Articles about Development

Analysis of 965 commercial codebases across 16 industries during 2024 by Black Duck Software finds 86 percent contain open source software vulnerabilities and 81 percent high- or critical-risk vulnerabilities.

Black Duck's Open Source Security and Risk Analysis (OSSRA) report also shows that the number of open source files in an average application has tripled from around 5,300 in 2020 to more than 16,000 in 2024.

Continue reading →

Developers historically have not been all that security savvy, but as software supply chain security becomes a larger and larger problem every day, enterprises are going to need to secure packages before they are put into production environments.

We spoke to Phylum CEO, Aaron Bray, to learn more about 'secure by design' and how it can make sure developers are being taught security as part of their development and training process and are also being provided with the necessary resources to code securely from the beginning.

Continue reading →

The percentage of organizations considering alternatives to Oracle Java has jumped significantly from 72 percent in 2023 to 88 percent today.

The Azul 2025 State of Java Survey and Report finds 99 percent of enterprises are using Java. The top reasons given for considering a migration away from Oracle Java include cost (42 percent), preference for open-source (40 percent), Oracle sales tactics (37 percent), uncertainty created by ongoing changes to pricing and licensing (36 percent), and restrictive Oracle policies (33 percent).

Continue reading →

Repetitive UI development tasks often don't involve coding and in order to free up developer time from these, Qt Group is launching Qt AI Assistant, an experimental tool for streamlining cross-platform user interface (UI) development.

It gives advice on building application UIs with Qt Framework and automates manual tasks like writing unit test cases, code documentation, and repetitive code. Users request this advice with a prompt window and quick-access commands inside the code editor of Qt Creator (used for creating and modifying cross-platform apps).

Continue reading →

Microsoft continues to bet big on AI and the company has created a new artificial intelligence engineering division called CoreAI. The new development-focused unit is headed by Jay Parikh -- once Meta's VP and global head of engineering -- and the intention is to speed up AI infrastructure and software development at Microsoft.

CEO Satya Nadella describes 2025 as being "about model-forward applications that reshape all application categories". Nadella clearly wants to power forward in what he says is the "next innings of this AI platform shift".

Continue reading →

GraphQL -- in case you haven't heard of it -- is a rapidly rising query and manipulation language for APIs. It's designed to make APIs fast, flexible and developer-friendly, and it moves the complexity of data fetching from the client to the server side.

We spoke to Pete Crocker, director of solutions engineering at OpsMill, to learn why it's increasingly being employed as an alternative to the more established REST API.

Continue reading →

Newly released usage data from the O'Reilly online learning platform reveals that interest in AI-related skills has surged dramatically, with the most pronounced usage increases seen in topics like prompt engineering (456 percent increase), AI principles (386 percent increase), and generative AI (289 percent increase).

Use of content about GitHub Copilot has seen a dramatic increase too, by an impressive 471 percent, reflecting developers’ enthusiasm for tools that enhance productivity.

Continue reading →

Citing an “unexpected change”, Microsoft has issued a warning to software developers to update their .NET Install links.

Microsoft is describing the situation as “critical”, and it comes after the bankruptcy of Edgio, a company responsible for hosting some .NET-related Content Delivery Network (CDN) instances. Developers are being told to take immediate action in order to avoid problems.

Continue reading →

In the past year economic and business pressures, the rise of AI technologies talent shortages and more have put a strain on code pipelines and increased demands on developer teams. This in turn leads to fears around developer strain, product launch timescales and cybersecurity risks.

So what might 2025 have in store for developers? Here's what some industry experts think.

Continue reading →

With the increasing importance of observability in digital operations, businesses need to ensure the reliability and relevance of their telemetry data in order to maintain system and application performance, debug, troubleshoot, respond to incidents and keep their systems secure.

We spoke to Tucker Callaway, CEO of Mezmo, to discuss the strategic considerations and concerns enterprises face in managing and optimizing their telemetry data.

Continue reading →

The use of container images is growing fast thanks to their flexibility and convenience, but they can also represent a weak cybersecurity link in software supply chains.

A new report from NetRise looks at the scope and scale of the components and risks found across 70 of the most commonly downloaded Docker Hub container images.

Continue reading →

Free and Open Source Software (FOSS) has become a critical part of the modern economy and it's estimated that up to 96 percent of codebases now include it.

In order to understand the impact of open source The Linux Foundation, in collaboration with the Laboratory for Innovation Science at Harvard, commissioned its latest study into the space and today announces the release of the Census III of Free and Open Source Software -- Application Libraries report.

Continue reading →

Generative AI (GenAI) holds a lot of promise for software developers: an ability to help them ship code faster, improve productivity, and reduce time spent on menial and repetitive tasks. But how much of that promise are GenAI coding tools actually delivering -- and how much is hype?

We spoke with Matt Hoffman, product manager and data analyst at Uplevel, an engineering intelligence platform that uses data from across developer tools and collaboration platforms to help engineering leaders drive organizational improvements. Uplevel's data science team, Uplevel Data Labs, recently studied the impact of Copilot usage on developer productivity.

Continue reading →

The open source software supply chain shows signs of 'AppSec exhaustion,' with organizations showing diminished engagement in security practices and struggling to meet vulnerability management goals, according to a new report.

The study from Snyk, based on a survey of 453 professionals across application development and security, shows that open-source security is more important than ever, as hackers have recognized the efficiency of targeting open-source software as a single entry point to multiple orgs.

Continue reading →

High-quality retrieval is key to delivering the best user experience in AI search and retrieval-augmented generation (RAG) applications.

Knowledge platform Pinecone has announced new vector database capabilities combined with proprietary AI models to help developers build more accurate AI applications, faster and more easily.

Continue reading →