Podcasts about github universe

Scott and Wes look back at 2024 and share highlights from a big year for Syntax and the web dev world. They review their 2024 predictions to see what they got right (and wrong), and break down the major moments in web development from CSS improvements to AI editors and beyond. Show Notes 00:00 Welcome to Syntax! 01:30 Changes to the Syntax podcast. 05:56 What happened this year? 06:07 React. 06:36 Solid Start. 07:04 Tanstack Start. 07:43 Remix 09:42 AI Editors. 11:53 Vite 6. 14:02 Bluesky. 19:52 CSS. 22:17 What did we do? 22:21 React Miami. React Miami Episode. 22:26 JSNation Amsterdam. 23:55 JSNation US + React Summit. 24:57 Terminal Feud. 26:28 Laravel + Terminal basketball game. 27:02 Syntax San Francisco meetup. 27:23 GitHub Universe. 28:07 FITC. 28:38 153 Syntax Episodes + Video. 29:32 Our 2024 Predictions Reviewed. 29:46 Types in JS will have real movement. 31:29 Temporal API will ship in 1 browser. 32:50 Perf tooling gets easy for everyone to understand. 33:29 CSS continues to get better where you need less JS. 34:25 Svelte v5 is very fast. 34:38 The year of the server in frameworks. 35:28 Astro is going to have a good year. 36:13 React server components. 37:03 Remix moves away from page-based loaders, to component loaders. 37:18 Hono will become more ubiquitous. 38:28 We will see a route matching Proposal move ahead. 39:23 Bun releases full node compat. 40:42 We will see a new Linter + formatter entirely replace. 42:16 New TypeScript typechecker. Ezno. 43:40 Lightning CSS pops - or does it? 45:10 You'll hear more about Rspack and Turbopack. 45:51 Vite isn't going to release anything big in 2024. 46:24 Relative color will land in all major browsers. 48:14 CSS contrast-color will land in chrome. 48:48 Scroll animation landing in 2 browsers. 50:03 The year of CSS discovery. 51:09 Safari will Ship 3 missing PWA Support. 52:11 Firefox usage will continue to slip. 56:53 Paid Arc features. 57:14 More XR web experiences as Apple releases in Vision Pro. 59:55 AI Tooling. 01:00:57 Small Models that run in the browser. 01:01:38 Apps get Sherlocked by OpenAI. 01:02:04 On prem corporate AI. 01:04:49 Sick Picks + Shameless Plugs. Sick Picks Scott: TCGPocket App. Wes: Huge Bag of Croc Charms Shameless Plugs Scott: Syntax on YouTube. Hit us up on Socials! Syntax: X Instagram Tiktok LinkedIn Threads Wes: X Instagram Tiktok LinkedIn Threads Scott: X Instagram Tiktok LinkedIn Threads Randy: X Instagram YouTube Threads

What's coming for GitHub? Carl and Richard talk to April Yoho about the recent announcements from GitHub Universe and how they will roll out in 2025. The biggest topic, of course, is all the large language models coming to GitHub - there are a bunch of copilots! April talks about original GitHub Copilot, Copilot Workspace, and Copilot Chat - so many options! Now, you can choose your language model to move beyond OpenAI. And there are other changes at GitHub, including EU residency, new features in the enterprise cloud, and new instrumentation - 2025 looks awesome!

What's coming for GitHub? Carl and Richard talk to April Yoho about the recent announcements from GitHub Universe and how they will roll out in 2025. The biggest topic, of course, is all the large language models coming to GitHub - there are a bunch of copilots! April talks about original GitHub Copilot, Copilot Workspace, and Copilot Chat - so many options! Now, you can choose your language model to move beyond OpenAI. And there are other changes at GitHub, including EU residency, new features in the enterprise cloud, and new instrumentation - 2025 looks awesome!

Der Nvidia CEO Jen-Hsun Huang hat Anfang des Jahres sein KI-Ziel beschrieben: "Es ist unsere Aufgabe, Computertechnik so zu bauen, dass niemand mehr programmieren muss und dass die Programmiersprache menschliche Sprache ist", sagte der Firmenchef. Die Branche stehe kurz vor einem Zeitalter, in dem man Computern in natürlicher Sprache ein Problem beschreibt und eine Lösung bekommt. Wie nah wir diesem Zeitalter sind, hat sich mein Kollege Daniel Ziegener von heise+ erst kürzlich auf der GitHub-Entwicklerkonferenz in San Francisco angeschaut. Heute erzählt er uns, was dran ist an der Zukunftsvision, dass bald jede und jeder programmieren kann, ganz ohne Coding-Kenntnisse. https://www.heise.de/thema/KI-Update https://pro.heise.de/ki/ https://www.heise.de/newsletter/anmeldung.html?id=ki-update https://www.heise.de/thema/Kuenstliche-Intelligenz https://the-decoder.de/ https://www.heiseplus.de/podcast https://www.ct.de/ki heise+-Artikel von Daniel Ziegener: https://heise.de/-10001049

Jerod is joined by Hack Clubber Acon, who is fresh off the GitHub Universe stage and ready to tell us all about High Seas, a new initiative by Zach Latta and the Hack Club crew that's incentivizing teens to build cool personal projects by giving away free stuff.

Jerod is joined by Hack Clubber Acon, who is fresh off the GitHub Universe stage and ready to tell us all about High Seas, a new initiative by Zach Latta and the Hack Club crew that's incentivizing teens to build cool personal projects by giving away free stuff.

以下のようなトピックについて話をしました。 枕: Github Universe Recap Tokyo 2024 1: イプシロンS 2: リュウグウ 3: カイロス２号機 本ラジオはあくまで個人の見解であり現実のいかなる団体を代表するものではありません ご理解頂ますようよろしくおねがいします

Wes and Scott talk with Cassidy Williams and Harald Kirschner about exciting new features in VS Code and GitHub Copilot, including custom instructions, UI/UX improvements, and the future of AI and Copilot within different editors. Show Notes 00:00 Welcome to Syntax! 00:32 Cassidy's keynote at GitHub Universe 03:23 New Copilot features 04:55 Use cases for prompt engineering 09:20 UI and UX enhancements 19:18 Copilot Extensions 20:38 Brought to you by Sentry.io 21:26 Multi-line suggestions? 27:00 How do you develop new ideas in this space? GitHub Next 35:42 Copilot in Xcode GitHub Copilot code completion in Xcode is now available in public preview 39:16 VS Code experimental features @code Hit us up on Socials! Syntax: X Instagram Tiktok LinkedIn Threads Wes: X Instagram Tiktok LinkedIn Threads Scott: X Instagram Tiktok LinkedIn Threads Randy: X Instagram YouTube Threads

Jeramiah Dooley joins the vBrownBag to discuss his experience at and insights from GitHub Universe 2024, and explores the transition from individual contributor to people manager. Great career tips inside! 00:53 Introducing Jeramiah Dooley 07:11 Experiencing GitHub Universe 2024 22:06 Interesting announcements @ GitHub Universe 2024 39:30 Jeramiah's journey from IC to manager 43:00 The hardest moment in Jeramiah's career 58:57 Jeramiah's thoughts on the ideal manager communication style Resources: https://gh.io/badger https://gh.io/spark-signup https://bsky.app/profile/jeramiah.net

Kto wygrał wybory politycznie to wiadomo, ale kto jest wygranym w technologii?? To już trochę inna para kaloszy. A oprócz przecięcią technologii z polityką, w Brew jak zwykle to co ważne i na czasie. Co można wyczytać z raportu "State of AI"... a raport jest gruby, sążnisty i napełniony treścią. Przejrzeliśmy go dla Ciebie i wyciągneliśmy to co ważne. GitHub odpalił kolejny wszechświat, czyli GitHub Universe - konferencja, nowości, ogłoszenia. Czy obronili się przed Cursor a może jednak nie?  Znana, doceniana i jak zwykle dobrze poinformowana ekipa Brew przejrzała, przeczytała, zanotowała i nawarzyła specjalnie dla Ciebie! ⛲Linki i źródła::

GitHub Universe 2024 wylądowało na naszej planecie! Czy AI przejmie kontrolę nad kodem? Patoarchitekci badają sprawę z lupą w ręku i kawą w żyłach. W tym odcinku nurkujemy w Copilota z nowymi modelami LLM. Odkrywamy GitHub Spark - narzędzie do tworzenia aplikacji głosem. Analizujemy też trendy językowe na GitHubie. Python pożera JavaScript! Chcesz być na bieżąco z AI w kodowaniu? Posłuchaj tego odcinka i zaimponuj kolegom na daily! Może nawet nauczysz swojego Copilota robić kawę? ;)   A teraz nie ma co się obijać!

The AI race continues with lots of new updates straight from the GitHub Universe conference!New features from GitHub include: the ability to choose different AI models for GitHub Copilot Chat to use (OpenAI, Claude, Gemini, etc.), Copilot Workspaces reviewing PRs, suggesting code changes, and validating fixes.In addition to the GH Universe announcements, the October VS Code release has a bunch of new Copilot additions like: Copilot Edits to change multiple files at once, Copilot Chat in a secondary sidebar, and Copilot code reviews before committing to GitHub.Next.js's caching, which defaulted to very aggressive in the past, has been updated big time in Next.js 15. Now, when devs add a request that fetches external data, they'll be prompted to either wrap it in a Suspense tag or explicitly mark the module or function with the “use cache” directive. This gives devs more fine grained cache control allowing some routes to have dynamic, Suspense-supported data, while others have static, cached data.In bonus news, the open source Flutter community decided to fork the project because it feels Google's core Flutter team doesn't have enough resources internally and isn't fast enough at reviewing PRs and implementing new features. “Flock” aims to add the bug fixes, popular community features, and generally be faster and more agile than Flutter.And today's Fire Starter is about HTTP/3: the newest revision of the HTTP which offers better speed, security, and reliability.News:Paige - GitHub Spark and GitHub Universe updates in generalJack - use cache changes in Next.js 15TJ - VS Code 1.95Bonus News:Flutter gets forked to FlockFire Starters:HTTP/3What Makes Us Happy this Week:Paige - All Recipe's Trends pageJack - Phone security cordTJ - The Will of the Many book series and Kindle e-readerThanks as always to our sponsor, the Blue Collar Coder channel on YouTube. You can join us in our Discord channel, explore our website and reach us via email, or Tweet us on X @front_end_fire and BlueSky.Front-end Fire websiteBlue Collar Coder on YouTubeBlue Collar Coder on DiscordReach out via emailTweet at us on X @front_end_fireFollow us on Bluesky @front-end-fire.com

Cet épisode est relativement pauvre en IA, ouaissssssss ! Mais il nous reste plein de Spring, plein de failles, plein d'OpenTelemetry, un peu de versionnage sémantique, une astuce Git et bien d'autres choses encore. Enregistré le 8 novembre 2024 Téléchargement de l'épisode LesCastCodeurs-Episode–318.mp3 News Langages Le createur de Fernflower in decompilateur qui a relancé l'outillage autour de Java 8 est mort, un hommage d'IntelliJ IDEA https://blog.jetbrains.com/idea/2024/11/in-memory-of-stiver/ les decompilateurs s'appuyaient sur des patterns reconnus et étaient fragiles et incomplets surtout quand Java 8 a changé le pattern try catch et ajouté des concepts comme les annotations le champ était moribond quand Stiver s'est lancé dommage l'article n'explique pas comment le control-flow graph est genere a partir du bytecode pour ameliorer la decompilation Librairies On peut maintenant utiliser Jakarta Data Repository dans Quarkus https://in.relation.to/2024/11/04/data-in-quarkus/ petit article avec un projet example aussi un lien sur la presentation de Jakarta Data par Gavin à Devoxx Belgique Quarkus 3.16 https://quarkus.io/guides/opentelemetry-logging logs distribués avec OpenTelemetry (preview) deserialiseurs Jackson sans reflection des améliorations dans la stack de sécurité TLS registry a ratjouté graphql client et keycloak admin client LEs logs des container devservice et des access http sont visible dans la DevUI Les extensions peuvent maintenant ecrire leur doc en markdown (c'etait juste asciidoc avant) Un artcile sur comment débuter en Spring Batch https://www.sfeir.dev/back/planifier-des-taches-avec-spring-batch/ Le support OAuth2 pour RestClient arrive dans Security 6.4 / Boot 3.4. Plus de hack de WebClient dans vos applications Spring-Web ! https://spring.io/blog/2024/10/28/restclient-support-for-oauth2-in-spring-security–6–4 RestClient a été ajouté dans Spring Framework 6.1 API Fluide Spring Security 6.4 simplifie la configuration OAuth2 avec le nouveau client HTTP synchrone RestClient. RestClient permet des requêtes de ressources sans dépendances réactives, alignant la configuration entre applications servlet et réactives. La mise à jour facilite la migration depuis RestTemplate et ouvre la voie à des scénarios avancés. Marre des microservices ? Revenez au monoliths avec Spring Modulith 1.3RC1, 1.2.5 et 1.1.10 https://spring.io/blog/2024/10/28/spring-modulith–1–3-rc1–1–2–5-and–1–1–10-released Spring Modulith 1.3 RC1, 1.2.5, and 1.1.10 sont disponibles. La version 1.3 RC1 inclut des nouvelles fonctionnalités : archiving event publication completion mode compatibilité avec MariaDB et Oracle avec JDBC-based event publication registry Possibilité d'externaliser des événements dans des MessageChannels de Spring. Expressions SpEL dans @Externalized validation d'architecture technique jMolecules. Les versions 1.2.5 et 1.1.10 apportent des correctifs et mises à jour de dépendances. Spring gRPC 0.1 est sorti https://github.com/spring-projects-experimental/spring-grpc c'est tout nouveau et explorationel si c'est un probleme qui vous gratte, ca vaut le coup de jeter un coup d'oeil et participer. Spring Boot 3.3 Integrer Spring avec Open Telemetry (OTLP protocole) https://spring.io/blog/2024/10/28/lets-use-opentelemetry-with-spring rappel de la valeur de ce standard Open Telemetry comment l'utiliser dans vos projets Spring Comment utiliser ollama avec Spring AI https://spring.io/blog/2024/10/22/leverage-the-power-of–45k-free-hugging-face-models-with-spring-ai-and-ollama permet d'acceter aux 45k modeles de Hugging faces qui supportent le deploiement sur ollama il y a un spring boot starter c'est vraiment pour debuter Cloud Google Cloud Frankfort a subit 12h d'interruption https://t.co/VueiQjhCA3 Google Cloud a subi une panne de 12 heures dans la région europe-west3 (Francfort) le 24 octobre 2024. La panne, causée par une défaillance d'alimentation et de refroidissement, a affecté plusieurs services, y compris Compute Engine et Kubernetes Engine. Les utilisateurs ont rencontré des problèmes de création de VM, des échecs d'opérations et des retards de traitement. Google a conseillé de migrer les charges de travail vers d'autres zones. il y a eu une autre zone Europeenne pas mal affectée l'année dernière et des clients ont perdu des données :sweat: Web La fin de la World Wild Web Foundation https://www.theregister.com/2024/09/30/world_wide_web_foundation_closes/ la Fondation World Wide Web ferme ses portes. Les cofondateurs estiment que les problèmes auxquels est confronté le Web ont changé et que d'autres groupes de défense peuvent désormais prendre le relais. Ils estiment également que la priorité absolue doit être donnée à la passion de Tim Berners-Lee pour redonner aux individus le pouvoir et le contrôle de leurs données et pour construire activement des systèmes de collaboration puissants (Solid Protocol - https://solidproject.org/). Release du https://www.patternfly.org/ 6 Fw opensource pour faire de UI, sponsor RH Interessant à regarder Data et Intelligence Artificielle TSMC arrête des ventes à un client chinois qui aurait revenu un processeur à Huawei et utilise dans sa puce IA https://www.reuters.com/technology/tsmc-suspended-shipments-china-firm-after-chip-found-huawei-processor-sources–2024–10–26/ Taiwan Semiconductor Manufacturing Company (TSMC) a suspendu ses livraisons à Sophgo, un concepteur de puces chinois, après la découverte d'une puce fabriquée par TSMC dans un processeur AI de Huawei (Ascend 910B). Cette découverte soulève des préoccupations concernant des violations potentielles des contrôles d'exportation des États-Unis, qui restreignent Huawei depuis 2020. Sophgo, lié à Bitmain, a nié toute connexion avec Huawei et affirme se conformer aux lois applicables. Toutefois, l'incident a conduit à une enquête approfondie de TSMC et des autorités américaines et taïwanaises Open AI et Microsoft, de l'amour à la guerre https://www.computerworld.com/article/3593206/microsoft-and-openai-good-by-bromance-hel[…]m_source=Adestra&huid=4349eeff–5b8b–493d–9e61–9abf8be5293b on a bien suivi les chants d'amour entre Sam Altman et Satia Nadella ca c'est tendu ces derniers temps deja avec le coup chez openAI où MS avait sifflé la fin de la récré “on a le code, les données, l'IP et la capacité, on peut tout recrée” OpenAi a un competiteur de Copilot et essaie de courtises ses clients les apétits d'investissements d'OpenAI et une dispute sur la valeur de la aprt de MS qui a donné des crédits cloud semble etre aui coeur de la dispute du moment Debezium 3 est sorti https://debezium.io/blog/2024/10/02/debezium–3–0-final-released/ Java 17 minimum pour les connecteurs et 21 pour le serveur, l'extension quarkus outbox et pour l'operateur nettoyage des depreciations metriques par table maintenant support for mysql 9 y compris vector data type oracle, default mining strategie changée ehcache off-heap ajouté amelioarations diverses Oracle (offline RAC node flush, max string size for Extended PostgreSQL PGVector etc (Spanner, vitess, …) NotebookLlama: une version Open Source de NotebookLM https://github.com/meta-llama/llama-recipes/tree/main/recipes/quickstart/NotebookLlama Si vous avez été impressionné par les démo de Gemini Notebook, en créant des podcasts à partir de différentes resources, testez la version llama Tutoriel étape par étape pour transformer un PDF en podcast. Outillage Vous aimez Maven? Bien évidemment! Vous aimez asciidoctor? Absolument! Alors la version 3.1.0 du plugin asciidoctor pour maven est pour vous !! https://github.com/asciidoctor/asciidoctor-maven-plugin Le plugin permet soit de convertir des documents asciidoc de manière autonome, soit de les gérer via le site maven GitHub Universe: de l'IA, de l'IA et encore de l'IA https://github.blog/news-insights/product-news/universe–2024-previews-releases/ GitHub Universe 2024 présente les nouveautés de l'année, notamment la possibilité de choisir parmi plusieurs modèles d'IA pour GitHub Copilot (Claude 3.5, Gemini 1.5 Pro, OpenAI o1). Nouvelles fonctionnalités : GitHub Spark pour créer des micro-applications, révisions de code assistées par Copilot, sécurité renforcée avec Copilot Autofix. Simplification des workflows avec les extensions GitHub Copilot Facilitation de la création d'applications IA génératives avec GitHub Models Méthodologies Les blogs de developpeurs experts Java recommandés par IntelliJ https://blog.jetbrains.com/idea/2024/11/top-java-blogs-for-experienced-programmers/ pas forcement d'accord avec toute la liste mais elle donne de bonnes options si vous voulez lire plus de blogs Java Keycloak revient au semantic versioning après avoir suivi le versionage à la Google Chrome https://www.keycloak.org/2024/10/release-updates ne pas savoir si une mise a jour était retrocompatible était problématique pour les utilisateurs aussi les librairies clientes seront délivrées séparément et supporteront toutes les versions serveur de keycloak supportés Sécurité Un exemple d'attaque de secure supply chain théorique identifiée dans le quarkiverse et les détails de la résolution https://quarkus.io/blog/quarkiverse-and-smallrye-new-release-process/ dans le quarkiverse, les choses sont automatisées pour simplifier la vie des contributeurs d'extension occasionels mais il y avait un défaut, les secrets de signature et d'accès à maven central étaient des secrets d'organisation ce qui veut dire qu'un editeur d'extension malicieux pouvait ecrire un pluging ou un test qiu lisait ses secrets et pouvait livrer de faux artifacts la solution est de séparer la construction des artifacts de l'etape de signature et de release sur maven central comme cela les cles ne sont plus accessible Avec Okta pus besoin de mot de passe quand tu as un identifiant long :face_with_hand_over_mouth: https://trust.okta.com/security-advisories/okta-ad-ldap-delegated-authentication-username/ LOL Une vulnérabilité a été découverte dans la génération de la clé de cache pour l'authentification déléguée AD/LDAP. Les conditions: MFA non utilisé Nom d'utilisateur de 52 caractères ou plus Utilisateur authentifié précédemment, créant un cache d'authentification Le cache a été utilisé en premier, ce qui peut se produire si l'agent AD/LDAP était hors service ou inaccessible, par exemple en raison d'un trafic réseau élevé L'authentification s'est produite entre le 23 juillet 2024 et le 30 octobre 2024 Fixé le 30 octobre, 2024 La revanche des imprimantes !! Linux ne les aime pas, et elles lui rendent bien. https://www.theregister.com/2024/09/26/cups_linux_rce_disclosed/ Après quelques heures / jours de rumeurs sur une faille 9.9/10 CVSS il s'avère que cela concerne que les système avec le système d'impression CUPS et cups-browsed Désactivez et/ou supprimez le service cups-browsed. Mettez à jour votre installation CUPS pour appliquer les mises à jour de sécurité lorsqu'elles sont disponibles. Envisagez de bloquer l'accès au port UDP 631 et également de désactiver le DNS-SD. Cela concerne la plupart des distributions Linux, certaines BSD, possiblement Google ChromeOS, Solaris d'Oracle et potentiellement d'autres systèmes, car CUPS est intégré à diverses distributions pour fournir la fonctionnalité d'impression. Pour exploiter cette vulnérabilité via internet ou le réseau local (LAN), un attaquant doit pouvoir accéder à votre service CUPS sur le port UDP 631. Idéalement, aucun de vous ne devrait exposer ce port sur l'internet public. L'attaquant doit également attendre que vous lanciez une tâche d'impression. Si le port 631 n'est pas directement accessible, un attaquant pourrait être en mesure de falsifier des annonces zeroconf, mDNS ou DNS-SD pour exploiter cette vulnérabilité sur un LAN. Loi, société et organisation La version 1.0 de la definition de l'IA l'Open Source est sortie https://siliconangle.com/2024/10/28/osi-clarifies-makes-ai-systems-open-source-open-models-fall-short/ L'Open Source Initiative (OSI) a clarifié les critères pour qu'un modèle d'IA soit considéré comme open-source : accès complet aux données de formation, au code source et aux paramètres d'entraînement. La plupart des modèles dits “open” comme ceux de Meta (Llama) et Stability AI (Stable Diffusion) ne respectent pas ces critères, car ils imposent des restrictions sur l'utilisation commerciale et ne rendent pas publiques les données de formation c'est au details de données de formation (donc pas forcement les données elle meme. “In particular, this must include: (1) the complete description of all data used for training, including (if used) of unshareable data, disclosing the provenance of the data, its scope and characteristics, how the data was obtained and selected, the labeling procedures, and data processing and filtering methodologies; (2) a listing of all publicly available training data and where to obtain it; and (3) a listing of all training data obtainable from third parties and where to obtain it, including for fee.” C'est en echo a la version d'open source AI de la linux fondation En parlant de cela un article sur l'open source washing dans les modèles https://www.theregister.com/2024/10/25/opinion_open_washing/ L'open washing désigne la pratique où des entreprises prétendent que leurs produits ou modèles sont open-source, bien qu'ils ne respectent pas les critères réels d'ouverture (transparence, accessibilité, partage des connaissances). De grandes entreprises comme Meta, Google et Microsoft sont souvent accusées d'utiliser cette stratégie, ce qui soulève des préoccupations concernant la clarté des définitions légales et commerciales de l'open source, surtout avec l'essor de l'IA. Rubrique débutant Un petit article fondamental sur REST https://www.sfeir.dev/rest-definition/ there de Roy Fielding en reaction aux protocoles lourds comme SOAP 5 verbes (GET PUT, POST. DELETE, PATCH) JSON mais pas que (XML et autre pas d'etat inter requete Ask Me Anything Morgan de Montréal Comment faire cohabiter plusieurs dépôts Git ? Je m'explique : dans mon entreprise, nous utilisons notre dépôt Git (Bitbucket) configuré pour notre dépôt d'entreprise. Lorsque je souhaite contribuer à un projet open source, je suis obligé de modifier ma configuration globale Git (nom d'utilisateur, email) pour correspondre à mon compte GitHub. Il arrive souvent que, lorsque je reviens pour effectuer un commit sur le dépôt d'entreprise, j'oublie que je suis en mode “open source”, ce qui entraîne l'enregistrement de mes configurations “open source” dans l'historique de Bitbucket… Comment gérez-vous ce genre de situation ? Comment gérer différents profiles git https://medium.com/@mrjink/using-includeif-to-manage-your-git-identities-bcc99447b04b Conférences La liste des conférences provenant de Developers Conferences Agenda/List par Aurélie Vache et contributeurs : 8 novembre 2024 : BDX I/O - Bordeaux (France) 13–14 novembre 2024 : Agile Tour Rennes 2024 - Rennes (France) 16–17 novembre 2024 : Capitole Du Libre - Toulouse (France) 20–22 novembre 2024 : Agile Grenoble 2024 - Grenoble (France) 21 novembre 2024 : DevFest Strasbourg - Strasbourg (France) 21 novembre 2024 : Codeurs en Seine - Rouen (France) 21 novembre 2024 : Agile Game Toulouse - Toulouse (France) 27–28 novembre 2024 : Cloud Expo Europe - Paris (France) 28 novembre 2024 : OVHcloud Summit - Paris (France) 28 novembre 2024 : Who Run The Tech ? - Rennes (France) 2–3 décembre 2024 : Tech Rocks Summit - Paris (France) 3 décembre 2024 : Generation AI - Paris (France) 3–5 décembre 2024 : APIdays Paris - Paris (France) 4–5 décembre 2024 : DevOpsRex - Paris (France) 4–5 décembre 2024 : Open Source Experience - Paris (France) 5 décembre 2024 : GraphQL Day Europe - Paris (France) 6 décembre 2024 : DevFest Dijon - Dijon (France) 19 décembre 2024 : Normandie.ai 2024 - Rouen (France) 22–25 janvier 2025 : SnowCamp 2025 - Grenoble (France) 30 janvier 2025 : DevOps D-Day #9 - Marseille (France) 6–7 février 2025 : Touraine Tech - Tours (France) 28 février 2025 : Paris TS La Conf - Paris (France) 20 mars 2025 : PGDay Paris - Paris (France) 25 mars 2025 : ParisTestConf - Paris (France) 3 avril 2025 : DotJS - Paris (France) 10–12 avril 2025 : Devoxx Greece - Athens (Greece) 16–18 avril 2025 : Devoxx France - Paris (France) 7–9 mai 2025 : Devoxx UK - London (UK) 16 mai 2025 : AFUP Day 2025 Lille - Lille (France) 16 mai 2025 : AFUP Day 2025 Lyon - Lyon (France) 16 mai 2025 : AFUP Day 2025 Poitiers - Poitiers (France) 11–13 juin 2025 : Devoxx Poland - Krakow (Poland) 12–13 juin 2025 : DevLille - Lille (France) 24 juin 2025 : WAX 2025 - Aix-en-Provence (France) 26–27 juin 2025 : Sunny Tech - Montpellier (France) 1–4 juillet 2025 : Open edX Conference - 2025 - Palaiseau (France) 18–19 septembre 2025 : API Platform Conference - Lille (France) & Online 6–10 octobre 2025 : Devoxx Belgium - Antwerp (Belgium) 9–10 octobre 2025 : Volcamp - Clermont-Ferrand (France) 16–17 octobre 2025 : DevFest Nantes - Nantes (France) 23–25 avril 2026 : Devoxx Greece - Athens (Greece) 17 juin 2026 : Devoxx Poland - Krakow (Poland) Nous contacter Pour réagir à cet épisode, venez discuter sur le groupe Google https://groups.google.com/group/lescastcodeurs Contactez-nous via twitter https://twitter.com/lescastcodeurs Faire un crowdcast ou une crowdquestion Soutenez Les Cast Codeurs sur Patreon https://www.patreon.com/LesCastCodeurs Tous les épisodes et toutes les infos sur https://lescastcodeurs.com/

Welcome to episode 281 of The Cloud Pod, where the forecast is always cloudy! Justin and Ryan are your hosts as we search the clouds for all the latest news and info. This week we're talking about ECS turning 10 (yes, we were there when it was announced, and yes, we're old,) some more drama from the CrowdStrike fiasco, lots of updates to GitHub, plus more. Join us!   Titles we almost went with this week: Github Universe full of ECS containers Github Universe lives up to the Universal expectations  A big thanks to this week's sponsor: We're sponsorless! Want to get your brand, company, or service in front of a very enthusiastic group of cloud news seekers? You've come to the right place! Send us an email or hit us up on our slack channel for more info.  Follow Up 01:09 Dr. Matt Woods ended up at PWC as chief innovation officer YAWN What exactly does a chief innovation officer at PWC do? Is this like a semi-retirement?  General News 01:44 TSA silent on CrowdStrike's claim Delta skipped required security update Delta isn't backing down with CrowdStrike, and in a court filing said CrowdStrike should be on the hook for the entire $500M in losses, partly because CrowdStrike has admitted that it should have done more testing and staggered deployments to catch bugs.  Delta further alleges that CrowdStrike postured as a certified best-in-class security provider who “never cuts corners,” while secretly designing its software to bypass Microsoft security certifications to make changes at the core of Delta's computer systems without Delta's knowledge.  Delta says they would never have agreed to such a dangerous process if it had been disclosed.  In its testimony to Congress, CrowdStrike said that they follow standard protocols, and that they are protecting against threats as they evolve. CrowdStrike is also accusing Delta of failing to follow laws, including best practices established by the TSA. According to CrowdStrike, most customers were up within a day of the issue – while Delta took 5 days.  Crowdstrike alleges that Delta's negligence caused this in following the TSA requirements designed to ensure that no major airline ever experiences prolonged system outages.  CrowdStrike realized Delta failed to follow the requirements when its efforts to help remediate the issue revealed alleged technological shortcomings and failures to follow security best practices, including outdated IT systems, issues in Delta's AD environment and thousands of compromised passwords. Delta threatened to sue Microsoft as well as CrowdStrike, but has only named CrowdStrike to date in the lawsuits.  3:48 Ryan – “It’s a tool that needs to evolve very quickly to emerging threats. And while the change that was pushed through shouldn’t have gone through that particular workflow, and that’s a m

2024-11-05 Weekly News — Episode 222Watch the video version on YouTube at Hosts: Gavin Pickin - Senior Developer at Ortus SolutionsGrant Copley - Senior Developer at Ortus SolutionsBig Thanks to our Sponsor - Ortus SolutionsThe makers of ColdBox, CommandBox, ForgeBox, TestBox and all your favorite box-es out there including BoxLang.A few ways to say thanks back to Ortus Solutions:Buy Tickets to Into the Box 2025 in Washington DC https://t.co/cFLDUJZEyMApril 30, 2025 - May 2, 2025 - Washington, DCLike and subscribe to our videos on YouTube. Help ORTUS reach for the Stars - Star and Fork our ReposStar all of your Github Box Dependencies from CommandBox with https://www.forgebox.io/view/commandbox-github Subscribe to our Podcast on your Podcast Apps and leave us a reviewSign up for a free or paid account on CFCasts, which is releasing new content regularlyBOXLife store: https://www.ortussolutions.com/about-us/shopBuy Ortus's Books102 ColdBox HMVC Quick Tips and Tricks on GumRoad (http://gum.co/coldbox-tips)Now on Amazon! In hardcover too!!!https://www.amazon.com/dp/B0CJHB712MLearn Modern ColdFusion (CFML) in 100+ Minutes - Free online https://modern-cfml.ortusbooks.com/ or buy an EBook or Paper copy https://www.ortussolutions.com/learn/books/coldfusion-in-100-minutes Patreon Support ()We have 59 patreons: https://www.patreon.com/ortussolutions. News and AnnouncementsGithub UniverseThis year marks our tenth GitHub Universe—and one theme has remained constant: our focus on developers and the developer experience. Over 10 years, that developer experience has evolved from inventing the pull request to building the world's most widely adopted AI coding tool, GitHub Copilot.Today, our platform serves more than 100 million developers, and through the power of this interconnected community combined with generative AI, we are enabling every developer to build, release, scale, and secure software rapidly.Recap: https://github.blog/news-insights/product-news/universe-2024-previews-releases/ Videos: https://githubuniverse.com/?utm_source=github&utm_medium=banner&utm_campaign=24bannerheader16li-newsroom-press-releases-github-universe-2024 New Releases and UpdatesBoxLang Betas — Beta 20-2110/25/24 - BoxLang 1.0.0 Beta 20 Launched6 New Features11 Improvements15 Bugs Fixedhttps://www.ortussolutions.com/blog/boxlang-100-beta-20-launched 11/1/24 - BoxLang 1.0.0 Beta 21 Launched4 New Features5 Improvements14 Bugs Fixedhttps://www.ortussolutions.com/blog/boxlang-100-beta-21-launched Webinars, Meetups and WorkshopsBoost Your Confidence & Silence the Inner Critic: Overcome Imposter Phenomenon!Sac Interactive Tech Meetup • Sacramento, CAWed, Nov 20 · 6:00 PM PSThttps://www.meetup.com/sacinteractive/events/303708476/?eventOrigin=home_page_upcoming_events$all CFCasts Content Updateshttps://www.cfcasts.comIntroducing SocketBoxThis innovative library simplifies WebSocket integration, making real-time features and message handling a breeze. Build engaging applications with SocketBox – get started today! #CFML #BoxLang #WebSockets #RealTime https://www.cfcasts.com/series/ortus-bytes/videos/introducing-socketbox Conferences and TrainingCF Summit India 2024Join us for the Adobe ColdFusion India Summit, a premier, completely free event where developers, industry experts, and thought leaders come together to explore the latest in ColdFusion and web development. Network with peers, meet the ColdFusion engineering team, get your questions answered, discover strategies to boost your career and grow your business—all at no cost.Price: FreeDecember 7, 20242 Cities: Bengaluru and NoidaRegister: https://cf-indiasummit-2024.attendease.com ITB 2025Location: Washington, DCDates: April 30, 2025 - May 2, 2025 - Washington, DCTickets and more info: https://t.co/cFLDUJZEyM50% off blind tickets$249.50 for the Conference$349.50 for the Conference + Workshop!!!Call for Speakers Announced - Deadline Nov 15th https://www.ortussolutions.com/blog/call-for-speakers-into-the-box-2025 CFCamp 2025May 22, 23rd - 2025Atomis Hotel Munich Airporthttps://www.cfcamp.org/ More conferencesNeed more conferences, this site has a huge list of conferences for almost any language/community.https://confs.tech/Blogs, Posts, and Videos of the Week11/4/24 - Blog - Ortus Solutions - Thanksgiving Day deals: Access Exclusive Discounts Until November 30th!Prepare for the Ortus Thanksgiving Day Deals! This is your chance to enhance your development journey with amazing deals catered to everyone—from experienced developers to tech aficionados. Our unique offers are crafted to assist you in reaching your objectives while conserving your budget!Don't Let These Incredible Offers Slip Away!Utilize the code THKSGIVING24 at checkout to take advantage of these fantastic discounts before they endhttps://www.ortussolutions.com/blog/thanksgiving-day-deals-access-exclusive-discounts-until-november-30th Applies to:ColdFusion ConsultingCFCastsCouchbase/Redis Lucee ExtensionsBoxLang Visionary License11/1/24 - Blog - Ortus Solutions - Ortus October Newsletter 2024Welcome to the October Ortus Newsletter! This month is packed with exciting content designed to boost your web development productivity, deepen your technical knowledge, and empower your development projects. We've packed this edition with cutting-edge news, insightful updates, and a lineup of valuable resources across our platforms.https://www.ortussolutions.com/blog/ortus-october-newsletter-2024 10/31/24 - Blog - Ben Nadel - Safe-Navigation Operator ...

Scott and Wes react to the big GitHub Universe announcements, recorded live at GitHub Universe. They dive into Copilot's new features, exploring how its advancements stack up against Cursor AI in the battle for the ultimate AI-driven developer tool. Show Notes 00:00 Welcome to Syntax! 01:12 Our Syntax Meetup. 02:54 AI is everywhere. 03:22 Sherlocking and jockeying for position. 04:49 GitHub Copilot introduces alternative LLMs. GitHub Copilot 06:31 New tools are build upon existing LLMs. 09:14 VSCode reclaiming ground from Cursor. Cursor 10:31 The new features. 10:34 Multi-file editing. 10:54 Use-cases for multi-file editing. 12:58 Multi-model selection. 13:05 Repo indexing. 13:50 Copilot instructions. 14:34 Examples of Cursor rules. 16:39 No mention of multiple-line suggestions. 18:02 Multi-file edit? 20:26 Code review. 22:36 GitHub Pull Requests plugin. 24:34 Investing in AI ‘big bets'. 26:29 Scott's mysterious YouTube unreleased feature. 27:11 3-minute YouTube shorts. Wes' TikTok. 28:29 GitHub Marketplace. 32:18 Copilot Workspace. 34:53 Copilot Workspace features yet to come. 36:25 GitHub Spark. Bolt.new. 42:44 Final thoughts on Copilot vs Cursor. 44:03 What products do you think are in trouble? 50:26 Sick Picks & Shameless Plugs. Sick Picks Scott: Waymo. Wes: Waymo. Hit us up on Socials! Syntax: X Instagram Tiktok LinkedIn Threads Wes: X Instagram Tiktok LinkedIn Threads Scott: X Instagram Tiktok LinkedIn Threads Randy: X Instagram YouTube Threads

Awesome new features for GitHub Copilit and Apple surprises us with new devices and the M4! Follow Us Frank: Twitter, Blog, GitHub James: Twitter, Blog, GitHub Merge Conflict: Twitter, Facebook, Website, Chat on Discord Music : Amethyst Seer - Citrine by Adventureface ⭐⭐ Review Us (https://itunes.apple.com/us/podcast/merge-conflict/id1133064277?mt=2&ls=1) ⭐⭐ Machine transcription available on http://mergeconflict.fm

Like Google, Amazon has a list of products the tech company discontinued. Is one of your favorites on the list? What Apple announced this past "Mac Week." What GitHub announced at its GitHub Universe 2024 event. And how Apple's Genmoji generator will operate when it's released with the future iOS 18.2 release. Mikah Sargent talks about a great article from The Verge highlighting a handful of Amazon Echo products that the tech company has discontinued over the years. Dan Moren of SixColors joins the show again to discuss the new M4 Mac products that the company announced this past week. Martin Woodward, VP of DevRel for GitHub stops by to talk about some of the new things that GitHub announced at its GibHub Universe 2024 event, including the new GitHub Spark. And Mikah talks about Apple's Genmoji service that is slated to come in iOS 18.2 and some of the things you can and cannot do with it. Host: Mikah Sargent Guests: Dan Moren and Martin Woodward Download or subscribe to this show at https://twit.tv/shows/tech-news-weekly. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit Sponsors: uscloud.com flashpoint.io veeam.com bigid.com/tnw

Like Google, Amazon has a list of products the tech company discontinued. Is one of your favorites on the list? What Apple announced this past "Mac Week." What GitHub announced at its GitHub Universe 2024 event. And how Apple's Genmoji generator will operate when it's released with the future iOS 18.2 release. Mikah Sargent talks about a great article from The Verge highlighting a handful of Amazon Echo products that the tech company has discontinued over the years. Dan Moren of SixColors joins the show again to discuss the new M4 Mac products that the company announced this past week. Martin Woodward, VP of DevRel for GitHub stops by to talk about some of the new things that GitHub announced at its GibHub Universe 2024 event, including the new GitHub Spark. And Mikah talks about Apple's Genmoji service that is slated to come in iOS 18.2 and some of the things you can and cannot do with it. Host: Mikah Sargent Guests: Dan Moren and Martin Woodward Download or subscribe to this show at https://twit.tv/shows/tech-news-weekly. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit Sponsors: uscloud.com flashpoint.io veeam.com bigid.com/tnw

Like Google, Amazon has a list of products the tech company discontinued. Is one of your favorites on the list? What Apple announced this past "Mac Week." What GitHub announced at its GitHub Universe 2024 event. And how Apple's Genmoji generator will operate when it's released with the future iOS 18.2 release. Mikah Sargent talks about a great article from The Verge highlighting a handful of Amazon Echo products that the tech company has discontinued over the years. Dan Moren of SixColors joins the show again to discuss the new M4 Mac products that the company announced this past week. Martin Woodward, VP of DevRel for GitHub stops by to talk about some of the new things that GitHub announced at its GibHub Universe 2024 event, including the new GitHub Spark. And Mikah talks about Apple's Genmoji service that is slated to come in iOS 18.2 and some of the things you can and cannot do with it. Host: Mikah Sargent Guests: Dan Moren and Martin Woodward Download or subscribe to this show at https://twit.tv/shows/tech-news-weekly. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit Sponsors: uscloud.com flashpoint.io veeam.com bigid.com/tnw

Like Google, Amazon has a list of products the tech company discontinued. Is one of your favorites on the list? What Apple announced this past "Mac Week." What GitHub announced at its GitHub Universe 2024 event. And how Apple's Genmoji generator will operate when it's released with the future iOS 18.2 release. Mikah Sargent talks about a great article from The Verge highlighting a handful of Amazon Echo products that the tech company has discontinued over the years. Dan Moren of SixColors joins the show again to discuss the new M4 Mac products that the company announced this past week. Martin Woodward, VP of DevRel for GitHub stops by to talk about some of the new things that GitHub announced at its GibHub Universe 2024 event, including the new GitHub Spark. And Mikah talks about Apple's Genmoji service that is slated to come in iOS 18.2 and some of the things you can and cannot do with it. Host: Mikah Sargent Guests: Dan Moren and Martin Woodward Download or subscribe to this show at https://twit.tv/shows/tech-news-weekly. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit Sponsors: uscloud.com flashpoint.io veeam.com bigid.com/tnw

Like Google, Amazon has a list of products the tech company discontinued. Is one of your favorites on the list? What Apple announced this past "Mac Week." What GitHub announced at its GitHub Universe 2024 event. And how Apple's Genmoji generator will operate when it's released with the future iOS 18.2 release. Mikah Sargent talks about a great article from The Verge highlighting a handful of Amazon Echo products that the tech company has discontinued over the years. Dan Moren of SixColors joins the show again to discuss the new M4 Mac products that the company announced this past week. Martin Woodward, VP of DevRel for GitHub stops by to talk about some of the new things that GitHub announced at its GibHub Universe 2024 event, including the new GitHub Spark. And Mikah talks about Apple's Genmoji service that is slated to come in iOS 18.2 and some of the things you can and cannot do with it. Host: Mikah Sargent Guests: Dan Moren and Martin Woodward Download or subscribe to this show at https://twit.tv/shows/tech-news-weekly. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit Sponsors: uscloud.com flashpoint.io veeam.com bigid.com/tnw

Like Google, Amazon has a list of products the tech company discontinued. Is one of your favorites on the list? What Apple announced this past "Mac Week." What GitHub announced at its GitHub Universe 2024 event. And how Apple's Genmoji generator will operate when it's released with the future iOS 18.2 release. Mikah Sargent talks about a great article from The Verge highlighting a handful of Amazon Echo products that the tech company has discontinued over the years. Dan Moren of SixColors joins the show again to discuss the new M4 Mac products that the company announced this past week. Martin Woodward, VP of DevRel for GitHub stops by to talk about some of the new things that GitHub announced at its GibHub Universe 2024 event, including the new GitHub Spark. And Mikah talks about Apple's Genmoji service that is slated to come in iOS 18.2 and some of the things you can and cannot do with it. Host: Mikah Sargent Guests: Dan Moren and Martin Woodward Download or subscribe to this show at https://twit.tv/shows/tech-news-weekly. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit Sponsors: uscloud.com flashpoint.io veeam.com bigid.com/tnw

Like Google, Amazon has a list of products the tech company discontinued. Is one of your favorites on the list? What Apple announced this past "Mac Week." What GitHub announced at its GitHub Universe 2024 event. And how Apple's Genmoji generator will operate when it's released with the future iOS 18.2 release. Mikah Sargent talks about a great article from The Verge highlighting a handful of Amazon Echo products that the tech company has discontinued over the years. Dan Moren of SixColors joins the show again to discuss the new M4 Mac products that the company announced this past week. Martin Woodward, VP of DevRel for GitHub stops by to talk about some of the new things that GitHub announced at its GibHub Universe 2024 event, including the new GitHub Spark. And Mikah talks about Apple's Genmoji service that is slated to come in iOS 18.2 and some of the things you can and cannot do with it. Host: Mikah Sargent Guests: Dan Moren and Martin Woodward Download or subscribe to this show at https://twit.tv/shows/tech-news-weekly. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit Sponsors: uscloud.com flashpoint.io veeam.com bigid.com/tnw

Like Google, Amazon has a list of products the tech company discontinued. Is one of your favorites on the list? What Apple announced this past "Mac Week." What GitHub announced at its GitHub Universe 2024 event. And how Apple's Genmoji generator will operate when it's released with the future iOS 18.2 release. Mikah Sargent talks about a great article from The Verge highlighting a handful of Amazon Echo products that the tech company has discontinued over the years. Dan Moren of SixColors joins the show again to discuss the new M4 Mac products that the company announced this past week. Martin Woodward, VP of DevRel for GitHub stops by to talk about some of the new things that GitHub announced at its GibHub Universe 2024 event, including the new GitHub Spark. And Mikah talks about Apple's Genmoji service that is slated to come in iOS 18.2 and some of the things you can and cannot do with it. Host: Mikah Sargent Guests: Dan Moren and Martin Woodward Download or subscribe to this show at https://twit.tv/shows/tech-news-weekly. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit Sponsors: uscloud.com flashpoint.io veeam.com bigid.com/tnw

Enjoy Leo's many hats in this fun and silly edition of Windows Weekly. Happy Halloween! Windows 11 Yes, Windows 11 version 24H2 got its preview update for October too, a few days late as expected 24H2 was a surprisingly big platform shift - no enablement updates - faster updates going forward Dev and Beta get new builds, minor changes in each Microsoft 365/AI/dev Teams is... getting weird Microsoft 365 apps get Handoff support on Apple devices Notion Mail - a light alternatives to Google Workspace and M365? GitHub Copilot goes multi-LLM Apple Intelligence wave one arrives, mostly to indifference. Wave two in December. EU is getting it in the Spring New Macs this week with M4. But the big news? 16 GB of RAM, minimum. Finally. The Browser Company can't realize its vision for the future with Arc Earnings/Corporate Microsoft and Google duke it out over Cloud licensing - This one is getting ugly Google - $88.3 billion in revenues AMD - OK, but dominated by Intel on PCs and NVIDIA in AI/datacenter Xbox More games, more people, more devices, Microsoft says Less emphasis on console but what might a next-gen console look like? Arm? Mobile? Third-party hardware makers? Cloud Gaming is limited to the most expensive Game Pass tier - that has to change, and what about a standalone tier? Mobile app stores are coming - but what about native mobile games? Call of Duty Black Ops 6 lands on PC Game Pass, Xbox Game Pass Ultimate, and Cloud Gaming - Paul puts aside his grudge and gives it a shot Microsoft previews new Home experience for Xbox app on Windows Tips and Picks Tip of the week: It might be time to look at the Raspberry Pi again App pick of the week: My God, it's full of web browsers RunAs Radio this week: Updating Windows on ARM with Aria Hanson Brown liquor pick of the week: Laird of the Fintry Black Label Cask Strength Single Malt Whisky Hosts: Leo Laporte, Paul Thurrott, and Richard Campbell Download or subscribe to this show at https://twit.tv/shows/windows-weekly Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit Check out Paul's blog at thurrott.com The Windows Weekly theme music is courtesy of Carl Franklin. Sponsors: 1password.com/windowsweekly uscloud.com threatlocker.com Melissa.com/twit

Enjoy Leo's many hats in this fun and silly edition of Windows Weekly. Happy Halloween! Windows 11 Yes, Windows 11 version 24H2 got its preview update for October too, a few days late as expected 24H2 was a surprisingly big platform shift - no enablement updates - faster updates going forward Dev and Beta get new builds, minor changes in each Microsoft 365/AI/dev Teams is... getting weird Microsoft 365 apps get Handoff support on Apple devices Notion Mail - a light alternatives to Google Workspace and M365? GitHub Copilot goes multi-LLM Apple Intelligence wave one arrives, mostly to indifference. Wave two in December. EU is getting it in the Spring New Macs this week with M4. But the big news? 16 GB of RAM, minimum. Finally. The Browser Company can't realize its vision for the future with Arc Earnings/Corporate Microsoft and Google duke it out over Cloud licensing - This one is getting ugly Google - $88.3 billion in revenues AMD - OK, but dominated by Intel on PCs and NVIDIA in AI/datacenter Xbox More games, more people, more devices, Microsoft says Less emphasis on console but what might a next-gen console look like? Arm? Mobile? Third-party hardware makers? Cloud Gaming is limited to the most expensive Game Pass tier - that has to change, and what about a standalone tier? Mobile app stores are coming - but what about native mobile games? Call of Duty Black Ops 6 lands on PC Game Pass, Xbox Game Pass Ultimate, and Cloud Gaming - Paul puts aside his grudge and gives it a shot Microsoft previews new Home experience for Xbox app on Windows Tips and Picks Tip of the week: It might be time to look at the Raspberry Pi again App pick of the week: My God, it's full of web browsers RunAs Radio this week: Updating Windows on ARM with Aria Hanson Brown liquor pick of the week: Laird of the Fintry Black Label Cask Strength Single Malt Whisky Hosts: Leo Laporte, Paul Thurrott, and Richard Campbell Download or subscribe to this show at https://twit.tv/shows/windows-weekly Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit Check out Paul's blog at thurrott.com The Windows Weekly theme music is courtesy of Carl Franklin. Sponsors: 1password.com/windowsweekly uscloud.com threatlocker.com Melissa.com/twit

Enjoy Leo's many hats in this fun and silly edition of Windows Weekly. Happy Halloween! Windows 11 Yes, Windows 11 version 24H2 got its preview update for October too, a few days late as expected 24H2 was a surprisingly big platform shift - no enablement updates - faster updates going forward Dev and Beta get new builds, minor changes in each Microsoft 365/AI/dev Teams is... getting weird Microsoft 365 apps get Handoff support on Apple devices Notion Mail - a light alternatives to Google Workspace and M365? GitHub Copilot goes multi-LLM Apple Intelligence wave one arrives, mostly to indifference. Wave two in December. EU is getting it in the Spring New Macs this week with M4. But the big news? 16 GB of RAM, minimum. Finally. The Browser Company can't realize its vision for the future with Arc Earnings/Corporate Microsoft and Google duke it out over Cloud licensing - This one is getting ugly Google - $88.3 billion in revenues AMD - OK, but dominated by Intel on PCs and NVIDIA in AI/datacenter Xbox More games, more people, more devices, Microsoft says Less emphasis on console but what might a next-gen console look like? Arm? Mobile? Third-party hardware makers? Cloud Gaming is limited to the most expensive Game Pass tier - that has to change, and what about a standalone tier? Mobile app stores are coming - but what about native mobile games? Call of Duty Black Ops 6 lands on PC Game Pass, Xbox Game Pass Ultimate, and Cloud Gaming - Paul puts aside his grudge and gives it a shot Microsoft previews new Home experience for Xbox app on Windows Tips and Picks Tip of the week: It might be time to look at the Raspberry Pi again App pick of the week: My God, it's full of web browsers RunAs Radio this week: Updating Windows on ARM with Aria Hanson Brown liquor pick of the week: Laird of the Fintry Black Label Cask Strength Single Malt Whisky Hosts: Leo Laporte, Paul Thurrott, and Richard Campbell Download or subscribe to this show at https://twit.tv/shows/windows-weekly Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit Check out Paul's blog at thurrott.com The Windows Weekly theme music is courtesy of Carl Franklin. Sponsors: 1password.com/windowsweekly uscloud.com threatlocker.com Melissa.com/twit

Enjoy Leo's many hats in this fun and silly edition of Windows Weekly. Happy Halloween! Windows 11 Yes, Windows 11 version 24H2 got its preview update for October too, a few days late as expected 24H2 was a surprisingly big platform shift - no enablement updates - faster updates going forward Dev and Beta get new builds, minor changes in each Microsoft 365/AI/dev Teams is... getting weird Microsoft 365 apps get Handoff support on Apple devices Notion Mail - a light alternatives to Google Workspace and M365? GitHub Copilot goes multi-LLM Apple Intelligence wave one arrives, mostly to indifference. Wave two in December. EU is getting it in the Spring New Macs this week with M4. But the big news? 16 GB of RAM, minimum. Finally. The Browser Company can't realize its vision for the future with Arc Earnings/Corporate Microsoft and Google duke it out over Cloud licensing - This one is getting ugly Google - $88.3 billion in revenues AMD - OK, but dominated by Intel on PCs and NVIDIA in AI/datacenter Xbox More games, more people, more devices, Microsoft says Less emphasis on console but what might a next-gen console look like? Arm? Mobile? Third-party hardware makers? Cloud Gaming is limited to the most expensive Game Pass tier - that has to change, and what about a standalone tier? Mobile app stores are coming - but what about native mobile games? Call of Duty Black Ops 6 lands on PC Game Pass, Xbox Game Pass Ultimate, and Cloud Gaming - Paul puts aside his grudge and gives it a shot Microsoft previews new Home experience for Xbox app on Windows Tips and Picks Tip of the week: It might be time to look at the Raspberry Pi again App pick of the week: My God, it's full of web browsers RunAs Radio this week: Updating Windows on ARM with Aria Hanson Brown liquor pick of the week: Laird of the Fintry Black Label Cask Strength Single Malt Whisky Hosts: Leo Laporte, Paul Thurrott, and Richard Campbell Download or subscribe to this show at https://twit.tv/shows/windows-weekly Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit Check out Paul's blog at thurrott.com The Windows Weekly theme music is courtesy of Carl Franklin. Sponsors: 1password.com/windowsweekly uscloud.com threatlocker.com Melissa.com/twit

Enjoy Leo's many hats in this fun and silly edition of Windows Weekly. Happy Halloween! Windows 11 Yes, Windows 11 version 24H2 got its preview update for October too, a few days late as expected 24H2 was a surprisingly big platform shift - no enablement updates - faster updates going forward Dev and Beta get new builds, minor changes in each Microsoft 365/AI/dev Teams is... getting weird Microsoft 365 apps get Handoff support on Apple devices Notion Mail - a light alternatives to Google Workspace and M365? GitHub Copilot goes multi-LLM Apple Intelligence wave one arrives, mostly to indifference. Wave two in December. EU is getting it in the Spring New Macs this week with M4. But the big news? 16 GB of RAM, minimum. Finally. The Browser Company can't realize its vision for the future with Arc Earnings/Corporate Microsoft and Google duke it out over Cloud licensing - This one is getting ugly Google - $88.3 billion in revenues AMD - OK, but dominated by Intel on PCs and NVIDIA in AI/datacenter Xbox More games, more people, more devices, Microsoft says Less emphasis on console but what might a next-gen console look like? Arm? Mobile? Third-party hardware makers? Cloud Gaming is limited to the most expensive Game Pass tier - that has to change, and what about a standalone tier? Mobile app stores are coming - but what about native mobile games? Call of Duty Black Ops 6 lands on PC Game Pass, Xbox Game Pass Ultimate, and Cloud Gaming - Paul puts aside his grudge and gives it a shot Microsoft previews new Home experience for Xbox app on Windows Tips and Picks Tip of the week: It might be time to look at the Raspberry Pi again App pick of the week: My God, it's full of web browsers RunAs Radio this week: Updating Windows on ARM with Aria Hanson Brown liquor pick of the week: Laird of the Fintry Black Label Cask Strength Single Malt Whisky Hosts: Leo Laporte, Paul Thurrott, and Richard Campbell Download or subscribe to this show at https://twit.tv/shows/windows-weekly Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit Check out Paul's blog at thurrott.com The Windows Weekly theme music is courtesy of Carl Franklin. Sponsors: 1password.com/windowsweekly uscloud.com threatlocker.com Melissa.com/twit

Enjoy Leo's many hats in this fun and silly edition of Windows Weekly. Happy Halloween! Windows 11 Yes, Windows 11 version 24H2 got its preview update for October too, a few days late as expected 24H2 was a surprisingly big platform shift - no enablement updates - faster updates going forward Dev and Beta get new builds, minor changes in each Microsoft 365/AI/dev Teams is... getting weird Microsoft 365 apps get Handoff support on Apple devices Notion Mail - a light alternatives to Google Workspace and M365? GitHub Copilot goes multi-LLM Apple Intelligence wave one arrives, mostly to indifference. Wave two in December. EU is getting it in the Spring New Macs this week with M4. But the big news? 16 GB of RAM, minimum. Finally. The Browser Company can't realize its vision for the future with Arc Earnings/Corporate Microsoft and Google duke it out over Cloud licensing - This one is getting ugly Google - $88.3 billion in revenues AMD - OK, but dominated by Intel on PCs and NVIDIA in AI/datacenter Xbox More games, more people, more devices, Microsoft says Less emphasis on console but what might a next-gen console look like? Arm? Mobile? Third-party hardware makers? Cloud Gaming is limited to the most expensive Game Pass tier - that has to change, and what about a standalone tier? Mobile app stores are coming - but what about native mobile games? Call of Duty Black Ops 6 lands on PC Game Pass, Xbox Game Pass Ultimate, and Cloud Gaming - Paul puts aside his grudge and gives it a shot Microsoft previews new Home experience for Xbox app on Windows Tips and Picks Tip of the week: It might be time to look at the Raspberry Pi again App pick of the week: My God, it's full of web browsers RunAs Radio this week: Updating Windows on ARM with Aria Hanson Brown liquor pick of the week: Laird of the Fintry Black Label Cask Strength Single Malt Whisky Hosts: Leo Laporte, Paul Thurrott, and Richard Campbell Download or subscribe to this show at https://twit.tv/shows/windows-weekly Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit Check out Paul's blog at thurrott.com The Windows Weekly theme music is courtesy of Carl Franklin. Sponsors: 1password.com/windowsweekly uscloud.com threatlocker.com Melissa.com/twit

Volles Haus bei der programmier.bar! Gleich fünf von uns haben sich versammelt, um euch mit jeder Menge News zu versorgen.Wir sprechen über die aktuellsten Entscheidungen des Technical Committee 39, der Gruppe hinter ECMA Script. Aber auch bei Flutter hat sich einiges getan – beziehungsweise gespalten. Und natürlich berichten wir von GitHubs Hausmesse „GitHub Universe“ und diskutieren die neusten Features von Copilot, Workspaces und Neuerscheinungen wie Spark. Außerdem geht's um die Highlights aus der GitHub Octoverse Developer Survey.Warum es dem Internet Archive aktuell nicht so gut geht und wer dahinter steckt, erfahren wir von Dave. Zuletzt sprechen wir auch ein wenig über die neuen Macs.Schreibt uns! Schickt uns eure Themenwünsche und euer Feedback: podcast@programmier.barFolgt uns! Bleibt auf dem Laufenden über zukünftige Folgen und virtuelle Meetups und beteiligt euch an Community-Diskussionen. TwitterInstagramFacebookMeetupYouTube

In this episode of Tech Talks Daily, I sit down with Chris Reddington, Senior Product Manager of Strategy for Developer Relations at GitHub, to explore the transformative role of AI in software development. As AI continues to reshape the way businesses innovate, the conversation shifts beyond the mere integration of new technology. Chris emphasizes that adopting AI-powered software development is a significant cultural shift, requiring more than just technical tools. It demands a top-down approach, where leadership support and change management are critical to fostering a progressive culture within development teams. Throughout our discussion, Chris unpacks why the impact of AI tools like GitHub Copilot should not be narrowly measured by the volume of code produced. Instead, he argues that the true value lies in how these tools free developers to focus on more complex, meaningful work. By automating repetitive tasks, AI helps developers maintain their creative flow, reducing context switching and allowing them to concentrate on higher-level challenges like architecture, system design, and testing. Chris also touches on the broader implications of AI adoption, highlighting the need for a clear vision and strategy that goes beyond just using new tools. Organizations must be willing to embrace change, experiment with new processes, and provide continuous learning opportunities for their teams. He points out that AI coding has the potential to enhance developers' skills by providing contextual assistance, especially for junior developers, and by offering insights that can improve security and code quality. Learn more about GitHub GitHub blog: https://github.blog/ GitHub Universe: https://githubuniverse.com/ Chris' Profile - linkedin.com/in/chrisreddington

Topics covered in this episode: py-free-threading.github.io Python's Supportive and Welcoming Environment is Tightly Coupled to Its Progress Status pages for sites! PEP 751 – A file format to list Python dependencies for installation reproducibility Extras Joke Watch on YouTube About the show Sponsored by us! Support our work through: Our courses at Talk Python Training The Complete pytest Course Patreon Supporters Connect with the hosts Michael: @mkennedy@fosstodon.org Brian: @brianokken@fosstodon.org Show: @pythonbytes@fosstodon.org Join us on YouTube at pythonbytes.fm/live to be part of the audience. Usually Tuesdays at 10am PT. Older video versions available there too. Finally, if you want an artisanal, hand-crafted digest of every week of the show notes in email form? Add your name and email to our friends of the show list, we'll never share it. Michael #1: py-free-threading.github.io Track the status of compatibility for free-threaded Python See the Compatibility status tracking page for what you can use Lots of resources for getting your package tested and available for pythont Brian #2: Python's Supportive and Welcoming Environment is Tightly Coupled to Its Progress “Python is as popular as it is today because we have gone above and beyond to make this a welcoming community. Being a friendly and supportive community is part of how we are perceived by the wider world and is integral to the wide popularity of Python. We won a “Wonderfully Welcoming Award” last year at GitHub Universe. Over and over again, the tech press refers to Python as a supportive community.” Some communication recently, with the recent bylaws change, didn't live up to our promise to be welcoming Please read the article for more details. Another quote: “We have a moral imperative – as one of the very best places to bring new people into tech and into open source – to keep being good at welcoming new people. If we do not rise and continue to rise every day to this task, then we are not fulfilling our own mission, “to support and facilitate the growth of a diverse and international community of Python programmers.” Technical skills are a game-changer for the people who acquire them and joining a vast global network of people with similar interests opens many doors. Behavior that contributes to a hostile environment around Python or throws up barriers and obstacles to those who would join the Python community must be addressed because it endangers what we have built here.” Michael #3: Status pages for sites! Based on Uptime Kuma I covered last week Python Bytes status Talk Python status Brian #4: PEP 751 – A file format to list Python dependencies for installation reproducibility Brett Cannon Motivation Currently, no standard exists to: Specify what top-level dependencies should be installed into a Python environment. Create an immutable record, such as a lock file, of which dependencies were installed. Considering there are at least five well-known solutions to this problem in the community (pip freeze, pip-tools, uv, Poetry, and PDM), there seems to be an appetite for lock files in general. Rationale The format is designed so that a locker which produces the lock file and an installer which consumes the lock file can be separate tools. … The file format is designed to be human-readable. …Finally, the format is designed so that viewing a diff of the file is easy by centralizing relevant details. The file format is also designed to not require a resolver at install time. … Extras Brian: Hello, pytest! course is going well, and is purchasable as in pre-release mode. Planning on Aug 19 (or before) deadline. Not sure what the final price will be, but I'm starting with $10. I want people to want to watch it even just so see if they want to recommend to co-workers so the people around them can ramp up on pytest quickly. Michael: Mypy 1.11 Released FastHTML (more next week) Coming up on the final chance to be part of the Code in a Castle event. Joke: Open source OpenAI?

Jason Lengstorf, a developer media producer and host of the show Learn with Jason, joins Corey on this week's episode of Screaming in the Cloud to layout his ideas for creative developer content. Jason explains how devTV can have way more reach than webinars, the lack of inspiration he experiences at conferences these days, and why companies should be focused on hiring specialists before putting DevRels on the payroll. Plus, Corey and Jason discuss walking the line between claiming you're good at everything and not painting yourself into a corner as a DevRel and marketer.About JasonJason Lengstorf helps tech companies connect with developer communities through better media. He advocates for continued learning through collaboration and play and regularly live streams coding with experts on his show, Learn With Jason. He lives in Portland, Oregon.Links Referenced:Learn with Jason: https://www.learnwithjason.dev/Personal Website Links: https://jason.energy/linksTranscriptAnnouncer: Hello, and welcome to Screaming in the Cloud with your host, Chief Cloud Economist at The Duckbill Group, Corey Quinn. This weekly show features conversations with people doing interesting work in the world of cloud, thoughtful commentary on the state of the technical world, and ridiculous titles for which Corey refuses to apologize. This is Screaming in the Cloud.Corey: Welcome to Screaming in the Cloud. I'm Corey Quinn. Before I went to re:Invent, I snuck out of the house for a couple of days to GitHub Universe. While I was there, I discovered all kinds of fascinating things. A conference that wasn't predicated on being as cheap as humanly possible was one of them, and a company that understood how developer experience might play out was another.And I also got to meet people I don't normally get to cross paths with. My guest today is just one such person. Jason Lengstorf is a developer media producer at Learn with Jason, which I have to assume is named after yourself.Jason: [laugh] It is yes.Corey: Or it's a dramatic mispronunciation on my part, like, no, no, it's ‘Learn with JSON' and it's basically this insane way of doing weird interchange formats, and you just try to sneak it through because you know I happen to be an XML purist.Jason: [laugh] Right, I'm just going to throw you a bunch of YAML today. That's all I want to talk about.Corey: Exactly. It keeps things entertaining, we're going to play with it. So, let's back up a sec. What do you do? Where do you start and where do you stop?Jason: I'm still learning how to answer this question, but I help companies do a better job of speaking to developer audiences. I was an engineer for a really long time, I went from engineering into developer advocacy and developer experience, and as of the last year, I'm doing that independently, with a big focus on the media that companies produce because I think that what used to work isn't working, and that there's a big opportunity ahead of us that I am really excited to help companies move into.Corey: It feels like this has been an ongoing area of focus for an awful lot of folks. How do you successfully engage with developer audiences? And if I'm being direct and more than a little bit cynical, a big part of it is that historically, the ways that a company marketed to folks was obnoxious. And for better or worse, when you're talking about highly technical topics and you're being loudly incorrect, a technical audience is not beholden to some of the more common business norms, and will absolutely call you out in the middle of you basically lying to them. “Oh, crap, what do we do now,” seemed to be a large approach. And the answer that a lot of folks seem to have come up with was DevRel, which… I've talked about it before in a bunch of different ways, and my one-liner is generally, “If you work in DevRel, that means you work in marketing, but they're scared to tell you that.”Jason: [laugh] I don't think you're wrong. And you know, the joke that I've made for a long time is that they always say that developers hate marketing. But I don't think developers hate marketing; they just hate the way that your company does it. And—Corey: Oh, wholeheartedly agree. Marketing done right is engaging and fun. A lot of what I do in public is marketing. Like, “Well, that's not true. You're just talking about whatever dumb thing AWS did this week.” “Well, yes, but then you stick around to see what else I say, and I just become sort of synonymous with ‘Oh, yeah, that's the guy that fixes AWS bills.'” That is where our business comes from, believe it or not.Jason: Ri—and I think this was sort of the heart of DevRel is that people understood this. They understood that the best way to get an audience engaged is to have somebody who's part of that audience engage with them because you want to talk to them on the level that they work. You're not—you know, a marketing message from somebody who doesn't understand what you do is almost never going to land. It just doesn't feel relatable. But if you talk to somebody who's done the thing that you do for work, and they can tell you a story that's engaging about the thing that you do for work, you want to hear more. You—you know, you're looking for a community, and I think that DevRel, the aim was to sort of create that community and give people a space to hang out with the added bonus of putting the company that employs that DevRel as an adjacent player to get some of that extra shine from wherever this community is doing well.Corey: It felt like 2019 was peak DevRel, and that's where I started to really see that you had, effectively, a lot of community conferences were taken over by DevRel, and you wound up with DevRel pitching to DevRel. And it became so many talks that were aligned with almost imagined problems. I think one of the challenges of working in DevRel is, if you're not careful, you stop being a practitioner for long enough that you can no longer relate to what the audience is actually dealing with. I can sit here and complain about data center travails that I had back in 2011, but are those still accurate in what's about to be 2024? Probably not.Jason: And I think the other problem that happens too is that when you work in DevRel, you are beholden to the company's goals, if the company employees you. And where I think we got really wrong is companies have to make money. We have to charge customers or the company ceases to exist, so when we go out and tell stories, we're encouraged by the company to focus on the stories that have the highest ROI for the company. And that means that I'm up on stage talking about some, like, far-future, large-scale enterprise thing that very few companies need, but most of the paying customers of my company would need. And it becomes less relatable, and I think that leads to some of the collapse that we saw that you mentioned, where dev events feel less like they're for devs and more like they're partner events where DevRel is talking to other DevRel is trying to get opportunities to schmooze partners, and grow our partner pipeline.Corey: That's a big part of it, where it seems, on some level, that so much of what DevRel does, when I see them talking about DevRel, it doesn't get around to DevRel is. Instead, it gets stuck in the weeds of what DevRel is not“. We are not shills for our employer.” Okay, I believe you, but also, I don't ever see you saying anything that directly contravenes what your employer does. Now, let me be clear: neither do I, but I'm also in a position where I can control what my employer does because I have the control to move in directions that align with my beliefs.I'm not saying that it's impossible to be authentic and true to yourself if you work for an employer, but I have seen a couple of egregious examples of people changing companies and then their position on topics they've previously been very vocal on pulled an entire one-eighty, where it's… it really left a bad taste in my mouth.Jason: Yeah. And I think that's sort of the trick of being a career DevRel is you have to sort of walk this line of realizing that a DevRel career is probably short at every company. Because if you're going to go there and be the face of a company, and you're not the owner of that company, they're almost inevitably going to start moving in a direction as business develops, that's not going to line up with your core values. And you can either decide, like, okay that's fine, they pay me well enough, I'm just going to suck it up and do this thing that I don't care about that much, or you have to leave. And so, if you're being honest with yourself, and you know that you're probably going to spend between 12 and 24 months at any given company as a DevRel, which—by the history I'm seeing, that seems to be pretty accurate—you need to be positioning and talking about things in a way that isn't painting you into that corner where you have to completely about-face, if you switch companies. But that also works against your goals as a DevRel at the company. So, it's—I think we've made some big mistakes in the DevRel industry, but I will pause to take a breath here [laugh].Corey: No, no, it's fine. Like, it's weird that I view a lot of what I do is being very similar to DevRel, but I would never call myself that. And part of it is because, for better or worse, it is not a title that tends to engender a level of respect from business owners, decision makers, et cetera because it is such a mixed bag. You have people who have been strategic advisors across the board becoming developer advocates. That's great.You also see people six months out of a boot camp who have decided don't like writing code very much, so they're going to just pivot to talking about writing code, and invariably, they believe, more or less, whatever their employer tells them because they don't have the history and the gravitas to say, “Wait a minute, that sounds like horse pucky to me.” And it's a very broad continuum. I just don't like blending in.Jason: Where I think we got a lot of this wrong is that we never did define what DevRel is. As you say, we mostly define what DevRel is not, and that puts us in a weird position where companies see other companies do DevRel, and they mostly pay attention to the ones who do DevRel really well. And they or their investors or other companies say, “You need a great DevRel program. This is the secret to growth.” Because we look at companies that have done it effectively, and we see their growth, and we say, “Clearly this has a strong correlation. We should invest in this.” But they don't—they haven't done it themselves. They don't understand which part of it is that works, so they just say, “We're hiring for DevRel.” The job description is nine different careers in a trench coat. And the people applying—Corey: Oh, absolutely. It's nine different things and people wind up subdividing into it, like, “I'm an events planner. I'm not a content writer.”Jason: Right.Corey: Okay, great, but then why not bill yourself as a con—as an events planner, and not have to wear the DevRel cloak?Jason: Exactly. And this is sort of what I've seen is that when you put up a DevRel job, they list everything, and then when you apply for a DevRel job, you also don't want to paint yourself into a corner and say, “My specialty is content,” or, “My specialty is public speaking,” or whatever it is. And therefore you say, “I do DevRel,” to give yourself more latitude as an employee. Which obviously I want to keep optionality anywhere I go. I would like to be able to evolve without being painted into a small box of, like, this is all I'm allowed to do, but it does put us in this really precarious position.And what I've noticed a lot of companies do is they hire DevRel—undefined, poorly written job description, poor understanding of the field. They get a DevRel who has a completely different understanding of what DevRel is compared to the people with the role open. Both of them think they're doing DevRel, they completely disagree on what those fundamentals are, and it leads to a mismatch, to burnout, to frustration, to, you know, this high turnover rate in this field. And everybody then starts to say, well, “DevRel is the problem.” But really, the problem is that we're not—we're defining a category, not a job, and I think that's the part that we really screwed up as an industry.Corey: Yeah. I wish there were a better way around there, but I don't know what that might be. Because it requires getting a bunch of people to change some cornerstone of what's become their identity.Jason: This is the part where I—this is probably my spiciest take, but I think that DevRel is marketing, but it is a different kind of marketing. And so, in a perfect world—like, where things start to fall apart is you try to slot DevRel into engineering, or you try to slot it into marketing, as a team on these broader organizations, but the challenge then becomes, if you have DevRel, in marketing, it will inevitably push more toward marketing goals, enterprise goals, top-of-funnel, qualified leads, et cetera. If you put them into engineering, then they have more engineering goals. They want to do developer experience reviews. They want to get out there and do demos. You know, it's much more engineering-focused—or if you're doing it right, is much more engineering-focused.But the best DevRel teams are doing both of those with a really good measure, and really clear metrics that don't line up with engineering or marketing. So, in a perfect world, you would just have an enterprise marketing team, and a developer marketing team, and that developer marketing team would be an organization that is DevRel today. And you would hire specialists—event planners, great speakers, great demo writers, probably put your docs team in there—and treat it as an actual responsibility that requires a larger team than just three or four ex-developers who are now speaking at conferences.Corey: There were massive layoffs across DevRel when the current macroeconomic correction hit, and I'd been worried about it for years in advance because—Jason: Mm-hm.Corey: So, many of these folks spent so much time talking about how they were not marketing, they were absolutely not involved in that. But marketing is the only department that really knows how to describe the value of these sorts of things without having hard metrics tied to it. DevRel spent a lot of time talking about how every metric used to measure them was somehow wrong, and if you took it to its logical conclusion, you would basically give these people a bunch of money—because they are expensive—and about that much money again in annual budget to travel more or less anywhere they want to go, and every time something good happened, as a result, to the company, they had some hand in it nebulously, but you could never do anything to measure their performance, so just trust that they're doing a good job. This is tremendously untenable.Jason: Mm-hm. Yeah, I think when I was running the developer experience org at Netlify, most of my meetings were justifying the existence of the team because there weren't good metrics. You can't put sales qualified leads on DevRel. It doesn't make any sense because there are too many links in the chain after DevRel opens the door, where somebody has to go from, ‘I'm aware of this company' to ‘I've interacted with the landing page' to ‘I've actually signed up for something' to ‘now I'm a customer,' before you can get them to a lead. And so, to have DevRel take credit is actually removing credit from the marketing team.And similarly, if somebody goes through onboarding, a lot of that onboarding can be guided by DevRel. The APIs that new developers interface with can be—the feedback can come from DevRel, but ultimately, the engineering team did that work the product team did that work. So, DevRel is this very interesting thing. I've described it as a turbocharger, where if you put it on an engine that runs well, you get better performance out of that engine. If you just plop one on the table, not a lot happens.Corey: Yeah, it's a good way of putting it. I see very early stage startups looking to hire a developer advocate or DevRel person in their seed stage or Series A, and it's… there's something else you're looking for here. Hire that instead. You're putting the cart before the horse.Jason: What a lot of people saw is they saw—what they're thinking of as DevRel is what they saw from very public founders. And when you get a company that's got this very public-facing, very engaging, charismatic founder, that's what DevRel feels like. It is, you know, this is the face of the company, we're showing you what we do on the inside, we're exposing our process, we're sharing the behind the scenes, and proving to you that we really are great engineers, and we care a lot. Look at all this cool stuff we're doing. And that founder up on stage was, I think, the original DevRel.That's what we used to love about conferences is we would go there and we would see somebody showing this thing they invented, or this new product they had built, and it felt so cool because it was these inspirational moments of watching somebody brilliant do something brilliant. And you got to follow along for that journey. And then we try to—Corey: Yeah I mean, that's natural, but you see booths at conferences, the small company startup booths, a lot of times you'll be able to talk to the founders directly. As the booths get bigger, your likelihood of being able to spend time talking to anyone who's materially involved in the strategic direction of that company gets smaller and smaller. Like, the CEO of GitHub isn't going to be sitting around at the GitHub booth at re:Invent. They're going to be, you know, talking to other folks—if they're there—and going to meetings and whatnot. And then you wind up with this larger and larger company. It's a sign of success, truly, but it also means that you've lost something along the way.Jason: Yeah, I think, you know, it's the perils of scale. And I think that when you start looking at the function of DevRel, it should sort of be looked at as, like, when we can't handle this anymore by ourselves, we should look for a specialty the same way that you do for any other function inside of a company. You know, it wouldn't make sense on day one of a startup to hire a reliability engineer. You're not at the point where that makes sense. It's a very expensive person to hire, and you don't have enough product or community or load to justify that role yet. And hopefully, you will.And I think DevRel is sort of the same way. Like, when you first start out your company, your DevRel should be the founding team. It should be your engineers, sharing the things that they're building so that the community can see the brilliance of your engineering team, sharing with the community, obviously, being invested in that community. And when you get big enough that those folks can no longer manage that and their day-to-day work, great, then look into adding specialists. But I think you're right that it's cart before the horse to, you know, make a DevRel your day-one hire. You just don't have enough yet.Corey: Yeah, I wish that there were an easy way to skin the cat. I'm not sure there is. I think instead we wind up with people doing what they think is going to work. But I don't know what the truth is.Jason: Mmm.Corey: At least. That's where I land on it.Jason: [laugh] Yeah, I mean, every company is unique, and every experience is going to be unique, so I think to say, “Do it exactly like this,” is—that's got a lot of survivorship bias, and do as I say—but at the same time, I do think there's some universal truths. Like, it doesn't really make sense to hire a specialist before you've proven that specialty is the secret sauce of your business. And I think you grow when it's time to grow, not just in case. I think companies that over-hire end up doing some pretty painful layoffs down the road. And, you know, obviously, there's an opposite end of that spectrum where you can grow too slowly and bury your team and burn everybody out, but I think, you know—we, [laugh] leading into the pandemic, I guess, we had a lot of free money, and I think people were thinking, let's go build an empire and we'll grow into that empire. And I think that is a lot of why we're seeing this really painful downsizing right now, is companies hired just in case and then realized that actually, that in case didn't come to be.Corey: What is the future of this look like? Easy enough to look back and say, well, that didn't work? Well, sure. What is the future?Jason: The playbook that we saw before—in, like, 2019 and before—was very event-driven, very, like, webinar-driven. And as we went into 2020, and people were at home, we couldn't travel, we got real sick of Zoom calls. We don't want to get on another video call again. And that led to that playbook not working anymore. You know, I don't want to get on a webinar with a company. I don't want to go travel to a company event, you know, or at least not very many of them. I want to go see the friends I haven't seen in three years.So, travel priorities changed, video call fatigue is huge, so we need something that people want to do, that is interesting, and that is, you know, it's worth making in its own right, so that people will engage with it, and then you work in the company goals as an incidental. Not as a minor incidental, but you know, it's got to be part of the story; it can't be the purpose. People won't sign up for a webinar willingly these days, I don't think, unless they have exactly the problem that your webinar purports to solve.Corey: And even if they do, it becomes a different story.Jason: Right.Corey: It's [high buying 00:19:03] signal, but people are constantly besieged by requests for attention. This is complicated by what I've seen over the last year. When marketing budgets get—cut, arguably too much, but okay—you see now that there's this follow-on approach where, okay, what are we going to cut? And people cut things that in many cases work, but are harder to attribute success to. Events, for example, are doing very well because you have someone show up at your booth, you scan their badge. Three weeks later, someone from that company winds up signing up for a trial or whatnot, and ah, I can connect those dots.Whereas you advertise on I don't know, a podcast as a hypothetical example that I'm pulling out of what's right in front of me, and someone listening to this and hearing a message from a sponsor, they might be doing something else. They'll be driving, washing dishes, et cetera, and at best they'll think, “Okay, I should Google that when I get back to a computer.” And they start hearing about it a few times, and, “Oh. Okay, now it's time for me to go and start paying serious attention to this because that sounds like it aligns with a problem I have.” They're not going to remember where they initially heard it.They're going to come in off of a Google search, so it sounds like it's all SEO's benefit that this is working, and it is impossible to attribute. I heard some marketer once say that 50% of your marketing budget is wasted, but you'll go bankrupt trying to figure out which half. It all ties together. But I can definitely see why people bias for things that are more easily attributed to the metric you care about.Jason: Yes. And I think that this is where I see the biggest opportunity because I think that we have to embrace that marketing signal is directional, not directly attributable. And if you have a focus campaign, you can see your deviation from baseline signups, and general awareness, and all of the things that you want to be true, but you have to be measuring that thing, right? So, if we launch a campaign where we're going to do some video ads, or we're going to do some other kind of awareness thing, the goal is brand awareness, and you measure that through, like, does your name get mentioned on social media? Do you see a deviation from baseline signups where it is trending upward?And each of those things is signal that the thing you did worked. Can you directly attribute it? No, but I think a functional team can—you know, we did this at Netlify all the time where we would go and look: what were the efforts that were made, what were the ones that got discussion on different social media platforms, and what was the change from baseline? And we saw certain things always drove a non-trivial deviation from baseline in the right direction. And that's one of the reasons that I think the future of this is going to be around how do you go broader with your reach?And my big idea—to nutshell it—is, like, dev TV. I think that developers want to see the things that they're interested in, but they want it to be more interesting than a straight webinar. They want to see other developers using tools and getting a sense of what's possible in an entertaining way. Like, they want stories, they don't want straight demos. So, my thinking here is, let's take this and steer into it.Like, we know that developers love when you put a documentary together. We saw the Vue documentary, and the React documentary, and the GraphQL documentary, and the Kubernetes documentary coming out of the Honeypot team, and they've got hundreds of thousands, and in some cases, millions of views because developers really want to see good stories about us, about our community. So, why not give the dev community a Great British Bake Off, but for web devs? Why not create an Anthony Bourdain Parts Unknown-style travel show that highlights various web communities? Why not get out there and make reality competition shows and little docuseries that help us highlight all the things that we're learning and sharing and building?Every single one of those is going to involve developers talking about the tools they use, talking about the problems they solve, talking about what they were doing before and how they've made it better. That's exactly what a webinar is, that's what a conference talk is, but instead of getting a small audience at a conference, or you know, 15 to 30 people signing up for your webinar, now we've got the potential for hundreds of thousands or even millions of people to watch this thing because it's fun to watch. And then they become aware of the companies involved because it's presented by the company; they see the thing get used or talked about by developers in their community, I think there's a lot of magic and potential in that, and we've seen it work in other verticals.Corey: And part of the problem comes down as well to the idea that, okay, you're going to reach some people in person at events, but the majority of engineers are not going to be at any event or—Jason: Right.Corey: Any event at all, for that matter. They just don't go to events for a variety of excellent reasons. How do you reach out to them? Video can work, but I always find that requires a bit of a different skill than, I don't know, podcasting or writing a newsletter. So, many times, it feels like it's, oh, and now you're just going to basically stare at the camera, maybe with someone else, and it looks like the Zoom call to which the viewer is not invited.Jason: Right.Corey: They get enough of that. There has to be something else.Jason: And I think this is where the new skill set, I think, is going to come in. It exists in other places. We see this happen in a lot of other industries, where they have in-house production teams, they're doing collaborations with actors and athletes and bringing people in to make really entertaining stories that drive underlying narratives. I mean, there's the ones that are really obvious, like, the Nikes of the world, but then there are far less obvious examples.Like, there was this show called Making It. It was… Nick Offerman and Amy Poehler were the hosts. It was the same format as the Great British Bake Off but around DIY and crafting. And one of the permanent judges was the Etsy trend expert, right? And so, every single episode, as they're judging this, the Etsy trend expert is telling all of these crafters and contestants, “You know, what you built here is always a top seller on Etsy. This is such a good idea, it's so well executed, and people love this stuff. It flies off the shelves in Etsy stores.”Every single episode, just perfectly natural product placement, where a celebrity that you know—Nick Offerman and Amy Poehler—are up there, lending—like, you want to see them. They're so funny and engaging, and then you've got the credibility of Etsy's trend expert telling the contestants of the show, “If you do DIY and crafting, you can make a great living on Etsy. Here are the things that will make that possible.” It's such subtle, but brilliant product placement throughout the entire thing. We can do that. Like, we have the money, we just spend it in weird places.And I think that as an industry, if we start getting more creative about this and thinking about different ways we can apply these marketing dollars that we're currently dumping into very expensive partner dinners or billboards or getting, you know, custom swag or funding yet another $150,000 conference sponsorship, we could make a series of a TV show for the same cost as throwing one community event, and we would reach a significantly larger group.Corey: Yeah. Now, there is the other side of it, too, where Lord knows I found this one out the fun way, that creating content requires significant effort and—Jason: Yes.Corey: Focus. And, “Oh, it's a five-minute video. Great, that could take a day or three to wind up putting together, done right.” One of the hardest weeks of my year is putting together a bunch of five-minute videos throughout the course of re:Invent. So much that is done in advance that is basically breaking the backs of the editing team, who are phenomenal, but it still turns into more than that, where you still have this other piece of it of the actual content creation part.And you can't spend all your time on that because pretty soon I feel like you become a talking head who doesn't really do the things that you are talking to the world about. And that content gets pretty easy to see when you start looking at, okay, what did someone actually do? Oh, they were a developer for three years, and they spent the next seven complaining about development, and how everyone is—Jason: [laugh].Corey: Doing it wrong on YouTube. Hmm… it starts to get a little, how accurate is this really? So, for me, it was always critical that I still be hands-on with things that I'm talking about because otherwise I become a disaster.Jason: And I agree. One of the things that my predecessor at Netlify, Sarah Drasner, put in place was a, what she called an exchange program, where we would rotate the DevRel team onto product, and we rotate product onto the DevRel team. And it was a way of keeping the developer experience engineers actually engineers. They would work on the product, they didn't do any DevRel work, they were exclusively focused on doing actual engineering work inside our product to just help keep their skills sharp, keep them up to date on what's going on, build more empathy for the engineers that we talk to every day, build more empathy for our team instead of us—you know, you never want to hear a DevRel throw the engineering team under the bus for not shipping a feature everybody wants.So, these sorts of things are really important, and they're hard to do because we had to—you know, that's a lot of negotiation to say, “Hey, can we take one of your engineers for a quarter, and we'll give you one of our engineers for a quarter, and you got to trust us that's going to work out in your favor.” [laugh] Right? Like, there's a lot that goes into this to make that sort of stuff possible. But I absolutely agree. I don't think you get to make this type of content if you've fully stepped out of engineering. You have to keep it part of your practice.Corey: There's no way around it. You have to be hands-on. I think that's the right way to do it, otherwise, it just leads to, frankly, disaster. Very often, you'll see people who are, like, “Oh, they're great in the DevRel space. What do they do?” And they go to two or three conferences a year, and they have a blog post or so. It's like, okay, what are they doing the rest of that time?Sometimes the answer is fighting internal political fires. Other times it's building things and learning these things and figuring out where they stand. There are some people, I don't want to name names, although an easy one is Kelsey Hightower, who has since really left the stage, that he's retired, but when he went up on stage and said something—despite the fact that he worked at Google—it was eminently clear that he believed in what he was saying, or he would not say it.Jason: Right.Corey: He was someone who was very clearly aware of the technology about which he was speaking. And that was great. I wish that it were not such a standout moment to see him speak and talk about that. But unfortunately, he kind of is. Not as many people do that as well as we'd like.Jason: Agreed. I think it was always a treat to see Kelsey speak. And there are several others that I can think of in the community who, when they get on stage, you want to be in that audience, and you want to sit down and listen. And then there are a lot of others who when they get on stage, it's like that this book could have been a blog post, or this—you know, this could have been an email, that kind of thing. Like you could have sent me this repo because all you did was walk through this repo line-by-line, or something that—it doesn't feel like it came from them; it feels like it's being communicated by them.And I think that's, again, like, when I criticize conferences, a lot of my criticism comes from the fact that, coming up, I feel like every speaker that I saw on stage—and this is maybe just memory… playing favorites for me, but I feel like I saw a lot of people on stage who were genuinely passionate about what they were creating, and they were genuinely putting something new into the world every time they got on stage. And I have noticed that I feel less and less like that. Also, I feel like events have gotten less and less likely to put somebody on stage unless they've got a big name DevRel title. Like, you have to work at a company that somebody's heard of because they're all trying to get that draw because attendance is going down. And—Corey: Right. It's a—like, having run some conferences myself, the trick is, is you definitely want some ringers in there. People you know will do well, but you also need to give space for new voices to arise. And sometimes it's a—it always bugs me when it seems like, oh, they're here because their company is a big sponsor. Of course, they have the keynote. Other times, it's a… like, hate the actual shill talks, which I don't see as much, which I'm thankful for; I'd stop going to those conferences, but jeez.Jason: Yeah, and I think it's definitely one of those, like, this is a thing that we can choose to correct. And I have a suspicion that this is a pendulum not a—not, like, the denouement of—is that the right—how do you say that word? De-NOW-ment? De-NEW-ment? Whatever.Corey: Denouement is my understanding, but that might be the French acc—Jason: Oh, me just—Corey: The French element.Jason: —absolutely butchering that. Yeah [laugh]. I don't think this is the end of conferences, like we're seeing them taper into oblivion. I think this is a lull. I think that we're going to realize that we want to—we really do love being in a place with other developers. I want to do that. I love that.But we need to get back to why we were excited to go to conferences in the first place, which was this sharing of knowledge and inspiration, where you would go see people who were literally moving the world forward in development, and creating new things so that you would walk away with insider info, you had just seen the new thing, up close and personal, had those conversations, and you went back so jazzed to build something new. I feel like these days, I feel more like I went and watched a handful of product demos, and now I'm really just waiting to the hallway track, which is the only, like, actually interesting part at a lot of events these days.Corey: I really want to thank you for taking the time to speak with me. If people want to learn more, where's the best place for them to find you?Jason: Most of what I share is on learnwithjason.dev, or if you want a big list of links, I have jason.energy/links, which has a whole bunch of fun stuff for you to find.Corey: Awesome. And we will, of course, include links to that in the show notes. Thank you so much for taking the time to speak with me. I really appreciate it.Jason: Yeah, thanks so much for having me. This was a blast.Corey: Jason Lengstorf, developer media producer at Learn with Jason. I'm Cloud Economist Corey Quinn, and this is Screaming in the Cloud. If you've enjoyed this podcast, please leave a five-star review on your podcast platform of choice, whereas if you've hated this podcast, please leave a five-star review on your podcast platform of choice, along with an angry comment that will no doubt become the basis for somebody's conference talk.Jason: [laugh].Corey: If your AWS bill keeps rising and your blood pressure is doing the same, then you need The Duckbill Group. We help companies fix their AWS bill by making it smaller and less horrifying. The Duckbill Group works for you, not AWS. We tailor recommendations to your business, and we get to the point. Visit duckbillgroup.com to get started.

In a universe roamed by software developers, problems are to be conquered by code. Synopsis: Every first Monday of the month, listen to the Work Talk podcast to help you work smarter, think deeper and get ahead in your work life. Now, with a new Copilot in generative Artificial Intelligence (AI), will we enter an era where coders solve some of the world's biggest challenges? Will coding become mainstream? Listen to this episode, brought to you from GitHub Universe, held in November in San Francisco.  ST's senior correspondent Krist Boo hosts her guests - GitHub chief executive Thomas Dohmke, GitHub head of accessibility Ed Summers, and chief executive of Singapore firm NodeFlair, Ethan Ang. Highlights (click/tap above): 1:51 The gift of natural language gen AI brings to code 3:26  An age where developers can focus on solving problems 4:29 One of the ageing world's biggest problems: disability  5:08  The story of Ed Summers, a blind developer 17:31 For the love of coding Read more: https://str.sg/ifw8 https://str.sg/ifwX Produced by: Krist Boo (kristb@sph.com.sg), Ernest Luis and Teo Tong Kai Edited by: Teo Tong Kai Follow ST's Your Money & Career Podcast channel here: Channel: https://str.sg/wB2m Apple Podcasts: https://str.sg/wuN3 Spotify: https://str.sg/wBr9 SPH Awedio app: https://www.awedio.sg/ Website: http://str.sg/stpodcasts Feedback to: podcast@sph.com.sg Read Krist Boo's Work Talk columns: https://str.sg/wB2P Get business/career tips in ST's HeadSTart newsletter: https://str.sg/headstart-nl --- Discover more ST podcast channels: In Your Opinion: https://str.sg/w7Qt Asian Insider: https://str.sg/JWa7 Health Check: https://str.sg/JWaN Green Pulse: https://str.sg/JWaf Your Money & Career: https://str.sg/wB2m ST Sports Talk: https://str.sg/JWRE #PopVultures: https://str.sg/JWad Music Lab: https://str.sg/w9TX Discover ST Podcasts: http://str.sg/stpodcasts -- Special edition series: True Crimes Of Asia (6 eps): https://str.sg/i44T The Unsolved Mysteries of South-east Asia (5 eps): https://str.sg/wuZ2 Invisible Asia (9 eps): https://str.sg/wuZn Stop Scams (10 eps): https://str.sg/wuZB Singapore's War On Covid (5 eps): https://str.sg/wuJa --- Follow our shows then, if you like short, practical podcasts! #moneycareerSee omnystudio.com/listener for privacy information.

Inbal Shani is the chief product officer at GitHub, where she leads core product management, along with product strategy, marketing, open source, and communities, including the development of GitHub Copilot. Prior to joining GitHub, she led engineering and product teams at Amazon and Microsoft. In today's conversation, we discuss:• What Inbal believes is overhyped and underhyped in the rapidly changing field of AI• How AI-driven code generation is changing software development• Her take on whether AI will replace developers• How software development looks in 3 to 5 years• How product teams operate at GitHub• GitHub's Next team, and other ways the company fosters a culture of innovation• The success metrics and philosophy behind GitHub's Copilot—Brought to you by Jira Product Discovery—Atlassian's new prioritization and roadmapping tool built for product teams | Sanity—The most customizable content layer to power your growth engine | HelpBar by Chameleon—The free in-app universal search solution built for SaaS—Find the transcript for this episode and all past episodes at: https://www.lennyspodcast.com/episodes/. Today's transcript will be live by 8 a.m. PT.—Where to find Inbal Shani:• LinkedIn: https://www.linkedin.com/in/inbalshani/—Where to find Lenny:• Newsletter: https://www.lennysnewsletter.com• X: https://twitter.com/lennysan• LinkedIn: https://www.linkedin.com/in/lennyrachitsky/—In this episode, we cover:(00:00) Inbal's background(04:17) Why generative AI is not going to replace developers in the near future (05:54) Why AI-driven testing is underhyped(07:48) What the next 3 to 5 years will look like(10:13) Stats around the use of GitHub Copilot (12:07) How Copilot enables engineers to work more efficiently(13:38) Common mistakes when adopting AI into your workflows(16:42) How GitHub operationalizes “dogfooding”(18:46) The philosophy behind Copilot(20:24) Copilot's success metrics(24:54) How Copilot encourages collaboration(26:37) What we lose when AI writes code for us(29:35) A retrospective on the generative AI space(30:47) Inbal's thoughts on the future of AI(32:35) How to make space for innovative product ideas(34:37) How GitHub stays on the cutting edge of innovation(36:44) The GitHub Next team(39:20) Advice for early product managers(42:17) Inbal's “biggest learning” from her career(45:34) Inbal's closing thoughts(46:19) Lightning round—Referenced:• How to measure and improve developer productivity | Nicole Forsgren (Microsoft Research, GitHub, Google): https://www.lennyspodcast.com/how-to-measure-and-improve-developer-productivity-nicole-forsgren-microsoft-research-github-goo/• DORA: https://dora.dev/• The role of AI in product development | Ryan J. Salva (VP of Product at GitHub, Copilot): https://www.lennyspodcast.com/the-role-of-ai-in-new-product-development-ryan-j-salva-vp-of-product-at-github-copilot/• GitHub Universe 2023 day 2 keynote: The productivity platform for all developers: https://www.youtube.com/watch?v=h_o9kFPVeiw• Satya Nadella on LinkedIn: https://www.linkedin.com/in/satyanadella/• TomTom: https://www.tomtom.com/• Failing Forward: Turning Mistakes into Stepping Stones for Success: https://www.amazon.com/Failing-Forward-Turning-Mistakes-Stepping/dp/0785288570/• Good to Great: Why Some Companies Make the Leap and Others Don't: https://www.amazon.com/Good-Great-Some-Companies-Others/dp/0066620996• Turning the Flywheel: A Monograph to Accompany Good to Great: https://www.amazon.com/Turning-Flywheel-Monograph-Accompany-Great/dp/0062933795• Dare to Lead Like a Girl: How to Survive and Thrive in the Corporate Jungle: https://www.amazon.com/Dare-Lead-Like-Girl-Corporate/dp/1538163527• All the Light We Cannot See on Netflix: https://www.netflix.com/title/81083008• The Wheel of Time on Amazon Prime: https://www.amazon.com/Wheel-Time-Season-1/dp/B09F59CZ7R—Production and marketing by https://penname.co/. For inquiries about sponsoring the podcast, email podcast@lennyrachitsky.com.—Lenny may be an investor in the companies discussed. Get full access to Lenny's Newsletter at www.lennysnewsletter.com/subscribe

Randall Degges, Head of Developer Relations & Community at Snyk, joins Corey on Screaming in the Cloud to discuss Snyk's innovative AI strategy and why developers don't need to be afraid of security. Randall explains the difference between Large Language Models and Symbolic AI, and how combining those two approaches creates more accurate security tooling. Corey and Randall also discuss the FUD phenomenon to selling security tools, and Randall expands on why Snyk doesn't take that approach. Randall also shares some background on how he went from being a happy Snyk user to a full-time Snyk employee. About RandallRandall runs Developer Relations & Community at Snyk, where he works on security research, development, and education. In his spare time, Randall writes articles and gives talks advocating for security best practices. Randall also builds and contributes to various open-source security tools.Randall's realms of expertise include Python, JavaScript, and Go development, web security, cryptography, and infrastructure security. Randall has been writing software for over 20 years and has built a number of popular API services and open-source tools.Links Referenced: Snyk: https://snyk.io/ Snyk blog: https://snyk.io/blog/ TranscriptAnnouncer: Hello, and welcome to Screaming in the Cloud with your host, Chief Cloud Economist at The Duckbill Group, Corey Quinn. This weekly show features conversations with people doing interesting work in the world of cloud, thoughtful commentary on the state of the technical world, and ridiculous titles for which Corey refuses to apologize. This is Screaming in the Cloud.Corey: Welcome to Screaming in the Cloud, I'm Corey Quinn, and this featured guest episode is brought to us by our friends at Snyk. Also brought to us by our friends at Snyk is one of our friends at Snyk, specifically Randall Degges, their Head of Developer Relations and Community. Randall, thank you for joining me.Randall: Hey, what's up, Corey? Yeah, thanks for having me on the show, man. Looking forward to talking about some fun security stuff today.Corey: It's been a while since I got to really talk about a security-centric thing on this show, at least in order of recordings. I don't know if the one right before this is a security thing; things happen on the back-end that I'm blissfully unaware of. But it seems the theme lately has been a lot around generative AI, so I'm going to start off by basically putting you in the hot seat. Because when you pull up a company's website these days, the odds are terrific that they're going to have completely repositioned absolutely everything that they do in the context of generative AI. It's like, “We're a generative AI company.” It's like, “That's great.” Historically, I have been a paying customer of Snyk so that it does security stuff, so if you're now a generative AI company, who do I use for the security platform thing that I was depending upon? You have not done that. First, good work. Secondly, why haven't you done that?Randall: Great question. Also, you said a moment ago that LLMs are very interesting, or there's a lot of hype around it. Understatement of the last year, for sure [laugh].Corey: Oh, my God, it has gotten brutal.Randall: I don't know how many billions of dollars have been dumped into LLM in the last 12 months, but I'm sure it's a very high number.Corey: I have a sneaking suspicion that the largest models cost at least a billion each train, just based upon—at least retail price—based upon the simple economics of how long it takes to do these things, how expensive that particular flavor of compute is. And the technology is his magic. It is magic in a box and I see that, but finding ways that it applies in different ways is taking some time. But that's not stopping the hype beasts. A lot of the same terrible people who were relentlessly pushing crypto have now pivoted to relentlessly pushing generative AI, presumably because they're working through Nvidia's street team, or their referral program, or whatever it is. Doesn't matter what the rest of us do, as long as we're burning GPU cycles on it. And I want to distance myself from that exciting level of boosterism. But it's also magic.Randall: Yeah [laugh]. Well, let's just talk about AI insecurity for a moment and answer your previous question. So, what's happening in space, what's the deal, what is all the hype going to, and what is Snyk doing around there? So, quite frankly—and I'm sure a lot of people on your show say the same thing—but Snyk isn't new into, like, the AI space. It's been a fundamental part of our platform for many years now.So, for those of you listening who have no idea what the heck Snyk is, and you're like, “Why are we talking about this,” Snyk is essentially a developer security company, and the core of what we do is two things. The first thing is we help scan your code, your dependencies, your containers, all the different parts of your application, and detect vulnerabilities. That's the first part. The second thing we do is we help fix those vulnerabilities. So, detection and remediation. Those are the two components of any good security tool or security company.And in our particular case, we're very focused on developers because our whole product is really based on your application and your application security, not infrastructure and other things like this. So, with that being said, what are we doing at a high level with LLMs? Well, if you think about AI as, like, a broad spectrum, you have a lot of different technologies behind the scenes that people refer to as AI. You have lots of these large language models, which are generating text based on inputs. You also have symbolic AI, which has been around for a very long time and which is very domain specific. It's like creating specific rules and helping do pattern detection amongst things.And those two different types of applied AI, let's say—we have large language models and symbolic AI—are the two main things that have been happening in industry for the last, you know, tens of years, really, with LLM as being the new kid on the block. So, when we're talking about security, what's important to know about just those two underlying technologies? Well, the first thing is that large language models, as I'm sure everyone listening to this knows, are really good at predicting things based on a big training set of data. That's why companies like OpenAI and their ChatGPT tool have become so popular because they've gone out and crawled vast portions of the internet, downloaded tons of data, classified it, and then trained their models on top of this data so that they can help predict the things that people are putting into chat. And that's why they're so interesting, and powerful, and there's all these cool use cases popping up with them.However, the downside of LLMs is because they're just using a bunch of training data behind the scenes, there's a ton of room for things to be wrong. Training datasets aren't perfect, they're coming from a ton of places, and even if they weren't perfect, there's still the likelihood that things that are going to be generating output based on a statistical model isn't going to be accurate, which is the whole concept of hallucinations.Corey: Right. I wound up remarking on the livestream for GitHub Universe a week or two ago that the S in AI stood for security. One of the problems I've seen with it is that it can generate a very plausible looking IAM policy if you ask it to, but it doesn't actually do what you think it would if you go ahead and actually use it. I think that it's still squarely in the realm of, it's great at creativity, it's great at surface level knowledge, but for anything important, you really want someone who knows what they're doing to take a look at it and say, “Slow your roll there, Hasty Pudding.”Randall: A hundred percent. And when we're talking about LLMs, I mean, you're right. Security isn't really what they're designed to do, first of all [laugh]. Like, they're designed to predict things based on statistics, which is not a security concept. But secondly, another important thing to note is, when you're talking about using LLMs in general, there's so many tricks and techniques and things you can do to improve accuracy and improve things, like for example, having a ton of [contexts 00:06:35] or doing Few-Shot Learning Techniques where you prompt it and give it examples of questions and answers that you're looking for can give you a slight competitive edge there in terms of reducing hallucinations and false information.But fundamentally, LLMs will always have a problem with hallucinations and getting things wrong. So, that brings us to what we mentioned before: symbolic AI and what the differences are there. Well, symbolic AI is a completely different approach. You're not taking huge training sets and using machine learning to build statistical models. It's very different. You're creating rules, and you're parsing very specific domain information to generate things that are highly accurate, although those models will fail when applied to general-purpose things, unlike large language models.So, what does that mean? You have these two different types of AI that people are using. You have symbolic AI, which is very specific and requires a lot of expertise to create, then you have LLMs, which take a lot of experience to create as well, but are very broad and general purpose and have a capability to be wrong. Snyk's approach is, we take both of those concepts, and we use them together to get the best of both worlds. And we can talk a little bit about that, but I think fundamentally, one of the things that separates Snyk from a lot of other companies in the space is we're just trying to do whatever the best technical solution is to solve the problem, and I think we found that with our hybrid approach.Corey: I think that there is a reasonable distrust of AI when it comes to security. I mean, I wound up recently using it to build what has been announced by the time this thing airs, which is my re:Invent photo scavenger hunt app. I know nothing about front-end, so that's okay, I've got a robot in my pocket. It's great at doing the development of the initial thing, and then you have issues, and you want to add functionality, and it feels like by the time I was done with my first draft, that ten different engineers had all collaborated on this thing without ever speaking to one another. There was no consistent idiomatic style, it used a variety, a hodgepodge of different lists and the rest, and it became a bit of a Frankenstein's monster.That can kind of work if we're talking about a web app that doesn't have any sensitive data in it, but holy crap, the idea of applying that to, “Yeah, that's how we built our bank's security policy,” is one of those, “Let me know who said that, so they can not have their job anymore,” territory when the CSO starts [hunting 00:08:55].Randall: You're right. It's a very tenuous situation to be in from a security perspective. The way I like to think about it—because I've been a developer for a long time and a security professional—and I as much as anyone out there love to jump on the hype train for things and do whatever I can to be lazy and just get work done quicker. And so, I use ChatGPT, I use GitHub Copilot, I use all sorts of LLM-based tools to help me write software. And similarly to the problems when developers are not using LLM to help them write code, security is always a concern.Like, it doesn't matter if you have a developer writing every line of code themselves or if they're getting help from Copilot or ChatGPT. Fundamentally, the problem with security and the reason why it's such an annoying part of the developer experience, in all honesty, is that security is really difficult. You can take someone who's an amazing engineer, who has 30 years of experience, like, you can take John Carmack, I'm sure, one of the most legendary developers to ever walk the Earth, you could sit over his shoulder and watch him write software, right, I can almost guarantee you that he's going to have some sort of security problem in his code, even with all the knowledge he has in his head. And part of the reason that's the case is because modern security is way complicated. Like if you're building a web app, you have front-end stuff you need to protect, you have back-end stuff you need to protect, there's databases and infrastructure and communication layers between the infrastructure and the services. It's just too complicated for one person to fully grasp.And so, what do you do? Well, you basically need some sort of assistance from automation. You have to have some sort of tooling that can take a look at your code that you're writing and say, “Hey Randall, on line 39, when you were writing this function that's taking user data and doing something with it, you forgot to sanitize the user data.” Now, that's a simple example, but let's talk about a more complex example. Maybe you're building some authentication software, and you're taking users' passwords, and you're hashing them using a common hashing algorithm.And maybe the tooling is able to detect way using the bcrypt password hashing algorithm with a work factor of ten to create this password hash, but guess what, we're in 2023 and a work factor of ten is something that older commodity CPUs can now factor at a reasonable rate, and so you need to bump that up to 13 or 14. These are the types of things where you need help over time. It's not something that anyone can reasonably assume they can just deal with in their head. The way I like to think about it is, as a developer, regardless of how you're building code, you need some sort of security checks on there to just help you be productive, in all honesty. Like, if you're not doing that, you're just asking for problems.Corey: Oh, yeah. On some level, even the idea of it's just going to be very computationally expensive to wind up figuring out what that password hash is, well great, but one of the things that we've been aware of for a while is that given the rise of botnets and compromised computers, the attackers have what amounts to infinite computing capacity, give or take. So, if they want in, on some level, badly enough, they're going to find a way to get in there. When you say that every developer is going to sit down and write insecure code, you're right. And a big part of that is because, as imagined today, security is an incredibly high friction process, and it's not helped, frankly, by tools that don't have nuance or understanding.If I want to do a crap ton of busy work that doesn't feel like it moves the needle forward at all, I'll go around to resolving the hundreds upon hundreds of Dependabot alerts I have for a lot of my internal services that write my weekly newsletter. Because some dependency three deep winds up having a failure mode when it gets untrusted input of the following type, it can cause resource exhaustion. It runs in a Lambda function, so I don't care about the resources, and two, I'm not here providing the stuff that I write, which is the input with an idea toward exploiting stuff. So, it's busy work, things I don't need to be aware of. But more to the point, stuff like that has the high propensity to mask things I actually do care about. Getting the signal from noise from your misconfigured, ill-conceived alerting system is just awful. Like, a bad thing is there are no security things for you to work on, but a worse one is, “Here are 70,000 security things for you to work on.” How do you triage? How do you think about it?Randall: A hundred percent. I mean, that's actually the most difficult thing, I would say, that security teams have to deal with in the real world. It's not having a tool to help detect issues or trying to get people to fix them. The real issue is, there's always security problems, like you said, right? Like, if you take a look and just scan any codebase out there, any reasonably-sized codebase, you're going to find a ridiculous amount of issues.Some of those issues will be actual issues, like, you're not doing something in code hygiene that you need to do to protect stuff. A lot of those issues are meaningless things, like you said. You have a transitive dependency that some direct dependency is referring to, and maybe in some function call, there's an issue there, and it's alerting you on it even though you don't even use this function call. You're not even touching this class, or this method, or whatever it is. And it wastes a lot of time.And that's why the Holy Grail in the security industry in all honesty is prioritization and insights. At Snyk, we sort of pioneered this concept of ASPM, which stands for Application Security Posture Management. And fundamentally what that means is when you're a security team, and you're scanning code and finding all these issues, how do you prioritize them? Well, there's a couple of approaches. One approach is to use static analysis to try to figure out if these issues that are being detected are reachable, right? Like, can they be achieved in some way, but that's really hard to do statically and there's so many variables that go into it that no one really has foolproof solutions there.The second thing you can do is you can combine insights and heuristics from a lot of different places. So, you can take a look at static code analysis results, and you can combine them with agents running live that are observing your application, and then you can try to determine what stuff is actually reachable given this real world heuristic, and you know, real time information and mapping it up with static code analysis results. And that's really the holy grail of figuring things out. We have an ASPM product—or maybe it's a feature, an offering, if you will, but it's something that Snyk provides, which gives security admins a lot more insight into that type of operation at their business. But you're totally right, Corey, it's a really difficult problem to solve, and it burns a lot of goodwill in the security community and in the industry because people spend a lot of time getting false alerts, going through stuff, and just wasting millions of hours a year, I'm sure.Corey: That's part of the challenge, too, is that it feels like there are two classes of problems in the world, at least when it comes to business. And I found this by being on the wrong side of it, on some level. Here on the wrong side, it's things like caring about cost optimization, it's caring about security, it's remembering to buy fire insurance for your building. You can wind up doing all of those things—and you should be doing them, but you can over-index on them to the point where you run out of money and your business dies. The proactive side of that fence is getting features to market sooner, increasing market share, growing revenue, et cetera, and that's the stuff that people are always going to prioritize over the back burner stuff. So, striking a balance between that is always going to be a bit of a challenge, and where people land on that is going to be tricky.Randall: So, I think this is a really good bridge. You're totally right. It's expensive to waste people's time, basically, is what you're saying, right? You don't want to waste people's time, you want to give them actionable alerts that they can actually fix, or hopefully you fix it for them if you can, right? So, I'm going to lay something out, which is, in our opinion, is the Snyk way, if you will, that you should be approaching these developer security issues.So, let's take a look at two different approaches. The first approach is going to be using an LLM, like, let's say, just ChatGPT. We'll call them out because everyone knows ChatGPT. The first approach we're going to take is—Corey: Although I do insist on pronouncing it Chat-Gippity. But please, continue.Randall: [laugh]. Chat-Gippity. I love that. I haven't heard that before. Chat-Gippity. Sounds so much more fun, you know?Corey: It sounds more personable. Yeah.Randall: Yeah. So, you're talking to Chat-Gippity—thank you—and you paste in a file from your codebase, and you say, “Hey, Chat-Gippity. Here's a file from my codebase. Please help me identify security issues in here,” and you get back a long list of recommendations.Corey: Well, it does more than that. Let me just interject there because one of the things it does that I think very few security engineers have mastered is it does it politely and constructively, as opposed to having an unstated tone of, “You dumbass,” which I beli—I've [unintelligible 00:17:24] with prompts on this. You can get it to have a condescending, passive-aggressive tone, but you have to go out of your way to do it, as opposed to it being the default. Please continue.Randall: Great point. Also, Daniel from Unsupervised Learning, by the way, has a really good post where he shows you setting up Chat-Gippity to mimic Scarlett Johansson from the movie Her on your phone so you can talk to it. Absolutely beautiful. And you get these really fun, very nice responses back and forth around your code analysis. So, shout out there.But going back to the point. So, if you get these responses back from Chat-Gippity, and it's like, “Hey look, here's all the security issues,” a lot of those things will be false alerts, and there's been a lot of public security research done on these analysis tools just give you information. A lot of those things will be false alerts, some things will be things that maybe they're a real problem, but cannot be fixed due to transitive dependencies, or whatever the issues are, but there's a lot of things you need to do there. Now, let's take it up one notch, let's say instead of using Chat-Gippity directly, you're using GitHub Copilot. Now, this is a much better situation for working with code because now what Microsoft is doing is let's say you're running Copilot inside of VS Code. It's able to analyze all the files in your codebase, and it's able to use that additional context to help provide you with better information.So, you can talk to GitHub Copilot and say, “Hey, I'd really like to know what security issues are in this file,” and it's going to give you maybe a little bit better answers than ChatGPT directly because it has more context about the other parts of your codebase and can give you slightly better answers. However, because these things are LLMs, you're still going to run into issues with accuracy, and hallucinations, and all sorts of other problems. So, what is the better approach? And I think that's fundamentally what people want to know. Like, what is a good approach here?And on the scanning side, the right approach in my mind is using something very domain specific. Now, what we do at Snyk is we have a symbolic AI scanning engine. So, we take customers' code, and we take an entire codebase so you have access to all the files and dependencies and things like this, and you take a look at these things. And we have a security analyst team that analyzes real-world security issues and fixes that have been validated. So, we do this by pulling lots of open-source projects as well as other security information that we originally produced, and we define very specific rules so that we can take a look at software, and we can take a look at these codebases with a very high degree of certainty.And we can give you a very actionable list of security issues that you need to address, and not only that, we can show you how is going to be the best way to address them. So, with that being said, I think the second side to that is okay, if that's a better approach on the scanning side, maybe you shouldn't be using LLMs for finding issues; maybe you should be using them for fixing security issues, which makes a lot of sense. So, let's say you do it the Snyk way, and you use symbolic AI engines and you sort of find these issues. Maybe you can just take that information then, in combination with your codebase, and fire off a request to an LLM and say, “Hey Chat-Gippity, please take this codebase, and take this security information that we know is accurate, and fix this code for me.” So, now you're going one step further.Corey: One challenge that I've seen, especially as I've been building weird software projects with the help of magic robots from the future, is that a lot of components, like in React for example, get broken out into their own file. And pasting a file in is all well and good, but very often, it needs insight into the rest of the codebase. At GitHub Universe, something that they announced was Copilot Enterprise, which trains Copilot on the intricacies of your internal structures around shared libraries, all of your code, et cetera. And in some of the companies I'm familiar with, I really believe that's giving a very expensive, smart robot a form of brain damage, but that's neither here nor there. But there's an idea of seeing the interplay between different components that individual analysis on a per-file basis will miss, feels to me like something that needs a more holistic view. Am I wrong on that? Am I oversimplifying?Randall: You're right. There's two things we need to address. First of all, let's say you have the entire application context—so all the files, right—and then you ask an LLM to create a fix for you. This is something we do at Snyk. We actually use LLMs for this purpose. So, we take this information we ask the LLM, “Hey, please rewrite this section of code that we know has an issue given this security information to remove this problem.” The problem then becomes okay, well, how do you know this fix is accurate and is not going to break people's stuff?And that's where symbolic AI becomes useful again. Because again, what is the use case for symbolic AI? It's taking very specific domains of things that you've created very specific rule sets for and using them to validate things or to pass arbitrary checks and things like that. And it's a perfect use case for this. So, what we actually do with our auto-fix product, so if you're using VS Code and you have Copilot, right, and Copilot's spitting out software, as long as you have Snyk in the IDE, too, we're actually taking a look at those lines of code Copilot just inserted, and a lot of the time, we are helping you rewrite that code to be secured using our LLM stuff, but then as soon as we get that fixed created, we actually run it through our symbolic engine, and if we're saying no, it's actually not fixed, then we go back to the LLM, we re-prompt it over and over again until we get a working solution.And that's essentially how we create a much more sophisticated iteration, if you will, of using AI to really help improve code quality. But all that being said, you still had a good point, which is maybe if you're using the context from the application, and people aren't doing things properly, how does that impact what LLMs are generating for you? And an interesting thing to note is that our security team internally here, just conducted a really interesting project, and I would be angry at myself if I didn't explain it because I think it's a very cool concept.Corey: Oh, please, I'm a big fan of hearing what people get up to with these things in ways that is real-world stories, not trying to sell me anything, or also not dunking on, look what I saw on the top of Hacker News the other day, which is, “If all you're building is something that talks to Chat-Gippity's API, does some custom prompting, and returns a response, you shouldn't be building it.” I'm like, “Well, I built some things that do exactly that.” But I'm also not trying to raise $6 million in seed money to go and productize it. I'm just hoping someone does it better eventually, but I want to use it today. Please tell me a real world story about something that you've done.Randall: Okay. So, here's what we did. We went out and we found a bunch of GitHub projects, and we tried to analyze them ourselves using a bunch of different tools, including human verification, and basically give it a grade and say, “Okay, this project here has really good security hygiene. Like, there's not a lot of issues in the code, things are written in a nice way, the style and formatting is consistent, the dependencies are up-to-date, et cetera.” Then we take a look at multiple GitHub repos that are the opposite of that, right? Like, maybe projects that hadn't been maintained in a long time, or were written in a completely different style where you have bad hygienic practices, maybe you have hard-coded secrets, maybe you have unsanitized input coming from a user or something, right, but you take all these things.So, we have these known examples of good and bad projects. So, what did we do? Well, we opened them up in VS Code, and we basically got GitHub Copilot and we said, “Okay, what we're going to do is use each of these codebases, and we're going to try to add features into the projects one at a time.” And what we did is we took a look at the suggested output that Copilot was giving us in each of these cases. And the interesting thing is that—and I think this is super important to understand about LLMs, right—but the interesting thing is, if we were adding features to a project that has good security hygiene, the types of code that we're able to get out of LLMs, like, GitHub Copilot was pretty good. There weren't a ton of issues with it. Like, the actual security hygiene was, like, fairly good.However, for projects where there were existing issues, it was the opposite. Like we'd get AI recommendations showing us how to write things insecurely, or potentially write things with hard-coded secrets in it. And this is something that's very reproducible today in, you know, what is it right now, middle of November 2023. Now, is it going to be this case a year from now? I don't necessarily know, but right now, this is still a massive problem, so that really reinforces the idea that not only when you're talking about LLMs is the training set they used to build the model's important, but also the context in which you're using them is incredibly important.It's very easy to mislead LLMs. Another example of this, if you think about the security scanning concept we talked about earlier, imagine you're talking to Chat-Gippity, and you're [pasting 00:25:58] in a Python function, and the Python function is called, “Completely_safe_not_vulnerable_function.” That's the function name. And inside of that function, you're backdooring some software. Well, if you ask Chat-Gippity multiple times and say, “Hey, the temperature is set to 1.0. Is this code safe?”Sometimes you'll get the answer yes because the context within the request that has that thing saying this is not a vulnerable function or whatever you want to call it, that can mislead the LLM output and result in problems, you know? It's just, like, classic prompt injection type issues. But there's a lot of these types of vulnerabilities still hidden in plain sight that impact all of us, and so it's so important to know that you can't just rely on one thing, you have to have multiple layers: something that helps you with things, but also something that is helping you fix things when needed.Corey: I think that's the key that gets missed a lot is the idea of it's not just what's here, what have you put here that shouldn't be; what have you forgotten? There's a different side of it. It's easy to do a static analysis and say, “Oh, you're not sanitizing your input on this particular form.” Great. Okay—well, I say it's easy. I wish more people would do that—but then there's also a step beyond of, what is it that someone who has expertise who's been down this road before would take one look at your codebase and say, “Are you making this particular misconfiguration or common misstep?”Randall: Yeah, it's incredibly important. You know, like I said, security is just one of those things where it's really broad. I've been working in security for a very long time and I make security mistakes all the time myself.Corey: Yeah. Like, in your developer environment right now, you ran this against the production environment and didn't get permissions errors. That is suspicious. Tell me more about your authentication pattern.Randall: Right. I mean, there's just a ton of issues that can cause problems. And it's… yeah, it is what it is, right? Like, software security is something difficult to achieve. If it wasn't difficult, everyone would be doing it. Now, if you want to talk about, like, vision for the future, actually, I think there's some really interesting things with the direction I see things going.Like, a lot of people have been leaning into the whole AI autonomous agents thing over the last year. People started out by taking LLMs and saying, “Okay, I can get it to spit out code, I can get it to spit out this and that.” But then you go one step further and say, “All right, can I get it to write code for me and execute that code?” And OpenAI, to their credit, has done a really good job advancing some of the capabilities here, as well as a lot of open-source frameworks. You have Langchain, and Baby AGI, and AutoGPT, and all these different things that make this more feasible to give AI access to actually do real meaningful things.And I can absolutely imagine a world in the future—maybe it's a couple of years from now—where you have developers writing software, and it could be a real developer, it could be an autonomous agent, whatever it is. And then you also have agents that are taking a look at your software and rewriting it to solve security issues. And I think when people talk about autonomous agents, a lot of the time they're purely focusing on LLMs. I think it's a big mistake. I think one of the most important things you can do is focus on the very niche symbolic AI engines that are going to be needed to guarantee accuracy with these things.And that's why I think the Snyk approach is really cool, you know? We dedicated a huge amount of resources to security analysts building these very in-depth rule sets that are guaranteeing accuracy on results. And I think that's something that the industry is going to shift towards more in the future as LLMs become more popular, which is, “Hey, you have all these great tools, doing all sorts of cool stuff. Now, let's clean it up and make it accurate.” And I think that's where we're headed in the next couple of years.Corey: I really hope you're right. I think it's exciting times, but I also am leery when companies go too far into boosterism where, “Robots are going to do all of these things for us.” Maybe, but even if you're right, you sound psychotic. And that's something that I think gets missed in an awful lot of the marketing that is so breathless with anticipation. I have to congratulate you folks on not getting that draped over your message, once again.My other favorite part of your messaging when you pull up snyk.com—sorry, snyk.io. What is it these days? It's the dot io, isn't it?Randall: Dot io. It's hot.Corey: Dot io, yes.Randall: Still hot, you know?Corey: I feel like I'm turning into a boomer here where, “The internet is dot com.”Randall: [laugh].Corey: Doesn't necessarily work that way. But no, what I love is the part where you have this fear-based marketing of if you wind up not using our product, here are all the terrible things that will happen. And my favorite part about that marketing is it doesn't freaking exist. It is such a refreshing departure from so much of the security industry, where it does the fear, uncertainty, and doubt nonsense stuff that I love that you don't even hint in that direction. My actual favorite thing that is on your page, of course, is at the bottom. If you mouse over the dog in the logo at the bottom of the page, it does the quizzical tilting head thing, and I just think that is spectacular.Randall: So, the Snyk mascot, his name is Pat. He's a Doberman and everyone loves him. But yeah, you're totally right. The FUD thing is a real issue in security. Fear, uncertainty, and doubt, it's the way security companies sell products to people. And I think it's a real shame, you know?I give a lot of tech talks, at programming conferences in particular, around security and cryptography, and one of the things I always start out with when I'm giving a tech talk about any sort of security or cryptography topic is I say, “Okay, how many of you have landed in a Stack Overflow thread where you're talking about a security topic and someone replies and says, ‘oh, a professional should be doing this. You shouldn't be doing it yourself?'” That comes up all the time when you're looking at security topics on the internet. Then I ask people, “How many of you feel like security is this, sort of like, obscure, mystical arts that requires a lot of expertise in math knowledge, and all this stuff?” And a lot of people sort of have that impression.The reality though is security, and to some extent, cryptography, it's just like any other part of computer science. It's something that you can learn. There's best practices. It's not rocket science, you know? Maybe it is if you're developing a brand-new hashing algorithm from scratch, yes, leave that to the professionals. But using these things is something everyone needs to understand well, and there's tons of material out there explaining how to do things right. And you don't need to be afraid of this stuff, right?And so, I think, a big part of the Snyk message is, we just want to help developers just make their code better. And what is one way that you're going to do a better job at work, get more of your code through the PR review process? What is a way you're going to get more features out? A big part of that is just building things right from the start. And so, that's really our focus in our message is, “Hey developers, we want to be, like, a trusted partner to help you build things faster and better.” [laugh].Corey: It's nice to see it, just because there's so much that just doesn't work out the way that we otherwise hope it would. And historically, there's been a tremendous problem of differentiation in the security space. I often remark that at RSA, there's about 12 companies exhibiting. Now sure, there are hundreds of booths, but it's basically the same 12 things. There's, you know, the entire row of firewalls where they use different logos and different marketing words on the slides, but they're all selling fundamentally the same thing. One of things I've always appreciated about Snyk is it has never felt that way.Randall: Well, thanks. Yeah, we appreciate that. I mean, our whole focus is just developer security. What can we do to help developers build things securely?Corey: I mean, you are sponsoring this episode, let's be clear, but also, we are paying customers of you folks, and that is not—those things are not related in any way. What's the line that we like to use that we stole from the RedMonk folks? “You can buy our attention, but not our opinion.” And our opinion of what you folks are up to is then stratospherically high for a long time.Randall: Well, I certainly appreciate that as a Snyk employee who is also a happy user of the service. The way I actually ended up working at Snyk was, I'd been using the product for my open-source projects for years, and I legitimately really liked it and I thought this was cool. And yeah, I eventually ended up working here because there was a position, and you know, a friend reached out to me and stuff. But I am a genuinely happy user and just like the goal and the mission. Like, we want to make developers' lives better, and so it's super important.Corey: I really want to thank you for taking the time to speak with me about all this. If people want to learn more, where's the best place for them to go?Randall: Yeah, thanks for having me. If you want to learn more about AI or just developer security in general, go to snyk.io. That's S-N-Y-K—in case it's not clear—dot io. In particular, I would actually go check out our [Snyk Learn 00:34:16] platform, which is linked to from our main site. We have tons of free security lessons on there, showing you all sorts of really cool things. If you check out our blog, my team and I in particular also do a ton of writing on there about a lot of these bleeding-edge topics, and so if you want to keep up with cool research in the security space like this, just check it out, give it a read. Subscribe to the RSS feed if you want to. It's fun.Corey: And we will put links to that in the [show notes 00:34:39]. Thanks once again for your support, and of course, putting up with my slings and arrows.Randall: And thanks for having me on, and thanks for using Snyk, too. We love you [laugh].Corey: Randall Degges, Head of Developer Relations and Community at Snyk. This featured guest episode has been brought to us by our friends at Snyk, and I'm Corey Quinn. If you've enjoyed this episode, please leave a five-star review on your podcast platform of choice, whereas if you've hated this episode, please leave a five-star review on your podcast platform of choice, along with an angry comment that I will get to reading immediately. You can get me to read it even faster if you make sure your username is set to ‘Dependabot.'Corey: If your AWS bill keeps rising and your blood pressure is doing the same, then you need The Duckbill Group. We help companies fix their AWS bill by making it smaller and less horrifying. The Duckbill Group works for you, not AWS. We tailor recommendations to your business, and we get to the point. Visit duckbillgroup.com to get started.

Dans cet épisode, Emmanuel, Guillaume et Katia abordent les nouveautés Java, le lancement du langage Misty par Douglas Crockford, l'arrivée de WasmGC dans Chrome, la sortie de Spring Framework 6.1, des évolutions dans les bibliothèques comme Vert.x 4.5, et des conseils sur la création de langages de programmation. L'épisode couvre également des actualités dans les domaines de l'infrastructure avec le premier ordinateur cloud commercial par Oxide, des annonces sur les frameworks web comme Angular v17, des réflexions sur les architectures monolithiques versus microservices, et sans oublier le soap Opéra du moins de novembre avec OpenAI en vedette. Enregistré le 23 novembre 2023 Téléchargement de l'épisode LesCastCodeurs-Episode-302.mp3 News Langages Recap Javaiste https://www.infoq.com/news/2023/10/java-news-roundup-oct09-2023 la JEP 454 sur l'appel a la memoire et les API dites natives passera en target pour JDK 22 avec une façon d'ajouter les appels de méthodes restreintes sans le flag --enable-native-access (via un manifeste dans le JAR) JDK 22 prévu pour mars 2024 Spring Framework 6.1 est sorti (RC2) Tomcat a quelques CVE donc mettez à jour Douglas Crockford, le papa de JSON, sort un nouveau langage dénommé Misty https://www.crockford.com/misty/ Utilise des caractères unicodes pour définir des chaînes de caractères avec des chevrons, ou pour les opérateurs de base (comparison, and/or) Support de programmation concurrente avec les actors WasmGC arrive dans Chrome, par l'intermédiaire de v8 https://v8.dev/blog/wasm-gc-porting historiquement il fallait compiler le port du langage lui meme (et donc son GC) Maintenant on peut compiler le code (java) dans des primitives Wasm et WasmGC Java python et co ont des VM qui sont compilées pour toutes les architecture cibles (ARM, x86 etc) y compris le JIT, AOT donc on peut définir comme backend WASM lui meme, c'est l'approche classique WasmGC définit des structs et des array avec des champs dans lesquels on peut créer des instances, lire/écrire les champs, caster dans d'autres types et ces objects sont managés par WasmGC lui meme. on a un système de type du coup et des relations entre ces types Donc on représenterait les objets Java en objets Wasm avantage et inconvenient des deux approches tous les codes de management d'objets ne sont plus nécessaires (y compris malloc) -> gain memoire en mode GC dans le langage les liens object langage objets Wasm sont inefficaces car le lien langage -> wasm définissent l'instance entière Wasm, donc des gros cycles d'objets ne sont pas GCed Wasm sandbox empêche d'inspecter la stack et d'éliminer des objets plus efficacement, et il n'y a pas d'API pour aider donc seul WasmGC peut utiliser cet avantage. un seul GC a des avantages: meilleure gestion de la pression memoire mais on réutilise le GC du web (genre V8) vs celui de Java. (c'est moins un problème pour les autres langages avec des gc moins sophistiqués) fragmentation memoire, est plus proéminent quand on a des modules de type C qui peur garder des gros blocs memoire “quasi vide” (opaque). c'est managé plus finement en WasmGC Sémantiques de langage est plus dur a achevé vu qu'on map en concepts WasmGC, il y a de la transformation. sémantiques chaine de caractère, nombres, etc peuvent être un peu ajusté un port utilisant WasmGC n'est pas une réécriture de tout mais un gros morceau de la VM du langage cible est a réécrire WasmGC peut optimiser comme les patterns en JVM mais en WasmMVP c'est la toolchain avant qui fait le travail d'optimisation (e.g. LLVM) donc avec WasmGC, la toolchain fera les optimisations de langage et WasmGC fera les optimisations low level (inlining, constant propagation, dead code elimination) puis d'autres optimisation specific a WasmGC comme les escape analysis, et ils parlent d'optimisations dans V8 pour approcher les appels dynamique a la Java (pas défini a la compilation) Ecrire un langage de programmation… ça prend du temps… beaucoup de temps https://yorickpeterse.com/articles/a-decade-of-developing-a-programming-language/ Évitez le gradual typing Évitez le boostrapping de votre compilateur Évitez d'écrire votre propre générateur de code, linker, etc Évitez de tergiverser trop longtemps sur la syntaxe La prise en charge multiplateforme est un défi Les livres sur les compilateurs compilateurs ne valent pas l'argent que vous dépenserez dessus Faire grandir et évoluer un langage de programmation est difficile La meilleure suite de tests est une application réelle Ne privilégiez pas les performances sur les fonctionnalités. Librairies Spring Boot rajoute le hot reload des certificats SSL pour embedded Netty et Tomcat https://spring.io/blog/2023/11/07/ssl-hot-reload-in-spring-boot-3-2-0 utilisez reload-on-update: true et écoute les changements de fichiers pas mal dans les déploiements non immuables (pas comme kubernetes) VertX 4.5 est sorti https://vertx.io/blog/whats-new-in-vert-x-4-5/ support des thread virtuels qui permet d'écrire le code synchrone pour des cas complexes et utiliser les thread locaux dans ces cas la. Cela ne remplacement pas le code de process des événements le code put faire des future await qui ne bloqueront pas le thread principal connection SQL dynamique: quand le host change dynamiquement dans l'application support des proxies de niveau 7 pour les clients SQL rotation certificats a chaud des builders (HTTP, SQL connection) extensions pour utiliser les coroutines kotlin Integration declarative de Langchain4j dans Quarkus https://quarkus.io/blog/quarkus-meets-langchain4j/ Infrastructure Oxide sort le premier ordinateur cloud disponible commercialement https://oxide.computer/blog/the-cloud-computer pas facile de séparer le buzz de la réalité on dirait un ordi purpose built avec l'efficience et le cote compact en tete ils poussent contre le mode location uniquement des cloud providers en gros inspire des cloud providers qui construisent leurs propres ordis (et meme CPUs maintenant !) construit le hardware et le software en co optimisation c'est un rack entier, peu de bruit de ventilateur pas de cable (seul E/S du rack) donc ils ont leurs propres switch compliqué de différencier l'avantage du désavantage Les leçons tirées de 20 de Site Reliability Engineering par Google https://sre.google/resources/practices-and-processes/twenty-years-of-sre-lessons-learned/ Le risque d'une mitigation doit être proportionné à la gravité de la panne Les mécanismes de récupération doivent être entièrement testés avant une urgence Canarisez tous les changements Avoir un “gros bouton rouge” Les tests unitaires ne suffisent pas, des tests d'intégration sont également nécessaires CANAUX DE COMMUNICATION ! ET CANAUX DE SECOURS !! ET DES SAUVEGARDES POUR CES CANAUX DE SECOURS !!! Modes de dégradation intentionnelle des performances Tester la résilience aux catastrophes Automatisez vos mitigations Réduisez le temps entre les déploiements, afin de diminuer la probabilité que le déploiement tourne mal Une seule version matérielle globale est un point de défaillance unique Karpenter une evolution de autoscaler pour les cluster kubernetes https://blog.ippon.fr/2023/11/07/mettez-a-lechelle-vos-clusters-kubernetes-de-maniere-efficace-et-faites-des-economies-avec-karpenter/ fonctionne uniquement pour AWS aujourd'hui et un projet AWS donc a voir la portabilité permet d'ajouter ou de supprimer des noeuds au cluster kubernetes en dynamique pour right sizer ses clusters bypass les API kube pour la creation d'instance et utilise les APIs AWS EC2 directement permet des noeuds hétérogènes (pas homogène comme autoscaler) et se right size rapidement (e.g. 30s pour éteindre un noeud) besoin d'applis cloud native par elles vont être baladées Web Deno! https://www.infoq.com/news/2023/10/deno-jupyter-integration Dev experience, jupyter notebook integration Améliorations sur Visual Studio Code extension (compatible avec NodeJS) Exec native sur Jupyter de javascript et typescript permet d'effectuer des analyses de données, construire des modèles d'apprentissage automatique et générer des rapports interactifs avec Deno Visualisation dynamiques avec D3 dans le notebook Connection à Deno KV Plusieurs améliorations sur le testing, APIs etc Lancement du nouveau site angular.dev et de la version v17 du framework https://blog.angular.io/announcing-angular-dev-1e1205fa3039 nouvelle doc, nouveaux tutoriels, et bac à sable un nouveau logo aussi mais cette version v17 est la continuation d'Angular, pas une toute nouvelle version qui casse tout le nouveau “control flow” devient GA, et propose des conditionals (if, else…) https://blog.angular.io/meet-angulars-new-control-flow-a02c6eee7843 le blog d'Angular mentionne les nouveautés, au-delà du revamp de la documentation https://blog.angular.io/introducing-angular-v17-4d7033312e4b Cédric Exbrayat mets les mains dans le cambouis et couvre les nouveautés techniques dans le blog des Ninja Squad https://blog.ninja-squad.com/ Et les nouveautés aussi du côté de la CLI https://blog.ninja-squad.com/2023/11/09/angular-cli-17.0/ beaucoup de focus sur l'apprentissage et la manipulation concrete avec le bac a sable et les tutoriaux le site lui meme est maintenant open source (il ne l'était pas avant?) le logo est nouveau et adaptable par les communautés Outillage Il est possible de signer et notariser des applications pour macOS sur des machines non-Apple https://gregoryszorc.com/blog/2022/08/08/achieving-a-completely-open-source-implementation-of-apple-code-signing-and-notarization/ implémenté en Rust pratique pour son pipeline CI/CD basé sur Linux a priori, il y a des outils similaires pour le monde Windows, qui permet de signer sur une machine non-Windows https://github.com/mtrojnar/osslsigncode Lors de son Github Universe, Copilot fait le show ! https://github.blog/2023-11-08-universe-2023-copilot-transforms-github-into-the-ai-powered-developer-platform/ Copilot Chat sera GA en décembre, il utilise GPT4, il permet de guider le développeur, de générer du code, de détecter des erreurs et aide à les corriger, d'expliquer le code Intégration à venir de Copilot Chat dans les IDEs de JetBrains Copilot Chat va être intégrer sur github.com et dans l'appli mobile aussi Introduction de GitHub Copilot Enterprise pour les sociétés, qui permettra de spécialisé le modèle sur le code de l'entreprise Intégration de Copilot ans Workspace, donc quand on voudra adresser un bug, créer un pull request, Copilot pourra nous aider étape par étape, suggérer un plan d'action Copilot Enterprise permettra de faire des recherches avec le contexte entier du code de l'entreprise, donc idéalement meilleur que le focus sur un repo de Copilot Un guide sur OpenRewrite https://feeds.feedblitz.com//819402521/0/baeldungA-Guide-to-OpenRewrite permet de refactorer le code via des règles mise a jour de dependences, enlever usage d'api dépréciées, migration d'une bibliothèque a une autre, etc migration java, migration framework, transformations spécifiques a votre société OpenRewrite vient avec un écosystème de recettes intégration via maven ou gradle la suite montre des examples de migrations Architecture Article interessant sur Monolithe vs Microservices ! https://www.infoq.com/articles/monolith-versus-microservices/ Le débat monolithe vs microservices. Les monolithes reviennent, par exemple spring-modulith https://spring.io/projects/spring-modulith Les microservices sont la solution à la complexité plutôt que la cause de celle-ci. Toutes les applications deviendront complexes ; au-delà d'un certain point, les microservices nous aideront à gérer cette complexité. Les microservices comportent des coûts et des avantages. Si les avantages ne l'emportent pas sur les coûts, vous n'aurez pas une expérience positive avec les microservices. Nous pouvons arrêter notre transition vers les microservices quelque part au milieu du spectre, ce que j'aime appeler le modèle hybride. À ce stade, nous pouvons avoir quelques gros services mélangés à quelques petits services. Nous pouvons avoir le meilleur des deux mondes : la simplicité et la commodité du monolithe combinées à la flexibilité et à la scalabilité des microservices. Il n'y a pas de choix binaire entre monolithique et microservices. En réalité, il existe un spectre de possibilités entre les deux. Si vous vous êtes fixé à l'une des extrémités du spectre, vous passez à côté de la grande variété d'architectures intermédiaires. Nous devrions cesser de parler de monolithe contre microservices et plutôt avoir un débat plus nuancé sur la taille appropriée des services. les microservices mettent sur le devant de la scene la complexification du système, les monolithes le cachent sous le tapis les microservices permette de manager cette complexité automatisation est la clés dans l'adoption des microservices bien aligner son architecture et son domain ou alors la douleur arrive Sécurité Une explication de la CVE sur HTTP/2 https://quarkus.io/blog/cve-2023-44487/ en fonction de l'implémentation, le risque est plus ou moins grand (de plus de CPU a un full DDOS) au cœur du problème est la capacité d'envoyer pleins de requêtes en parallèle sur le meme pipeline HTTP/2 les serveurs ont en general une limite au streams en parallèle (genre 100) la CVE est exploitée cote client en ouvrant et fermant rapidement une stream, c'est plus léger sur le client, le serveur a un delai dans sont processing ce qui permet de bypasser la limit et affamer les resources du serveur c'es catastrophique en cas de one thread per request (thread starvation) en event loop, c'est une queue plus grande (donc le cas de quarkus) pour mitiger, quarkus regarde le nombre de stream close requests par seconde pour détecter les abus (200 requêtes de fermeture sur une fetnetre de 30s) Data / IA Elon Musk annonce son LLM, appelé Grok https://x.ai/ Connectivité en temps réel avec Twitter ! Fenêtre de contexte de 25k characters Le LLM garderait le contexte de la conversation (au lieu d'avoir à toujours renvoyer toute la discussion dans le contexte, à cause du côté sans état des LLMs habituellement) Le style, la personnalité, du LLM, serait assez humoristique, voire carrément sarcastique, à la Musk… et déjà sur Twitter une personne commentait en disant que c'était le LLM “anti-woke” Grok serait disponible pour les utilisateurs payants de Twitter OpenAI fait 4 nouvelles annonces https://openai.com/blog/new-models-and-developer-products-announced-at-devday GPT-4 Turbo : leur dernier et plus puissant LLM. Il offre un contexte de 128k tokens, des prix plus bas et des quotas plus élevés. 128k c'est comme Claude Assistants API : une solution permettant de créer des mini assistants personnalisés et de les exposer via une API. L'objectif est de faciliter l'intégration des solutions GenAI dans les applications, avec des fonctionnalités de gestion des conversations, d'interprétation de code et de RAG. API pour DALL•E 3 : un modèle de 3e génération pour la génération d'images. GPTs : des versions personnalisées de ChatGPT, faciles à développer même sans compétences en programmation. Une place de marché sera disponible pour monétiser ces “GPTs”. Merci Didier et son X de résumer un article plus complet de SFEIR https://www.sfeir.dev/ia/quand-lesprit-de-noel-sinvite-a-lopenai-devday/ Protection juridique en cas d'attaque de droits d'auteur Loi, société et organisation Les acteurs et la IA, deal pour arrêter a grève https://www.bbc.com/news/entertainment-arts-67364587 Les acteurs et les grands studios d'Hollywood ont conclu un accord le 8 novembre pour mettre fin à une grève qui a paralysé la production de films et de séries aux États-Unis pendant plusieurs mois. L'accord prévoit une nouvelle convention collective de trois ans pour les acteurs (hormis les vedettes, les acteurs n'arrivent pas à gagner leur vie avec le streaming) Revalorisation importante des salaires minimums ainsi que des des garde-fous contre le IA. Un système de primes pour les rediffusions en streaming. Double mouvement social historique : acteurs sont entrés en grève mi-juillet, les scénaristes depuis début mai. La paralysie du secteur a coûté au moins 6 milliards de dollars. Les acteurs craignaient que les studios utilisent l'IA pour cloner leur voix et leur image, les réutiliser à perpétuité, sans compensation ni consentement. Les conditions entourant les droits des studios sur l'image des acteurs stars après leur mort a été négocié. Chute de WeWork, dépôt de bilan https://www.maddyness.com/2023/11/06/wework-impact-coworking-france/ La disparition annoncée du géant mondial du coworking marque un tournant pour le secteur, y compris en France. Asphyxié par une dette de près de 3 milliards de dollars Chute interminable entamée en 2019 WeWork était le leader mondial du secteur et, de par son statut de pionnier du coworking WeWork propose 15 établissements en France, tous situés à Paris Pourtant la demande pour le coworking ne cesse d'exploser Startups domicilient leur siège (Qonto par exemple) dans un espace de co-working Le modèle du coworking n'est pas remis en cause. WeWork, c'est un phénomène à part. Il y a eu une mauvaise gestion de départ d'une licorne qui croît à toute vitesse, en ne faisant absolument pas attention à son modèle économique de base (dit Clément Alteresco CEO de Morning) Mauvaise publicité pour le marché et les concurrents, mais considèrent qu'ils vont s'en sortir Les français, les utilisateurs twitter le plus violents d'Europe? https://www.huffingtonpost.fr/france/article/les-francais-sont-les-utilisateurs-de-twitter-les-plus-violents-d-europe_225331.html#:~:text=2023%2023%3A57-,Les%20Fran%C3%A7ais%20sont%20les%20utilisateurs%20de%20Twitter%20les%20plus%20violents,'Allemagne%20et%20l'Espagne. Les signalements de contenus, suppressions et suspensions pour propos violents et haineux au sein de X sont les plus nombreux en France, loin devant l'Allemagne et l'Espagne. 16.288 suppressions de messages contre 7.160 en Allemagne et 7.743 en Espagne X explique avoir une « équipe internationale et inter-fonctionnelle » de « modérateurs humains », qui travaillent « 24 heures sur 24 avec la capacité de couvrir plusieurs langues ». Sam Altman PDG d'OpenAI est débarqué par son conseil de surveillance https://thealgorithmicbridge.substack.com/p/why-openai-fired-sam-altman-and-what ça a surpris le monde la silicone valley dans lequel Altman est adulé. N ancien cofondateur a aussi été écarté à un poste périphérique mais a décidé de quitter le navire. C'est du à des tensions dans la boîte entre la partie lucrative et non lucrative d'OpenAI. Le conseil travail pour une AI sûre et pour le bien de l'humanité Sam Altman avait fait prendre le virage for du business depuis quelques années Il n'a selon le communiqué pas été franc et transparent avec son conseil de surveillance. Microsoft qui a misé sur ce cheval (OpenAI) n'était pas au courant, ni la plupart des employés d'OpenAI Quelques employés de OpenAI ont déjà démissionné la reduction des recherches fondamentales vs la productization a joué un role surement Et il n'est pas le seul à partir https://x.com/hellokillian/status/1725797467315486902?s=46&t=GLj1NFxZoCFCjw2oYpiJpw Encore mieux que Dallas le board négocie son retour au bout de 24h https://www.theverge.com/2023/11/18/23967199/breaking-openai-board-in-discussions-with-sam-altman-to-return-as-ceo Et le board saute: https://twitter.com/rowancheung/status/1726342477874102604?s=21&t=O1MqQ7XEw5hIAezn-npoQA Finalement, Satya Nadella annonce que Sam Altman et Greg Brockman rejoignent Microsoft dans une nouvelle équipe de recherche IA https://twitter.com/satyanadella/status/1726509045803336122 et finalement avec un nouveau board, Sam Altman retourne chez open AI https://x.com/sama/status/1727207458324848883?s=20 Les groupes “Responsible AI” chez Google, Microsoft et plus récemment Meta https://www.theverge.com/2023/11/18/23966980/meta-disbanded-responsible-ai-team-artificial-intelligence?utm_source=substack&utm_medium=email sont détruits meme débat chez OpenAI en fait. difficile de comprendre les raisons, à part que la course s'est accélérée l'article site les gouvernements qui veulent réguler mais je ne comprends pas en quoi cela influence Conférences Retrouvez les conférences sur le site Developers Conferences Agenda/List par Aurélie Vache. Nous contacter Pour réagir à cet épisode, venez discuter sur le groupe Google https://groups.google.com/group/lescastcodeurs Contactez-nous via twitter https://twitter.com/lescastcodeurs Faire un crowdcast ou une crowdquestion Soutenez Les Cast Codeurs sur Patreon https://www.patreon.com/LesCastCodeurs Tous les épisodes et toutes les infos sur https://lescastcodeurs.com/

В цьому епізоді Євген, Павло та наш гість Senior ML Engineer Михайло продовжили обговорювати останні новини зі світу AI.Чи буде модель Lyria game changer для музикантів-початківців, що презентували на GitHub Universe i на яку анонсовану фічу чекає Михайло. А також обговорили новий девайс AI Pin і його особливості.0:33 — представлення моделі Lyria від DeepMind5:47 — приклади генерації голосових звуків в музику16:14 — що презентували на івенті GitHub Universe17:59 — користування GitHub Copilot Chat36:26 — анонс AI Pin і як його можна використовуватиПідписуйся на наш подкаст на своїй улюбленій платформі аби не пропустити нові випуски. Будь в курсі останніх новин зі світу IT.

Bu bölümde Apple'ın yeni tanıttığı M3 işlemcili MacBook Pro'ları, Hamburg'taki denizcilik müzesini, Humane'in AI Pin'i ve OpenAI'ın DevDay'i üzerine sohbet ettik.Bizi dinlemekten keyif alıyorsanız, kahve ısmarlayarak bizi destekleyebilir ve Telegram grubumuza katılabilirsiniz. :)Yorumlarınızı, sorularınızı ya da sponsorluk tekliflerinizi info@farklidusun.net e-posta adresine iletebilirsiniz. Bizi Twitter üzerinden takip edebilirsiniz.Zaman damgaları:00:00 - M3 MacBook Pro16:10 - Denizcilik Müzesi27:56 - Yeni Blog37:13 - NSIstanbul etkinliği, iOS programlama59:42 - Okuduklarımız1:16:03 - Assassin's Creed: Mirage1:21:08 - İzlediklerimiz1:34:10 - GitHub Universe1:43:47 - OpenAI DevDay2:05:05 - Humane ai pin2:15:27 - Apple sunumunun iPhone ile çekilmesi2:22:10 - Google'ın tekel davasıBölüm linkleri:Apple Event - 30 EkimMKBHD - Space Black M3 Max MacBook Pro Review: We Can Game Now?!Explore GPU advancements in M3 and A17 ProFirst Impressions: iPhone 15 Pro Spatial Videos on Vision ProHamburg Uluslararası Denizcilik MüzesiMert'in BloguJekyllWatt's the Secret? Cutting My Electricity Costs by 30%TuistThe Dawn of Everything: A New History of HumanityÇalınan Dikkat: Neden Odaklanamıyoruz?Thinking in SwiftUIAssassin's Creed: MirageJusantLawrence of ArabiaGitHub Universe 2023 opening keynoteOpenAI DevDay, Opening KeynoteStratechery - The OpenAI KeynoteHumane ai pinBehind the scenes: An Apple Event shot on iPhoneHere's what Apple really means when it says ‘shot on iPhone‘What Does and Doesn't Matter about Apple Shooting their October Event on iPhone 15 Pro MaxMicrosoft reportedly pitched Apple on buying Bing to no availGoogle reportedly pays $18 billion a year to be Apple's default search engine

In episode 167 of our SAP on Azure video podcast we talk about SAP Teched 2023, an SAP and Microsoft related Teched blog post and Github Universe. Then we continue with one of the main topics from Teched: I was lucky to attend SAP Teched in Bangalore and it was a really cool show. One of the key highlights from SAP, was SAP Build Code. SAP Build Code helps developers to create code for the Cloud Application Programming model -- similar like GitHub Copilot. Already during Sapphire earlier this year, Jürgen Müller had already shown a cool sneak preview of CAP-GPT. Today we have David Kunz, the brain behind CAP-GPT to talk about it! Find all the links mentioned here: https://www.saponazurepodcast.de/episode167 Reach out to us for any feedback / questions: * Robert Boban: https://www.linkedin.com/in/rboban/ * Goran Condric: https://www.linkedin.com/in/gorancondric/ * Holger Bruchelt: https://www.linkedin.com/in/holger-bruchelt/ #Microsoft #SAP #Azure #SAPonAzure #GPT #CAP #AI ## Summary created by AI Key Topics: * SAP Bild Code: David Kunz shows a demo of the new tool that simplifies the development of cloud applications with CAP and GPT * SAP TechEd and GitHub Universe: Holger mentions some of the highlights and news from the recent events, such as SAP Business Technology Platform, Edge Integration, and GitHub Copilot * SAP and Microsoft collaboration: Holger refers to a blog post that summarizes the integration scenarios between SAP and Microsoft products and services.

Brian Douglas is the CEO of OpenSauced which helps enterprises discover the best engineers in Open Source. Victoria and Will talk to Brian about meeting as many developers as possible, setting goals, and keeping himself accountable, and what makes a successful open source project. OpenSauced (https://opensauced.pizza/) Follow OpenSauced on Twitter (https://twitter.com/saucedopen), GitHub (https://github.com/open-sauced), Instagram (https://www.instagram.com/opensauced/), YouTube (https://www.youtube.com/opensauced), Discord (https://discord.com/invite/U2peSNf23P), and Dev.to (https://dev.to/opensauced). Follow Brian Douglas on LinkedIn (https://www.linkedin.com/in/brianldouglas/), Twitter (https://twitter.com/bdougieYO), or visit his website (https://b.dougie.dev/). Follow thoughtbot on Twitter (https://twitter.com/thoughtbot) or LinkedIn (https://www.linkedin.com/company/150727/). Become a Sponsor (https://thoughtbot.com/sponsorship) of Giant Robots! Transcript: VICTORIA: Hey there. It's your host Victoria. And I'm here today with Dawn Delatte and Jordyn Bonds from our Ignite team. We are thrilled to announce the summer 2023 session of our new incubator program. If you have a business idea that involves a web or mobile app, we encourage you to apply for our 8-week program. We'll help you validate the market opportunity, experiment with messaging and product ideas, and move forward with confidence towards an MVP. Learn more and apply at tbot.io/incubator. Dawn and Jordyn, thank you for joining and sharing the news with me today. JORDYN: Thanks for having us. DAWN: Yeah, glad to be here. VICTORIA: So, tell me a little bit more about the incubator program. This will be your second session, right? JORDYN: Indeed. We are just now wrapping up the first session. We had a really great 8 weeks, and we're excited to do it again. VICTORIA: Wonderful. And I think we're going to have the person from your program on a Giant Robots episode soon. JORDYN: Wonderful. VICTORIA: Maybe you can give us a little preview. What were some of your main takeaways from this first round? JORDYN: You know, as ever with early-stage work, it's about identifying your best early adopter market and user persona, and then learning as much as you possibly can about them to inform a roadmap to a product. VICTORIA: What made you decide to start this incubator program this year with thoughtbot? DAWN: We had been doing work with early-stage products and founders, as well as some innovation leads or research and development leads in existing organizations. We had been applying a lot of these processes, like the customer discovery process, Product Design Sprint process to validate new product ideas. And we've been doing that for a really long time. And we've also been noodling on this idea of exploring how we might offer value even sooner to clients that are maybe pre-software product idea. Like many of the initiatives at thoughtbot, it was a little bit experimental for us. We decided to sort of dig into better understanding that market, and seeing how the expertise that we had could be applied in the earlier stage. It's also been a great opportunity for our team to learn and grow. We had Jordyn join our team as Director of Product Strategy. Their experience with having worked at startups and being an early-stage startup founder has been so wonderful for our team to engage with and learn from. And we've been able to offer that value to clients as well. VICTORIA: I love that. So it's for people who have identified a problem, and they think they can come up with a software solution. But they're not quite at the point of being ready to actually build something yet. Is that right? DAWN: Yeah. We've always championed the idea of doing your due diligence around validating the right thing to build. And so that's been a part of the process at thoughtbot for a really long time. But it's always been sort of in the context of building your MVP. So this is going slightly earlier with that idea and saying, what's the next right step for this business? It's really about understanding if there is a market and product opportunity, and then moving into exploring what that opportunity looks like. And then validating that and doing that through user research, and talking to customers, and applying early product and business strategy thinking to the process. VICTORIA: Great. So that probably sets you up for really building the right thing, keeping your overall investment costs lower because you're not wasting time building the wrong thing. And setting you up for that due diligence when you go to investors to say, here's how well I vetted out my idea. Here's the rigor that I applied to building the MVP. JORDYN: Exactly. It's not just about convincing external stakeholders, so that's a key part. You know, maybe it's investors, maybe it's new team members you're looking to hire after the program. It could be anyone. But it's also about convincing yourself. Really, walking down the path of pursuing a startup is not a small undertaking. And we just want to make sure folks are starting with their best foot forward. You know, like Dawn said, let's build the right thing. Let's figure out what that thing is, and then we can think about how to build it right. That's a little quote from a book I really enjoy, by the way. I cannot take credit for that. [laughs] There's this really great book about early-stage validation called The Right It by Alberto Savoia. He was an engineer at Google, started a couple of startups himself, failed in some ways, failed to validate a market opportunity before marching off into building something. And the pain of that caused him to write this book about how to quickly and cheaply validate some market opportunity, market assumptions you might have when you're first starting out. The way he frames that is let's figure out if it's the right it before we build it right. And I just love that book, and I love that framing. You know, if you don't have a market for what you're building, or if they don't understand that they have the pain point you're solving for, it doesn't matter what you build. You got to do that first. And that's really what the focus of this incubator program is. It's that phase of work. Is there a there there? Is there something worth the hard, arduous path of building some software? Is there something there worth walking that path for before you start walking it? VICTORIA: Right. I love that. Well, thank you both so much for coming on and sharing a little bit more about the program. I'm super excited to see what comes out of the first round, and then who gets selected for the second round. So I'm happy to help promote. Any other final takeaways for our listeners today? DAWN: If this sounds intriguing to you, maybe you're at the stage where you're thinking about this process, I definitely encourage people to follow along. We're trying to share as much as we can about this process and this journey for us and our founders. So you can follow along on our blog, on LinkedIn. We're doing a LinkedIn live weekly with the founder in the program. We'll continue to do that with the next founders. And we're really trying to build a community and extend the community, you know, that thoughtbot has built with early-stage founders, so please join us. We'd love to have you. VICTORIA: Wonderful. That's amazing. Thank you both so much. INTRO MUSIC: VICTORIA: This is the Giant Robots Smashing Into Other Giant Robots podcast, where we explore the design, development, and business of great products. I'm your host, Victoria Guido. WILL: And I'm your host, Will WILL. And with us today is Brian Douglas, CEO of OpenSauced, helping enterprises discover best engineers in open source. Brian, thank you for joining us today. BRIAN: My pleasure. Thanks for inviting me on the podcast. VICTORIA: Just tell us a little bit more about OpenSauced. BRIAN: Yeah, it's opensauced.pizza is the URL. So I always point that out because it's easy to found. WILL: I love it. BRIAN: And OpenSauced is a platform for engineers to find their next contributions and enterprises to discover the best engineers doing open-source, so... VICTORIA: Right. So maybe tell me what led you to start this company? BRIAN: Yeah, that's a great question. Actually, if you don't mind, I'll start further back. I graduated college in 2008 during the financial crisis with a finance degree. And what I learned pretty quickly is, like, if you don't know anybody in finance, it's a little hard to get a job in a bad market. So I took a sales role instead, mainly because I just wanted to learn. I was very much introverted. I wanted to learn how to talk to people, and have conversation, and communicate. So I did that four years and then got my MBA. And then started learning how to code while building an app, which is...I mentioned before we hit record I learned about this podcast around that time, which is, like, very serendipitous to be on this podcast years later. But, fast forward, OpenSauced, like, because of the whole networking aspect of how I got my job in sales and how I was able to do sales when I learned how to engineer, I knew the connection to open source, or how I learned how to code was, like, a wealth of information. So I made it my career goal to meet as many developers as possible. And then, I was working at this company called Netlify. I was employee number three there. And my role was to basically be a front-end engineer, but where I was actually getting more adoption to the product by doing open source. Like, every time I'd do an open-source contribution, I'd add a Netlify deploy preview manually in my PR. And that would give the maintainer enough juice to review the PR sooner. And I was doing a lot of open-source contribution at the time. So I wanted to build a tool to maintain, like, all the PRs I had opened in-flight that I needed to respond back to or...because back in, like, 2016, notifications on GitHub they weren't the greatest. WILL: [laughs] BRIAN: So I built a tool just to keep up to date on what I had opened and how I can communicate back with the maintainer. And saw a need...actually, I didn't see the need. I used this thing myself, and then in 2020, I started live streaming myself, building more features on top of this, like, CRM tool, and had a few people ask, "Hey, can you add a login to this? I'd love to use this, too, with my own database and stuff like that." So I did that. I added login. And I say database, like, we actually originally started with no database. We used GitHub Issues as a tracking mechanism for tracking repos and conversations. We've since moved away from that because, now, obviously, GitHub's got way more advanced in how notifications work. But the sort of ethos of the project still lives today, and what we have in the open-source platform. So that's, like, the long tale of how we got to where we are today. And then, I spoke at GitHub Universe on OpenSauced back in 2017. And from that talk, I had GitHub employees reach out to me and ask me to work at GitHub. So I accepted, and I worked at GitHub for almost five years, sort of putting OpenSauced to the side up until last year, decided to go ahead and pursue it again. And at that point, decided to make it a company. VICTORIA: What a cool story. There are so many things in there that I want to follow up on. I'm sure, Will, you also are like -- [laughs] WILL: [laughs] Yes. VICTORIA: I have so many questions. [laughs] WILL: Wow, that's amazing just hearing the story from you [laughs] got a four-year degree in finance, 2008 happened, no job, very hard to get a job because of who you know. And then you go and changed directions to start learning to code. And I love how it's kind of guided your path to where you are here right now. Like, who knows? But would you have been the CEO of OpenSauced if 2008 would have never happened? So it's amazing to see it. So, I guess, because I love the idea of OpenSauced...because I am that developer that wants to get into open source, but it is hard. It is hard to find the issues that you can work on. It's hard to get into the community to do that. So, if you can just explain to me a little bit more as from there, and we can do it from the enterprise portion later. But, as far as a user: a developer, what does it look like for me to use OpenSauced as a developer? BRIAN: Yeah, yeah. And that's a great question, too, as well. It's funny how serendipitous the story is today, but when I was living it, it was like, oh, man, I'm never going to get a job. [laughter] Or I'm never going to learn how to code. And I think anybody listening who might be where I was ten years ago, I just want to preface, like, your story is like a guided path through experiences. And every experience is like an opportunity for that sort of one piece of, like, the sort of stepping stone to move on to, like, CEO of whatever your next startup is or senior engineer, or staff engineer, whatever it is. But, to answer your question, Will, we built a Discord, and the Discord itself is how we sort of discovered this sort of onboard ramp into open source. So today, if you sign up to OpenSauced, again, opensauced.pizza, you connect to your GitHub account, and you get on-boarded into a flow to ask a couple questions. So, like, what languages are you interested in? And then, what time zone are you in? And the reason for those two things is, one because we're going to do recommendations for projects pretty soon. Everything is open source, so you can literally see the issues that are open about recommendations; happy to take contributions and feedback on it. And then time zone is because communication is pretty key. So, like, if someone is not awake when I see their PR, I have an expectation of, like, cool, I'll write a response, and I'll wait for them to wake up and respond back to that. So the goal there is there's a lot of projects on GitHub, like, 372 million repos is the number off the top of my head. They literally announce this stuff, and they share the data. But of those repos, only 225,000 have more than five contributors. Understanding what you're looking to accomplish first out of doing open source to either share knowledge, or gain knowledge, to get exposure, to get a job, or just to enhance your current job by go try something that's not in the roadmap of what you're working on. Eventually, we'll start asking those questions around, like, what type of contributor that you want to be, so we can start recommending those types of projects. But I mentioned that 225,000 repo number because there are a lot of projects that don't have five contributors that could use their second contributor, or third, fourth. And my recommendation is always find up-and-coming, like, growth-stage projects. A lot of people want to contribute to React. You had mentioned you did React, Will. That's a really big lift to go contribute upstream to a project maintained and supported by millions of enterprises around the world. But there are tons of projects that go trending every week that have no documentation, that have no README, that have no structure and are just getting off the ground. Like, those are the best projects that we try to showcase. So, like, that's hot.opensauced.pizza is our sort of up-and-coming project list. And the way that works is like projects that are trending based on our open-source community; we surface those there. There's a lot of work we have to do on that project. That was, like, a Hack Week project we did a couple of years ago as a community. But the basis of that is they're looking to build our recommendation engine off that. So, step one is find a project that is welcoming, that needs some work done, and then find the path in. So the path usually is going to be your CONTRIBUTING.md, which is like established projects will have this. But if you don't find a CONTRIBUTING.md, but you find a project you want to use, chances are you could build that CONTRIBUTING.md and ask the question, so, like, hey, how would I contribute? Like, how can I be supportive? Actually, I did this talk a couple of years ago at Juneteenth Conf. It was a remote conference on Juneteenth, which a bunch of Black Engineers we all gave our technical expertise sponsored by Microsoft. And I was talking about the idea of open-source hospitality. The best thing you could do is be that sort of hospitable person, either you're a maintainer or a first-time contributor. Like, be that person to set it up for the next person behind you. And the idea of hospitality, you go to a hotel. Like, you know where the towels are. Like, you know where the soaps are. Like, you know exactly where everything is all the time. And, in open source, like, if we could set up our projects in a very similar fashion, like, not franchise them in a way like the Hilton or Marriott, but set the expectation that there is a way to source information and to interact and operate, so... VICTORIA: Yeah, I mean, I love, [laughs] like, hot.opensauced.pizza. That's hilarious. And I love how you have used humor to...even though it's a very serious product, we're making it more friendly and more hospitable like you're saying. And I like how you said, you know, the journey is cool looking back on it, but it was really hard to go through it. And now you're this wonderful speaker and a CEO. But you said that you weren't actually good at talking to people at first. And you specifically sought to get better at that skill. So I wonder if you would share more about that, how that's impacted your career, and why that's important as a developer to have those communication skills. BRIAN: Yeah, it's like...I have a twin brother since birth, basically. And my twin brother is very extroverted. Like, he actually used to wait tables in college. It was like he was the person that would make you feel very special as a server. Like, he's the type of person that kind of lights up the room when you walk in. His name is Brock. My entire life growing up, I was always Brock's brother. And it's like, oh, you're Brock's brother. And it's like, yeah, I'm Brock's brother. And I'm more of a person, like, if you meet me in person, like, I'm very much reserved. I'm sort of reading the room, waiting for my point to jump in. And I made it a point for me to, like, have enough comfort to speak on a podcast or speak at a conference because I knew that skill set would be valuable. Because I definitely had, in my sales career, definitely got overlooked for a lot of opportunity because folks thought, oh, I don't think Brian could do it. So coming into tech and seeing that when every time I went to a meet up...because meetups also are places where I cut my teeth and got to learn about the industry and the community. They always needed someone to speak. So I was, like, oh, there's an opportunity. I can leverage this opportunity of them always looking for speakers and me always wanting to share knowledge and learn something new to do talks. So my first-ever conference talk was in San Francisco. And I had learned React Native, but prior to React Native, I had learned Objective-C. And then, in between Objective-C and React Native, I learned Swift because React Native and Swift came out the same year. Well, React Native went public, open source, the same year as Swift. So it was like a really interesting year back in; I think it was 2017 where...actually, it might have been 2016. But, anyway, everything came out at the same time. And I was learning iOS development. So I made it a point for me to give a talk. But my pet peeve for giving talks is, a lot of times, people just go directly into the code, and there's, like, no connection to a story, or why do I care about this? So I always bring storytelling into my conversations and talks. So, like, that talk about Swift, and Objective-C, and React Native, I made the comparison of, like...it was the same year that Kanye West took the mic from Taylor Swift at the VMAs or whatever the award show was. And the correlation was React Native took the mic away from Swift because it built similar interactions for JavaScript developers to understand and build iOS applications that was not like Ionic or RubyMine or...I forgot the Ruby one. But, anyway, what I'm getting at is, I just wanted to bring story to this because usually what happens is like, you see cool things, but you never remember what the name is. You try to find that REPL again, or you try to figure out who that speaker is. And it's usually hard to find it after the fact. So, like, my goal was always to make it memorable, which is why I go by Bdougie because Bdougie is easier to Google than Brian Douglas. Shout out to Brian Douglas, who's based in Ireland who does system engineering, and has a great YouTube channel. Like, I want to be memorable. And I want to make it easy for folks to find me after. So, while at GitHub, when I was developing all this sort of like Kanye West-type speaking and stuff like that, well, literally, I would use Kanye West years ago as the example to understand storytelling. I no longer use Kanye West. I'm now a Beyoncé advocate. [laughter] So I use Beyoncé instead. But I guess what I'm getting at is, like, I just had a goal. And I knew if I could teach myself to code...and it was about 17 weeks it took me from zero to ship a Ruby on Rails app. And I felt confident enough to talk about it. I knew basically anything I could just accomplish just by putting some effort and consistency behind it. So that's the...sorry, that was a little more long-winded than expected. But I just keep accountable and set goals for myself and try to achieve enough to feel proud about at the end of the year. WILL: Yeah. It's so funny because I recently had a similar situation. At thoughtbot, we try to engage with the community, and one of the ways was writing a blog post. I've never been a writer. It just hasn't been my thing. But I was telling my boss, I was like, I'm going to do that to get outside my comfort zone and to really stretch myself. And at the same time, I was like, why a blog post? Like, I don't know, it doesn't really make sense why a blog post. Well, when I started writing the blog post, I was like, oh, you have to really know, one, what you're talking about in order to write about it. And so I had to really do some research, really had to study it. And I finished it last week. And then, now, looking back over the last couple of months it took me to write that blog post, I'm like, wow, I feel stretched. But I feel really good, and I feel really good about the topic that I did. So that's interesting that you went through that process to stretch yourself and to grow and even learning to code and get to that point. So talking about...you were at Netlify, and then you worked at GitHub. And then you're at your current one OpenSauced. How have Netlify and GitHub, the work that you did there, how has it prepared you for your position right now? BRIAN: You know, actually, that's a great question. I don't know how much thought I put into that. Like, Netlify prepared me because it gave me an opportunity. So I was employee number three, but I had a sales background. And so I got to be an engineer, but they kept always trying to ask me like, you know, business questions and strategy. And, like, I pitched them a 30-60-90 in my interview of, like, what's the growth strategy of Netlify, like day zero when I start? And I go into way more detail in other content. But that prepared me because I got to see how startups work, being so early. I got to see that startup go from seed-funded, just closed their seed round to get their series B is when I left. At GitHub, I got to see what it looked like at a bigger company, which, like, it doesn't matter how big or small you are, like, there's always chaos. Like, GitHub was, like, so much chaos, and there was a lot of good that was happening but a lot of uncertainty at the time I joined in 2018. And then, nine months later, Microsoft acquired GitHub. So then I got to learn stability and what it looks like to...for personal reasons, I always had a budget but never had extra money, even years into my engineering career. And that taught me what it looks like when success meets career. With that being said, like, the problem that I'm solving, I got to learn firsthand while being at Netlify and getting adoption and traction through open source. And then going to GitHub and seeing every single other company that looked at GitHub as a solution to their open-source collaborations and interactions. And then also seeing that there was a hole in just understanding, like, how do you survive? How do you sustain yourself as your career but also your open-source project? Like, a lot of folks want to know, like, what success looks like for open source. Like, how do you get on the trending algorithm? Like, how do you get noticed? It's more than just pushing to GitHub and hoping for the best. There are, like, other things that happen for projects to be successful. And for us to choose the next in the future technologies, it really comes down to community, marketing, and then resources. And those three things end up making projects successful. With OpenSauced, we're working to help inflate some storytelling and add some of those resources to open-source projects. VICTORIA: Great. So you were able to really get, like, the full vision of what it could be if you had a product that became successful and stable, and you knew you wanted to build it on open source. So I love that you really just...you had this problem, and that's what you built the product around. And that ended up becoming the business. What was surprising for you in those early discovery phases with OpenSauced when you were first thinking of building it? BRIAN: I guess what's really surprising is we're not, like, crazy traction today. But we've done a pretty good job of getting, like, 2,000 developers to sign up to it since December. And then the conversations with enterprises so far just by the sheer...like, basically, what was surprising is if you use proper sales technique and you're early stage as a startup, so, like, not necessarily hire salespeople, but as a founder or as a stakeholder, just go talk to your future customers and your users. Everyone says it, but that's actually super valuable. And I think in the same vein of open source, folks they see projects die on the vine, but then you see projects succeed. And I think it also comes down to how often the maintainer of the project is talking to the contributors and the users and also that distinction as well. There are folks who want to contribute code to the codebase, but then there are folks who want to use the codebase. And, like, how do you interact between the two? And how do you cross the chasm for those folks as well? And, a lot of times, it's just fascinating just, like, just by trying, and just by showing up, that's half. It's all cliché stuff, like, I could say, but it's all true. Like, showing up is, like, it's, like, step one. Just show up, do the thing, do the work. And then talk to people is, like, step two. And it's hard to say, like, okay, yeah, because we are not a multibillion-dollar company, like, we're just getting started. So I can't say, like, yeah, we're super successful. But we've survived the year. And we've survived the year based on those two steps, the showing up and then talking to people. Because a lot of times, we could get lost in the sauce, per se, of just shipping code and never talking to anybody and never coming up for air. And I think what I learned, going back to what I learned from GitHub and Netlify, is talking to people and getting that feedback loop going is the best thing you could do for any product. Any early project, any feature you're working on, talk to people about it and see if it's actually valuable for somebody that after you ship it, something will happen. WILL: You're talking about communication is a big thing for a successful project. Have you noticed any other trends that make a successful open-source project? BRIAN: Yeah, that's...Any other trends? Yeah. I mean, AI, [laughs] just kidding. WILL: [laughs] BRIAN: No, I mean, but it also it is true, like, having a trend not sort of following the herd, but catching the herd earlier is extremely valuable. Like, at Netlify, we caught the trend of React. So, basically, Netlify built essentially GitHub Pages but a product and a company. And that was, like, the original project of Netlify. It's expanded so much further from that. But at that time, when I joined, I joined three months before Create React App was developed. So, like, it was a CLI tool to build React apps easy. And, prior to that, React was, like, super complicated to get up and running. Like, you had to know Webpack. You had to know, Babel. You had to make all that glue happen together. And then there wasn't an easy process to go host it somewhere. So the prevalence of build tools like Grunt, and Gulp, and Browserify, they all made it easier to build a static output from React. And that trend is what took Netlify to where it is today. It's like, people needed a place to deploy these static applications. GitHub Pages was like the solution for a lot of folks. Because Heroku, like, why pay $7 for something you could host on S3 for free? But the challenge was S3 it requires way more thought in how you host and take it down and deploy, and then it becomes like a Kubernetes nightmare. So the trend there was, like, people just wanted to have a better developer experience. When it comes to, like, open source, the developer experience in JavaScript has improved so much more. But folks are now looking at the next thing like a Zig, or a Rust, or all these other new languages and server renderings and stuff like that. So I guess when I take a step back, when I look at how I chose things I wanted to work on, and communities I wanted to hang out in...before committing to React...I'm based out here in Oakland, so San Francisco, basically. By seeing the sheer number of RSVPs to the React meetup, it made me confident that React would be something I should pay attention to. When you look at the RSVPs of now all these AI meetups that are happening in San Francisco, like, every single weekend is a hackathon. Highly confident that if you're engineering today, you probably want to know what embeddings are and know how OpenAI works. Not that you necessarily have to build AI stuff, but it is going to be the thing that people are going to be using. So just like we had to learn build tools, and servers, and CDNs prior, now it's all trivial stuff that you can sort of use Cloudflare for free. Like, AI is going to be very similar, and it's probably going to happen much quicker. But, in the time being, the trend right now is, like, you should probably understand whatever the players are in that space so that way you're able to talk confidently about it. WILL: That's really good advice, yep. VICTORIA: Absolutely. And, you know, in my role as Managing Director of Mission Control, or, like, DevOps, SRE platform, I spend a lot of time looking at trends, more on the engineering side. So I think my question is, [laughs] as someone who hires people to work on open-source projects, and who actively maintains and contributes to open-source projects, what should I be thinking about how to use OpenSauced as in my role? BRIAN: For hiring and sourcing skilled folks, we're actually working on a tool right now to make it more discoverable. So, today, when you onboard as an individual developer, you can check a box in your settings to say, like, if you want to collaborate with other folks, you have to opt into it. So if you want to be discovered on OpenSauced, it's in the settings. We'll probably expose that and share more about that in the future, like, in the next month or so. But for, in particular, our user flow today for folks looking to find other people to contribute alongside their project is, you add your project to what we call an Insight Page. You click on the tab on the top and create a page with your project. And then, you can see contributions in your project in the last 30 days. And then you can also add other projects like your project, so you can see who else is contributing. So, that way, you can start discovering folks who are making contributions consistently and start to get some stories of, like, if they're interested in collaborating, they'll check that box; if they're not, the box won't be checked. But at least you know the sort of scope of the ecosystem. As an individual developer, we have the onboarding flow, but then we also have highlights. So, eventually, we'll do recommendations to get you to make contributions. But, for now, if you're already making contributions, you can highlight the contributions you've made so that way, you're more discoverable on the platform. And the highlights are very much like a LinkedIn post or a tweet. You just drop in a PR, and then we'll either generate that description for you, or you write a description: I did a thing. This is what it was. This was the experience. And then, now you're attached to the project through not just a code contribution but also a discovery mechanism, which is a highlight. And then, eventually, we'll start doing blog posts, and guides, and stuff like that, as they're written. Like, if you want to attribute your career, and your journey to your participation to, like, documentation updates and stuff like that, those will also be highlights coming soon. WILL: I love, love, love that. MID-ROLL AD: Now that you have funding, it's time to design, build and ship the most impactful MVP that wows customers now and can scale in the future. thoughtbot Lift Off brings you the most reliable cross-functional team of product experts to mitigate risk and set you up for long-term success. As your trusted, experienced technical partner, we'll help launch your new product and guide you into a future-forward business that takes advantage of today's new technologies and agile best practices. Make the right decisions for tomorrow, today. Get in touch at: thoughtbot.com/liftoff WILL: I hear you saying that you have some things that's coming soon. In a high, high level, what are some of the things that you have coming? And what does success look like, six months, a year? What does that look like? Because it sounds like you have some really good ideas that you're working on. BRIAN: Yeah, yeah. So, like, six months to the end of the year, what we want to do is actually start getting more deeper insights to what's happening in open source. What we're doing right now is building the individual developer profile and experience so that way, they're able to be discovered, find projects to work on. And then what's next is there are tons of enterprises and companies that are maintaining open-source projects, SDKs. And what we're seeing right now is we're seeing massive layoffs happening currently in the industry. So like, as of today, I think Facebook laid off 4,000 people, ESPN laid off, like, 7,000 Disney employees as well. And some of those employees are around the Disney+ place. It's a lot of technical engineering stuff. So I guess what I'm getting at is there...we want to be able to see the trends of places that activity is happening and start recommending people to that. But also, we want to give an opportunity for folks who...companies...sorry, I'm avoiding trying to name specific companies because nothing is in contract yet. But certain companies, like, you, don't think of as an open-source powerhouse. So, like, a company we're now talking to right now is walgreens.com. And Walgreens they have tech. They've got open source that they participated. But they're not thought of as a place like, oh, I want to go work at Walgreens and go work on some cloud infrastructure stuff. So, how does Walgreens get exposure? And, like, hey, we're involved in the kubectl, and the Kubernetes platform and stuff like that, like, be aware that there's opportunity here. So we're going to start driving that connection to folks. So, as you develop your career doing open source, you can also be noticed, and folks can reach out to you. And also, I want to stand on the notion of open source is not for everybody. But I also want to point out, like, my entire career in open source has not been nights and weekends. It's always been finding a company that supports my interest to do open-source at work. Part of my story is, like, I was getting an MBA. My first kid, who's nine years old now he, was born 11 weeks early. And he's the reason why I built an app because I wanted to build an app to solve a pain point that I had, and ended up building that in 17 weeks. And that turned into opportunity. So I guess what I'm getting at is, like, folks being laid off right now, you might have some extra free time. You might be submitting like 100 applications a day. Consider taking that down to 50 applications a day, and then try to contribute to a couple of open-source projects a month. So that way, there's some more story to be shared as you're in the job market. VICTORIA: I love that you created that app when you had your son and you had that need. And for developers wanting to get noticed and wanting to get their next leg up or maybe even negotiate for higher salaries, what's the traditional way people do that now to kind of highlight themselves? BRIAN: The traditional way what people are doing is they're tweeting. They're speaking at conferences. They're sharing their stories. It's like zero to I'm an influencer in the open-source space. There's no real clear guide and steps to get to that point, which is why we have highlights today. Like, we want to make it low effort for folks to write 200 characters about something they contributed to. We're actually working on something to generate pull request descriptions because I think that's another missed opportunity. Like, when you open a PR in an open-source project, and it says no description added, like, that's a missed opportunity. Like, there's an opportunity for you to share what you've learned, what Stack Overflow questions you looked at, like, how you got to the problem, and why this is the right solution. All should be in the pull request description. And then that pull request should be in your cover letter for your resume so that people can go back and say, "Oh, wow, you did some real work." I can go see the history of your contributions because perhaps the job you got let go from you only worked in private repos. You couldn't really showcase your skills. That now gives you a competitive edge. And I guess when I look into this, like, going back to my original onboard ramp into engineering, I graduated with a finance degree with no network. I had one internship at an insurance company, but that wasn't enough. Like, everyone who I interned with, like, the guy who got a job at the internship, like, his dad was a client, was a big client at that firm. And another guy he worked at a golf course, and he'd be the caddy for all these big finance folks where I went to school. So, once I learned that there's an opportunity to get a job by just knowing people, that changed my entire path. Like, when I got to sales, like, oh, or when I got to engineering, I just knew go and meet people. Go have conversations. Go to meetups. What I'm trying to do with OpenSauced is make that step closer for folks, so they could look up and be like, you know, I've made all these contributions, or I don't know where to start. Let me just look at people who I know and follow in the industry and see where they're contributing, and make that connection. So, like, we've kind of closed that gap without the need of, again, you don't need 100,000 Twitter followers to get noticed. Just make some contributions or show up and ask questions. And, hopefully, that's the first step to establishing your career. VICTORIA: Well, that sounds great for both people who are looking to get hired, but also, as someone who hires people, [laughter] I know that there's a lot of amazing developers who are never going to do a conference talk, or they're not going to post on Twitter. So I love that that's available, and that's something you're working on. BRIAN: Yeah, it's just coming out of my own pain of, like, I was saying, like, looking at the story now, it sounds great. [laughs] But part of that story was like, hey, I was getting severely underpaid as an engineer in San Francisco, living in a one-bedroom apartment with two kids. Like, all that part of the story is like nothing I dwell on. But it's like, all that opportunity and knowledge-sharing that I ended up benefiting from, it's like what I constantly try to give. I pay it forward with folks. And I'm more than happy to talk with folks on Twitter and in OpenSauced Discord and other places because I think there's a lot of opportunity in open source. And if anybody's willing to listen, I'm willing to show them the path. WILL: I'm so glad you brought that up because this is one of my favorite questions I ask on the podcast: So, knowing where you're at right now and your story, you've gone the ups, the downs, all of it. If you can go back in time and know what you know now, what advice would you give yourself at the beginning? BRIAN: Honestly, I would say write it down. Like, one thing that I did is I did a blog post, and that's part of the reason why I was able to find my first job in engineering is I started a blog, which was really for myself to learn what I did yesterday. I tell everyone who I mentor it takes two hours every time you want to sit and learn something new because one hour is to remember what you did yesterday, and then one hour is to do something new. And so, I usually write it down and then make it a blog post just to solve that problem. I wish I did more with that, like, you know, wrote a book, or created a YouTube channel, or something because all that knowledge and that sort of sharing is actually what got me to level up faster. I was asked by one of my close friends, like, "Hey, how do you do it? How do you accomplish everything you've done in the last, like, 9-10 years?" And I didn't know what the answer was then. But the answer today for my friend, and I'll share this with them, is it's because I wrote it down. I was able to go back and see what I did. And then, at the end of six months, I was able to go back six months and see what I did. It's like the idea of relativity with, like, Einstein. Relativity is the idea of motion and the perception. Like, if you're in a train, it feels like you're just going slow. But you might be going 100 miles per hour, but you don't feel that. And when you're going on your journey, you could be going 100 miles per hour, but you're thinking, oh, man, I failed yesterday. I could have solved a problem. But yeah, you solved six problems while trying to solve for one. It's that situation. So advice for myself, in the beginning, write it down and then share it way more than I did when I started. Because a lot of the stuff I'm like, even in this conversation, I'm thinking, oh yeah, this, this, and this. And I never shared that before, and I wish I did. So yeah. WILL: I love that. Because yeah, I feel like that's development, like, you have some weeks that you're shipping out multiple features. And then other weeks, you're like, I barely got one out, or I barely fixed this one bug that I've been trying to...struggling with the last couple of weeks. So yeah, I like that advice. Write it down. And remember where you've been, remember. I just love the example you used, too, because it does seem like I haven't made any movement. But when you look back, you're like, no, you actually made a lot of movement. And you were very successful with what you did. So that's great advice. VICTORIA: I sometimes write things, and then I go back maybe six months later and read them. And I'm like, who wrote this? [laughter] I don't remember learning this stuff. Oh yeah, I guess I did, right, yeah. [laughs] No, that's so cool. What questions do you have for us, Brian? BRIAN: I'm curious in, like, how do thoughtbot folks stay up to date? Like, what does your involvement in open source look like today? VICTORIA: Yeah, so we are known for being active maintainers of a lot of very popular Ruby on Rails gems. So we're a consulting agency. So we're able to structure our time with our clients so that we can build in what we call investment days, which is typically Fridays, so that people can contribute to open-source projects. They can write blog posts. They can do trainings. And so that gives us the structure to be able to actually allow our employees to contribute to open source, and it's a huge part of our business as well. So if you have a Ruby on Rails project, you're probably using one of our gems. [laughs] And so, when there's other crises or other things happening in an organization, and they want to bring in an expert, they know that that's who thoughtbot is. Of course, we've expanded, and we do React, and now we're doing platform engineering. And we have some open-source TerraForm modules that we use to migrate people onto AWS and operate at that enterprise level with a mix of managed products from AWS as well. And that continues to be, like, how we talk to people [laughs] and get that buzzword out there is, like, okay, there's this cool open-source project. Like, one I'm excited about now is OpenTelemetry. And so we're digging into that and figuring out how we can contribute. And can we make a big impact here? And that just opens the door to conversations in a way that is less salesy, right? [laughs] And people know us as the contributors and maintainers, and that creates a level of trust that goes a long way. And also, it really speaks to how we operate as a company as well, where the code is open and when we give it back to the customers, it's not. Some organizations will build stuff and then never give it to you. [laughs] BRIAN: Yeah. So it sounds like folks at thoughtbot could probably benefit from things like OpenSauced for discoverability. And I get a lot of conversation around in OpenSauced as like, how do I get connected to maintainer of X or maintainer of Y? And the first step is like, how do I even know who the maintainer is? Because when you go to GitHub, you could sort this by last commit date, which not a lot of people know. You can sort the contributors by most frequently and stuff like that. But it's challenging to find out who to reach out to when it comes to packages, especially when people move on. Like, someone created a thing. They have tons of commits. And then they look like they're the number one committer for the past ten years, but they left five years ago. Those are things that we're trying to make more discoverable to solve that problem. But then, going into that thoughtbot thing, is like being able to reach out to thoughtbot and be like, oh, who can I reach out to about this gem? And, say, I have an idea, or we have an issue; how can we get unblocked because we're using this in our product? And I imagine with consulting, there's an opportunity to say, hey thoughtbot...which, honestly, at Netlify, we used thoughtbot to solve some harder problems for us. We were just like, yeah, we don't have the bandwidth to go down this path. Let's go to consulting to unblock us in this arena. VICTORIA: Right. And that was really important to me in making the decision to join thoughtbot last year is that it was built around open source. And that ethos really spoke to me as, like, this is a place where I want to work. [laughs] And you can think of, like, if you're looking for vendors, like, oh, I want to work with people who have that same ethos. So yeah, OpenSauced seems like a really cool product. I'd be curious about how we can leverage it more at thoughtbot. BRIAN: We just shipped a feature called Teams, which it's self-explanatory. But, basically, when you build an insight page, you're able to build a team to help the discover process of what's happening in contributions. You get details and reporting on OpenSauced. The goal is basically to unblock teams who are involved in open source together and make it more discoverable for folks who want to find maintainers and collaborate with them. VICTORIA: Will, I know we're running close on time. But I had one more question about what you said around making open source more hospitable. And, you know, you mentioned going to Juneteenth Conf. And I'm curious if you have a perspective on if open source is equitably accessible to everyone or if there are things we can be doing as a community to be more inclusive. BRIAN: Yeah, it's a great question. So the first answer is quick, it's no. The reason why it's no is because we have to admit [laughs] where there are inequitable situations. And as much as we want to set this up of, like, I want to say that there's opportunity for everyone to contribute based on no matter where their background, but just by your time zone, makes it inequitable of, like, whether you can contribute to open source. Because if you look at the data and zoom out, most open source happens in the West Coast U.S., so from San Francisco to Seattle. Like, majority of contributions are there. There are reasons for that. Like, California has a very, very expressive clause of like where you can contribute. And, technically, your employer can block you on doing open-source contributions. Unless you sign...like, at Apple, you sign away your rights to be able to do that in your employee offer letter. Sorry, [laughs] not to be a dig against Apple. Apple buy lots of open source. But what I'm getting at is that the opportunity is there, but it's the awareness thing. I'm part of an organization called DevColor. It's an organization of Black engineers in tech. We have squads and monthly meetings where we just talk about our career, and growth, and stuff like that. And I attribute a lot of that interactions to my success is, like, talking to other folks who are years ahead of me and have a lot more experience. But I say this because the majority of the folks that I interact with at DevColor they don't do open source because they all...to be a Black engineer at a level of like senior engineer at Netlify, or a staff engineer, or a manager...sorry, I meant, like, Netflix but Netlify too. You basically had a career path of, like, you probably went to school at a decent engineering school, or you figured out how to get a job at Facebook or Google. And, like, that's pretty much it. And, like, this is a blanket statement. I totally understand there are outliers. But the majority of the folks I interact with at DevColor they have a job. They have a great job. And they're doing the thing, and they're being very successful. But there's less community interaction. And that's what DevColor exists for is to encourage that community interaction and participation. So, at the end of the day, like, there's opportunity to make it more equitable. So things like, every time there's a release cut for a major open-source project, why not go to Black Girls CODE and have them build something with it? And, again, very specific, like, React 19 that's currently being tested, why not go to all these other underrepresented organizations and partner with them to show them how to use this project? Because the assumption is everyone in open source, you got to be senior enough to participate, or if it's too hot, get out of the kitchen. But if we set up a place for people to interact and level up, in three or four years from now, you'll see the open-source ecosystem of that project be completely different as far as diversity. But it takes that investment to have that onboard ramp to even have that connection or conversation about testing early releases with underrepresented groups in engineering. That's where we have to start, and that's what we're trying to do at OpenSauced. We want to make that connection. I have a whole plan for it. I'll share in a blog post. I also mentioned that a lot of these thoughts are on our blog as well. I've been writing blog posts around these conversations. So opensauced.pizza/blog if you're interested. VICTORIA: Very cool. Thank you for that. WILL: I'm just processing on the whole conversation. It has just been great. VICTORIA: Yes. Thank you so much for sharing with us. And I wonder, do you have any final takeaways for our listeners today, Brian? BRIAN: Yeah, final takeaways. Like, if anything at all resonated in this conversation, please reach out, bdougie on GitHub. I'm pretty active with my notifications. So if you @ mention me in a random project, I'll probably jump back in and respond to you. But also Twitter @bdougieYO. And then, I mentioned our blog. We also have a newsletter. So, if you're interested in any of this OpenSauced journey, please join us there, and keep in touch. VICTORIA: Wonderful. Thank you so much for joining us today and sharing your story. You can subscribe to the show and find notes along with a complete transcript for this episode at giantrobots.fm. If you have questions or comments, email us at hosts@giantrobots.fm. And you can find me on Twitter @victori_ousg. WILL: And you could find me @will23larry This podcast is brought to you by thoughtbot and produced and edited by Mandy Moore. Thank you. ANNOUNCER: This podcast is brought to you by thoughtbot, your expert strategy, design, development, and product management partner. We bring digital products from idea to success and teach you how because we care. Learn more at thoughtbot.com. Special Guest: Brian Douglas.

This week we're joined by Christina Warren, Senior Developer Advocate at GitHub, and a true tech and pop culture connoisseur. From her days at Mashable covering the intersections of entertainment and technology, to Gizmodo, to Microsoft, and now her current role at GitHub we talk with Christina about her journey from journalist to developer, and the latest happenings coming out of GitHub Universe. BTW, we're planning to get Christina on Backstage in the new year to talk about Plex, MakeMKV, and all things that go into hosting your own media server. Drop a commment on this episode with a +1 if you want to see that happen.

"Hey, Github!" voice coding, KB5019980 update, Control Freak Windows 11 Why Windows 11 usage is down so low and what Microsoft could do to fix that Microsoft ships the "November update for Windows 11 22H2 A different Search button on the Taskbar New Beta channel build adds* three new features Microsoft 365 Zoom launches Mail and Calendar beta to take on Google Workspaces and M365 Microsoft moves to kill custom domains in Outlook.com ... again Microsoft brings certificate-based authentication for AAD to mobile Google One VPN arrives on Windows and Mac Still more earnings Lenovo reports first drop in revenues in 2.5 years Qualcomm misses expectations too ... and promises that 2024 will be the year for WOA Dev Microsoft issues .NET 7 GitHub announces new features for devs and the enterprise Xbox Winter has come for Halo Infinite EU to take a longer look a Activision Blizzard acquisition Microsoft may make your Xbox more efficient Nintendo lowers Switch sales forecast, but it's still doing great Steam comes to more Chromebooks in beta Netflix is working on a Gears of War movie and animated TV series Tips & Picks Tip of the week: A new industry book to read App pick of the week: Keepa Hosts: Leo Laporte and Paul Thurrott Download or subscribe to this show at https://twit.tv/shows/windows-weekly Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit Check out Paul's blog at thurrott.com The Windows Weekly theme music is courtesy of Carl Franklin. Sponsors: rocketmoney.com/WINDOWS CDW.com/LenovoClient

"Hey, Github!" voice coding, KB5019980 update, Control Freak Windows 11 Why Windows 11 usage is down so low and what Microsoft could do to fix that Microsoft ships the "November update for Windows 11 22H2 A different Search button on the Taskbar New Beta channel build adds* three new features Microsoft 365 Zoom launches Mail and Calendar beta to take on Google Workspaces and M365 Microsoft moves to kill custom domains in Outlook.com ... again Microsoft brings certificate-based authentication for AAD to mobile Google One VPN arrives on Windows and Mac Still more earnings Lenovo reports first drop in revenues in 2.5 years Qualcomm misses expectations too ... and promises that 2024 will be the year for WOA Dev Microsoft issues .NET 7 GitHub announces new features for devs and the enterprise Xbox Winter has come for Halo Infinite EU to take a longer look a Activision Blizzard acquisition Microsoft may make your Xbox more efficient Nintendo lowers Switch sales forecast, but it's still doing great Steam comes to more Chromebooks in beta Netflix is working on a Gears of War movie and animated TV series Tips & Picks Tip of the week: A new industry book to read App pick of the week: Keepa Hosts: Leo Laporte and Paul Thurrott Download or subscribe to this show at https://twit.tv/shows/windows-weekly Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit Check out Paul's blog at thurrott.com The Windows Weekly theme music is courtesy of Carl Franklin. Sponsors: rocketmoney.com/WINDOWS CDW.com/LenovoClient

Rocket takeover, Musk Lays Off Twitter, League of Legends Finals, FCC vs. TikTok Elon Musk's Twitter layoffs leave whole teams gutted. -2000 Lines Of Code. Twitter Now Asks Some Fired Workers to Please Come Back. What are the redeeming qualities of Twitter? @elonmusk: Going forward, any Twitter handles engaging in impersonation without clearly specifying "parody" will be permanently suspended. It's hard out here for a billionaire. League of Legends World Championship Finals. Quiz show! Twitter suspends Kathy Griffin's account for impersonating Elon Musk. Is Twitter good for brands? Facebook Parent Meta Is Preparing to Notify Employees of Large-Scale Layoffs This Week. Stripe cuts 14% of its workforce, CEO says they 'overhired for the world we're in' Finally, is this the end for the fax machine? Interview: FCC commissioner says government should ban TikTok. Github Universe. Host: Leo Laporte Guests: Simone de Rochefort, Brianna Wu, and Christina Warren Download or subscribe to this show at https://twit.tv/shows/this-week-in-tech Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit Sponsors: onlogic.com/TWIT rocketmoney.com/TWIT itpro.tv/twit promo code TWIT30 podium.com/twit

Rocket takeover, Musk Lays Off Twitter, League of Legends Finals, FCC vs. TikTok Elon Musk's Twitter layoffs leave whole teams gutted. -2000 Lines Of Code. Twitter Now Asks Some Fired Workers to Please Come Back. What are the redeeming qualities of Twitter? @elonmusk: Going forward, any Twitter handles engaging in impersonation without clearly specifying "parody" will be permanently suspended. It's hard out here for a billionaire. League of Legends World Championship Finals. Quiz show! Twitter suspends Kathy Griffin's account for impersonating Elon Musk. Is Twitter good for brands? Facebook Parent Meta Is Preparing to Notify Employees of Large-Scale Layoffs This Week. Stripe cuts 14% of its workforce, CEO says they 'overhired for the world we're in' Finally, is this the end for the fax machine? Interview: FCC commissioner says government should ban TikTok. Github Universe. Host: Leo Laporte Guests: Simone de Rochefort, Brianna Wu, and Christina Warren Download or subscribe to this show at https://twit.tv/shows/this-week-in-tech Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit Sponsors: onlogic.com/TWIT rocketmoney.com/TWIT itpro.tv/twit promo code TWIT30 podium.com/twit

Rocket takeover, Musk Lays Off Twitter, League of Legends Finals, FCC vs. TikTok Elon Musk's Twitter layoffs leave whole teams gutted. -2000 Lines Of Code. Twitter Now Asks Some Fired Workers to Please Come Back. What are the redeeming qualities of Twitter? @elonmusk: Going forward, any Twitter handles engaging in impersonation without clearly specifying "parody" will be permanently suspended. It's hard out here for a billionaire. League of Legends World Championship Finals. Quiz show! Twitter suspends Kathy Griffin's account for impersonating Elon Musk. Is Twitter good for brands? Facebook Parent Meta Is Preparing to Notify Employees of Large-Scale Layoffs This Week. Stripe cuts 14% of its workforce, CEO says they 'overhired for the world we're in' Finally, is this the end for the fax machine? Interview: FCC commissioner says government should ban TikTok. Github Universe. Host: Leo Laporte Guests: Simone de Rochefort, Brianna Wu, and Christina Warren Download or subscribe to this show at https://twit.tv/shows/this-week-in-tech Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit Sponsors: onlogic.com/TWIT rocketmoney.com/TWIT itpro.tv/twit promo code TWIT30 podium.com/twit