Best Programming Master

A new version of GitHub Copilot has just begun rolling out to users, adding a number of new capabilities, such as the addition of agent mode to VS Code.  With agent mode, Copilot can iterate across an entire project, suggesting terminal commands, analyzing run-time errors, and more. “With simple prompts, agent mode takes Copilot beyond answering a question, instead completing all necessary subtasks across automatically identified or generated files to ensure your primary goal is achieved,” the company’s CEO Thomas Dohmke wrote in a blog post .  As an example, GitHub published a demo video in which a developer needs to update a website for runners that allows them to sort races by name, distance, and time. Upon receiving the request, Copilot analyzes the site to determine what needs to be changed, then begins by updating the backend and the UI, then generating unit tests for both, before handing it back over to the user to run those tests.  Agent mode can utilize Cla...

Software companies are constantly trying to add more and more AI features to their platforms, and AI companies are also always releasing new models and features. It can be hard to keep up with it all, so we’ve written this roundup to share several notable updates around AI that software developers should know about.  Anthropic announces Claude for Education This new offering includes a “Learning mode” that encourages students to work through problems alongside Claude, rather than having Claude come up with answers entirely on its own.  For example, Claude might respond saying “What evidence supports your conclusion?” to make students better understand the work they are doing.  It will also emphasize core concepts for students, and provides templates for how to structure research papers, study guides, and outlines.  Amazon announces new website for exploring Amazon Nova foundation models nova.amazon.com provides information on each of the company’s Amazon Nov...

Over the years, I’ve had countless conversations with performance engineers, DevOps teams, and CTOs, and I keep hearing the same assumptions about load testing. Some of them sound logical on the surface, but in reality, they often lead teams down the wrong path. Here are five of the biggest misconceptions I’ve come across—and what you should consider instead. 1⃣ “We should be testing on production” A few weeks ago, I had a call with one of the biggest banks in the world. They were eager to run load tests directly on their production environment, using real-time data. Their reasoning? It would give them the most accurate picture of how their systems perform under real conditions. I get it—testing in production sounds like the ultimate way to ensure reliability. But when I dug deeper, I asked them: “What happens if today’s test results look great, but tomorrow a sudden traffic spike causes a crash?” Who takes responsibility if a poorly configured test impacts real customers? A...

Opsera, the AI-Powered DevOps platform trusted by top Fortune 1000 companies, today announced it has raised $20M in Series B funding, led by Prosperity7 with participation from Hitachi Ventures. The funding culminates a breakout year with several product releases that position Opsera as one of the market’s most flexible and intelligent AI-powered DevOps platforms for all apps and teams. Significant accomplishments include signing key industry partnerships with GitHub, Microsoft, AWS, and Databricks , 200% revenue growth since raising Series A+, and adding several key Fortune 1000 customers. Learn More About Opsera: https://www.opsera.io/   Empowering Developers with Agentic AI and Unified Insights The DevOps industry is undergoing a seismic shift driven by AI-driven automation, security integration, and the need for rapid, reliable software delivery. Organizations now prioritize AI Agentic approaches — systems where autonomous AI agents optimize workflows, predict risks, and s...

In Greek mythology, Odysseus had to navigate between Scylla and Charybdis — two perils threatening from both sides. Today’s IT leaders face a similar dilemma: technical debt and sprawl on one side; excessive bureaucracy and stifling controls on the other. Enter platform engineering, the emerging discipline that offers a way to steer between these hazards and deliver software faster, safer, and at scale. From freedom to sprawl to over-control The story starts with the mainframe era, where infrastructure decisions were simple and everything was standardized. Then came distributed computing, bringing freedom and flexibility but also chaos. Every project team made its own decisions: what database to use; how to handle authentication; where to store logs. The result? A fragmented, unmanageable landscape of bespoke solutions. Enterprise architecture (EA) teams starting in the 1990s attempted to rein in the chaos by imposing standardization. But their methods — lengthy checklists, rigid ap...

Sonatype, a company focused on software supply chain security, has announced the results of its quarterly Open Source Malware Index , which provides insights into malicious open source packages.  The index found 17,954 malicious open source software packages, including several hijacked npm crypto packages, a malicious npm package disguised as the Truffle for VS Code extension, and fake Solana packages .  Fifty-six percent of the packages were related to data exfiltration. These packages would be used by attackers to obtain sensitive data from the systems they are installed on.  For comparison, the Q4 2024 report found that only 26% of packages were related to data exfiltration, signaling an increasing risk of sensitive information being compromised through open source components.  Eighty percent of the packages Sonatype found were categorized as “sophisticated and threatening types of malware,” like droppers or code injection malware.  “From hijacked ...

Kong has announced updates to its AI Gateway , a platform for governance and security of LLMs and other AI resources.  One of the new features in AI Gateway 3.10 is a RAG Injector to reduce LLM hallucinations by automatically querying the vector database and inserting relevant data to ensure the LLM is augmenting the results with known knowledge sources, the company explained. This improves security as well by putting the vector database behind the Kong AI Gateway, and also improves developer productivity by allowing them to focus on things other than attempting to reduce hallucinations. Another update in AI Gateway 3.10 is an automatic personally identifiable information (PII) sanitization plugin to protect over 20 categories of PII across 12 different languages. It works with most major AI providers, and can run at the global platform level so that developers don’t need to manually code the sanitization into every application they build. According to Kong, other similar sani...

Security used to be the biggest challenge companies implementing cloud native technologies faced, but according to a new report from the Cloud Native Computing Foundation (CNCF), that is no longer the case. The CNCF’s 2024 Cloud Native Survey , which surveyed 750 members of the CNCF community, revealed that cultural changes are now the top challenge, with 55% of respondents citing this as the number one issue.   “When cloud native computing was maturing, technical issues like security, networking, storage, and observability were major pain points. Today, though, more seasoned cloud native practices have helped make technical challenges more manageable, meaning organizations can focus their attention on culture and process shifts. Whether it’s a move to platform engineering or GitOps, or a transition from a monolithic architecture to a microservices one, these culture-change efforts are the logical, if tricky, next steps in the cloud native evolution, as the survey results r...

Many infrastructure technology teams believe they have mastered infrastructure automation, but the data tells a different story. We commissioned a survey to explore the state of infrastructure automation, and this research uncovered a stark gap between perception and reality. While 45% of organizations believe they have achieved a high level of infrastructure automation, only 14% exhibit the behavior and technology patterns of infrastructure automation excellence. This is one of the illuminating findings of our survey of 413 infrastructure tool purchase decision-makers and influencers, conducted by Panterra. Full results are detailed in “ The State of Infrastructure Automation ” report, available for download. What I find most compelling about the survey revelations—and what the report addresses in detail—is the critical challenge facing technology decision-makers: balancing the need for speed with the necessity of control. In the pursuit of rapid deployment, many teams have sacrific...