Best Programming Master

Google’s new Opal tool allows users to create mini AI apps with no coding required Google has launched a new experimental AI tool designed for users who want to build apps entirely using AI prompts, with no coding needed at all. Opal  allows users to create mini AI apps by chaining together AI prompts, models, and tools, using natural language and visual editing. “Opal is a great tool to accelerate prototyping AI ideas and workflows, demonstrate a proof of concept with a functional app, build custom AI apps to boost your productivity at work, and more,” Google wrote in a  blog post . The tool consists of a visual editor to help creators see the workflows in their apps and connect different prompts together to build multi-step apps. It allows the user to describe the logic they want in the app and have Opal build the workflow for them. Users will be able to edit the generated workflow either in the visual editor or through additional prompts. Gemini 2.5 Flash-Lite is now g...

Like many large enterprises, we must navigate the beauty and chaos of legacy code. In our case, decades of SQL procedures and business logic that underpin a platform capable of handling over 3 million concurrent users and hundreds of micro code deployments per week. It’s a complex machine. Touch one part, and you risk breaking 10 others. That’s why modernizing the codebase is both a technical challenge and a human one. It requires empathy, trust, and the ability to make informed guesses. Inside the Innovation Engine At bet365, the platform innovation function was established to provoke possibility. We’re a small, specialized team charged with exploring emerging and future technologies. Our aim is to identify where they can have the greatest impact, and help the wider organization understand how to use them meaningfully. We’re enablers and ambassadors for change. Our work spans everything from product development and cybersecurity to the future of the workforce. Our guiding model is ...

While AI is becoming better at generating that functional code, it is also enabling attackers to identify and exploit vulnerabilities in that code more quickly and effectively. This is making it easier for less-skilled programmers to attack the code, increasing the speed and sophistication of those attacks — creating a situation in which code vulnerabilities are increasing even as the ability to exploit them is becoming easier, according to new research from application risk management software provider Veracode. AI-generated code introduced security vulnerabilities in 45% of 80 curated coding tasks across more than 100 LLMs, according to the 2025 GenAI Code Security Report . The research also found that GenAI models chose an insecure method to write code over a secure method 45% of the time. So, even though AI can create code that is functional and syntaactically correct, the report reveals that security performance has not kept pace. “The rise of vibe coding, where developers rely ...

More and more developers are adopting AI, but the trust they have in its outputs is getting worse and worse over the years. This is according to Stack Overflow’s 2025 Developer Survey, which gathered responses from 49,000 developers across 177 countries. This year, 84% of respondents say they are using or plan to use AI tools for development (up from 76% last year), but 46% say they don’t trust the output of those AI tools (up from 31% last year). More specifically, 75.3% said they don’t trust AI-generated answers, 61.7% had ethical or security concerns about AI-generated code, and 61.3% said they want to be able to fully understand their code. “The growing lack of trust in AI tools stood out to us as the key data point in this year’s survey, especially given the increased pace of growth and adoption of these AI tools. AI is a powerful tool, but it has significant risks of misinformation or can lack complexity or relevance,” said Prashanth Chandrasekar, CEO of Stack Overflow.  ...

Google has launched a new experimental AI tool designed for users who want to build apps entirely using AI prompts, with no coding needed at all. Opal allows users to create mini AI apps by chaining together AI prompts, models, and tools, using natural language and visual editing.  “Opal is a great tool to accelerate prototyping AI ideas and workflows, demonstrate a proof of concept with a functional app, build custom AI apps to boost your productivity at work, and more,” Google wrote in a blog post .  The tool consists of a visual editor to help creators see the workflows in their apps and connect different prompts together to build multi-step apps. It allows the user to describe the logic they want in the app and have Opal build the workflow for them. Users will be able to edit the generated workflow either in the visual editor or through additional prompts.  Once a user is happy with their app, they will be able to easily share it with others, Google explained....

Gemini 2.5 Flash-Lite is now generally available The model is Google’s fastest and cheapest model, costing $0.10/1M tokens for input and $0.40/1M tokens for output (compared to $1.25/1M tokens for input and $10/1M tokens for output in Gemini 2.5 Pro). “We built 2.5 Flash-Lite to push the frontier of intelligence per dollar, with native reasoning capabilities that can be optionally toggled on for more demanding use cases. Building on the momentum of 2.5 Pro and 2.5 Flash, this model rounds out our set of 2.5 models that are ready for scaled production use,” Google wrote in a blog post .  GitLab Duo Agent Platform enters beta GitLab Duo Agent Platform is an orchestration platform for AI agents that work across DevSecOps in parallel. For instance, a user could delegate a refactoring task to a Software Developer Agent, have a Security Analyst Agent scan for vulnerabilities, and have a Deep Research Agent analyze progress across the repository.  Some of the other agents that...

Google is adding several new features to its cloud-based AI workspace Firebase Studio, following its update a few weeks ago when it added new Agent modes, support for MCP, and integration with the Gemini CLI.  Now it is announcing updated workspace templates for Flutter, Angular, React, Next.js, and general Web that use the Agent mode by default. Users will still be able to toggle between the “Ask” and Agent mode, depending on what the task at hand calls for.  The templates now have an airules.md file to provide Gemini with instructions for code generation, like specific coding standards, handling methods, dependencies, and development best practices.  Google says it will be updating templates for frameworks like Go, Node.js, and .NET over the next few weeks as well.  Developers will also now be able to integrate Firebase backend services into their application using Gemini, which will suggest the proper Firebase services based on the prompt. It will import the n...

Tenable is updating its Vulnerability Priority Rating (VPR) method of scoring vulnerabilities to enable organizations to focus their efforts on the most critical and impactful vulnerabilities. According to the company, Common Vulnerability Scoring System (CVSS), which is used by the CVE database, flags 60% of vulnerabilities as high or critical. When Tenable VPR was launched in 2019, it only flagged 3% as high or critical, and today’s updates bring that number down to 1.6%.  Tenable says this cuts down on noise, leading to faster mean-time-to-remediation, optimized resources, and security efforts that are better aligned with organizational priorities.  Some of the ways Tenable is able to reduce the number of vulnerabilities flagged as critical is that it recalculates risk prioritization every night for over 280,000 different vulnerabilities, predicts the likelihood of a vulnerability being exploited in the near future, and gives a priority rating on a scale from 1 to 10....

Google is hoping to improve public trust in open source projects with the launch of a new open source project called OSS Rebuild that reproduces upstream artifacts and compares the new package with the original artifact. According to Google, this process enables customers to verify a package’s origin, understand and repeat its build process, and customize the build.  “Our aim with OSS Rebuild is to empower the security community to deeply understand and control their supply chains by making package consumption as transparent as using a source repository,” Matthew Suozzo from the Google Open Source Security Team (GOSST) wrote in a blog post .  It can detect several types of supply chain compromise, such as source code not present in the public source repository being in published packages, build environment compromise, or stealthy backdoors, such as was seen with XZ Utils .  The project itself consists of an automated process for getting declarative definitions for...

The role of software developer has historically morphed to keep up with advancements in technology. From basic writing and testing code, to use of open source code, to Agile and DevOps tools and methodologies, to security and cloud, and now to AI and vibe coding, developers have been asked to take on more tasks that take away from their original, joyful experience of creating code to meet enterprise needs. With the adoption of AI to produce code even more quickly than developers could, the role is morphing again. Some call it context engineering, or prompt engineering. Some say developers will now have to take on model training and software architecture. All of this raises the question:  What impact does all of this have on the Developer Experience? How can the elusive ‘joy’ in the work be found? To answer those questions, it’s important to first define the term ‘developer experience.’ Andrew Boyagi, customer CTO at Atlassian , helps organizations elevate their developer experie...

Parasoft is helping customers address the unique requirements for testing AI with several new capabilities across its various testing solutions. The company added an agentic AI assistant to its virtual testing simulation solution Virtualize , allowing customers to create virtual services using natural language prompts.  For example, a user could write the prompt: “Create a virtual service for a payment processing API. There should be a POST and a GET operation. The operations should require an account id along with other data related to payment.”  The platform will then draw from the provided API service definitions, sample requests/responses, and written descriptions of a service to generate a virtual service with dynamic behavior, parameterized responses, and the correct default values.  According to Parasoft this reduces the need for deep domain knowledge or development skills, and accelerates time to delivery. “This is more than an incremental improvement—it’s a...

BrowserStack, a company that offers solutions for testing, has released its Accessibility Design Toolkit , a Figma plugin that helps developers plan for accessibility early in the design stage. According to a recent report from BrowserStack and WebAIM, 94.8% of the one million webpages they analyzed had at least one Web Content Accessibility Guidelines (WCAG) failure. The most common failures were color contract and missing alt text, and both of these issues are easily preventable during the design stage.  “Teams have lacked the tools to catch accessibility issues early, even though most originate in the design phase,” said Nakul Aggarwal, co-founder and CTO at BrowserStack. “Our toolkit addresses this by empowering designers to resolve up to 40% of these issues directly within Figma.” The plugin will automatically detect UI components and validate them against WCAG standards, including color contrast, headings, focus order, image alt-text, landmarks, and touch target sizes....

The Scrum Alliance and Kanban University are teaming up to produce a new course that combines the best of both the Scrum and Kanban methodologies. The Scrum Better with Kanban course teaches technology professionals how to identify the challenges they are facing with Scrum, find solutions to bottlenecks that are slowing down work, and test that solutions reflect the principles of the Kanban method.  It teaches the six general steps of the Kanban method: visualizing work, limiting work in progress, managing flow, making policies explicit, establishing feedback loops, and continuously improving.  The course also teaches three change management principles, which are to start with what you do now, agree to pursue evolutionary change, and encourage leadership at all levels.  “Visualizing work, whether it be tasks, processes, or broader initiatives, is essential to helping teams stay aligned and deliver value,” said Tristan Boutros, CEO of the Scrum Alliance. “This partne...

OpenAI is bringing the power of agentic AI to ChatGPT so that it can handle complex requests from users autonomously.  It leverages two of OpenAI’s existing capabilities: Operator, which can interact with websites, and deep research, which can synthesize information. According to OpenAI, these capabilities were best suited for different situations, with Operator struggling with complex analysis and deep research being unable to interact with websites to refine results or access content that required authentication.  “By integrating these complementary strengths in ChatGPT and introducing additional tools, we’ve unlocked entirely new capabilities within one model. It can now actively engage websites—clicking, filtering, and gathering more precise, efficient results. You can also naturally transition from a simple conversation to requesting actions directly within the same chat,” the company wrote in a blog post .  ChatGPT’s agent mode can handle requests such as “look ...

Despite a decade of DevOps fervor, most engineering organizations remain hindered by manual processes, silos, and dependency bottlenecks. Teams cannot truly own their delivery stack and still depend on centralized support for deployment, provisioning, and security. The missing piece in achieving real, sustainable DevOps autonomy is platform engineering. Internal Developer Platforms (IDPs) serve as the foundation for self-sufficient teams, embedding best practices into reusable infrastructure, and empowering developers to move at speed without compromising reliability or governance. Here are five examples: 1. Infrastructure Without Friction DevOps autonomy is only real when developers can provision infrastructure, deploy code, and manage services without constant ops intervention. IDPs encapsulate infrastructure-as-code templates, security policies, and networking rules into curated modules. This allows teams to spin up environments at will without touching Terraform, Kubernetes, or ...