Inlay

//

Profile

Loading...

Writing The Pragmatic Engineer (@pragmaticengineer.com), the #1 technology newsletter on Substack. Author of The Software Engineer's Guidebook (engguidebook.com). Formerly at Uber, Skype, Skyscanner. More at pragmaticengineer.com

Gergely Orosz

Loading...

If you use GitHub (especially if you pay for it!!) consider doing this *immediately* Settings -> Privacy -> Disallow GitHub to train their models on your code. GitHub opted *everyone* into training. No matter if you pay for the service (like I do). WTH github.com/settings/cop...

My point is that it feels we're still very early in how we use these tools: we use it for the most common and widespread place of codegen (where they are admittedly a fit in their capabilities) But we don't seem to talk all that much on how it impacts shipping + operating prod software

Supply chain attacks are becoming more frequent, and far more serious. What are sensible practices to protect against these when using Node or Python packages? I assume pinning versions is the bare minimum; for those with security teams / tools: why else do you do / can you do?

The chatter about generating code with AI tools feels stuck at the "basic" level of... well, codegen, plus (perhaps) reviews and testing. I hear close to little talk about the things that come right after generating code: deploying, canarying, o11y, SLOs, error budgets etc

Watch/listen: • Spotify: open.spotify.com/episode/56bX... • Apple: podcasts.apple.com/us/podcast/b... Brought to you by: • Statsig – ⁠ The unified platform for flags, analytics, experiments, and more. statsig.com/pragmatic (cont'd)

Absolute madness btw how I PAY not just for GitHub but also Copilot, and they STILL pull this "default opt in" I realize I haven't used Copilot in forever, so with this, I'm cancelling it (use Claude Code / Codex, sometimes Cursor, play w Factory AI) WTH, again

Brought to you by: • Sonar – The makers of SonarQube, the industry standard for automated code review. www.sonarsource.com/pragmatic/ • WorkOS – Everything you need to make your app enterprise ready. workos.com

You have until 24 April to do it, and then *boom* you're now part of training their models. GitHub is truly losing its identity and what it stands for. Opting in paying customers means they no longer see themselves as the infra for code. Opportunity for someone else!

Well, I said my piece when cancelling Copilot Pro. Which, I assume, will be read by... no one. Probably an AI. And won't even make it to the summary sent to some human. Oh well.

How did a tiny team of 30 engineers build WhatsApp messaging app more than a decade ago, and what can dev teams learn from that feat today? Jean Lee was engineer #19 at the company, and shares fascinating details of how they built WhatsApp YouTube: youtu.be/5Kn32cIWPSY (cont'd)

3d

8d

8m

8d

3d

12d