Podcasts about vs code

I had to make a few changes to a SQL Saturday event recently. The repo is public, and some of the organizers submit PRs for their changes, and others send me an email/message/text/etc. for a change. In this case, an organizer just asked for a couple of image updates to their site. I opened VS Code, created a branch, added a URL for the images, and submitted my own PR. After the build, I deployed it. And it didn't work. Read the rest of Patching the Patch

Nesse episódio trouxemos as notícias e novidades do mundo da programação que nos chamaram atenção dos dias 07/06 a 13/06.

Nesse episódio trouxemos as notícias e novidades do mundo da programação que nos chamaram atenção dos dias 07/06 a 13/06.

We're on location at Microsoft Build 2025 with Amanda Silver, Corporate Vice President of Microsoft's Developer Division. Amanda leads product, design, user research, and engineering systems for some of the tools you use every day. We discuss the latest AI announcements from Microsoft at Build 2025, how AI is reshaping development tools, what's next for VS Code, TypeScript, GitHub's evolution, and even emerging editors like Windsurf that are forking the VS Code ecosystem.

In this episode, Dan and I (Steve) dove deep into what turned out to be a surprisingly complex, yet incredibly insightful topic: gradually migrating a massive legacy JavaScript project over to TypeScript. We're talking about nearly 1,000 JS files, 70,000+ lines of code, and years of developer history—all transitioning carefully to a typed, modern future.Dan walked us through how he started by setting up the project for success before converting even one file—getting CI/CD ready, setting up tsconfig.json, sorting out test dependencies, dealing with mock leaks, and even grappling with quirks between VS Code and WebStorm debugging.We talked tools (like TS-ESLint, concurrently, and ts-node), why strict typing actually uncovered real bugs (and made the code better!), and why it's crucial not to touch any .js files until your TypeScript setup is rock solid.Key Takeaways:Gradual migration is 100% possible—and often better—than ripping the bandaid off.TypeScript can and will catch bugs hiding in your JavaScript. Be prepared!Use VS Code extensions or TS-Node to support your devs' tooling preferences.Don't underestimate the setup phase—it's the foundation of long-term success.Start small: Dan's team converted just one file at first to test the whole pipeline.If you're sitting on a legacy JS project and dreaming of TypeScript, this episode is your blueprint—and your warning sign.Become a supporter of this podcast: https://www.spreaker.com/podcast/javascript-jabber--6102064/support.

We're on location at Microsoft Build 2025 with Amanda Silver, Corporate Vice President of Microsoft's Developer Division. Amanda leads product, design, user research, and engineering systems for some of the tools you use every day. We discuss the latest AI announcements from Microsoft at Build 2025, how AI is reshaping development tools, what's next for VS Code, TypeScript, GitHub's evolution, and even emerging editors like Windsurf that are forking the VS Code ecosystem.

Dans cet épisode, nous explorons l'univers des assistants de code AI. Comment ces outils transforment-ils notre façon de coder ? Quels sont leurs atouts et leurs limites ? Nos invités Philippe Charrière et Kevin Aubry nous éclairent sur ces technologies qui bouleversent les pratiques des développeurs. Enregistré le 8 avril 2025 Téléchargement de l'épisode LesCastCodeurs-Episode-326.mp3 ou en vidéo sur YouTube. Interview Ta vie ton oeuvre Peux-tu te présenter brièvement à nos auditeurs? Quelle est ton expérience personnelle avec ces outils? Tu l'utilises chez ton employeur ou juste pour tes projets personnels? Qu'est-ce qui t'a attiré dans ce domaine en particulier? Introduction à la techno Qu'est-ce qu'un assistant de code AI exactement? Comment le définirais-tu? Quels sont les principaux assistants de code disponibles aujourd'hui sur le marché? Quand et pourquoi ces outils ont-ils commencé à émerger? Quelle est la différence entre un assistant de code AI et un simple outil de complétion de code? La techno en concepts Quels sont les fondements technologiques des assistants de code actuels? Quels sont les différences de flow entre un outil dédié genre CursorAI, GitHub Copilot, un chat LLM générique de type Claude ou un outil à la Devoxx Genie? Il y a aussi des outils de terminal, en ligne de commande ou en desktop dédié genre Goose de Block - comment ceux-ci se positionnent-ils? Quelles sont les différentes approches d'intégration dans les environnements de développement? Comment se positionnent les assistants par rapport à d'autres outils d'aide au développement? Quels sont les modèles économiques actuels (open source vs propriétaire, SaaS vs on-premise)? Qu'en est-il de la confidentialité du code analysé par ces outils? Comment on l'utilise en pratique pour un dev Comment un développeur Java typique intègre-t-il un assistant de code dans son workflow quotidien? Quels sont les assistants les plus adaptés à l'écosystème Java spécifiquement? Vous utilisez plutôt VSCode? Ça marche bien dans IntelliJ IDEA? Quelles sont les bonnes pratiques pour formuler des requêtes efficaces à un assistant? Quelles tâches répétitives ou complexes sont particulièrement bien gérées par ces assistants? Quels sont les tâches aujourd'hui où l'assistant de code excelle: squelette de code initial, ajout de fonctionnalité, écrire les tests, corriger un bug, la sécurité, grosse migration de version ou de framework? Comment évaluer la qualité du code généré? Quelles vérifications faire systématiquement? Quelle est ton expérience des hallucinations? Des trucs rigolos à raconter? Comment évoluent les pratiques de pair programming avec ces outils? C'est quoi ton budget code assistance / LLM? Sous le capot Pas sûr de pouvoir faire cette partie sous le capot si on a des interview orienté utilisateur. Comment ces assistants sont-ils entraînés spécifiquement pour comprendre le code? Quelle est la différence entre le fine-tuning pour le code et pour le langage naturel? Comment fonctionnent les techniques de retrieval augmentation pour le contexte du projet? Comment les assistants gèrent-ils les dépendances et la structure des projets complexes? Quels sont les défis techniques majeurs pour analyser du code Java avec ses spécificités? Comment les modèles réussissent-ils (ou échouent-ils) à comprendre la sémantique du code? Quelles sont les limites actuelles des modèles de langage pour la génération de code? Qu'en est-il de la consommation de ressources et de l'impact environnemental? La communauté, le futur Comment la communauté Java a-t-elle accueilli ces outils? C'est pour quel type de développeur? Junior, intermédiaire, expert? Quels avantages pour chaque? Quel impact ces assistants ont-ils sur l'apprentissage de la programmation? Comment voyez-vous l'évolution des compétences requises pour les développeurs? Quelles sont les prochaines frontières pour les assistants de code? Quelles fonctionnalités manquent encore à l'appel? Comment les assistants vont-ils évoluer dans les 2-3 prochaines années? Ces outils vont-ils transformer radicalement la profession de développeur? Nous contacter Pour réagir à cet épisode, venez discuter sur le groupe Google https://groups.google.com/group/lescastcodeurs Contactez-nous via X/twitter https://twitter.com/lescastcodeurs ou Bluesky https://bsky.app/profile/lescastcodeurs.com Faire un crowdcast ou une crowdquestion Soutenez Les Cast Codeurs sur Patreon https://www.patreon.com/LesCastCodeurs Tous les épisodes et toutes les infos sur https://lescastcodeurs.com/

In this episode of Remote Ruby, Chris and Andrew catch up on recent travels and food experiences, including the best Philly cheesesteaks they've ever had. The conversation shifts towards development topics, particularly testing challenges and solutions in Ruby on Rails, featuring discussions about emoji pickers, asset pipelines, and the prawn library. Chris shares updates on acquiring an old Rails app, One Month, and future plans for this project. They also explore various development hiccups and solutions, including using libraries for faster system tests and streamlining asset pipelines. The episode wraps up with insights into new tools like an official Postgres extension for VS Code and plans for future video content on their platform.LinksJudoscale- Remote Ruby listener giftOne MonthRunning Rails System Tests With Playwright Instead of Selenium by Justin SearlsAnnouncing a new IDE for PostgreSQL in VS Code from MicrosoftLou Malnati's Pizzeria Chris Oliver X/Twitter Andrew Mason X/Twitter Jason Charnes X/Twitter

RJJ Software's Software Development Service This episode of The Modern .NET Show is supported, in part, by RJJ Software's Software Development Services, whether your company is looking to elevate its UK operations or reshape its US strategy, we can provide tailored solutions that exceed expectations. Show Notes "If your app has a backend, it's Aspire-able. And so it's tools, templates, and packages for really any type of app… So just being able to walk up to a repo, clone it, and hit F5. When was the last time we were able to do that? Like, ten years ago, maybe?"— Maddy Montaquila Welcome friends to The Modern .NET Show; the premier .NET podcast, focusing entirely on the knowledge, tools, and frameworks that all .NET developers should have in their toolbox. We are the go-to podcast for .NET developers worldwide, and I am your host: Jamie “GaProgMan” Taylor. In this episode, we talk with Maddy Montaquila about .NET Aspire, what it is, how it's not just for .NET developers, and how it can help you to run a repo by simply hitting F5, regardless of what's in there. "To me, it really is just a dev tool in a bunch of different ways. It makes you just hit F5 again, no matter how many containers, or local, or deployed services you have to deal with, or projects, or languages, or if you're in VS, or VS Code, or on a Mac, or on a command line, or on a Linux machine. Like Aspire just makes all that magical without replatforming"— Maddy Montaquila Along the way, we also talk about the importance of reducing the complexity of going from, "I have an idea," to, "my app is running in the cloud." And Maddy drops a wonderful metaphor for .NET Aspire using a Logo-based metaphor. And we address the community invented elephant in the room: that .NET Aspire, somehow, locks you into using one vendor. Spoiler alert: it can deploy to any cloud vendor, and even to on-prem servers. Anyway, without further ado, let's sit back, open up a terminal, type in `dotnet new podcast` and we'll dive into the core of Modern .NET. Supporting the Show If you find this episode useful in any way, please consider supporting the show by either leaving a review (check our review page for ways to do that), sharing the episode with a friend or colleague, buying the host a coffee, or considering becoming a Patron of the show. Full Show Notes The full show notes, including links to some of the things we discussed and a full transcription of this episode, can be found at: https://dotnetcore.show/season-7/net-aspire-how-maddy-montaquila-and-the-net-team-are-revolutionizing-development/ Maddy's Links: Maddy on Bluesky Other Links: CNCF OpenTelemetry Helm Codespaces Podman Devcontainers Vim GDB FreeBSD Jail .NET Aspire Community Toolkit CORS MCP Phi-4 Four stages of competence dot.net Cloud features of .NET Customer Stories: customers.microsoft.com dot.net/customers Ollama Supporting the show: Leave a rating or review Buy the show a coffee Become a patron Getting in Touch: Via the contact page Joining the Discord Remember to rate and review the show on Apple Podcasts, Podchaser, or wherever you find your podcasts, this will help the show's audience grow. Or you can just share the show with a friend. And don't forget to reach out via our Contact page. We're very interested in your opinion of the show, so please get in touch. You can support the show by making a monthly donation on the show's Patreon page at: https://www.patreon.com/TheDotNetCorePodcast. Music created by Mono Memory Music, licensed to RJJ Software for use in The Modern .NET Show

This show has been flagged as Clean by the host. Intro How I know BSD Very minimal NetBSD usage I'm am leaving out Dragonfly BSD Previous episodes Several by Claudio Miranda and others - check the tags page. hpr3799 :: My home router history hpr3187 :: Ansible for Dynamic Host Configuration Protocol hpr3168 :: FreeBSD Jails and iocage hpr2181 :: Install OpenBSD from Linux using Grub History and Overview https://en.wikipedia.org/wiki/History_of_the_Berkeley_Software_Distribution The history of the Berkeley Software Distribution began in the 1970s when University of California, Berkeley received a copy of Unix. Professors and students at the university began adding software to the operating system and released it as BSD to select universities. https://en.wikipedia.org/wiki/Comparison_of_BSD_operating_systems Comparisons to Linux Not better or worse, just different. BSD is a direct descendant of the original UNIX Not distributions - Separate projects with separate code bases. Permissive vs Copyleft One Project vs Kernel + User land Most Open Source software is available on BSD ports and packages Network Devices and DISKS will have different naming conventions. BE CAREFUL Distinctives FreeBSD Probably most widely used Base OS Commercial products Tightly integrated with ZFS Jails OS for Firewall appliances - PFSense and Opensense OpenBSD Focus on Code Correctness and Security Often First to develop new security methodologies - ASLR and Kernel relinking at boot Home of OpenSSH, ... Base includes Xorg and a minimal Window Manager The Best docs - man pages NetBSD Supports the most platforms pkgsrc can be used on any UNIX like. How I use BSD Home Router Recently migrated from FreeBSD to OpenBSD Better support for the cheap 2.5G network adapters in Ali express firewalls Workstations OpenBSD Dual boot laptop - missing some nice features - Vscode and BT audio OpenBSD for Banking NAS FreeBSD Was physical by migrated to Proxmox VM with direct attached drives Jails for some apps ZFS pools for storage My recommendations Router OpenBSD - Any BSD will work Opensense - similar experience to managing DD-WRT Thinkpads - OpenBSD Other laptops / PC - FreeBSD desktop focus derivative. ghost or midnight Servers/NAS FreeBSD ZFS Jails BSD is worth trying Dual booting is supported but can be tricky if unfamiliar. r Provide feedback on this episode.

Malicious npm and VS Code packages stealing data Nova Scotia Power confirms ransomware attack Researchers claim ChatGPT o3 bypassed shutdown in controlled test Huge thanks to our sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com/CISO. Find the stories behind the headlines at CISOseries.com.  

CodeRabbit, led by founder Harjot Gill, is tackling one of software development's biggest bottlenecks: the human code review process. While AI coding tools like GitHub Copilot have sped up code generation, they've inadvertently slowed down shipping due to increased complexity in code reviews. Developers now often review AI-generated code they didn't write, leading to misunderstandings, bugs, and security risks. In an episode of The New Stack Makers, Gill discusses how Code Rabbit leverages advanced reasoning models—OpenAI's o1, o3 mini, and Anthropic's Claude series—to automate and enhance code reviews. Unlike rigid, rule-based static analysis tools, Code Rabbit builds rich context at scale by spinning up sandbox environments for pull requests and allowing AI agents to navigate codebases like human reviewers. These agents can run CLI commands, analyze syntax trees, and pull in external context from Jira or vulnerability databases. Gill envisions a hybrid future where AI handles the grunt work of code review, empowering humans to focus on architecture and intent—ultimately reducing bugs, delays, and development costs.Learn more from The New Stack about the latest insights about AI code reviews: CodeRabbit's AI Code Reviews Now Live Free in VS Code, Cursor AI Coding Agents Level Up from Helpers to Team Players Augment Code: An AI Coding Tool for 'Real' Development WorkJoin our community of newsletter subscribers to stay on top of the news and at the top of your game. 

Wow! What a week at Microsoft Build 2025 for GitHub Copilot, VS Code, Visual Studio, .NET, and so much more. We get into it! Follow Us Frank: Twitter, Blog, GitHub James: Twitter, Blog, GitHub Merge Conflict: Twitter, Facebook, Website, Chat on Discord Music : Amethyst Seer - Citrine by Adventureface ⭐⭐ Review Us (https://itunes.apple.com/us/podcast/merge-conflict/id1133064277?mt=2&ls=1) ⭐⭐ Machine transcription available on http://mergeconflict.fm

In this episode of the PowerShell Podcast, we welcome back Justin Grote, a Microsoft MVP and open-source powerhouse, for an in-depth and fast-paced conversation. Fresh off his PowerShell Wednesday presentation, Justin shares the thinking behind his latest innovations, including the creation of the high-performance ExcelFast module and his evangelism for dev containers and modern development workflows.   Key topics in this episode include: Getting the most from VS Code – Justin shares power-user tips, favorite settings, and the evolution of his 1,000-line configuration file. GitHub Copilot and real-world developer productivity – How Justin's approach to AI tooling shifted after experiencing measurable value in his PowerShell workflows. Dev containers and runtime containers – A detailed breakdown of the difference, practical use cases, and how they transform collaboration, onboarding, and consistency. Excel Fast – A brand-new module optimized for high-performance reading, writing, and streaming of large Excel and CSV datasets, developed with dev containers from day one. Open-source contributions to PowerShell – Including enhanced logging for Invoke-RestMethod and building a dev container for the PowerShell repo itself. PowerShell Conf EU previews – From a 90-minute VS Code optimization deep dive to a hands-on runspaces lab with GitHub Codespaces integration. This episode is packed with practical advice, philosophy on tooling, and Justin's trademark blend of performance focus and community-first thinking. Whether you're a seasoned developer or looking to up your scripting game, you'll walk away with new ideas and resources to explore.   Guest Bio – Justin Grote Justin Grote is a Microsoft MVP, PowerShell advocate, and open-source contributor with a deep focus on automation, performance, and developer productivity. Known for tools like ModuleFast and his work improving PowerShell workflows, Justin blends real-world experience with a passion for teaching and sharing. Whether he's optimizing VS Code, contributing to the PowerShell repo, or speaking at global conferences, Justin empowers the community with practical solutions and thoughtful insight.   Links: Find Justin on GitHub, BlueSky, or on Discord (@JustinGrote): https://github.com/JustinGrote Try out ExcelFast: https://github.com/JustinGrote/ExcelFast PSConfEU Announcement: https://www.linkedin.com/feed/update/urn:li:activity:7328093268225806337/ Create Dev Container Docs: https://code.visualstudio.com/docs/devcontainers/create-dev-container SecretManagement.DpapiNG: https://github.com/jborean93/SecretManagement.DpapiNG Connect with Andrew on Socials: https://andrewpla.tech/links Catch PowerShell Wednesdays weekly at 2 PM EST on discord.gg/pdq The PowerShell Podcast hub: https://pdq.com/the-powershell-podcast  The PowerShell Podcast on YouTube: https://youtu.be/dHbWFUyUaOE

This week both Google and Microsoft held conferences where they announced all the new, great AI breakthroughs, but there were a few other notable, web dev-focused pieces in between. VS Code announced it will be open sourcing the GitHub Copilot Chat extension, refactoring relevant components into its core codebase, as the next logical step “in making VS Code an open source AI editor.”Microsoft has floated a new idea called “NLWeb” to make it easier for websites to turn themselves into AI apps using an LLM model and their own data. While this sounds interesting, it's very early days yet and is not ready for prime time.A blog post from Remix creator Ryan Florence leaked earlier this week, and in it, Ryan shares that Remix v3 will move away from using React. The usual criticisms of React are present, and so Remix v3 will be completely new with a focus on a framework that's AI friendly and leveraging all the Web APIs available today. News:VS Code is open sourcing its AI chat extensionRemix's “Declaration of Independence” blog leakedAnd Microsoft introduces yet another AI standardLightning News:Satya Nadella and podcastsIntroducing Claude 4 What Makes Us Happy this Week:Paige - Daredevil: Born Again TV seriesJack -  Baseball team Portland Pickles' Red Head Appreciation NightTJ - The Philadelphia Inquirer's summer reading listThanks as always to our sponsor, the Blue Collar Coder channel on YouTube. You can join us in our Discord channel, explore our website and reach us via email, or talk to us on X, Bluesky, or YouTube.Front-end Fire websiteBlue Collar Coder on YouTubeBlue Collar Coder on DiscordReach out via emailTweet at us on X @front_end_fireFollow us on Bluesky @front-end-fire.comSubscribe to our YouTube channel @Front-EndFirePodcast

In this episode of the Mainframe Connect podcast's I am a Mainframer series, Richelle from Beta Systems shares her inspiring journey from the Philippines to Austria in the mainframe industry. Starting as a COBOL programmer trainee, Richelle transitioned through roles in systems programming and open-source development, becoming a key contributor to the Zowe community as a Scrum Master for Zowe Explorer. She discusses mainframe modernization, the power of the Zowe community, and her passion for teaching modern mainframe tools like VS Code and CLI to apprentices and colleagues. A highlight of the conversation is Richelle's vision for a hybrid mainframe future and her advocacy for greater visibility of women in the industry through the upcoming Mainframe Coven podcast.

Hey folks, Alex here, welcome back to ThursdAI! And folks, after the last week was the calm before the storm, "The storm came, y'all" – that's an understatement. This wasn't just a storm; it was an AI hurricane, a category 5 of announcements that left us all reeling (in the best way possible!). From being on the ground at Google I/O to live-watching Anthropic drop Claude 4 during our show, it's been an absolute whirlwind.This week was so packed, it felt like AI Christmas, with tech giants and open-source heroes alike showering us with gifts. We saw OpenAI play their classic pre-and-post-Google I/O chess game, Microsoft make some serious open-source moves, Google unleash an avalanche of updates, and Anthropic crash the party with Claude 4 Opus and Sonnet live stream in the middle of ThursdAI!So buckle up, because we're about to try and unpack this glorious chaos. As always, we're here to help you collectively know, learn, and stay up to date, so you don't have to. Let's dive in! (TL;DR and links in the end) Open Source LLMs Kicking Things OffEven with the titans battling, the open-source community dropped some serious heat this week. It wasn't the main headline grabber, but the releases were significant!Gemma 3n: Tiny But Mighty MatryoshkaFirst up, Google's Gemma 3n. This isn't just another small model; it's a "Nano-plus" preview, a 4-billion parameter MatFormer (Matryoshka Transformer – how cool is that name?) model designed for mobile-first multimodal applications. The really slick part? It has a nested 2-billion parameter sub-model that can run entirely on phones or Chromebooks.Yam was particularly excited about this one, pointing out the innovative "model inside another model" design. The idea is you can use half the model, not depth-wise, but throughout the layers, for a smaller footprint without sacrificing too much. It accepts interleaved text, image, audio, and video, supports ASR and speech translation, and even ships with RAG and function-calling libraries for edge apps. With a 128K token window and responsible AI features baked in, Gemma 3n is looking like a powerful tool for on-device AI. Google claims it beats prior 4B mobile models on MMLU-Lite and MMMU-Mini. It's an early preview in Google AI Studio, but it definitely flies on mobile devices.Mistral & AllHands Unleash Devstral 24BThen we got a collaboration from Mistral and AllHands: Devstral, a 24-billion parameter, state-of-the-art open model focused on code. We've been waiting for Mistral to drop some open-source goodness, and this one didn't disappoint.Nisten was super hyped, noting it beats o3-Mini on SWE-bench verified – a tough benchmark! He called it "the first proper vibe coder that you can run on a 3090," which is a big deal for coders who want local power and privacy. This is a fantastic development for the open-source coding community.The Pre-I/O Tremors: OpenAI & Microsoft Set the StageAs we predicted, OpenAI couldn't resist dropping some news right before Google I/O.OpenAI's Codex Returns as an AgentOpenAI launched Codex – yes, that Codex, but reborn as an asynchronous coding agent. This isn't just a CLI tool anymore; it connects to GitHub, does pull requests, fixes bugs, and navigates your codebase. It's powered by a new coding model fine-tuned for large codebases and was SOTA on SWE Agent when it dropped. Funnily, the model is also called Codex, this time, Codex-1. And this gives us a perfect opportunity to talk about the emerging categories I'm seeing among Code Generator agents and tools:* IDE-based (Cursor, Windsurf): Live pair programming in your editor* Vibe coding (Lovable, Bolt, v0): "Build me a UI" style tools for non-coders* CLI tools (Claude Code, Codex-cli): Terminal-based assistants* Async agents (Claude Code, Jules, Codex, GitHub Copilot agent, Devin): Work on your repos while you sleep, open pull requests for you to review, asyncCodex (this new one) falls into category number 4, and with today's release, Cursor seems to also strive to get to category number 4 with background processing. Microsoft BUILD: Open Source Copilot and Copilot Agent ModeThen came Microsoft Build, their huge developer conference, with a flurry of announcements.The biggest one for me? GitHub Copilot's front-end code is now open source! The VS Code editor part was already open, but the Copilot integration itself wasn't. This is a massive move, likely a direct answer to the insane valuations of VS Code clones like Cursor. Now, you can theoretically clone GitHub Copilot with VS Code and swing for the fences.GitHub Copilot also launched as an asynchronous coding assistant, very similar in function to OpenAI's Codex, allowing it to be assigned tasks and create/update PRs. This puts Copilot right into category 4 of code assistants, and with the native Github Integration, they may actually have a leg up in this race!And if that wasn't enough, Microsoft is adding MCP (Model Context Protocol) support directly into the Windows OS. The implications of having the world's biggest operating system natively support this agentic protocol are huge.Google I/O: An "Ultra" Event Indeed!Then came Tuesday, and Google I/O. I was there in the thick of it, and folks, it was an absolute barrage. Google is shipping. The theme could have been "Ultra" for many reasons, as we'll see.First off, the scale: Google reported a 49x increase in AI usage since last year's I/O, jumping from 9 trillion tokens processed to a mind-boggling 480 trillion tokens. That's a testament to their generous free tiers and the explosion of AI adoption.Gemini 2.5 Pro & Flash: #1 and #2 LLMs on ArenaGemini 2.5 Flash got an update and is now #2 on the LMArena leaderboard (with Gemini 2.5 Pro still holding #1). Both Pro and Flash gained some serious new capabilities:* Deep Think mode: This enhanced reasoning mode is pushing Gemini's scores to new heights, hitting 84% on MMMU and topping LiveCodeBench. It's about giving the model more "time" to work through complex problems.* Native Audio I/O: We're talking real-time TTS in 24 languages with two voices, and affective dialogue capabilities. This is the advanced voice mode we've been waiting for, now built-in.* Project Mariner: Computer-use actions are being exposed via the Gemini API & Vertex AI for RPA partners. This started as a Chrome extension to control your browser and now seems to be a cloud-based API, allowing Gemini to use the web, not just browse it. This feels like Google teaching its AI to interact with the JavaScript-heavy web, much like they taught their crawlers years ago.* Thought Summaries: Okay, here's one update I'm not a fan of. They've switched from raw thinking traces to "thought summaries" in the API. We want the actual traces! That's how we learn and debug.* Thinking Budgets: Previously a Flash-only feature, token ceilings for controlling latency/cost now extend to Pro.* Flash Upgrade: 20-30% fewer tokens, better reasoning/multimodal scores, and GA in early June.Gemini Diffusion: Speed Demon for Code and MathThis one got Yam Peleg incredibly excited. Gemini Diffusion is a new approach, different from transformers, for super-speed editing of code and math tasks. We saw demos hitting 2000 tokens per second! While there might be limitations at longer contexts, its speed and infilling capabilities are seriously impressive for a research preview. This is the first diffusion model for text we've seen from the frontier labs, and it looks sick. Funny note, they had to slow down the demo video to actually show the diffusion process, because at 2000t/s - apps appear as though out of thin air!The "Ultra" Tier and Jules, Google's Coding AgentRemember the "Ultra event" jokes? Well, Google announced a Gemini Ultra tier for $250/month. This tops OpenAI's Pro plan and includes DeepThink access, a generous amount of VEO3 generation, YouTube Premium, and a whopping 30TB of storage. It feels geared towards creators and developers.And speaking of developers, Google launched Jules (jules.google)! This is their asynchronous coding assistant (Category 4!). Like Codex and GitHub Copilot Agent, it connects to your GitHub, opens PRs, fixes bugs, and more. The big differentiator? It's currently free, which might make it the default for many. Another powerful agent joins the fray!AI Mode in Search: GA and EnhancedAI Mode in Google Search, which we've discussed on the show before with Robby Stein, is now in General Availability in the US. This is Google's answer to Perplexity and chat-based search.But they didn't stop there:* Personalization: AI Mode can now connect to your Gmail and Docs (if you opt-in) for more personalized results.* Deep Search: While AI Mode is fast, Deep Search offers more comprehensive research capabilities, digging through hundreds of sources, similar to other "deep research" tools. This will eventually be integrated, allowing you to escalate an AI Mode query for a deeper dive.* Project Mariner Integration: AI Mode will be able to click into websites, check availability for tickets, etc., bridging the gap to an "agentic web."I've had a chat with Robby during I/O and you can listen to that interview at the end of the podcast.Veo3: The Undisputed Star of Google I/OFor me, and many others I spoke to, Veo3 was the highlight. This is Google's flagship video generation model, and it's on another level. (the video above, including sounds is completely one shot generated from VEO3, no processing or editing)* Realism and Physics: The visual quality and understanding of physics are astounding.* Natively Multimodal: This is huge. Veo3 generates native audio, including coherent speech, conversations, and sound effects, all synced perfectly. It can even generate text within videos.* Coherent Characters: Characters remain consistent across scenes and have situational awareness, who speaks when, where characters look.* Image Upload & Reference Ability: While image upload was closed for the demo, it has reference capabilities.* Flow: An editor for video creation using Veo3 and Imagen4 which also launched, allowing for stiching and continuous creation.I got access and created videos where Veo3 generated a comedian telling jokes (and the jokes were decent!), characters speaking with specific accents (Indian, Russian – and they nailed it!), and lip-syncing that was flawless. The situational awareness, the laugh tracks kicking in at the right moment... it's beyond just video generation. This feels like a world simulator. It blew through the uncanny valley for me. More on Veo3 later, because it deserves its own spotlight.Imagen4, Virtual Try-On, and XR Glasses* Imagen4: Google's image generation model also got an upgrade, with extra textual ability.* Virtual Try-On: In Google Shopping, you can now virtually try on clothes. I tried it; it's pretty cool and models different body types well.* XR AI Glasses from Google: Perhaps the coolest, but most futuristic, announcement. AI-powered glasses with an actual screen, memory, and Gemini built-in. You can talk to it, it remembers things for you, and interacts with your environment. This is agentic AI in a very tangible form.Big Company LLMs + APIs: The Beat Goes OnThe news didn't stop with Google.OpenAI (acqui)Hires Jony Ive, Launches "IO" for HardwareThe day after I/O, Sam Altman confirmed that Jony Ive, the legendary designer behind Apple's iconic products, is joining OpenAI. He and his company, LoveFrom, have jointly created a new company called "IO" (yes, IO, just like the conference) which is joining OpenAI in a stock deal reportedly worth $6.5 billion. They're working on a hardware device, unannounced for now, but expected next year. This is a massive statement of intent from OpenAI in the hardware space.Legendary iPhone analyst Ming-Chi Kuo shed some light on the possible device, it won't have a screen, as Jony wants to "wean people off screens"... funny right? They are targeting 2027 for mass production, which is really interesting as 2027 is when most big companies expect AGI to be here. "The current prototype is slightly larger than AI Pin, with a form factor comparable to iPod Shuffle, with one intended use cases is to wear it around your neck, with microphones and cameras for environmental detection" LMArena Raises $100M Seed from a16zThis one raised some eyebrows. LMArena, the go-to place for vibe-checking LLMs, raised a $100 million seed round from Andreessen Horowitz. That's a huge number for a seed, reminiscent of Stability AI's early funding. It also brings up questions about how a VC-backed startup maintains impartiality as a model evaluation platform. Interesting times ahead for leaderboards, how they intent to make 100x that amount to return to investors. Very curious.

New Variant of Crypto Confidence Scam Scammers are offering login credentials for what appears to be high value crypto coin accounts. However, the goal is to trick users into paying for expensive VIP memberships to withdraw the money. https://isc.sans.edu/diary/New%20Variant%20of%20Crypto%20Confidence%20Scam/31968 Malicious Chrome Extensions Malicious Chrome extensions mimick popular services like VPNs to trick users into installing them. Once installed, the extensions will exfiltrate browser secrets https://dti.domaintools.com/dual-function-malware-chrome-extensions/ Malicious VS Code Extensions Malicious Visual Studio Code extensions target crypto developers to trick them into installing them to exfiltrate developer secrets. https://securitylabs.datadoghq.com/articles/mut-9332-malicious-solidity-vscode-extensions/#indicators-of-compromise

Agentic AI is the theme of the show this year, and this time its multi-agent with orchestration! But first, we need to discuss the protestors. Paul and Richard have stories. So many stories! Build 2025 New Microsoft 365 Copilot features are rolling out now because it's a day that ends in y Tuning is the unexpected Build Bingo center square term - rolling out to agents GitHub Copilot is open source in VS Code, more Win32 app support improvements, no more fees in Microsoft Store A shift in making Windows 11 the best place for developers - some things said, some left unsaid Edge gets new AI features too of course New native app capabilities in Windows App SDK, React Native And, pre-Build, 50 million Visual Studio users Copilot for consumers does image generation now. Fun tip: You can Minecraft-ize photos OpenAI has a coding agent too, obviously And OpenAI is buying Jony Ive! Windows Administrator Protection is coming soon - And not just for businesses. This feels very much like the firewall in XP SP2, it's going to be disruptive New 24H2 features in Release Preview: New text actions in Click to Do, a lot more New 24H2 features in Dev and Beta: AI actions in File Explorer, Advanced Settings, Search improvements, more New 23H2 features, Windows 10 features in Release Preview Surface Laptop Studio RIP Calendar companion app for Windows 11/M365 Microsoft may finally put the Teams antitrust issue in the EU behind Xbox Fortnite returns to the Apple App Store Apple blocked it first, Epic complained to judge And Microsoft files a legal motion against Apple and for Epic Games Qualcomm job listing confirms Xbox plans to some degree What happens when you combine Qualcomm NPU with Nvidia GPU? Xbox May Update arrives and it's a big one Retro Classic Games for Xbox Game Pass Game Bar updates, Edge Game Assist, GeForce now etc. on PC Custom Xbox gift cards More streaming of your own games Hellblade II is coming from Xbox to PS5 Many more games coming to Xbox Game Pass across platforms Tips and Picks App pick of the week: You can try Microsoft's command line editor now Game pick of the week: Doom: The Dark Ages RunAs Radio this week: PowerShell 7.5 and DSC 3.0.0 with Jason Helmick Brown liquor pick of the week: Tamnavulin Sherry Cask Hosts: Leo Laporte, Paul Thurrott, and Richard Campbell Download or subscribe to Windows Weekly at https://twit.tv/shows/windows-weekly Check out Paul's blog at thurrott.com The Windows Weekly theme music is courtesy of Carl Franklin. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: spaceship.com/twit uscloud.com

Agentic AI is the theme of the show this year, and this time its multi-agent with orchestration! But first, we need to discuss the protestors. Paul and Richard have stories. So many stories! Build 2025 New Microsoft 365 Copilot features are rolling out now because it's a day that ends in y Tuning is the unexpected Build Bingo center square term - rolling out to agents GitHub Copilot is open source in VS Code, more Win32 app support improvements, no more fees in Microsoft Store A shift in making Windows 11 the best place for developers - some things said, some left unsaid Edge gets new AI features too of course New native app capabilities in Windows App SDK, React Native And, pre-Build, 50 million Visual Studio users Copilot for consumers does image generation now. Fun tip: You can Minecraft-ize photos OpenAI has a coding agent too, obviously And OpenAI is buying Jony Ive! Windows Administrator Protection is coming soon - And not just for businesses. This feels very much like the firewall in XP SP2, it's going to be disruptive New 24H2 features in Release Preview: New text actions in Click to Do, a lot more New 24H2 features in Dev and Beta: AI actions in File Explorer, Advanced Settings, Search improvements, more New 23H2 features, Windows 10 features in Release Preview Surface Laptop Studio RIP Calendar companion app for Windows 11/M365 Microsoft may finally put the Teams antitrust issue in the EU behind Xbox Fortnite returns to the Apple App Store Apple blocked it first, Epic complained to judge And Microsoft files a legal motion against Apple and for Epic Games Qualcomm job listing confirms Xbox plans to some degree What happens when you combine Qualcomm NPU with Nvidia GPU? Xbox May Update arrives and it's a big one Retro Classic Games for Xbox Game Pass Game Bar updates, Edge Game Assist, GeForce now etc. on PC Custom Xbox gift cards More streaming of your own games Hellblade II is coming from Xbox to PS5 Many more games coming to Xbox Game Pass across platforms Tips and Picks App pick of the week: You can try Microsoft's command line editor now Game pick of the week: Doom: The Dark Ages RunAs Radio this week: PowerShell 7.5 and DSC 3.0.0 with Jason Helmick Brown liquor pick of the week: Tamnavulin Sherry Cask Hosts: Leo Laporte, Paul Thurrott, and Richard Campbell Download or subscribe to Windows Weekly at https://twit.tv/shows/windows-weekly Check out Paul's blog at thurrott.com The Windows Weekly theme music is courtesy of Carl Franklin. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: spaceship.com/twit uscloud.com

Agentic AI is the theme of the show this year, and this time its multi-agent with orchestration! But first, we need to discuss the protestors. Paul and Richard have stories. So many stories! Build 2025 New Microsoft 365 Copilot features are rolling out now because it's a day that ends in y Tuning is the unexpected Build Bingo center square term - rolling out to agents GitHub Copilot is open source in VS Code, more Win32 app support improvements, no more fees in Microsoft Store A shift in making Windows 11 the best place for developers - some things said, some left unsaid Edge gets new AI features too of course New native app capabilities in Windows App SDK, React Native And, pre-Build, 50 million Visual Studio users Copilot for consumers does image generation now. Fun tip: You can Minecraft-ize photos OpenAI has a coding agent too, obviously And OpenAI is buying Jony Ive! Windows Administrator Protection is coming soon - And not just for businesses. This feels very much like the firewall in XP SP2, it's going to be disruptive New 24H2 features in Release Preview: New text actions in Click to Do, a lot more New 24H2 features in Dev and Beta: AI actions in File Explorer, Advanced Settings, Search improvements, more New 23H2 features, Windows 10 features in Release Preview Surface Laptop Studio RIP Calendar companion app for Windows 11/M365 Microsoft may finally put the Teams antitrust issue in the EU behind Xbox Fortnite returns to the Apple App Store Apple blocked it first, Epic complained to judge And Microsoft files a legal motion against Apple and for Epic Games Qualcomm job listing confirms Xbox plans to some degree What happens when you combine Qualcomm NPU with Nvidia GPU? Xbox May Update arrives and it's a big one Retro Classic Games for Xbox Game Pass Game Bar updates, Edge Game Assist, GeForce now etc. on PC Custom Xbox gift cards More streaming of your own games Hellblade II is coming from Xbox to PS5 Many more games coming to Xbox Game Pass across platforms Tips and Picks App pick of the week: You can try Microsoft's command line editor now Game pick of the week: Doom: The Dark Ages RunAs Radio this week: PowerShell 7.5 and DSC 3.0.0 with Jason Helmick Brown liquor pick of the week: Tamnavulin Sherry Cask Hosts: Leo Laporte, Paul Thurrott, and Richard Campbell Download or subscribe to Windows Weekly at https://twit.tv/shows/windows-weekly Check out Paul's blog at thurrott.com The Windows Weekly theme music is courtesy of Carl Franklin. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: spaceship.com/twit uscloud.com

Agentic AI is the theme of the show this year, and this time its multi-agent with orchestration! But first, we need to discuss the protestors. Paul and Richard have stories. So many stories! Build 2025 New Microsoft 365 Copilot features are rolling out now because it's a day that ends in y Tuning is the unexpected Build Bingo center square term - rolling out to agents GitHub Copilot is open source in VS Code, more Win32 app support improvements, no more fees in Microsoft Store A shift in making Windows 11 the best place for developers - some things said, some left unsaid Edge gets new AI features too of course New native app capabilities in Windows App SDK, React Native And, pre-Build, 50 million Visual Studio users Copilot for consumers does image generation now. Fun tip: You can Minecraft-ize photos OpenAI has a coding agent too, obviously And OpenAI is buying Jony Ive! Windows Administrator Protection is coming soon - And not just for businesses. This feels very much like the firewall in XP SP2, it's going to be disruptive New 24H2 features in Release Preview: New text actions in Click to Do, a lot more New 24H2 features in Dev and Beta: AI actions in File Explorer, Advanced Settings, Search improvements, more New 23H2 features, Windows 10 features in Release Preview Surface Laptop Studio RIP Calendar companion app for Windows 11/M365 Microsoft may finally put the Teams antitrust issue in the EU behind Xbox Fortnite returns to the Apple App Store Apple blocked it first, Epic complained to judge And Microsoft files a legal motion against Apple and for Epic Games Qualcomm job listing confirms Xbox plans to some degree What happens when you combine Qualcomm NPU with Nvidia GPU? Xbox May Update arrives and it's a big one Retro Classic Games for Xbox Game Pass Game Bar updates, Edge Game Assist, GeForce now etc. on PC Custom Xbox gift cards More streaming of your own games Hellblade II is coming from Xbox to PS5 Many more games coming to Xbox Game Pass across platforms Tips and Picks App pick of the week: You can try Microsoft's command line editor now Game pick of the week: Doom: The Dark Ages RunAs Radio this week: PowerShell 7.5 and DSC 3.0.0 with Jason Helmick Brown liquor pick of the week: Tamnavulin Sherry Cask Hosts: Leo Laporte, Paul Thurrott, and Richard Campbell Download or subscribe to Windows Weekly at https://twit.tv/shows/windows-weekly Check out Paul's blog at thurrott.com The Windows Weekly theme music is courtesy of Carl Franklin. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: spaceship.com/twit uscloud.com

Agentic AI is the theme of the show this year, and this time its multi-agent with orchestration! But first, we need to discuss the protestors. Paul and Richard have stories. So many stories! Build 2025 New Microsoft 365 Copilot features are rolling out now because it's a day that ends in y Tuning is the unexpected Build Bingo center square term - rolling out to agents GitHub Copilot is open source in VS Code, more Win32 app support improvements, no more fees in Microsoft Store A shift in making Windows 11 the best place for developers - some things said, some left unsaid Edge gets new AI features too of course New native app capabilities in Windows App SDK, React Native And, pre-Build, 50 million Visual Studio users Copilot for consumers does image generation now. Fun tip: You can Minecraft-ize photos OpenAI has a coding agent too, obviously And OpenAI is buying Jony Ive! Windows Administrator Protection is coming soon - And not just for businesses. This feels very much like the firewall in XP SP2, it's going to be disruptive New 24H2 features in Release Preview: New text actions in Click to Do, a lot more New 24H2 features in Dev and Beta: AI actions in File Explorer, Advanced Settings, Search improvements, more New 23H2 features, Windows 10 features in Release Preview Surface Laptop Studio RIP Calendar companion app for Windows 11/M365 Microsoft may finally put the Teams antitrust issue in the EU behind Xbox Fortnite returns to the Apple App Store Apple blocked it first, Epic complained to judge And Microsoft files a legal motion against Apple and for Epic Games Qualcomm job listing confirms Xbox plans to some degree What happens when you combine Qualcomm NPU with Nvidia GPU? Xbox May Update arrives and it's a big one Retro Classic Games for Xbox Game Pass Game Bar updates, Edge Game Assist, GeForce now etc. on PC Custom Xbox gift cards More streaming of your own games Hellblade II is coming from Xbox to PS5 Many more games coming to Xbox Game Pass across platforms Tips and Picks App pick of the week: You can try Microsoft's command line editor now Game pick of the week: Doom: The Dark Ages RunAs Radio this week: PowerShell 7.5 and DSC 3.0.0 with Jason Helmick Brown liquor pick of the week: Tamnavulin Sherry Cask Hosts: Leo Laporte, Paul Thurrott, and Richard Campbell Download or subscribe to Windows Weekly at https://twit.tv/shows/windows-weekly Check out Paul's blog at thurrott.com The Windows Weekly theme music is courtesy of Carl Franklin. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: spaceship.com/twit uscloud.com

Agentic AI is the theme of the show this year, and this time its multi-agent with orchestration! But first, we need to discuss the protestors. Paul and Richard have stories. So many stories! Build 2025 New Microsoft 365 Copilot features are rolling out now because it's a day that ends in y Tuning is the unexpected Build Bingo center square term - rolling out to agents GitHub Copilot is open source in VS Code, more Win32 app support improvements, no more fees in Microsoft Store A shift in making Windows 11 the best place for developers - some things said, some left unsaid Edge gets new AI features too of course New native app capabilities in Windows App SDK, React Native And, pre-Build, 50 million Visual Studio users Copilot for consumers does image generation now. Fun tip: You can Minecraft-ize photos OpenAI has a coding agent too, obviously And OpenAI is buying Jony Ive! Windows Administrator Protection is coming soon - And not just for businesses. This feels very much like the firewall in XP SP2, it's going to be disruptive New 24H2 features in Release Preview: New text actions in Click to Do, a lot more New 24H2 features in Dev and Beta: AI actions in File Explorer, Advanced Settings, Search improvements, more New 23H2 features, Windows 10 features in Release Preview Surface Laptop Studio RIP Calendar companion app for Windows 11/M365 Microsoft may finally put the Teams antitrust issue in the EU behind Xbox Fortnite returns to the Apple App Store Apple blocked it first, Epic complained to judge And Microsoft files a legal motion against Apple and for Epic Games Qualcomm job listing confirms Xbox plans to some degree What happens when you combine Qualcomm NPU with Nvidia GPU? Xbox May Update arrives and it's a big one Retro Classic Games for Xbox Game Pass Game Bar updates, Edge Game Assist, GeForce now etc. on PC Custom Xbox gift cards More streaming of your own games Hellblade II is coming from Xbox to PS5 Many more games coming to Xbox Game Pass across platforms Tips and Picks App pick of the week: You can try Microsoft's command line editor now Game pick of the week: Doom: The Dark Ages RunAs Radio this week: PowerShell 7.5 and DSC 3.0.0 with Jason Helmick Brown liquor pick of the week: Tamnavulin Sherry Cask Hosts: Leo Laporte, Paul Thurrott, and Richard Campbell Download or subscribe to Windows Weekly at https://twit.tv/shows/windows-weekly Check out Paul's blog at thurrott.com The Windows Weekly theme music is courtesy of Carl Franklin. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: spaceship.com/twit uscloud.com

In this potluck episode of Syntax, Wes and CJ answer your questions about OpenAI's $3B Windsurf acquisition, the evolving role of UI in an AI-driven world, why good design still matters, React vs. Svelte, and more! Show Notes 00:00 Welcome to Syntax! Devs Night Out 02:35 OpenAI acquires Windsurf for $3B Windsurf Ep 870: Windsurf forked VS Code to compete with Cursor. Talking the future of AI + Coding 05:20 What is the future of UI now that AI is such a heavy hitter? 08:45 Handling spam submissions on websites Cloudflare Turnstile 14:18 Duplicating HTML for desktop and mobile websites? 17:03 Is it okay to use a JSON file for simple website data? 19:04 How to handle anonymous and duplicate users Better-Auth 21:55 Working with TypeScript Object.keys() and “any” vs “@ts-ignore” 25:51 Brought to you by Sentry.io 26:38 What is the difference between React and Svelte? 30:24 How should you name your readme file? 31:55 How do you find time to refactor code? 35:20 Best practices for testing responsiveness Polypane 39:19 Avoiding layout shift with progressive enhancement 46:56 Sick Picks + Shameless Plugs Sick Picks CJ: Portable Chainsaw Wes: White Lotus Shameless Plugs CJ: Nuxt Wes: Full Stack App Build | Travel Log w/ Nuxt, Vue, Better Auth, Drizzle, Tailwind, DaisyUI, MapLibre Hit us up on Socials! Syntax: X Instagram Tiktok LinkedIn Threads Wes: X Instagram Tiktok LinkedIn Threads Scott: X Instagram Tiktok LinkedIn Threads Randy: X Instagram YouTube Threads

Scott and Wes are joined by Erich Gamma, creator of VS Code, and Kai Maetzel, Copilot Lead, to share some big news about the future of VS Code and Copilot. They discuss what it means for developers, how AI is shaping the future of coding, and why staying open to the community is key. Show Notes 00:00 Welcome to Syntax! 01:00 The inception of VS Code. 02:49 VS Code adoption. 04:31 Brought to you by Sentry.io. 04:55 Syntax Denver Meetup! 05:19 The big announcement. 06:25 The current state of Copilot and VS Code. 08:31 The challenges with LLMs running outside of the codebase. 09:31 How to make a business case for AI. 10:47 The maturing of the AI landscape. 13:01 The limitations of extensions. 14:06 Open source vs closed source. 14:49 Copilot's context is public. 19:23 Is context language-specific? 21:23 How does this affect paid Copilot features? 23:27 Secrets of Copilot's server-side. 28:36 What will be open and what will not? 29:03 Is Copilot's UI influenced by VS Code forks? 31:31 Maintaining VS Code identity in forks. 33:07 What does open-sourcing GitHub Copilot mean for Cursor and Windsurf? 38:42 Were you surprised to see VS Code forks? 40:03 Are other extensions able to tap into the AI offerings? 43:20 There's work to be done. 44:13 The timeline. 45:39 Simulation Tests (S Tests). 48:07 How to test LLMs. 49:10 The future of software development with AI. 52:47 What's your favorite model? Hit us up on Socials! Syntax: X Instagram Tiktok LinkedIn Threads Wes: X Instagram Tiktok LinkedIn Threads Scott: X Instagram Tiktok LinkedIn Threads Randy: X Instagram YouTube Threads

TanStack, a collection of popular open-source software libraries, is back in the news cycle this week with the announcement of TanStack DB. TanStack DB extends TanStack Query with collections, live queries, and optimistic UI mutations to keep UIs reactive, consistent, and lightning fast.VS Code marks its 100th release of v1 with updates like: enabling Next Edit Suggestions (NES) be default, adding custom instructions and reusable prompts for a chat agent inside a project's .github folder, and new tools at the AI agent's disposal for better results.There's a new component library available called Basecoat UI that claims to bring the magic of shadcn/ui with no React required. No matter if a website's built using HTML, Flask, Rails, or another JS framework, Basecoat uses HTML and Tailwind, and a hint of Alpine.js when needed, to provide accessible, modern components that are also compatible with shadcn/ui themes.News:Paige - Basecoat UI - framework agnostic component libraryJack - TanStack DBTJ - VS Code 1.100Bonus News:Apparently we should all just f'ing use HTMLParcel v2.15 jumps on the Rust bandwagonGoogle is testing a new “AI Mode”Google's logo changeMax once again becomes HBO MaxWhat Makes Us Happy this Week:Paige - House of Earth and Blood (#1 in Crescent City series) Jack -  Grand Sumo May 2025 TournamentTJ - Coast of MichiganThanks as always to our sponsor, the Blue Collar Coder channel on YouTube. You can join us in our Discord channel, explore our website and reach us via email, or talk to us on X, Bluesky, or YouTube.Front-end Fire websiteBlue Collar Coder on YouTubeBlue Collar Coder on DiscordReach out via emailTweet at us on X @front_end_fireFollow us on Bluesky @front-end-fire.comSubscribe to our YouTube channel @Front-EndFirePodcast

Mike & Tommy discuss their best use cases of TMDL, Semantic Models, and VS Code.Get in touch:Send in your questions or topics you want us to discuss by tweeting to @PowerBITips with the hashtag #empMailbag or submit on the PowerBI.tips Podcast Page.Visit PowerBI.tips: https://powerbi.tips/Watch the episodes live every Tuesday and Thursday morning at 730am CST on YouTube: https://www.youtube.com/powerbitipsSubscribe on Spotify: https://open.spotify.com/show/230fp78XmHHRXTiYICRLVvSubscribe on Apple: https://podcasts.apple.com/us/podcast/explicit-measures-podcast/id1568944083‎Check Out Community Jam: https://jam.powerbi.tipsFollow Mike: https://www.linkedin.com/in/michaelcarlo/Follow Seth: https://www.linkedin.com/in/seth-bauer/Follow Tommy: https://www.linkedin.com/in/tommypuglia/

A quick episode this week, which includes attacking VS Code with ASCII control characters, as well as a referrer leak and SCIM hunting.Links and vulnerability summaries for this episode are available at: https://dayzerosec.com/podcast/282.html[00:00:00] Introduction[00:00:57] Attacking Hypervisors - Training Update[00:06:20] Drag and Pwnd: Leverage ASCII characters to exploit VS Code[00:12:12] Full Referer URL leak through img tag[00:17:52] SCIM Hunting - Beyond SSO[00:25:17] Breaking the Sound Barrier Part I: Fuzzing CoreAudio with Mach MessagesPodcast episodes are available on the usual podcast platforms: -- Apple Podcasts: https://podcasts.apple.com/us/podcast/id1484046063 -- Spotify: https://open.spotify.com/show/4NKCxk8aPEuEFuHsEQ9Tdt -- Google Podcasts: https://www.google.com/podcasts?feed=aHR0cHM6Ly9hbmNob3IuZm0vcy9hMTIxYTI0L3BvZGNhc3QvcnNz -- Other audio platforms can be found at https://anchor.fm/dayzerosecYou can also join our discord: https://discord.gg/daTxTK9

Aprende Grafana y domina el monitoreo de datos en tiempo real

How do you balance architecture and code? Carl and Richard talk to Steve Smith about various architectural strategies and the swing back-and-forth against over-designing architecture and getting code written. Steve talks about how architecture changes depending on the size and number of teams, how the latest tools can help with architectural choices, and the challenge of effective refactoring when things need to change. Lots of great conversation!

How do you balance architecture and code? Carl and Richard talk to Steve Smith about various architectural strategies and the swing back-and-forth against over-designing architecture and getting code written. Steve talks about how architecture changes depending on the size and number of teams, how the latest tools can help with architectural choices, and the challenge of effective refactoring when things need to change. Lots of great conversation!

Wikipedia is attacked by Trump lackeys, Bluesky folds under pressure from the Turkish government, Linux YouTube is terrible as usual, Microsoft wants you to use the “proper” VS Code, Intel AI chips aren't selling well, yet another open source project has to deal with crawlers, TrueNAS goes Linux-only, and more.   News Trump DOJ goon... Read More

Wikipedia is attacked by Trump lackeys, Bluesky folds under pressure from the Turkish government, Linux YouTube is terrible as usual, Microsoft wants you to use the “proper” VS Code, Intel AI chips aren't selling well, yet another open source project has to deal with crawlers, TrueNAS goes Linux-only, and more.   News Trump DOJ goon... Read More

Aprende cómo crear una app con Vibe Coding y la IA de Hostinger Horizons.

In this episode of Gradient Dissent, host Lukas Biewald talks with Sualeh Asif, the CPO and co-founder of Cursor, one of the fastest-growing and most loved AI-powered coding platforms. Sualeh shares the story behind Cursor's creation, the technical and design decisions that set it apart, and how AI models are changing the way we build software. They dive deep into infrastructure challenges, the importance of speed and user experience, and how emerging trends in agents and reasoning models are reshaping the developer workflow.Sualeh also discusses scaling AI inference to support hundreds of millions of requests per day, building trust through product quality, and his vision for how programming will evolve in the next few years.⏳Timestamps:00:00 How Cursor got started and why it took off04:50 Switching from Vim to VS Code and the rise of CoPilot08:10 Why Cursor won among competitors: product philosophy and execution10:30 How user data and feedback loops drive Cursor's improvements12:20 Iterating on AI agents: what made Cursor hold back and wait13:30 Competitive coding background: advantage or challenge?16:30 Making coding fun again: latency, flow, and model choices19:10 Building Cursor's infrastructure: from GPUs to indexing billions of files26:00 How Cursor prioritizes compute allocation for indexing30:00 Running massive ML infrastructure: surprises and scaling lessons34:50 Why Cursor chose DeepSeek models early36:00 Where AI agents are heading next40:07 Debugging and evaluating complex AI agents42:00 How coding workflows will change over the next 2–3 years46:20 Dream future projects: AI for reading codebases and papers

This episode explores the dichotomy between iterative planning and target state planning in software development, discussing the benefits and drawbacks of each approach and providing decision factors to help you choose the most appropriate method for your situation.Understand the core difference between iterative planning, which emphasises agility and responding to change with short planning horizons, and target state planning, which involves laying out a more defined long-term direction.Discover that while iterative planning is often considered the "right way" for software development, target state planning can be valuable for setting a general direction, which can be updated as you learn.Learn why addressing problems atomically in an iterative fashion can be valid, but that evaluating multiple potential improvements together with a target state in mind can lead to better coordination, efficiency, and consistency.Explore the decision factors that might lead you to favour iterative planning, such as high uncertainty, learning-focused work (discovery, prototypes), and fast feedback loops.Understand the decision factors that might lead you to favour target state planning, such as clarity on the problem, working in production with high coupling, regulatory/safety risks, slow feedback loops, high cost of mistakes, broad scope of impact, and high coordination costs.Learn why choosing a planning method by default is a warning sign, and that considering the usefulness of upfront planning without being limited by dogma is important.Understand that upfront planning (target state) can enable adaptation as you learn, and that negative perceptions of it often stem from costly, incorrect plans that were difficult to change.Discover that the choice between iterative and target state planning is a spectrum rather than a pure dichotomy, and that a target state doesn't necessarily need to be a long-term plan.

In this episode, I, Stewart Alsop III, sat down with AJ Beckner to walk through how non-technical founders can build a deeper understanding of their codebase using AI tools like Cursor and Claude. We explored the reality of navigating an IDE as a beginner, demystified Git and GitHub version control, and walked through practical ways to clone a repo, open it safely in Cursor, and start asking questions about your app's structure and functionality without breaking anything. AJ shared his curiosity about finding specific text in his app and how to track that down across branches. We also looked at using AI-powered tools for tasks like dependency analysis and visualizing app architecture, with a focus on empowering non-devs to gain confidence and clarity in their product's code. You can connect with AJ through Twitter at @thisistheaj.Check out this GPT we trained on the conversation!Timestamps00:00 – Stewart introduces Cursor as a fork of Visual Studio Code and explains the concept of an IDE to AJ, who has zero prior experience. They talk about the complexity of coding and the importance of developer curiosity.05:00 – They walk through cloning a GitHub repository using the git clone command. Stewart highlights that AJ won't break anything and introduces the idea of a local playground for exploration.10:00 – Stewart explains Git vs GitHub, the purpose of version control, and how to use the terminal for navigation. They begin setting up the project in Cursor using the terminal rather than GUI options.15:00 – They realize only a README was cloned, leading to a discussion about branches—specifically the difference between main and development branches—and how to clone the right one.20:00 – Using git fetch, they get access to the development branch. Stewart explains how to disconnect from Git safely to avoid pushing changes.25:00 – AJ and Stewart begin exploring Cursor's AI features, including the chat interface. Stewart encourages AJ to start asking natural-language questions about the app structure.30:00 – Stewart demonstrates how to ask for a dependency analysis and create mermaid diagrams for visualizing how app modules are connected.35:00 – They begin identifying specific UI components, including finding and editing the home screen title. AJ uploads a screenshot to use as reference in Cursor.40:00 – They successfully trace the UI text to an index.tsx file and discuss the layout's dependency structure. AJ learns how to use search and command-F effectively.45:00 – They begin troubleshooting issues with Claude's GitHub integration, exploring Claude MCP servers and configuration files to fix broken tools.50:00 – Stewart guides AJ through using npm to install missing packages, explains what Node Package Manager is, and reflects on the interconnected nature of modern development.55:00 – Final troubleshooting steps and next steps. Stewart suggests bringing in Phil for deeper debugging. AJ reflects on how empowered he now feels navigating the codebase.Key InsightsYou don't need to be a developer to understand your app's codebase: AJ Beckner starts the session with zero familiarity with IDEs, but through Stewart's guidance, he begins navigating Cursor and GitHub confidently. The key idea is that non-technical founders can develop real intuition about their code—enough to communicate better with developers, find what they need, and build trust with the systems behind their product.Cursor makes AI-native development accessible to beginners: One of the biggest unlocks in this episode is seeing how Cursor, a VS Code fork with AI baked in, can answer questions about your codebase in plain English. By cloning the GitHub repo and indexing it, AJ is able to ask, “Where do I change this text in the app?” and get direct, actionable guidance. Stewart points out that this shifts the role of a founder from passively waiting on answers to actively exploring and editing.Version control doesn't have to be scary—with the right framing: Git and GitHub come across as overwhelming to many non-engineers, but Stewart breaks it down simply: Git is the local system that helps keep changes organized and non-destructive, and GitHub is the cloud-based sharing tool layered on top. Together, they allow safe experimentation, like cloning a development branch and disconnecting it from the main repo to create a playground environment.Branching strategies reflect how work gets done behind the scenes: The episode includes a moment of discovery: AJ cloned the main branch and only got a README. Stewart explains that the real work often lives in a “development” branch, while “main” is kept stable for production. Understanding this distinction helps AJ (and listeners) know where to look when trying to understand how features are actually being built and tested.Command line basics give you superpowers: Rather than relying solely on visual tools, Stewart introduces AJ to the terminal—explaining simple commands like cd, git clone, and git fetch—and emphasizes that the terminal has been the backbone of developer work for decades. It's empowering to learn that you can use just a few lines of text to download and explore an entire app.Modern coding is less about code and more about managing complexity: A recurring theme in the conversation is the sheer number of dependencies, frameworks, and configuration files that make up any modern app. Stewart compares this to a reflection of modern life—interconnected and layered. Understanding this complexity (rather than being defeated by it) becomes a mindset that AJ embraces as part of becoming technically fluent.AI will keep lowering the bar to entry, but learning fundamentals still matters: Stewart shares how internal OpenAI coding models went from being some of the worst performers two years ago to now ranking among the top 50 in the world. While this progress promises an easier future for non-devs, Stewart emphasizes the value of understanding what's happening under the hood. Tools like Claude and Cursor are incredibly powerful, but knowing what they're doing—and when to be skeptical—is still key.

Varun Mohan is the co-founder and CEO of Windsurf (formerly Codeium), an AI-powered development environment (IDE) that has been used by over 1 million developers in just four months and has quickly emerged as a leader in transforming how developers build software. Prior to finding success with Windsurf, the company pivoted twice—first from GPU virtualization infrastructure to an IDE plugin, and then to their own standalone IDE.In this conversation, you'll learn:1. Why Windsurf walked away from a profitable GPU infrastructure business and bet the company on helping engineers code2. The surprising UI discovery that tripled adoption rates overnight.3. The secret behind Windsurf's B2B enterprise plan, and why they invested early in an 80-person sales team despite conventional startup wisdom.4. How non-technical staff at Windsurf built their own custom tools instead of purchasing SaaS products, saving them over $500k in software costs5. Why Varun believes 90% of code will be AI-generated, but engineering jobs will actually increase6. How training on millions of incomplete code samples gives Windsurf an edge, and creates a moat long-term7. Why agency is the most undervalued and important skill in the AI era—Brought to you by:• Brex—The banking solution for startups• Productboard—Make products that matter• Coda—The all-in-one collaborative workspace—Where to find Varun Mohan:• X: https://x.com/_mohansolo• LinkedIn: https://www.linkedin.com/in/varunkmohan/—Where to find Lenny:• Newsletter: https://www.lennysnewsletter.com• X: https://twitter.com/lennysan• LinkedIn: https://www.linkedin.com/in/lennyrachitsky/—In this episode, we cover:(00:00) Varun's background(03:57) Building and scaling Windsurf(12:58) Windsurf: The new purpose-built IDE to harness magic(17:11) The future of engineering and AI(21:30) Skills worth investing in(23:07) Hiring philosophy and company culture(35:22) Sales strategy and market position(39:37) JetBrains vs. VS Code: extensibility and enterprise adoption(41:20) Live demo: building an Airbnb for dogs with Windsurf(42:46) Tips for using Windsurf effectively(46:38) AI's role in code modification and review(48:56) Empowering non-developers to build custom software(54:03) Training Windsurf(01:00:43) Windsurf's unique team structure and product strategy(01:06:40) The importance of continuous innovation(01:08:57) Final thoughts and advice for aspiring developers—Referenced:• Windsurf: https://windsurf.com/• VS Code: https://code.visualstudio.com/• JetBrains: https://www.jetbrains.com/• Eclipse: https://eclipseide.org/• Visual Studio: https://visualstudio.microsoft.com/• Vim: https://www.vim.org/• Emacs: https://www.gnu.org/software/emacs/• Lessons from a two-time unicorn builder, 50-time startup advisor, and 20-time company board member | Uri Levine (co-founder of Waze): https://www.lennysnewsletter.com/p/lessons-from-uri-levine• IntelliJ: https://www.jetbrains.com/idea/• Julia: https://julialang.org/• Parallel computing: https://en.wikipedia.org/wiki/Parallel_computing• Douglas Chen on LinkedIn: https://www.linkedin.com/in/douglaspchen/• Carlos Delatorre on LinkedIn: https://www.linkedin.com/in/cadelatorre/• MongoDB: https://www.mongodb.com/• Cursor: https://www.cursor.com/• GitHub Copilot: https://github.com/features/copilot• Llama: https://www.llama.com/• Mistral: https://mistral.ai/• Building Lovable: $10M ARR in 60 days with 15 people | Anton Osika (CEO and co-founder): https://www.lennysnewsletter.com/p/building-lovable-anton-osika• Inside Bolt: From near-death to ~$40m ARR in 5 months—one of the fastest-growing products in history | Eric Simons (founder & CEO of StackBlitz): https://www.lennysnewsletter.com/p/inside-bolt-eric-simons• Behind the product: Replit | Amjad Masad (co-founder and CEO): https://www.lennysnewsletter.com/p/behind-the-product-replit-amjad-masad• React: https://react.dev/• Sonnet: https://www.anthropic.com/claude/sonnet• OpenAI: https://openai.com/• FedRamp: https://www.fedramp.gov/• Dario Amodei on LinkedIn: https://www.linkedin.com/in/dario-amodei-3934934/• Amdahl's law: https://en.wikipedia.org/wiki/Amdahl%27s_law• How to win in the AI era: Ship a feature every week, embrace technical debt, ruthlessly cut scope, and create magic your competitors can't copy | Gaurav Misra (CEO and co-founder of Captions): https://www.lennysnewsletter.com/p/how-to-win-in-the-ai-era-gaurav-misra—Recommended book:• Fall in Love with the Problem, Not the Solution: A Handbook for Entrepreneurs: https://www.amazon.com/Fall-Love-Problem-Solution-Entrepreneurs/dp/1637741987—Production and marketing by https://penname.co/. For inquiries about sponsoring the podcast, email podcast@lennyrachitsky.com.—Lenny may be an investor in the companies discussed. Get full access to Lenny's Newsletter at www.lennysnewsletter.com/subscribe

Scott and Wes break down the Model Context Protocol (MCP), a new open standard that gives AI agents secure, tool-like access to your dev environment. They cover how it works, why it's a big deal for AI coding workflows, and real-world use cases like GitHub, Sentry, and YouTube. Show Notes 00:00 Welcome to Syntax! 00:49 The lore of ICP. Wes MCP Shirt. 03:09 Brought to you by Sentry.io. 03:33 What is MCP? 05:06 The steps of AI coding. 07:11 MCP hosts. 07:28 MCP clients. 07:35 MCP servers. 08:24 Why you might want to do this. 10:39 How this works in VS Code. 14:10 Wes built an MCP server. SVGL. 14:57 Playwright. 17:24 Sentry's implementation. Building Sentry's MCP with David Cramer. 18:54 YouTube implementation. 21:19 DaVinci Resolve implementation. Smithery. 23:02 Postgres. 24:40 Transport protocols. 24:49 STDIO. 25:19 SSE. 25:32 Streaming. 26:24 Writing you own MCP server. 26:28 FastMCP. 27:00 Cloudflare. 28:01 Data validation. 28:47 Standard schema. Episode 873. 29:27 Other parts of MCP. 29:35 MCP resources. 30:37 MCP prompts. 30:48 MCP roots. Hit us up on Socials! Syntax: X Instagram Tiktok LinkedIn Threads Wes: X Instagram Tiktok LinkedIn Threads Scott: X Instagram Tiktok LinkedIn Threads Randy: X Instagram YouTube Threads

DOS Lives, Web Cams Gone Wild, VSCODE, Coinblack, Oracle, P&G, Satan, Sec Gemini, Shopify, Josh Marpet, and more on the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-466

News includes a new Elixir case study about Cyanview's camera shading technology used at major events like the Olympics and Super Bowl, Oban Pro 1.6 with 20x faster queue partitioning, the openid_connect package reaching version 1.0, Supabase's new Postgres Language Server for developer tooling, and ElixirEvents.net as a community resource. Plus, we interview Michael Lubas, founder of Paraxial.io, about web application security in Elixir, what's involved in a security audit, and how his Elixir-focused security company is helping teams and businesses in the community. Show Notes online - http://podcast.thinkingelixir.com/248 (http://podcast.thinkingelixir.com/248) Elixir Community News https://elixir-lang.org/blog/2025/03/25/cyanview-elixir-case/ (https://elixir-lang.org/blog/2025/03/25/cyanview-elixir-case/?utm_source=thinkingelixir&utm_medium=shownotes) – New Elixir case study about Cyanview, a Belgian company whose Remote Control Panel for camera shading is used at major events like the Olympics and Super Bowl. Their Elixir-powered solution enables remote camera control across challenging network conditions. https://oban.pro/docs/pro/1.6.0-rc.1/changelog.html (https://oban.pro/docs/pro/1.6.0-rc.1/changelog.html?utm_source=thinkingelixir&utm_medium=shownotes) – Oban Pro 1.6 released with subworkflows, improved queue partitioning (20x faster), and a new guide explaining different job composition approaches. https://oban.pro/docs/pro/1.6.0-rc.1/composition.html (https://oban.pro/docs/pro/1.6.0-rc.1/composition.html?utm_source=thinkingelixir&utm_medium=shownotes) – New Oban Pro guide explaining when to use chains, workflows, chunks, or batches for job composition. https://github.com/DockYard/openid_connect (https://github.com/DockYard/openid_connect?utm_source=thinkingelixir&utm_medium=shownotes) – The Elixir package 'openid_connect' reached version 1.0, providing client library support for working with various OpenID Connect providers like Google, Microsoft Azure AD, Auth0, and others. https://hexdocs.pm/openid_connect/readme.html (https://hexdocs.pm/openid_connect/readme.html?utm_source=thinkingelixir&utm_medium=shownotes) – Documentation for the newly released openid_connect 1.0 package. https://bsky.app/profile/davelucia.com/post/3llqwsbyutc2z (https://bsky.app/profile/davelucia.com/post/3llqwsbyutc2z?utm_source=thinkingelixir&utm_medium=shownotes) – Announcement that openid_connect is maintained by tvlabs. https://bsky.app/profile/germsvel.com/post/3llee5lyerk2b (https://bsky.app/profile/germsvel.com/post/3llee5lyerk2b?utm_source=thinkingelixir&utm_medium=shownotes) – PhoenixTest v0.6.0 has been released with significant changes, including a breaking change. https://github.com/germsvel/phoenix_test (https://github.com/germsvel/phoenix_test?utm_source=thinkingelixir&utm_medium=shownotes) – GitHub repository for PhoenixTest. https://hexdocs.pm/phoenixtest/upgradeguides.html#upgrading-to-0-6-0 (https://hexdocs.pm/phoenix_test/upgrade_guides.html#upgrading-to-0-6-0?utm_source=thinkingelixir&utm_medium=shownotes) – Upgrade guide for updating to PhoenixTest v0.6.0 with its breaking change. https://hexdocs.pm/phoenix_test/changelog.html#0-6-0 (https://hexdocs.pm/phoenix_test/changelog.html#0-6-0?utm_source=thinkingelixir&utm_medium=shownotes) – Changelog for PhoenixTest v0.6.0. https://supabase.com/blog/postgres-language-server (https://supabase.com/blog/postgres-language-server?utm_source=thinkingelixir&utm_medium=shownotes) – Supabase has released a new Postgres Language Server for developers, providing IDE intellisense and autocomplete for PostgreSQL. https://marketplace.visualstudio.com/items?itemName=Supabase.postgrestools (https://marketplace.visualstudio.com/items?itemName=Supabase.postgrestools?utm_source=thinkingelixir&utm_medium=shownotes) – VSCode extension for Supabase's new Postgres developer tools. https://github.com/supabase-community/postgres-language-server (https://github.com/supabase-community/postgres-language-server?utm_source=thinkingelixir&utm_medium=shownotes) – GitHub repository for Supabase's Postgres Language Server. https://pgtools.dev/ (https://pgtools.dev/?utm_source=thinkingelixir&utm_medium=shownotes) – Official website for Postgres Tools with documentation and features. https://pgtools.dev/checking_migrations/ (https://pgtools.dev/checking_migrations/?utm_source=thinkingelixir&utm_medium=shownotes) – Feature in Postgres Tools that lints database migrations to check for problematic schema changes. https://github.com/fly-apps/safe-ecto-migrations (https://github.com/fly-apps/safe-ecto-migrations?utm_source=thinkingelixir&utm_medium=shownotes) – Resource for ensuring safe Ecto migrations. https://fly.io/phoenix-files/safe-ecto-migrations/ (https://fly.io/phoenix-files/safe-ecto-migrations/?utm_source=thinkingelixir&utm_medium=shownotes) – Article about safe Ecto migrations posted on Fly.io. https://elixirevents.net/ (https://elixirevents.net/?utm_source=thinkingelixir&utm_medium=shownotes) – Community resource created by Johanna Larsson for tracking, sharing, and learning about Elixir events worldwide. https://bsky.app/profile/elixirevents.net (https://bsky.app/profile/elixirevents.net?utm_source=thinkingelixir&utm_medium=shownotes) – Bluesky account for ElixirEvents.net for following Elixir community events. Do you have some Elixir news to share? Tell us at @ThinkingElixir (https://twitter.com/ThinkingElixir) or email at show@thinkingelixir.com (mailto:show@thinkingelixir.com) Discussion Resources https://paraxial.io/ (https://paraxial.io/?utm_source=thinkingelixir&utm_medium=shownotes) https://paraxial.io/blog/index (https://paraxial.io/blog/index?utm_source=thinkingelixir&utm_medium=shownotes) – Blog with posts about security for Elixir, Rails, and the Paraxial service https://www.cnn.com/2025/03/18/tech/google-wiz-acquisition/index.html (https://www.cnn.com/2025/03/18/tech/google-wiz-acquisition/index.html?utm_source=thinkingelixir&utm_medium=shownotes) https://podcast.thinkingelixir.com/93 (https://podcast.thinkingelixir.com/93?utm_source=thinkingelixir&utm_medium=shownotes) – Our last discussion was 3 years ago in episode 93! Titled "Preventing Service Abuse with Michael Lubas" https://www.amazon.com/Innovators-Dilemma-Revolutionary-Change-Business/dp/0062060244 (https://www.amazon.com/Innovators-Dilemma-Revolutionary-Change-Business/dp/0062060244?utm_source=thinkingelixir&utm_medium=shownotes) https://www.merriam-webster.com/dictionary/Kafkaesque - having a nightmarishly complex, bizarre, or illogical quality (https://www.merriam-webster.com/dictionary/Kafkaesque - having a nightmarishly complex, bizarre, or illogical quality?utm_source=thinkingelixir&utm_medium=shownotes) https://paraxial.io/blog/oban-pentest (https://paraxial.io/blog/oban-pentest?utm_source=thinkingelixir&utm_medium=shownotes) – Completed a Security Audit of Oban Pro - this is after ObanPro went free and OpenSource https://paraxial.io/blog/elixir-best (https://paraxial.io/blog/elixir-best?utm_source=thinkingelixir&utm_medium=shownotes) – Elixir and Phoenix Security Checklist: 11 Best Practices https://paraxial.io/blog/rails-command-injection (https://paraxial.io/blog/rails-command-injection?utm_source=thinkingelixir&utm_medium=shownotes) – Ruby on Rails Security: Preventing Command Injection https://paraxial.io/blog/paraxial-three (https://paraxial.io/blog/paraxial-three?utm_source=thinkingelixir&utm_medium=shownotes) – Paraxial.io v3 blog post Guest Information - Michael Lubas, Paraxial.io Founder - michael@paraxial.io - https://x.com/paraxialio (https://x.com/paraxialio?utm_source=thinkingelixir&utm_medium=shownotes) – on Twitter/X - https://x.com/paraxialio (https://x.com/paraxialio?utm_source=thinkingelixir&utm_medium=shownotes) – on Twitter/X - https://github.com/paraxialio/ (https://github.com/paraxialio/?utm_source=thinkingelixir&utm_medium=shownotes) – on Github - https://www.youtube.com/@paraxial5874 (https://www.youtube.com/@paraxial5874?utm_source=thinkingelixir&utm_medium=shownotes) – Paraxial.io channel on YouTube - https://genserver.social/paraxial (https://genserver.social/paraxial?utm_source=thinkingelixir&utm_medium=shownotes) – on Fediverse - https://paraxial.io/ (https://paraxial.io/?utm_source=thinkingelixir&utm_medium=shownotes) – Blog Find us online - Message the show - Bluesky (https://bsky.app/profile/thinkingelixir.com) - Message the show - X (https://x.com/ThinkingElixir) - Message the show on Fediverse - @ThinkingElixir@genserver.social (https://genserver.social/ThinkingElixir) - Email the show - show@thinkingelixir.com (mailto:show@thinkingelixir.com) - Mark Ericksen on X - @brainlid (https://x.com/brainlid) - Mark Ericksen on Bluesky - @brainlid.bsky.social (https://bsky.app/profile/brainlid.bsky.social) - Mark Ericksen on Fediverse - @brainlid@genserver.social (https://genserver.social/brainlid) - David Bernheisel on Bluesky - @david.bernheisel.com (https://bsky.app/profile/david.bernheisel.com) - David Bernheisel on Fediverse - @dbern@genserver.social (https://genserver.social/dbern)

DOS Lives, Web Cams Gone Wild, VSCODE, Coinblack, Oracle, P&G, Satan, Sec Gemini, Shopify, Josh Marpet, and more on the Security Weekly News. Show Notes: https://securityweekly.com/swn-466

DOS Lives, Web Cams Gone Wild, VSCODE, Coinblack, Oracle, P&G, Satan, Sec Gemini, Shopify, Josh Marpet, and more on the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-466

In this episode of the Azure podcast, Sujit and the team, including Cale, Russell, and Cynthia, are joined by special guest Matteo Pagani, a Cloud Solutions Architect in the Tech Strategy team at Microsoft. Matteo provides insights into the agentic world of Co-pilot, explaining how agents can enhance business processes and improve efficiency. Tune in to learn about the practical applications of these technologies and how they can be integrated into existing workflows.   Media file: https://azpodcast.blob.core.windows.net/episodes/Episode515.mp3 YouTube: https://youtu.be/qMJ88BLbTVo Resources:   Overview of Microsoft 365 Copilot extensibility: https://learn.microsoft.com/en-us/microsoft-365-copilot/extensibility/ Building declarative agents with Visual Studio Code, Copilot Studio and Agent Builder: https://learn.microsoft.com/en-us/microsoft-365-copilot/extensibility/overview-declarative-agent Building custom engine agents with Visual Studio Code and Copilot Studio: https://learn.microsoft.com/en-us/microsoft-365-copilot/extensibility/overview-custom-engine-agent My blog with some fun experiments with multi-agents scenarios: https://www.developerscantina.com/   Other updates: Announcing GA for Azure Container Apps Serverless GPUs | Microsoft Community Hub   https://www.linkedin.com/pulse/introducing-deep-reasoning-agent-flows-copilot-studio-charles-lamanna-n1zxc/   Let's try GitHub Copilot Agent mode in VS Code to build a FULL app!

Privacy Aware Bots A botnet is using privacy as well as CSRF prevention headers to better blend in with normal browsers. However, in the process they may make it actually easier to spot them. https://isc.sans.edu/diary/Privacy%20Aware%20Bots/31796 Critical Ingress Nightmare Vulnerability ingress-nginx fixed four new vulnerabilities, one of which may lead to a Kubernetes cluster compromise. Note that at the time I am making this live, not all of the URLs below are available yet, but I hope they will be available shortly after publishing this podcast https://www.darkreading.com/application-security/critical-ingressnightmare-vulns-kubernetes-environments https://www.wiz.io/blog/ingress-nginx-kubernetes-vulnerabilities https://kubernetes.io/blog/ FBI Warns of File Converter Scams File converters may include malicious ad ons. Be careful where you get your software from. https://www.fbi.gov/contact-us/field-offices/denver/news/fbi-denver-warns-of-online-file-converter-scam VSCode Extension Includes Ransomware https://x.com/ReversingLabs/status/1902355043065500145

In this episode, Erich and Javvad discuss the VSCode extensions that was used by millions, and that Microsoft wrongly removed, Roblox tells parents if they want safe kids, that's a 'you' problem, and the UK says cyberpros need to make more than the PM. This and more!

Tastovision, Trufflepig, Cisco, Windows, VSCode, OT, SQL Server, Android, Josh Marpet, and more on the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-456

Curl and libcurl are everywhere. Not only has the project maintained success for almost three decades now, but it's done that while being written in C. Daniel Stenberg talks about the challenges in dealing with appsec, the design philosophies that keep it secure, and fostering a community to create one of the most recognizable open source projects in the world. Segment Resources: https://daniel.haxx.se/blog/2025/01/23/cvss-is-dead-to-us/ https://daniel.haxx.se/blog/2024/01/02/the-i-in-llm-stands-for-intelligence/ https://thenewstack.io/curls-daniel-stenberg-on-securing-180000-lines-of-c-code/ Google replacing SMS with QR codes for authentication, MS pulls a VSCode extension due to red flags, threat modeling with TRAIL, threat modeling the Bybit hack, malicious models and malicious AMIs, and more! Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://securityweekly.com/asw-320

Attacker of of Ephemeral Ports Attackers often use ephermeral ports to reach out to download additional resources or exfiltrate data. This can be used, with care, to detect possible compromises. https://isc.sans.edu/diary/%5BGuest%20Diary%5D%20Malware%20Source%20Servers%3A%20The%20Threat%20of%20Attackers%20Using%20Ephemeral%20Ports%20as%20Service%20Ports%20to%20Upload%20Data/31710 Compromised Visal Studio Code Extension downloaded by Millions Amit Assaraf identified a likely compromised Visual Studio Code theme that was installed by millions of potential victims. Amit did not disclose the exact malicious behaviour, but is asking for victims to contact them for details. https://medium.com/@amitassaraf/a-wolf-in-dark-mode-the-malicious-vs-code-theme-that-fooled-millions-85ed92b4bd26 ByBit Theft Due to Compromised Developer Workstation ByBit and Safe{Wallet} disclosed that the record breaking ethereum theft was due to a compromised Safe{Wallet} developer workstation. A replaced JavaScript file targeted ByBit and altered a transaction signed by ByBit. https://x.com/benbybit/status/1894768736084885929 https://x.com/safe/status/1894768522720350673 PoC for NAKIVO Backup Replication Vulnerability This vulnerability allows the compromise of NAKIVO backup systems. The vulnerability was patched silently in November, and never disclosed by NAKIVO. Instead, WatchTowr now disloses details including a proof of concept exploit. https://labs.watchtowr.com/the-best-security-is-when-we-all-agree-to-keep-everything-secret-except-the-secrets-nakivo-backup-replication-cve-2024-48248/ OpenH264 Vulnerability https://github.com/cisco/openh264/security/advisories/GHSA-m99q-5j7x-7m9x rsync vulnerability exploited https://www.cisa.gov/known-exploited-vulnerabilities-catalog