Web development has moved on significantly since the era of static HTML pages. Countless programming languages have come and gone as the pressure to build scalable, complex applications intensified. Yet Python has not just survived this constant churn; it has cemented itself as a cornerstone of modern backend architecture. What began life as a straightforward scripting tool is now the engine powering some of the most robust platforms on the internet. Let us look at the practical reasons why this language remains an indispensable tool for developers tasked with building everything from lightweight microservices to massive enterprise systems. Where simplicity…
Author: drweb
A developer pushes one file. It contains an AWS access key left in a configuration block. Five minutes later, CI catches it. By then, the secret is in the remote repository, cached by mirrors and potentially forked. The developer rotates the key, scrubs the commit history and spends the rest of the afternoon on incident response. The real question isn’t how to clean up faster — it’s why the secret left the developer’s machine in the first place. The Five-Minute Gap Most engineering teams have invested in CI-based secret scanning. Tools such as GitHub Advanced Security, GitGuardian and TruffleHog’s CI integration catch leaked credentials…
Digital transformation has never been short of ambition. Enterprises have invested billions in AI initiatives, cloud migrations, agile programs, and customer success platforms—yet many still find themselves stuck: Pilots that never scale, software that sits unused, teams that move fast in isolation but grind to a halt when they collide. The question isn’t whether organizations want to transform. It’s whether they know how to make value actually flow. That question sits at the heart of conversations happening across the world’s most complex organizations. From aerospace and defense to aviation, industrial software to telecom infrastructure, leaders are learning the same hard lesson: Transformation is less a technology problem than a systems problem — and solving it requires aligning…
AI-generated code is already in production. Whether we are comfortable with that or not is beside the point. In the OpenStack project, which I have helped steward for more than 15 years, we are seeing developers submit patches built with AI assistance, and sometimes patches composed almost entirely by AI tools. Some of those contributions have already landed in the past release cycle. This is happening in one of the most rigorously governed open source projects in the world. It is happening everywhere else, too.The code generation itself is not the problem. AI is genuinely good at producing computer programs…
Toronto startup Cohere has released an open-weight model designed for developers to use to build their own AI stack.The open-weight North Mini Code is a 30-billion-parameter “mixture-of-experts” (MoE) model. MoE equips a model with specialized neural nets for individual tasks, such as mathematics and code generation. Mistral pioneered this approach to compete with larger LLMs. As a result, when it comes time to produce an answer, the GPU won’t need all 30 billion parameters. Instead, a router function picks the most appropriate experts to complete the task, reducing the working size to 3 billion parameters. This means the model, slimmed to…
If you’ve ever tried setting up Ollama, Stable Diffusion, or PyTorch on an AMD graphics card, you probably remember how painful the process used to be. Installing ROCm often meant adding third-party repositories, dealing with driver compatibility issues, and spending hours troubleshooting errors before anything actually worked. Ubuntu 26.04 LTS changes that. AMD’s ROCm platform is now available directly from the official Ubuntu repositories, making GPU acceleration as easy to install as any other package. Instead of hunting for external repositories and matching software versions, you can install the entire ROCm stack with a simple apt command. For a long…
CI/CD environments depend on far more than repositories and deployment infrastructure. Developer endpoints hold sensitive data: cloud credentials, SSH keys, deployment permissions, direct access to internal systems. Endpoint security and control are part of daily operational risk management. Engineering teams are shifting more and more toward distributed workflows, so discussions around CI/CD security include the security posture of the devices connected to the pipeline.Many organizations already focus their CI/CD security efforts on secrets management, dependency scanning and supply chain controls. However, advanced endpoint security solutions are also relevant in cloud-native development environments, where local devices maintain direct access to production workflows.Endpoint…
Will that stop its decline? We’ll soon find out.Once upon a time, Stack Overflow was, love it or hate it, the site programmers went to find answers for their most annoying development questions. Back then, according to Prashanth Chandrasekar, Stack Overflow’s CEO, the site had “100 million monthly visitors.” Then AI came along. From its peak in 2014, when the site handled more than 200,000 new questions a month, it had collapsed by the end of 2025 to a mere 3,862 new queries. That’s a fall of roughly 98%. So, its owners have decided to reinvent Stack Overflow as a…
A global survey of 2,350 developers, CISOs and application security managers published this week finds that while nearly all respondents (96%) work for organizations that have embedded or connected artificial intelligence (AI) code and tools into some aspect of their application development workflows, nearly half of all code (49%) running in production environments was AI-generated in 2025.Conducted by the market research firm CensusWide on behalf of Checkmarx, the survey also finds 70% of respondents reporting they are also now discovering more vulnerabilities, with 31% describing that increase as being significant.On average, developers are spending 49% of their time in a…
We work hard at Redgate, though with a good work-life balance. One interesting observation for me (as an American) is how well most of the company in the UK works normal hours and rarely works outside of those.However, sometimes we do find people, especially engineers, heads down and very focused. With our engineers in the office a day or two a week, they might end up coding in a group and trying to solve a challenging issue.We used to have engineers working more than 8 hours regularly, often late, when they were in the office. I came across this page…