Best Programming Master

.NET 9 is now available, and with it comes a number of performance improvements and new functionality to support developers building with AI.  According to Microsoft, this release features over 1,000 performance updates, one of which is that the Server GC has been altered to adapt to application memory requirements instead of the resources available in the environment. This change has resulted in a 15% increase in requests per second compared to .NET 8 and a 93% reduction in memory usage.  “This change in approach has a profound impact in high core-count environments, where application memory is small or changes dramatically over time,” the .NET Team explained in a blog post .  In addition, the .NET 9 runtime added support for Arm64 SVE and Intel AVX10, and in this release, the JIT compiler received improved performance for Arm64, loops, PGO, and bounds checks.  .NET 9 also features updated Dynamic Profile Guided Optimization (PGO) to provide optimizations for more code patterns. 

The data platform Snowflake is hosting its annual user conference, BUILD 2024, bringing together data scientists and developers and sharing new functionality across its platform that will enable customers to get more value from their data and build AI functionality on top of it. New updates across Snowflake platform enable greater collaboration, flexibility, and security First, the company announced several new capabilities for its flagship platform that will enable customers to better collaborate around their data.  The new Snowflake Internal Marketplace allows users to discover data, apps, and AI services created by different teams in the company. The marketplace also facilitates sharing of fine-tuned LLMs, which improves cross-team collaboration on generative AI use cases.  Listings in the marketplace benefit from AI via Copilot for Listings, an assistant that can answer questions on structured data to help users understand if shared data is relevant to them.  Additionally,

KubeCon + Cloud Native Con is happening this week in Salt Lake City, UT, bringing together the Kubernetes community in one location, and providing the opportunity for companies in the space to launch new offerings and update their products.  We’ve collected the news announcements from those companies all in one place so you can stay up to date. Keep checking back here, as we will be updating this list as new news comes in.  Last updated: 11/12 at 9:45 AM ET Red Hat adds new AI capabilities for Red Hat Developer Hub Red Hat today announced new capabilities and enhancements for Red Hat Developer Hub, the company’s  enterprise-grade internal developer platform based on the Backstage project.  The new features are designed to help organizations, whether already implementing an AI strategy or just coming to grips with its possibilities, more quickly and easily harness the power of AI to deliver smarter applications and services to their customers and end-users. To help accelerate deve

Elastic is implementing a new approach for storing vectorized data that will require 95% less memory.  Better Binary Quantization, or BBQ, is based on a technique called RaBitQ , which was developed earlier this year by researchers at Nanyang Technological University Singapore.  According to Elastic, the biggest differences between BBQ and native binary quantization are that: All vectors get normalized around a centroid  Multiple error correction values are stored Asymmetric quantization increases search quality without increasing storage costs The way that query vectors are quantized and transformed enables more efficient bit-wise operations “Elasticsearch is evolving to become one of the best vector databases in the world, and we see our users wanting to put more and more vectorized data in it,” said Ajay Nair, general manager of Platform at Elastic. “Better Binary Quantization is our latest innovation to reduce the resources needed to store vectorized data and provide free

Companies that are successfully maximizing their AI investments are seeing at least a 25% improvement in their revenue growth rate, according to a new report from IBM. The company surveyed 2,000 companies across the U.S., U.K, India, Japan, and Germany, and categorized 15% as AI Leaders who are ahead of their peers and the other 85% as AI Learners. According to the report, there are four key factors that contribute to the success AI Leaders are seeing.  Compared to their peers, AI Leaders: Are more aggressive with their AI investments Are more confident in their ability to access and manage their organization’s data Have a C-suite that is fully aligned with IT leadership on what they need to do to achieve AI maturity Can customize their AI efforts to achieve optimal value.  “We discovered that Leaders don’t mindlessly chase trends. Instead, they look for the intersection of opportunity, need and internal capabilities to develop an action-oriented roadmap. They foster organi

The U.S. Postal Service (USPS) delivers mail to almost 167 million addresses in the United States, and anyone who has tried to order something online has likely had the experience of not getting a package delivered on time (or at all) because the address was entered incorrectly or in a weird format, causing shipping delays. The USPS has a standard format it accepts, but it’s not standard around the world. Internationally there are over 200 different address formats used and more than 20 language scripts used to write those addresses.  Given the complexity of considering all of these different global formats, using a verification service like Melissa’s Global Address service can help ensure that all addresses are properly formatted based on where they need to go, which improves deliverability. John DeMatteo, solutions engineer I at Melissa , explained in a recent SD Times microwebinar that “fewer errors and returns equals more time to be working on other things, as well as l

Several high profile software supply chain security incidents over the last few years have put more of a spotlight on the need to have visibility into the software supply chain. However, it seems as though those efforts may not be leading to the desired outcomes, as a new survey found that only one out of five organizations believe they have that visibility into every component and dependency in their software. The survey, Anchore’s 2024 Software Supply Chain Security Report , also found that less than half of respondents are following supply chain best practices like creating software bill-of-materials (SBOMs) for the software they develop (49% of respondents) or for open source projects they use (45%) of respondents. Additionally, only 41% of respondents request SBOMs from the third-party vendors they use. Despite these low numbers, this is a significant improvement from 2022’s survey, when less than a third of respondents were following these practices.  The report found that 78%

  Tricentis , a global leader in continuous testing and quality engineering, today announced the expansion of its test management and analytics platform,  Tricentis qTest , with the launch of Tricentis qTest Copilot. The latest addition to its suite of generative AI-powered   Tricentis Copilot  solutions, qTest Copilot harnesses the power of generative AI to simplify and accelerate test case generation, allowing for greater test coverage and higher quality software releases. qTest Copilot is a generative AI assistant that automatically drafts test cases and test steps based on source documents and user requirements, offering considerable time-saving benefits when compared to manual approaches. Embedded into the newest version of the qTest platform, qTest Copilot combines Tricentis’ scalable and unified test management technology, with new AI-augmented features to allow QA and developer teams to greatly accelerate software delivery. Users can quickly create test coverage of any applic

Symbiotic Security  today launched the industry’s first real-time security for software development that combines detection and remediation with just-in-time training – incorporating security testing and training directly into the development process without breaking developers’ workflows. Backed with $3 million of seed funding from investors including  Lerer Hippeau ,  Axeleo Capital ,  Factorial Capital , and others, the company has introduced its software-as-a-service that works with the developer’s Integrated Development Environment (IDE) and enables them to develop software more securely. A  Ponemon survey  of 634 IT and IT security practitioners reported the top challenges to shift-left security were: a lack of integrated security tools (51%); an increase in work for developers (43%); too many vulnerabilities to fix (40%). These are precisely the challenges addressed by Symbiotic Security. “Traditional approaches to code security are broken, which we fix by integrating securit

GitHub Copilot’s chat functionality is being updated to provide developers guidance on how to reword their prompts so that they can get better responses.  Microsoft shared that user feedback on GitHub Copilot indicated that some developers struggle with creating prompts, including understanding phrasing and what context to include.  “In some cases, the experience left users feeling like they were getting too much or too little from their interactions,” Microsoft wrote in a blog post .  In response to this, GitHub Copilot’s chat will now be a more conversational experience that can adapt to a developer’s specific context and needs.  For example, if a developer asks a question that is too vague, like “what is this?,” Copilot will now respond back saying that the “question is ambiguous because it lacks specific context or content” and will suggest some prompts that are more specific and will lead to better responses. In this example, the response included other sample prompts, like “

One of Google’s security research initiatives, Project Zero, has successfully managed to detect a zero-day memory safety vulnerability using LLM assisted detection. “We believe this is the first public example of an AI agent finding a previously unknown exploitable memory-safety issue in widely used real-world software,” the team wrote in a post . Project Zero is a security research team at Google that studies zero-day vulnerabilities, and back in June they announced Project Naptime , a framework for LLM assisted vulnerability research. In recent months, Project Zero teamed up with Google DeepMind and turned Project Naptime into Big Sleep, which is what discovered the vulnerability.  The vulnerability discovered by Big Sleep was a stack buffer overflow in SQLite. The Project Zero team reported the vulnerability to the developers in October, who were able to fix it on the same day. Additionally, the vulnerability was discovered before it appeared in an official release. “We think th

Building a career as a software developer can be valuable, but can be a competitive field to break into, especially in 2024 when over 130,000 layoffs have occurred at tech companies already. While not all 130,000 may have been software engineers, they have not been immune from the cuts. One way developers can set themselves up for better opportunities is to pursue certifications for skills that are relevant to their career. A certification offers an opportunity for developers to show others that they have a particular skill; It’s one thing to list Kubernetes as a core competency on their resume, and another to say they’ve passed the certification exam for one of the CNCF’s Kubernetes certifications .   “People are really happy by taking a certification, because it is the validation of some knowledge,” said  Christophe Sauthier, head of CNCF certifications and trainings, in a recent episode of our What the Dev? podcast . “It is something that we feel is really important because an

In today’s rapidly evolving observability and security use cases, the concept of “shifting left” has moved beyond just software development. With the consistent and rapid rise of data volumes across logs, metrics, traces, and events, organizations are required to be a lot more thoughtful in efforts to turn chaos into control when it comes to understanding and managing their streaming data sets. Teams are striving to be more proactive in the management of their mission critical production systems and need to achieve far earlier detection of potential issues. This approach emphasizes moving traditionally late-stage activities — like seeing, understanding, transforming, filtering, analyzing, testing, and monitoring — closer to the beginning of the data creation cycle. With the growth of next-generation architectures, cloud-native technologies, microservices, and Kubernetes, enterprises are increasingly adopting Telemetry Pipelines to enable this shift. A key element in this movement is th

Microsoft has announced that GitHub Copilot is now integrated with Data Wrangler , an extension for VS Code for viewing, cleaning, and preparing data.  By integrating GitHub Copilot capabilities into the tool, users will now be able to clean and transform data in VS Code with natural language prompts. It will also be able to provide suggestions of how to fix errors in data transformation code.  According to Microsoft, one of the current limitations of using AI for exploratory data analysis is that the AI often lacks context of the data, leading to more generalized responses. Further, the process of verifying that the generated code is correct can be a very manual and time-consuming process.  The integration of Data Wrangler and GitHub Copilot addresses these issues because it allows the user to provide GitHub Copilot with data context, enabling the tool to generate code for a specific dataset. It also provides a preview of the behavior of the code, which allows users to visuall

The API management platform WSO2 has announced a slew of new updates aimed at helping customers manage APIs in a technology landscape increasingly dependent on AI and Kubernetes. The updates span the releases of WSO2 API Manager 4.4, WSO2 API Platform for Kubernetes (APK) 1.2, and WSO2 API Microgateway 3.2, which are all available today.  “As organizations seek a competitive edge through innovative digital experiences, they need to invest equally in state-of-the-art technologies and in fostering the productivity of their software development teams,” said Christopher Davey, vice president and general manager of API management at WSO2. “With new functionality for managing AI services as APIs and extended support for Kubernetes as the preferred platform for digital innovation, WSO2 API Manager and WSO2 APK are continuing to enhance developers’ experiences while delivering a future-proof environment for their evolving needs.” The company announced its Egress API Management capability,