Best Programming Master

A number of companies have announced major changes to their executive leadership last month. Here are a couple of the moves across the industry this past month. Commvault names Pranay Ahlawat as chief technology and AI officer Ahlawat will oversee the company’s product vision and development life cycle as they embrace more AI technologies.  Previously he was associate director of Enterprise Software & Cloud at Boston Consulting Group, where he spent over nine years of his career at.  “Pranay brings a wealth of industry expertise on how AI is evolving and revolutionizing business operations,” said  Rajiv Kottomtharayil, chief product officer at Commvault, who Ahlawat will be reporting to. “Commvault is excited to leverage his industry knowledge to transform our approach to AI, building advanced solutions that enhance our Data Management and Cyber Recovery Platform.” David Smith appointed new CTO of UserTesting He will work on scaling the company’s technology infrastructure as

OpenAI has announced that it is starting to roll out its advanced Voice Mode to a select group of ChatGPT Plus users.  According to the company, this new mode “offers more natural, real-time conversations, allows you to interrupt anytime, and senses and responds to your emotions.” Advanced Voice Mode was tested by over 100 external red teamers across 45 languages.  It was first announced in May, and since then OpenAI has been working on reinforcing the safety and quality of voice conversations.  When it was first announced, the company received backlash because one of the voices, named Sky, sounded very similar to Scarlett Johansson. The company’s CEO Sam Altman had previously reached out to Johansson asking if she would provide her voice (as a nod to the movie Her ), but she said no. When the voice came out, however, it had a clear resemblance, and her legal team started demanding OpenAI reveal how the voice was developed.  “When I heard the released demo, I was shocked, ang

Pluralsight is on a mission to accelerate learning experiences on its upskilling platform with the launch of a new AI assistant called Iris .  Iris helps users more quickly discover content that is relevant to their questions, learning objectives, and goals.  It can also make recommendations on the platform’s thousands of learning paths and courses to create a more tailored educational plan. Pluralsight currently contains over 7,000 courses, 3,000 hands-on labs, and over 450 assessments, and with Iris it will be much easier to sort through all of that, the company explained.  Team leaders can also utilize Iris to figure out what skills their teams are missing so they can get them trained on the proper skills to close that gap.  “When integrated effectively, AI can improve and accelerate IT learning initiatives,” said Gina Smith, Ph.D, research director at IDC. “With the pace of technology moving faster than ever before, the next wave of technology talent must leverage AI, includin

Last month, Microsoft announced an official .NET library for OpenAI, which included full support for the OpenAI API.  Now, the company is revealing that its Semantic Kernel team has been working on upgrading its connectors to use version 2 of the OpenAI library and Azure.AI.OpenAI library.  According to the company, there were significant updates to the underlying APIs in the upgrade from v1 to v2, which is going to result in breaking changings that might impact Semantic Kernel developers using the library.  Abstractions in Semantic Kernel isolate code from a majority of the changes, but there are still some that are unavoidable. Developers will need to update the name of the library they are importing because the names of the Semantic Kernel connectors have been updated to reflect that there are now two libraries that connect to OpenAI models. The new names are Microsoft.SemanticKernel.Connectors.OpenAI and Microsoft.SemanticKernel.Connectors.AzureOpenAI. Other changes that may

The AI company Galileo has just announced its latest Hallucination Index , which is a framework that evaluates 22 leading generative AI models.  Models are tested using a metric called context adherence , which measures “closed-domain hallucinations: cases where your model said things that were not provided in the context.” The best performing model overall for RAG, according to the ranking, is Claude 3.5 Sonnet from Anthropic. Galileo said that this model and Anthropic’s other model Claude 3 Opus had near perfect scores, beating out OpenAI’s models, which won last year.  From a cost perspective, the best performing model was Google’s Gemini 1.5 Flash. And Alibaba’s Qwen2-72B-Instruct was overall the best performing open source model, though in short context RAG tests, Meta’s llama-3-60b-instruct was the best.  Broken down by context length, the best closed-source model in short context RAG was Claude 3.5 Sonnet, in medium context RAG was Google’s Gemini-1.5-flash-001 (with cost

In an effort to reduce the number of vulnerabilities in Android apps, Google is introducing the Android Application Security Knowledge Base (AAKB).  The AAKB includes a database of common code issues, complete with examples on how to remediate them and explanations on how to implement specific code patterns.  Google already does scan Android apps for vulnerabilities, and informs developers so they can remediate the issue or it removes the app if the issue isn’t fixed.  “We know that it isn’t always enough to just tell you about a vulnerability in your app; you need to know how to fix the issue and how to prevent similar issues from cropping up in the future,” the Android team wrote in a blog post .  According to Google, the AAKB is aligned with the OWASP Mobile Application Security Verification Standard (MASVS). It is also vetted by technical experts from different organizations, including Microsoft.  “This helps ensure the content is not biased to one party and represents state-

Automated testing began as a way to alleviate the repetitive and time-consuming tasks associated with manual testing. Early tools focused on running predefined scripts to check for expected outcomes, significantly reducing human error and increasing test coverage. With advancements in AI, particularly in machine learning and natural language processing, testing tools have become more sophisticated. AI-driven tools can now learn from previous tests, predict potential defects, and adapt to new testing environments with minimal human intervention. Typemock has been at the forefront of this evolution, continuously innovating to incorporate AI into its testing solutions. Typemock’s AI Enhancements Typemock has developed AI-driven tools that significantly enhance efficiency, accuracy, and test coverage. By leveraging machine learning algorithms, these tools can automatically generate test cases, optimize testing processes, and identify potential issues before they become critical problem

OpenAI has announced a prototype for its upcoming AI search features that are intended to rival existing search engines. “Getting answers on the web can take a lot of effort, often requiring multiple attempts to get relevant results. We believe that by enhancing the conversational capabilities of our models with real-time information from the web, finding what you’re looking for can be faster and easier,” OpenAI wrote in a statement .  Google had implemented AI into its search engine several months ago, and now sometimes an AI Overview will show at the top of the results page summarizing information from several sources.  Unlike Google’s offering, SearchGPT will function more like ChatGPT in the sense that it maintains context throughout a conversation, and users will also be able to ask follow-up questions to their search. Similar to Google’s AI Overview, SearchGPT will provide links to sources when it provides its responses, allowing users to verify the validity of the source or

Hoppscotch is an open source API development platform intended as an alternative to tools like Postman and Insomnia.  It features a minimalistic UI design with customizable theming, such as a distraction-free mode.  Hoppscotch can be used as a cloud-hosted web app, a self-hosted desktop app, or run through the command line.  One of the key components of Hoppscotch is Collections, which help keep API requests organized. Collections are stored in Workspaces, which can be either personal or for team use, and users can create an unlimited number of workspaces.  Collaboration features enable teams to design, develop, and test API together. The tool allows for an unlimited number of teams, shared collections, and team members to be created, and also offers role-based access control and cloud sync. Other key features include a Proxy Mode, data synchronization across devices, the ability to create post-request tests, bulk edit, and more.  The project currently has over 60K stars on GitH

As we saw last week with what happened as a result of a bad update from CrowdStrike, it’s more clear than ever that companies releasing software need a way to roll back updates if things go wrong.  In the most recent episode of our podcast, What the Dev? , we spoke with Konrad Niemiec, founder and CEO of the feature flagging tool, Lekko , to talk about the importance of adding feature flags to your code, but also what can go wrong if flags aren’t properly maintained. Here is an edited and abridged version of that conversation: David Rubinstein, editor-in-chief of SD Times: For years we’ve been talking about feature flagging in the context of code experimentation, where you can release to a small cohort of people. And if they like it, you can spread it out to more people, or you can roll it back without really doing any damage if it doesn’t work the way you thought it would. What’s your take on the whole feature flag situation? Konrad Niemiec, founder and CEO of Lekko: Feature

The Android development team is officially launching Collections, which is a new surface that groups together content from multiple installed apps in themed widgets in the Play Store.  It was first announced as a developer preview at Google I/O in May, with Mekka Okereke, general manager for Apps on Google Play, saying “this new surface will automatically organize the best and most relevant content from across apps already installed by users on their Android phones.”   The content is grouped into “intent-oriented spaces,” which include Watch, Listen, Read, Shop, Food, Social, Travel & Events, Health & Fitness, and Dating. Content contains deep links to apps, so that users can be taken directly to the app to complete a user journey, such as making a purchase through Shop, listening to a recently played album or audiobook in Listen, or reordering a recent meal in Food.  To give app developers more control over what content is shown, they can create up to five recommendation

The software intelligence company CAST is trying to make it easier for development teams to create and manage Software Bill of Materials (SBOMs) with the launch of the CAST SBOM Manager . This new free tool automates the process of creating SBOMs. Developers give the SBOM Manager access to their code repositories and it will create an SBOM that includes inventories of components, vulnerabilities, and licenses. Alternatively, they can import an existing SBOM file to speed up the process.  Once created, owners can edit the details, add custom metadata, and catalog components so that they can be used across different SBOM.  They can also define custom licenses and manage open source license risks, obsolescence, and copyrights.  The created SBOMs can be exported into various formats including Excel, Word, PPT, and CycloneDX.  The platform also includes an interactive dashboard that provides at-a-glance insights of component categories, vulnerabilities, and licenses.  “The product le

The Overture Maps Foundation — a joint effort by AWS, Meta, Microsoft, and TomTom to create reliable, interoperable open map data that developers can use — has announced the general availability release of its global open maps datasets. This release includes 2.3 building footprints, which can be used for things like property management, risk assessment, economic development, and 3D visualization. It is already used to power Microsoft’s Bing Maps, Esri’s ArcGIS Living Atlas of the World, and Addresscloud’s insurance service platform.  Other information includes data on almost 54 million places, national and regional administrative boundaries (translated into 40+ languages), and contextual base layers like land and water data. “The data in this GA release is already powering use cases in local discovery, insurance, and mapping industries, and we expect many more use cases in the coming months from industries ranging from automotive to ride-sharing and more,” said Marc Prioleau, execu

Uno Platform 5.3 is now available, adding over 350 new improvements to the cross-platform .NET development tool. According to the product team, the most notable change in this release is that JetBrains .NET IDE Rider is now officially supported. Previously, Rider could be used with Uno, but it required several setup steps to get started. Now the experience is more similar to what Visual Studio and VS Code developers experience.  “What this means in practice is that you can enjoy the full set of developer productivity enhancers such as C# and XAML Hot Reload for Uno Platform apps and debugging,” the Uno product team wrote in a blog post .  This release also features improvements to Hot Reload. There is a new visual indicator to better help developers monitor changes as they are coding, which displays new information whenever Hot Reload is triggered.  Another update is the addition of two new UI controls: ItemsView and SelectorBar. ItemsView displays a collection of items in a cus

MongoDB is launching a new technology stack to enable customers to build AI applications. The MongoDB AI Applications Program (MAAP) will feature reference architectures, integrations with leading AI technology providers, and a support system for customers featuring access to experts and education. According to MongoDB, many customers have reported that they lack the multi-modal data structures to power AI applications. They also lack the skills to confidently integrate components from multiple vendors and are worried about the risk of doing these integrations wrong. MAAP aims to provide customers the expertise they need and remove the risk of integration.  “Thousands of customers already rely on MongoDB to power their mission-critical apps, and we have years of experience helping customers unlock the power of data,” MongoDB wrote in a blog post . “The ultimate aim of MAAP is to enable customers to get the most out of their data, and to ensure that they can confidently innovate wit

Meta has announced the latest release of its open source AI model, Llama. According to Meta, with the release of Llama 3.1 405B, the company is trying to prove that open models can be just as capable as their closed counterparts, if not better. “Llama 3.1 405B is the first openly available model that rivals the top AI models when it comes to state-of-the-art capabilities in general knowledge, steerability, math, tool use, and multilingual translation,” Meta wrote in a blog post . “With the release of the 405B model, we’re poised to supercharge innovation—with unprecedented opportunities for growth and exploration. We believe the latest generation of Llama will ignite new applications and modeling paradigms, including synthetic data generation to enable the improvement and training of smaller models, as well as model distillation—a capability that has never been achieved at this scale in open source. The company evaluated Llama 3.1 against GPT-4, GPT-4o, and Claude 3.5 Sonnet. It out

For quite some time Google has been talking about phasing out third-party cookies from Chrome. Now, it appears the company is taking a different direction and will not be moving forward with removing third-party cookies from the browser. In a blog post written by Anthony Chavez, VP of Privacy Sandbox for Google, he said that the new plan is to create a “new experience in Chrome that lets people make an informed choice that applies across their web browsing, and they’d be able to adjust that choice at any time.” The company hasn’t announced specifics of what this new experience would entail yet, but said it would be engaging with regulators and then the community as the new experience is rolled out.  Privacy Sandbox is an initiative that the company launched in 2019 as part of its plan to phase out cookies. The goal was to create a set of standards related to user privacy. Chavez explained that while early testing indicated that Privacy Sandbox did have the potential to preserve

The endpoint detection software CrowdStrike made headlines for causing global outages on Windows machines around the world last Friday, leading to over 45,000 flight delays and over 5,000 cancellations, along with a number of other shutdowns, such as payment systems, healthcare services, and 911 operations.  The cause? An update that was pushed by CrowdStrike to Windows machines that triggered a logic error causing the device to get the Blue Screen of Death (BSOD). Even though CrowdStrike pulled the update fairly quickly, the computers had to be updated individually by IT teams, leading to a lengthy recovery process. While we don’t know what specifically CrowdStrike’s testing process looked like, there are a number of basic steps that companies releasing software should be doing, explained Dr. Justin Cappos, professor of computer science and engineering at NYU. “I’m not gonna say they didn’t do any testing, because I don’t know … Fundamentally, while we have to wait for a little

The three-body problem, a mathematical conundrum presented by Isaac Newton and the inspiration behind Netflix’s new multi-million dollar series by the same name, can teach us a lot about mathematics… and quality assurance. Hear me out. What is the three-body problem? Astronomers and mathematicians have been perplexed by the three-body problem ever since humans began to understand gravity. The problem was brought to light by Isaac Newton in his Universal Laws of Gravitation, in which he tried to predict how our solar system would move over time by exploring the gravitational relationship between celestial bodies such as planets, suns and stars. To help explain the problem, I’ll oversimplify it a bit.  Imagine two planets orbiting in space. Each has a gravitational field that pulls on the other in a way that is very predictable. This means that, if you wanted to, you could work out exactly where both planets will end up at a specific point in the future. However, add a third planet to

This morning, a number of major systems suffered an outage due to a bad CrowdStrike update. CrowdStrike is an endpoint protection system that runs in the background of a lot of enterprise computers to secure them, and the update caused Windows machines running the updated software to crash.  The software update only affected Windows operating systems; CrowdStrike instances running on Linux and Mac did not cause problems.  Because the use of CrowdStrike and Windows is so prevalent among businesses, the outages were widespread, affecting several major airlines that had to delay/cancel flights, 911 operations, healthcare facilities, and more.  “The current event appears – even in July – that it will be one of the most significant cyber issues of 2024. The damage to business processes at the global level is dramatic,” said Omer Grossman, CIO at CyberArk . CrowdStrike CEO George Kurtz said in an X post that a fix for the issue had been made available. “This is not a security incide

A number of companies have announced the formation of the Coalition for Secure AI (CoSAI), a group dedicated to addressing the security risks related to using AI.  CoSAI was founded by Amazon, Anthropic, Chainguard, Cisco, Cohere, GenLab, Google, IBM, Intel, Microsoft, NVIDIA, OpenAI, Paypal and Wiz. It will be hosted at the standards body OASIS Open.  The group will focus on helping companies mitigate AI-related risks, such as model theft, data poisoning, prompt injection, scaled abuse, and inference attacks.  CoSAI will initially create three workstreams: software supply chain security for AI systems, preparing defenders for a changing cybersecurity landscape, and AI security governance.  The organization will also coordinate with other initiatives, such as the Frontier Model Forum, Partnership on AI, Open Source Security Foundation, and ML Commons.  “We’ve been using AI for many years and see the ongoing potential for defenders, but also recognize its opportunities for advers

DevPod is a tool for creating and managing development environments without needing a server-side setup. It can be used as an open-source alternative to GitHub Codespaces, JetBrains Spaces, or Google Cloud Workstations.  Environments run in containers and can be spun up wherever there is a need, such as on a local computer, a cloud machine with many GPUs, or a remote computer. These development environments can be created for any infrastructure, IDE, or programming language.  Every environment is managed by a DevContainer JSON file, making it easy to switch between workspaces hosted in different places. The project was created in May 2023 by Loft Labs and now has over 8,000 stars on GitHub. According to Fabian Kramm, co-founder and CTO of Loft Labs and a creator and lead maintainer of the project, it was created from a need to have a more streamlined development experience. He said they wanted to create a tool that would offer consistent and reliable dev environments, regardle

While the occurrence of software supply chain attacks just keeps getting worse every year, there appears to be a disconnect among leaders on the importance of securing those supply chains. According to research from IDC , there has been a 241% increase year-over-year in supply chain attacks, but a new survey from JFrog had only 30% of respondents citing supply chain security as a top security concern. The report also revealed disconnects between how leaders perceive the security of their organization versus the frontline software teams managing it. Ninety-two percent of executives believe their companies have tools to detect malicious open-source packages, compared to only 70% of developers. Similarly, 67% of executives think that code-level security scans are being regularly conducted, compared to only 41% of developers confirming they do this.  There is a similar disconnect when it comes to AI/ML. Over 90% of executives said that their development teams were using ML models in th