscowpythonconf
Hoy en Atareao con Linux vamos a hablar largo y tendido sobre el Vibe Coding y cómo está cambiando por completo las reglas del juego en este 2026.Si estás escuchando esto mientras vas al trabajo, cocinas o das un paseo, y crees que esto no va contigo porque nunca has tocado una sola línea de código... ¡espera! No toques el botón de siguiente episodio. Este podcast es precisamente para ti. ¿Alguna vez has tenido esa pequeña idea en la cabeza de una aplicación sencilla que te solucionaría la vida, pero la has descartado porque no sabes programar o no tienes tiempo para aprender? El Vibe Coding es el puente que te va a permitir cruzar esa brecha y hacer realidad tus ideas explicándoselas a la tecnología igual que me las explicarías a mí, con tus propias palabras.El nacimiento de un nuevo paradigma: Del "Vibe" al Agentic EngineeringPara entender esta auténtica locura nos tenemos que remontar a febrero de 2025. Andrej Karpathy, una de las mentes más brillantes en el mundo de la Inteligencia Artificial (ex OpenAI y ex Tesla), lanzó un tuit que corrió como la pólvora por todo internet. En ese mensaje acuñó el término Vibe Coding: una nueva forma de programar en la que te dejas llevar por las vibraciones, abrazas el crecimiento exponencial y te olvidas de que el código realmente existe. La idea caló de tal forma que se convirtió en la palabra del año para el diccionario Collins y hoy, un año después, el 84% de los programadores la integran en su rutina.Mi experimento en directo: Una aplicación a medida por dos céntimosA mí no me gusta hablar de oídas, así que al principio del episodio me he puesto manos a la obra. He abierto mi terminal de Linux, he lanzado una herramienta de código abierto maravillosa llamada OpenCode y le he pedido que crease una aplicación para la terminal en Rust para gestionar mis tareas (un TODO clásico)¿Qué herramientas tenemos a nuestro alcance en 2026?• Cursor• Lovable• Claude CodePor otro lado, si eres de los míos y te apasiona el código abierto:• OpenCode.• Cline.• OpenHands • AiderEl lado oscuro: Las trampas de la falsa seguridadNo todo es perfecto y es de vital importancia hablar del lado oscuro de esta tecnología. Es una trampa cognitiva de falsa confianza de manual.La conclusión: La IA no te quitará el trabajo, pero sí cambiará el juegoCapítulos del episodio:00:00:00 Introducción al Vibe Coding y la revolución del desarrollo00:01:40 El origen del Vibe Coding y cómo empezar con un prompt00:05:50 ¿Qué es realmente el Vibe Coding y qué es el Agentic Engineering?00:08:20 ¿Para quién sirve el Vibe Coding? Productividad, MVPs y aprendizaje00:09:40 Herramientas privativas de Vibe Coding: Cursor, Lovable y Claude Code00:13:25 Alternativas de Código Abierto (Open Source): OpenCode, Cline, OpenHands y Aider00:17:05 Demostración en vivo: Ejecutando nuestra aplicación TODO en Rust por dos céntimos00:22:50 El lado oscuro del Vibe Coding: Seguridad, vulnerabilidades y deuda técnica00:26:30 Cómo aprovechar la Inteligencia Artificial sin arruinar tu código00:30:05 El futuro del desarrollo de software y despedidaMás información y enlaces en las notas del episodio
CISA directs agencies to “patch smarter, not harder.” The House fails to extend FISA. Europol pulls over AudiA6. GitHub announces npm security updates. Anthropic rejects Fable 5 jailbreak claims. CISA gives feds three days to patch a critical Ivanti Sentry vulnerability. Google confirms ShinyHunters exploited a critical Oracle PeopleSoft vulnerability. FancyBear shifts part of its infrastructure to compromised edge devices. Pundits push for CyberCorps scholarship budgets. Our guest is Dr. Renée Burton, VP of Threat Intelligence at Infoblox, to discuss scams targeting the World Cup. Amazon drivers sweat through a software update. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today we are joined by Dr. Renée Burton, VP of Threat Intelligence at Infoblox, to discuss the World Cup and fans possibly getting caught out if they use SuperBox to view it. Selected Reading CISA directive orders agencies to prioritize vulnerability patching in a new way (CyberScoop) House votes against extending controversial wiretapping law set to lapse Friday (The Washington Post) Ransomware gangs cut off from EUR 336 million ‘AudiA6' crypto laundering pipeline - Europol analysis links the criminal service to over 15 international cybercrime investigations (Europol) GitHub to Update npm to Thwart Software Supply Chain Attacks (Infosecurity Magazine) Anthropic Disputes Fable 5 AI Jailbreak (SecurityWeek) CISA orders feds to patch actively exploited Ivanti flaw by Sunday (Bleeping Computer) Google Confirms Exploitation of Oracle PeopleSoft Zero-Day by ShinyHunters (SecurityWeek) GRU-Linked APT28 Uses MooBot Botnet and Compromised EdgeRouters for Cyber Operations (GB Hackers) CyberCorps is adapting to AI. The budget isn't keeping up. (CyberScoop) Software Update Automatically Turns off Amazon Delivery Drivers' AC During Dangerous Summer Heat (404 Media) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? N2K CyberWire helps you reach the industry's most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices
Live from Microsoft Build, Corey Noles sits down with Scott Hanselman for a hands-on Neuron LIVE episode about AI-augmented software development, how it differs from just "vibe coding", and the surprisingly practical things people can now build with tools like GitHub Copilot and more.Scott is one of the best technical explainers in software: a longtime Microsoft and GitHub developer, teacher, speaker, author, blogger, and podcaster who has helped millions of developers understand new technology without making it feel impossible to learn.This episode turned into a live demo tour of what AI coding can already do, led by Scott's own use-cases. Corey and Scott walked through a series of examples showing how AI can help people build useful apps, prototypes, workflows, and small tools from everyday ideas, including Scott's own vibe-coded tools Baby Smash (https://www.babysmash.com/), which lets babies press random buttons for fun shapes and sounds, and Tiny Tool Town (https://www.tinytooltown.com/), which showcases random, cool tools Scott found around the web. But in the coolest demo of all, Scott shows how to take an open source tool and create software a personal blood sugar tracking app for his own diabetes management. If that doesn't get your idea blood flowing for what you can do with AI, we don't know what will! https://www.theneuron.ai/
Having recently moved house, Gary wonders how to reconfigure his homelab and network setup. Plus Shane is fed up with GitHub’s outages and formulates a plan to move away… somewhere… Support us on patreon and get an ad-free RSS feed with early episodes sometimes Subscribe to the RSS feed.
[This episode from February 2024 was never published and recently discovered]In today's episode, Andrew kicks things off with a rant about tackling developer experience tasks at Podia, wrestling with GitHub actions, and Heroku deployment woes. Then the conversation takes a turn to the importance of debugging, the power of bash scripting, and the challenges of naming in programming, with Chris mentioning DHH's insights from a live stream. They discuss Chris's travel plans for RubyConf in Australia, other conferences coming up, and reminisce about their childhood love for trains and Thomas the Tank Engine. The episode wraps up with Chris and Andrew sharing advice and tips on writing conference proposals (CFPs) and the value of diverse speaking styles and personalities for engaging an audience. Tune in now to hear more!LinksONCE/Campfiredebug.rbGitHub CopilotRubyConf Australia-April 11-12, 2024RailsConf 2024-May 7-9, 2024-Detroit, MISarah Mei-“What Your Conference Proposal is Missing”Ruby for All Podcast-Episode 50: The Art of Conference Speaking with Kevin Murphy[SFM] We like to party (YouTube)Ultimate Skyrim (YouTube)RailsConf 2023-Teaching Capybara Testing- An Illustrated Adventure by Brandon Weaver (YouTube)Chris Oliver X/TwitterAndrew Mason X/TwitterJason Charnes X/Twitter
Fortinet patches a new critical FortiSandbox flaw GitHub to disable npm install scripts by default to stop supply chain attacks Nottingham University announces data breach Get the show notes here: https://cisoseries.com/cybersecurity-news-fortinet-patches-fortisandbox-github-disables-npm-scripts-nottingham-university-breach/ Thanks to our episode sponsor, Doppel Social engineering attacks look trustworthy — a routine request, an internal email, a familiar face on a call. But Doppel sees through the disguise. Our AI-native platform detects and disrupts attacks across every channel, while training employees to recognize deepfakes and deception. We fight relentlessly to protect your business, brand, and people. Doppel. Outpacing what's next in social engineering. Learn more at doppel.com.
Chad talks with guest Andy Budd, Design Leadership Coach & Venture Partner at Seedcamp, as they look back over Andy's time at Clearleft, the company he co-founded back in 2005. Andy discusses employee trust ownership, how it both benefits and protects your employees, and has the potential to keep your business going for generations to come rather than living and dying by the founders interest. Chad also announces that thoughtbot is moving into a Purpose Trust model. — Our guest for this episode has been Andy Budd. If you'd like to get in touch with Andy, or to keep up to date with his work, you can do so through BlueSky, LinkedIn, or through his website. If you are a Medium user, you can also follow Andy at The Design VC See Andy's panels at Evolve at the Brighton Centre, 26th June. Your host for this episode has been Chad Pytel. You can find Chad all over social media as @cpytel, or over on LinkedIn. If you would like to support the show, head over to our GitHub page, or check out our website. Got a question or comment about the show? Why not write to our hosts: hosts@giantrobots.fm This has been a thoughtbot podcast. Stay up to date by following us on social media - LinkedIn - Mastodon - YouTube - Bluesky © 2026 thoughtbot, inc.
As AI agents become more capable and autonomous, they also introduce new security challenges. In this 'Fully Connected' episode, Dan and Chris unpack Anthropic's Zero Trust for AI Agents security framework and what it means for organizations deploying agentic systems. They examine the key security risks facing agentic systems and discuss how organizations can apply Zero Trust principles to deploy AI agents safely. Along the way, they break down practical security controls and discuss how traditional cybersecurity principles must evolve for the age of AI agents.Featuring:Chris Benson – Website, LinkedIn, Bluesky, GitHub, XDaniel Whitenack – Website, GitHub, XLinks: Zero Trust for AI AgentsOWASP GenAI Project Sponsors:Prediction Guard: A self-hosted AI control plane for running agents in high impact environments. predictionguard.com/practicalaiUpcoming Events: Register for upcoming webinars here!Midwest AI Summit 2026
On this week's show special guest co-host Chris Wade, the founder of Corellium turned Cellebrite CTO, joins Patrick Gray and James Wilson to discuss the week's cybersecurity news. They cover: Microsoft has repos owned, GitHub tokens popped, and a new 0day dropped on them Meanwhile, researchers are choosing full disclosure instead of engaging MSRC Meta's AI support agent allowed a staggering 20,000 accounts to be stolen! Apple pulls Russia's MAX messenger from the App Store and disables notifications Anthropic gives the public our first Mythos-class model but it won't do cybersecurity work Stripe and Google Tag Manager used in eCommerce website hack campaign And much, much more! This week's show is brought to you by runZero. HD Moore, runZeros' founder, drops by in this week's sponsor interview to talk about the AI vibe shift. Everyone is very worried about getting owned all of a sudden, and it's really changing the cybersecurity business. This episode is also available on YouTube. Show notes Microsoft Hacked to Deliver Malware to Claude and Gemini Users | 404.feed.press Researcher publishes GitHub token-stealing exploit, blames Microsoft's disclosure process | therecord.media Microsoft Defender 'RoguePlanet' zero-day grants SYSTEM privileges | BleepingComputer Microsoft breaks Patch Tuesday record with 206 vulnerabilities | CyberScoop chompie1337 | X WhatsApp says NSO targeted users with spearfishing attacks in violation of court order | therecord.media Over 20,000 Instagram accounts stolen in Meta AI support hack | BleepingComputer New Apple feature automatically changes your compromised passwords | BleepingComputer Apple removes Russia's state-backed messaging app Max from its store | therecord.media Exclusive: Anthropic's Mythos can exploit new flaws in hours | Anthropic's new model is Mythos on a leash | CyberScoop Anthropic Offers Mythos Upgrade for Cyber Partners and a ‘Safe' Version for the Rest of You | wired.com OpenClaw AI agent found falling for phishing attacks, spills user data | BleepingComputer OpenAI unveils Lockdown Mode to protect sensitive data from prompt injection attacks | TechCrunch Security Hands on with Intelligent Terminal, an AI-powered Windows Terminal | BleepingComputer Seeking Counsel: Ongoing Targeted Campaign Against US Law Firms | Mandiant Check Point warns of zero-day flaw targeted by ransomware affiliate | Cybersecurity Dive ServiceNow discloses security incident exposing customer data | BleepingComputer Credit card theft campaign abuses Stripe to host stolen payment info | BleepingComputer CrowdStrike, Palo Alto Networks defy estimates as AI fuels cyber demand | Cybersecurity Dive The U.S. Military Quietly Turned GPS Into a Global ‘Numbers Station,' Evidence Suggests | 404.feed.press New 'HTTP/2 Bomb' DoS attack crashes web servers in under a minute | BleepingComputer Google has quietly cut staff across its Cloud business | businessinsider.com
AI Ready: Ahmad Ghabboun Ahmad Ghabboun built a Demo Day–winning AI product during his MSIS program — after arriving with no plans to work in AI at all. He breaks down how his mindset shifted, how his design background made him a stronger prompter, and how to build AI fluency that actually holds up in interviews. Useful for students and early-career professionals trying to get AI-ready without faking it. Ahmad Ghabboun is a Master of Science in Information Systems (MSIS) 2026 Graduate at the UW Foster School of Business. Before Foster, he spent roughly fifteen years in UX and product design, building web applications for startups. At Foster he built several generative-AI tools in his coursework, including Synapse, which won Best Business and Tech Product at the MSIS Demo Day. He is targeting product management and technical product roles. What you'll learn Why naming the specific AI model you use — and justifying it — matters more in interviews than saying "I use AI" How a design background translates into sharper, more technical prompts How to keep a human in the loop so AI assists your judgment instead of replacing it Why AI's tendency to agree with you makes human and second-model pushback essential How to stay current with fast-moving tools without trying to learn everything The difference between a productivity mindset and a learning mindset in school Key moments The third-quarter AI classes that moved AI from "not on my list" to his career focus The origin of Synapse: manually juggling answers across Gemini, Claude, and a third model How Synapse runs a dual-model validation and a judge step to flag gaps for technical PMs Why interview proctoring now detects AI use — and what a "perfect" AI answer signals to interviewers Ethan Mollick's "jagged edge" and why it shifts with every model release Resources mentioned Lovable; Replit; Gemini; Claude; ChatGPT; Jira; Azure DevOps; GitHub; Ethan Mollick's "jagged frontier" of AI capability.
Instagram AI Support Hack Hits 20,225 Accounts; AI Worm 'Hades' Lies to Security Tools; Chrome Zero-Day Patch Host David Shipley reports Meta says 20,225 Instagram accounts were hijacked after an AI support tool was tricked into sending reset links to attacker-controlled emails, with only MFA-protected accounts resisting. Step Security details a new Miasma-derived worm wave called Hades that targets config files for 14 AI coding tools, can inject instructions to hijack assistants, lies to AI security tools, and includes a "dead man switch" wipe if stolen GitHub tokens are revoked; Microsoft also removed some GitHub repos after 73 open-source projects were compromised to inject an info stealer. University of Toronto and Vector Institute researchers demonstrated an AI worm using a free local model that spread across a simulated network via known flaws and misconfigurations. Google issued an emergency Chrome patch for actively exploited CVE-2026-11645 in V8, and insurers are tightening claims scrutiny and increasingly excluding AI-related liabilities. 00:00 Instagram AI Hack Fallout 01:36 AI Worm Hades Evolves 02:55 Microsoft Repo Compromise 03:54 Lab Built AI Worm Demo 05:27 Emergency Chrome Zero Day 07:07 Cyber Insurance Tightens Up 08:02 AI Liability Coverage Shrinks 09:16 Wrap Up and Sign Off
Anthropic released Claude Fable 5, a guardrailed Mythos-class model, to the public and Mythos 5 to trusted partners. OpenAI confidentially filed for an IPO. Hackers injected credential-stealing malware into 70+ Microsoft GitHub repos, and Apple details its new Gemini-based foundation models. Anthropic releases Claude Fable 5, a "safe" Mythos-class model it says can't be used for cyberattacks, to the public, and Claude Mythos 5 to trusted orgs (Wired) OpenAI confidentially files for an IPO, says it has "not decided on timing yet", as "there are things we want to do that are likely easier as a private company" (CNBC) Microsoft disabled 70+ of its repos on GitHub, including Azure-related tools like azure-functions-host, after hackers added credential-stealing malware to them (TechCrunch) MG Siegler: after being left for dead in AI, Apple is set to win at the consumer level — the power of the default, superior product instincts, and no real competition (Spyglass) Ben Thompson: the iPhone is the true core of Siri AI, and Apple is the only company positioned to work across apps with personal context — as long as it's not vaporware (Stratechery) Learn more about your ad choices. Visit megaphone.fm/adchoices
What happens when you strip away decades of engineering abstractions and let AI navigate the wild west between your initial intent and the final outcome? This week on Dev Interrupted, Anush Elangovan, VP of AI Software at AMD, returns to unpack the rapid shift toward an agentic software development lifecycle. Anush introduces the concept of "Agentic IO," a workflow where engineers focus strictly on high-level goals while AI handles the complex implementation. The conversation also highlights the expanding productivity wingspan of modern developers, the power of local open source models, and why speed remains the ultimate competitive moat. Learn why: LinearB is a Leader in the 2026 Gartner® Magic Quadrant™ for Developer Productivity Insight PlatformsFollow the show:Subscribe to our Substack Follow us on LinkedInSubscribe to our YouTube ChannelLeave us a ReviewFollow the hosts:Follow AndrewFollow BenFollow DanFollow today's guest:AMD ROCm: Learn more about AMD's open-source software stack for AI at rocm.docs.amd.com and on GitHub.AMD Advancing AI 2026: Register for AMD's flagship global AI event taking place July 22-23 in San Francisco at amd.com/advancing-ai.Follow Anush on LinkedIn: Anush Elangovan | AMD blogOFFERSStart Free Trial: Get started with LinearB's AI productivity platform for free.Book a Demo: Learn how you can ship faster, improve DevEx, and lead with confidence in the AI era.LEARN ABOUT LINEARBAI Code Reviews: Automate reviews to catch bugs, security risks, and performance issues before they hit production.AI & Productivity Insights: Go beyond DORA with AI-powered recommendations and dashboards to measure and improve performance.AI-Powered Workflow Automations: Use AI-generated PR descriptions, smart routing, and other automations to reduce developer toil.MCP Server: Interact with your engineering data using natural language to build custom reports and get answers on the fly.
Welcome to episode 358 of The Cloud Pod, where the weather is always cloudy! Justin, Matt, and Ryan (who, rumour has it, was working on an Eagles music podcast) are in the studio this week to bring you all the latest in AI and cloud news (and begging for a AI spend limit increase), including anthropic wanting everyone – except themselves – to slow down AI development, GitHub's insane number of commits, and even an announcement from CoreWeave, plus so much more. Let's get started! Titles we almost went with this week Stop Configuring Domains One by One Like a Peasant SSH Into Your AI Agent Like It’s 1999 Your AWS Bill Finally Has an AI Babysitter Stop Blaming Engineering, the AI Will Do It Now GPU Queue Anxiety Meet Your Serverless Spark Therapist One Wildcard Certificate to Rule All Subdomains One PTU Reservation to Rule All Regions Twelve Billion Parameters Walk Into a Laptop Squeezing Gemma 4 Until the Bits Cry Azure Cobalt 200 VMs Are Really Arm-ed and Dangerous AI has gone all Fables and Myth Arm-ed she blows: but probably not to a region near you Dash to change your password as Dashlane gets owned Siri AI shows just how slow Gemini is AI Announces going public, and then spreads Myths about AI development A big thanks to this week's sponsors: There are many cloud cost management tools out there, but only Archera provides insured commitments. It sounds fancy, but it’s really simple. Archera gives you the cost savings of a 1 or 3-year AWS Savings Plan with a commitment as short as 30 days. If you do not use all the cloud resources you have committed to, Archera will literally cover the difference. Other cost management tools may say they offer “insured commitments”, but remember to ask: Will you actually give me my rebate? Because Archera will. Check out thecloudpod.net/archera to schedule a demo today. General News 01:27 How GitHub plans to win developers back GitHub’s scale challenge has grown substantially beyond earlier projections. The platform processed 1 billion commits in all of 2025, but now handles 1.4 billion commits per month, with AI agents alone generating over 17 million pull requests monthly. The technical remediation work has shifted from surface-level scaling to architectural rebuilding. GitHub has addressed MySQL contention, moved webhooks off MySQL entirely, rewritten the GitHub Actions job dispatch system, and is migrating performance-sensitive code from its Ruby monolith to Go. GitHub’s migration to Microsoft Azure, previously reported as a capacity move, is now described as a deeper infrastructure overhaul. The goal is service isolation so that a degraded subsystem like Actions does not cascade failures to Git or other core services. Microsoft is providing engineering support from teams with experience scaling systems at comparable load levels, which represents a more direct operational involvement than what was previously discussed. New feature releases like the
Scott and Wes sit down with Ben Vinegar, former Syntax GM and founder of Modem.dev, to geek out over terminal-maxxing, from SSH-based development and tmux workflows to AI-powered coding agents. Ben also demos two of his open source tools: Hunk, a slick terminal code reviewer with 4k+ GitHub stars, and TermDraw, a terminal-based diagramming tool that posts directly to your agent. Show Notes 00:00 Welcome to Syntax! 00:49 Introduction to Modem and AI Project Management 01:40 Exploring Terminal Usage and Productivity 04:26 Setting Up Remote Development Environments 08:38 The Power of TMUX in Development 11:20 What makes TMUX splitting different? 12:46 Integrating AI with Terminal Workflows 14:56 The Future of Terminal Applications 17:31 Balancing GUIs and Terminal Interfaces getfresh.dev Ben's talk at AI Engineer Miami 24:39 Navigating Development Tools and Environments 26:44 The Balance of Security and Convenience in Coding 30:27 Cautionary Tales: The Risks of YOLO Mode 33:53 Innovative Tools for Enhanced Coding Experience 34:09 Hunk: Terminal code review. 41:39 TermDraw: A New Way to Visualize Code and Ideas 46:22 The Dynamics of Open Source Contributions 48:31 Visualizing Code: Tools and Techniques 50:54 Podcasting and Editing Processes State of Agentic Coding. Podguy: Agent-driven post-production workflow for video podcasts 56:23 Introducing Modem: A Product Intelligence Platform 01:01:39 Connecting Feedback to Product Development 01:03:15 Sick Picks Sick Picks Ben: Nirvanna: The Band - The Show - The Movie, Timecrimes Shameless Plugs Ben: https://modem.dev/ Hit us up on Socials! Syntax: X Instagram Tiktok LinkedIn Threads Wes: X Instagram Tiktok LinkedIn Threads Scott: X Instagram Tiktok LinkedIn Threads Randy: X Instagram YouTube Threads
You're tired of hearing “just build a SaaS” like it's easy, especially when you don't code, don't have a team, and still want something real that can actually make money. It can feel like everyone else has access to some secret playbook while you're stuck trying to figure out where to even begin. In this episode, Omar completely removes the gatekeeping and shows you what it actually looks like to build a real software business in a ridiculously short timeframe using AI. Nothing is hidden. He walks you through the exact tools, decisions, and steps he takes so you're not left guessing or piecing things together on your own. It's clear, practical, and designed to make you feel like this isn't some exclusive club, it's something you can dive into right now. If you've been waiting for proof that you can pull off your own AI-powered software build in a matter of hours, this is it. Click play at the top of the page and see how you can turn your idea into a real product faster than you thought possible. MBA2790 How To Build A Software Business With AI This Weekend. Zero Coding Skills Required. Must-Have Stack to Build Your Own AI App 1. Supabase 2. GitHub 3. Windsurf 4. Vercel 5. Claude 6. GoDaddy 7. Stripe 8. Kit Helper / Optional Tools to support your workflow 1. Wispr Flow 2. Google Forms 3. Chrome DevTools (Inspect Element) Recommended episode to explore: Can You Build A Profitable SaaS In 7 Days With Just AI? My Experiment With Proof! Watch the episodes on YouTube: https://lm.fm/GgRPPHi SUBSCRIBE YouTube | Apple Podcast | Spotify | Podcast Feed Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.
✅ New autonomous agents. ✅ Canva designs made for you. ✅ Codex upgrades to make your business move. If you had your head down in spreadsheets this week, you missed some MAJOR AI upgrades that are available now. We track what's hot and what's not and break it all down on Fridays with our Friday Features. Autonomous Copilot agents, new Codex tools, Github CoPilot app and 7 more AI updates you should be using — An Everyday AI Chat with Jordan WilsonNewsletter: Sign up for our free daily newsletterMore on this Episode: Episode PageToday's Episode on LinkedIn: Thoughts on this? Join the convo on LinkedIn and connect with other AI leaders.Upcoming Episodes: Check out the upcoming Everyday AI Livestream lineupWebsite: YourEverydayAI.comEmail The Show: info@youreverydayai.comConnect with Jordan on LinkedInTopics Covered in This Episode:OpenAI Codex Role-Specific Plugins LaunchMicrosoft Build Conference AI Feature ReleasesChatGPT Memory and Business Account UpgradesMicrosoft Flash Image Model for PowerPointCanva Integrated with ChatGPT and CodexGitHub Copilot Standalone Desktop App PreviewMicrosoft Autopilot Always-On Work AgentsOpenAI Models Now Available on AWS BedrockCodex Sites: AI-Built Internal Web AppsTimestamps:00:00 OpenAI's big money moves03:47 Explaining role-specific plugins09:02 Microsoft's new image model release11:09 Microsoft's AI strategy and Canva update14:23 Canva integration with ChatGPT16:56 GitHub Copilot's new canvas feature20:46 AI token subscription changes24:42 AWS adds OpenAI models to Bedrock28:25 Introducing OpenAI's CodeX Sites Feature32:07 Launch of OpenAI's New Plug-in34:16 Overview of podcast structureKeywords: Autonomous copilot agents, Codex tools, GitHub Copilot app, OpenAI Codex, ChatGPT business accounts, OpenAI enterprise, Microsoft Build conference, Microsoft always-on agents, AWS AI updates, Canva plugin, ChatGPT memory upgrade, Windows Codex integration, Microsoft Flash model, Enterprise apps integration, Role-specific plugins, Sales data analytics, Product design AI, Creative production AI, Investment banking plugin, Public equity investing, Data analytics plugin, Workspace admins, App permissions, Role-aware work agent, Financial research automation, Microsoft image generation model, PowerPoint AI integration, OneDrive AI features, Visual design creation, Canva app for ChatGPT, Canva MCP server, Agentic context carry, Full screen design preview, GitHub Copilot desktop app, GitHub Copilot Canvas, Agent-native command center, Parallel agent work tree, Code app interface, Model options in GitHub, Token usage limits, Subscription token subsidizing, Anthropic token efficiency, Amazon Bedrock, GPT-4, GPT-4.5, Small language models, Token reckoning, Security governance, Inference engine, Code app sidebar, Codex Sites, Internal dashboards, Project trackers, Interactive web apps, Shareable AI apps, Enterprise data connectors, ChatGPT Canvas, Automated workflow, Workplace authentication, Creative briefs repository.Send Everyday AI and Jordan a text message. (We can't reply back unless you leave contact info) Start Here ▶️Not sure where to start when it comes to AI? Start with our Start Here Series. You can listen to the first drop -- Episode 691 -- or get free access to our Inner Cricle community and all episodes: StartHereSeries.com Also, here's a link to the entire series on a Spotify playlist.