Best Programming Master

The post-pandemic “new normal” radically reshaped the workplace with an emphasis on flexibility, hybrid or remote working, and digital rather than face-to-face interactions. Now the dust has settled, 2024 is arguably the first full year we’ll see the impact of this recalibration and the impact AI and automation will have on how we work. But a word of warning, the introduction of AI and automation will create new pressures for CIOs being pushed to do more with less/or the same. The result will be a difficult balancing act for CIOs as they juggle their organization’s need to grow, and embrace new tools, with the need to maintain a good company culture. Growth and culture: finding the perfect balance The new workplace is one where automation and AI will be front and center. This has caught the imagination of today’s CIOs looking to move faster and scale. There’s no part of the business that can’t be automated. But how can the CIO build the culture, skills, and mindset to align with thi...

A number of companies have announced major changes to their executive leadership last month. Here are a couple of the moves across the industry this past month. Bill Welch joins Sysdig as CEO He will lead the company’s growth into the cloud-native application protection platform (CNAPP) market, building on his experience from previous senior executive roles at Duo Security, Zscaler, Symantec, and Talkdesk.  While he was the COO of Zscaler he led the company through its IPO, and while at Duo Security he was involved in a $2.35 billion merger with Cisco.  The previous CEO, Suresh Vasudevan, will remain working closely with the company during the transition and will also serve as an independent adviser on the company’s board.  UserTesting appoints Nikki Morello as chief transformation officer This is a newly created role that oversees the People organization, the Generative AI process transformation team, and the Program Management Office. Morello will drive cross-func...

MITRE recently released its yearly list of the 2024 CWE Top 25 Most Dangerous Software Weaknesses .  This list differs from lists that contain the most common vulnerabilities, as it is not a list of vulnerabilities, but rather weaknesses in system design that can be exploited to leverage vulnerabilities.  “By definition, code injection is an attack, and when we think about the Top 25 it’s identifying the weaknesses underneath,” said Alec Summers, project leader for the CVE Program at MITRE.  These weaknesses can potentially pave the way for vulnerabilities and attacks, so it’s important to be aware of them and mitigate them as much as possible. According to Summers, one trend in this year’s list is that while some weaknesses moved up or down the list, a lot of the weaknesses on the list are classic weaknesses that have been around for years, such as those that enable SQL injection and cross-site scripting. “The more you understand these weaknesses, and you draw conn...

D2 Emerge , publisher of SD Times, has acquired the developer community CodeProject .  Founded in 1999, CodeProject served as a hub for developer resources, including articles, tutorials, libraries, discussion forums, and more.  David Lyman, co-founder and CEO of D2 Emerge, said, “David Cunningham and co-founder Chris Maunder have created an incredible resource with CodeProject for software developers and we plan to continue to invest in CodeProject to serve its more than 4 million users.”  The website is currently being redesigned, after which the same great resources developers have come to expect for the past 25 years will once again be available to the community. D2 Emerge will also work to provide additional resources that developers will find helpful, and will continue publishing the Daily Insider, Daily Build and Weekly Tech Trends newsletters. “Readers today don’t want to have to hunt for information that’s relevant to them, and we’ve seen that emailed newsle...

The development software company Progress today announced the Q4 2024 releases of its Telerik and Kendo UI libraries, which now offer day-zero compatibility with .NET 9 and Angular 19, and add enhanced design-to-code features and data-driven experiences.  In addition to supporting .NET 9 and Angular 19, the releases also include support for Angular hybrid Standalone components and integration of KendoReact and Astro.  This release adds more than 70 new Page Templates and Building Blocks that have been preconfigured with Telerik UI for Blazor, Kendo UI for Angular, and Progress KendoReact components. According to Progress, these can be beneficial to developers working without the support of designers, or can be integrated into design systems as reusable assets. Additionally, Progress ThemeBuilder added support for new styling options. Previously, it could only be used to style Telerik and Kendo UI components, but it can now also be used to style HTML elements and conve...

Qodo , the generative AI code integrity platform, announced today the launch of automated compliance checks in its code review agent, Qodo Merge. This helps organizations meet regulatory requirements by automatically validating the alignment between pull requests and their associated tickets, while helping developers verify their work on a task is complete. The tool integrates with both Jira Cloud and Server, and GitHub Issues to analyze whether code changes comply with their original requirements, providing concrete metrics on implementation accuracy while creating an audit trail that can help satisfy standards like ISO 9001, SOC 2, HIPAA, and FDA regulations for medical devices. Organizations in regulated industries face increasing pressure to demonstrate traceability between software changes and their corresponding requirements. Standards and regulations across healthcare, finance, automotive, and aerospace sectors mandate that organizations maintain comprehensive documentation of ...

Google has announced a higher tier of membership for the Google Developer Program , an initiative launched earlier this year that gives developers access to tools, resources, and communities.  The new premium membership costs $299 per year and offers added benefits, including: $500 in Google Cloud credits A Google Cloud certification voucher Unlimited access to the Cloud Skills Boost library, which contains over 700 labs, skill badges, and courses 1:1 consultations with Google Cloud experts An additional $500 Google Cloud credits after the first certification is earned every year. “Building on the success of Cloud Innovators Plus program, this new offering is the next evolution of our commitment to streamlining the developer experience and presents the continued investment in the Google Developer Program as the hub of benefits and resources across Google’s many developer products and services,” Google wrote in a blog post .  To support this new membership option,...

Earlier this year, the analyst firm Forrester revealed its list of the top 10 emerging technologies of 2024, and several of the technologies on the list related to AI agents – models that don’t just generate information but can perform complex tasks, make decisions and act autonomously.  “Earlier AIs that could go do things were narrow and constrained to a particular environment, using things like reinforcement learning. What we’re seeing today is taking the capabilities of large language models to break those instructions into specific steps and then go execute those steps with different tools,” Brian Hopkins, VP of the Emerging Tech Portfolio at Forrester, said during an episode of our podcast , “What the Dev?”  When it comes to software development, generative AI has commonly been used to help generate code or assist in code completions, saving developers time. Agentic AI will help developers even further by assisting them with more tasks throughout the software develo...

We’re on the brink of a seismic shift in software development, with AI-powered code generation and refactoring tools positioned to reshape how developers write, maintain, and optimize code. Organizations everywhere are evaluating and implementing AI tools to deliver more features faster, bridge skill gaps, improve code quality, reduce technical debt, and save costs. But is today’s AI really ready for the scale and precision demanded by enterprise-level codebases? AI’s Role in Software Development: Promise and Pitfalls The primary use of AI in coding right now is in code authorship—creating new code with assistants such as GitHub Copilot. These tools have proven that AI can make coding faster and improve developer productivity by providing relevant suggestions. Yet, when it comes to maintaining and refactoring complex codebases at scale, GenAI has clear limitations. Each edit it suggests requires developer oversight, which can work for generating new code in isolated tasks but becom...

NVIDIA has announced that its researchers have developed a new generative AI model capable of creating audio from text or audio prompts. Fugatto , which is short for Foundational Generative Audio Transformer Opus 1, can create music from text prompts, remove or add instruments from existing audio, or even change the accent or emotion in a voice. For instance, a promo video by NVIDIA shows a user prompting Fugatto to create “Deep, rumbling bass pulses paired with intermittent, high-pitched digital chirps, like the sound of a massive, sentient machine waking up.” Another example was to provide an audio clip of a person saying a short sentence and asking to change the tone from calm to angry.  According to NVIDIA, Fugatto builds on the research team’s previous work in areas like speech modeling, audio vocoding, and audio understanding. It was developed by a diverse group of researchers around the world — including India, Brazil, China, Jordan, and South Korea — which NVIDIA says...

OpenAI has just made a number of announcements that developers working with its products ought to know about.  First, the company announced that the API and ChatGPT now have access to the latest GPT-4o snapshot : gpt-4o-2024-11-20. This snapshot features better creative writing ability, with more natural, engaging, and tailored responses. Its ability to work with uploaded files has also been improved. Next, the company announced the ability to use the Evals tool directly in the OpenAI dashboard. Evals is a framework for evaluating LLMs or the systems built around them for different criteria. “When developing with AI models, it’s essential to continuously test their outputs to ensure they are accurate and useful. Regularly running evaluations (often called evals) on your model’s outputs using test data helps you build and maintain high-quality and reliable AI applications,” OpenAI’s documentation reads .  And finally, OpenAI is introducing the ability to test audio ca...

With all the potential benefits promised by the use of AI, it’s no wonder companies are wanting to get in on the action. But a new survey from Capital One reveals a stark disconnect between how confident business leaders are in their company’s ability to implement AI and how the technology professionals actually implementing the technology feel.  According to the report — which surveyed almost 4,000 leaders and technology professionals — 87% of leaders believe their company has a data ecosystem equipped to handle AI, 82% are confident in their ability to mobilize resources for AI, and 78% are confident in their ability to handle the growing complexity and volume of data associated with AI.  Eighty-four percent of leaders also believe that their company has the necessary processes, tools, and platforms to properly manage their data. Eighty percent of them said the data they need to do their jobs is easy to find, 78% say it is easy to understand, and 77% say it is easy to und...

CData Software  (“CData”), the leading provider of data connectivity solutions, today introduced CData Connect Spreadsheets, a new tool designed to streamline bringing data into the most popular analytics platform: spreadsheets. Available now for free, Connect Spreadsheets enables users to access and work with data from over 250 sources directly within Microsoft Excel or Google Sheets, making data management simpler, faster, and more efficient. Spreadsheets remain a cornerstone for data analysis, with millions of users across industries turning to Excel and Google Sheets for their daily tasks. Despite the rise of advanced business intelligence tools, spreadsheets’ familiar, flexible, and versatile nature makes them a preferred choice for quick, actionable, easy-to-analyze insights. Additionally, with companies spending significant time and money to build complicated data strategies and data stacks, spreadsheets remain a low-cost option that more than meets the data analytics needs...

GitHub is launching a new program to fund open source projects to improve their security and sustainability. The GitHub Secure Open Source Fund will invest $1.25 million into 125 different projects ($10,000 each). Applications are being accepted on a rolling basis through January 7th, 2025. According to GitHub, the funding is possible thanks to contributions from Alfred P. Sloan Foundation, American Express, Chainguard, HeroDevs, Kraken, Mayfield Fund, Microsoft, 1Password, Shopify, Stripe, Superbloom, Vercel, Zerodha, and others. GitHub is also continuing to accept partners interested in contributing.  In addition to financial support, maintainers of chosen projects will run through a three-week program to get security education, mentorship, tooling, and certifications. “For some maintainers, being able to get funding would help them free up the time to focus on security; for others, it’s the learnings, experts, and community that can help,” GitHub wrote in a blog post ....

Since releasing Android 15 in September, the Android development team has been hard at work on the next major release, and today it is announcing the first developer preview for Android 16 . According to the team, this release marks the start of a faster release cycle for Android APIs. Previously, the major API release would happen in Q3, but next year it will happen in Q2. This better aligns with the device launch schedule and will allow more devices to get the Android release sooner, the team explained. Due to the API being released earlier, the Android team recommends developers do compatibility testing a few months earlier to ensure apps are ready in time.  After the Q2 release, there will be another major API release in Q4 that will include developer APIs and feature updates, optimizations, and bug fixes, but won’t include new behavior changes that would affect apps.  Additionally, there will still be quarterly Android releases, and the Q1 and Q3 updates that come be...

Microsoft’s annual development and IT conference, Microsoft Ignite, kicked off this morning, with announcements ranging from updates to Microsoft 365 Copilot to a new bug bounty event for AI vulnerabilities.  Here is a list of some of the highlights from the event:  Microsoft 365 Copilot updates The company announced several new capabilities across Microsoft 365 Copilot. Now in private preview, Copilot Actions is a new feature that allows users to automate everyday tasks, such as getting a daily summary of meeting actions in Microsoft Teams, or getting an email that summarizes what was missed upon returning from a vacation. The company also announced several new agents in Microsoft 365, such as agents in SharePoint that are tailored to each SharePoint site, and are grounded on that site’s files and folders.  A new Teams agent called Interpreter allows for real-time, speech-to-speech translation in Teams meetings. This agent also features the option to simulate the us...

The no-code automation company Nintex today announced Nintex Apps , which allow users to create and deploy customized business-critical apps that leverage Nintex workflows.  “The launch of Nintex Apps is a meaningful step forward in our long-term vision of providing a single platform and integrated experience for end-to-end process automation powered by AI,” said Niranjan Vijayaragavan, chief product officer at Nintex. Like other similar no-code platforms for creating apps, Nintex Apps features a drag-and-drop interface for adding and arranging over 25 components and connecting data from various sources.  Nintex Apps connect with Nintex’ other workflow and document generation products, which allows users creating new apps to easily consolidate data from different systems and connect their app to other workflows. For instance, a user could pull data from SQL, REST, and OData and have it all available in a single view in their new app. It also features branding capabiliti...

Lightbend has announced a new version of Akka , its platform for building responsive distributed apps.  Akka 3 has been in development since 2018, according to the company, and it utilizes many other Lightbend projects, such as Lagom, Play Framework, Cloudstate, Cloudflow, Akka Streams, and Kalix. There are three main themes in the Akka 3 release. First, it has multi-master replication, which allows a single entity to have instances running in multiple locations. This is achieved by using replicated event logging, CRDTs, and a protocol that runs on gRPC to guarantee delivery of events. Second, and building on top of multi-master replication, developers can migrate apps to different clouds without downtime or disruption. “These features also mean that operations can do upgrades of the application, individual services, or data model without any disruption,” Jonas Bonér, founder and CTO of Lightstep, wrote in a post .  And finally, Akka 3 also has an app resilience guarante...

Anthropic is making it easier for developers to leverage best practices of prompt engineering by adding a feature for improving prompts and allowing example responses to be managed within the Anthropic Console .  According to Anthropic, while prompt quality is important, it can be time-consuming to implement best practices, and those best practices might also vary between different model providers. With this new prompt improver feature, Anthropic is giving developers the ability to take existing prompts — either new ones or previous prompts written for other models — and refine them using Claude. The prompt improver uses a variety of methods to improve prompts, such as chain-of-thought reasoning, which adds a dedicated section where Claude can systematically think through prompts before responding; example standardization, where examples are converted into XML format for overall consistency; example enrichment, where existing examples are augmented using chain-of-thought reasoni...

While one might anticipate that the more complex an application is, the more likely it is to have security vulnerabilities, a recent analysis from Black Duck found the opposite to be true.  Its 2024 Software Vulnerability Snapshot report analyzed data from 200,000 dynamic application security testing scans for 1,300 applications across 19 different industry sectors.  The report categorizes small complexity apps as those with minimal interactivity and a simple crawl tree, while higher complexity apps are those that have many interactive elements and dynamically generated content.  The results show that small and medium complexity applications were more likely to have critical vulnerabilities than larger complexity ones. 2,039 vulnerabilities were found in small complexity apps, 1,679 were found in medium complexity apps, and 505 were found in large complexity apps.  “This metric suggests that many organizations are underestimating the security needs of sites co...