It’s no surprise that AI is rapidly becoming the most powerful tool for developers. The ease of use and accuracy of such tools can even generate code snippets for a website written entirely on a napkin! While the potential of AI is exciting, it is crucial to address the potential vulnerabilities that bad actors can exploit within AI systems.

Smart notifications and nudges are table stakes tools for developers looking to streamline their work and stay focused on building improvements. These automatic alerts are key to a more efficient workflow, freeing us from the burden of repetitive, overwhelming, and time critical tasks — aka, toil.

For DevOps, 2023 is the year to reduce tool sprawl and start tool consolidation efforts. Sprawl is often seen as a natural result of the flexibility and empowerment of dev teams to choose their own tools, but organizations now understand the need for a single, streamlined system. While flexibility to choose the right tool for the job has enabled teams to move quickly, the result is a complex web of systems and processes to deliver software.

Amid an AI boom and developing research, machine learning (ML) models such as OpenAI’s ChatGPT and Midjourney’s generative text-to-image model have radically shifted the natural language processing (NLP) and image processing landscape. Due to this new and powerful technology, developing and deploying ML models has quickly become the new frontier for software development.

In an ideal world CI pipelines would never fail and deployments would be easy to navigate. The reality is that the journey from commit to production can fail in subtle ways that can be hard to understand. And this problem is multiplied by the number of pipelines in your system.

Building full-stack applications can be challenging, especially when developing the backend and frontend at the same time. In this scenario, frontend teams may have to wait for the backend team to finish building an API before they implement. This is where Mirage.js comes in. In this tutorial, you will explore how to use Mirage.js in frontend applications and mock backend requests for services that have not yet been developed.

Every team has guardrails, whether you recognize them or not. They’re a form of automation that can have significant impact on your software development process and the people doing the work. They’re another way to give toil the boot and keep developers in the flow. We’ve made the case for engineering automation in a previous article; here’s how guardrails as automations ensure that agreed upon boundaries and ways of working are codified into team processes.

A pull request (PR) is (quite literally) a request to pull a change into a project’s code or documentation. It is a popular change management process supported by many VCS providers including GitHub, GitLab, Bitbucket, Codeberg, and others. Typically these come with features to track open pull requests, tools to assist in reviewing the changes, the ability to approve—or reject—PRs, and finally to merge approved PRs.

When you survey developers on how to improve engineering practices and their daily job experience, their answers invariably include getting rid of little annoying things - what's called toil. Toil is manual and repetitive tasks that waste your time. Toil is arguably worse than crisis, because a crisis is temporary and firefighting can feel rewarding when it's over. Toil is more like a death march - an insidious force that eventually leads to burnout.

Dynamic application security testing (DAST) is a critical security measure for modern software delivery pipelines. It involves evaluating the security of web applications by actively testing them in real-time, simulating real-world attacks to identify vulnerabilities. As the cybersecurity threat landscape has evolved, DAST has emerged as a key tool for enforcing application security in continuous integration and continuous delivery (CI/CD) pipelines.