Programmer Weekly (Issue 265 August 14 2025)

Author

Rahul Chaudhary
August 14, 2025

Welcome to issue 265 of Programmer Weekly. Let's get straight to the links this week.

Unmanaged AI = Unmanaged Risk. Shadow IT Could Be Spreading in Your Org

You wouldn’t allow unmanaged devices on your network, so why allow unmanaged AI into your meetings?

Shadow IT is becoming one of the biggest blind spots in cybersecurity.

Employees are adopting AI notetakers without oversight, creating ungoverned data trails that can include confidential conversations and sensitive IP.

Don't wait until it's too late.

This Shadow IT prevention guide from Fellow.ai gives Security and IT leaders a playbook to prevent shadow AI, reduce data exposure, and enforce safe AI adoption, without slowing down innovation.

It includes a checklist, policy templates, and internal comms examples you can use today.


Quote of the Week

“The biggest issue you'll face in security, and in life, is your own stupidity.” — Jonathan Walpole


News

GitHub’s integration into Microsoft’s CoreAI division marks a significant shift in its identity and future. The resignation of CEO Thomas Dohmke, who helped grow the developer platform to over 150 million users and a billion repositories under Microsoft, now sees the platform reporting directly into a broader AI strategy aligned with GitHub Copilot’s rapid rise.


Reading List

Wilson Lin built a web search engine from scratch in just two months, generating 3 billion text embeddings with a 200-GPU cluster and indexing 280 million pages with end-to-end query latency of around 500 ms. The project tackles search relevance by moving beyond keyword matching toward semantic understanding, delivering high-quality results using transformer-based embeddings.

A detailed explanation of why the author chose OCaml as the ‘default’ programming language for every project.

Developers should be aware that Model Context Protocol (MCP) servers can have serious security gaps, including tool description injection, weak or missing OAuth authentication, supply chain risks, and incidents like exposed servers and data leaks. Until the ecosystem matures, any MCP connection should be treated as a potential attack surface.

Airbnb replaced their Gradle-based JVM monorepo, which spans tens of millions of lines across Java, Kotlin, and Scala, with Bazel. The switch delivered 3–5× faster local builds and tests, 2–3× quicker IDE syncs, and improved build satisfaction scores from 38% to 68%, while enabling more consistent and reproducible development through remote execution.

The productivity of knowledge workers is hard to quantify and often decoupled from direct business outcomes. The lack of understanding leads to many initiatives, bloated tech spend, and ill-chosen efforts to improve this productivity. Technology leaders need to avoid this by developing an intelligence of the business impact of their work across a network connecting output to proximate and downstream impact. We can do this by introducing robust demand management, paying down measurement debt, introducing impact validation, and equipping delivery teams to build a picture of how their work translates to business impact.

Why Your O(log n) Algorithm Might Lose to O(n).


Watch, Listen

How is software engineering changing with AI coding tools and agents? An overview of how productive tech companies and teams are utilizing these tools, how their approaches to engineering are changing and – just as importantly – what remains similar to before we had access to these tools.

Paul Dix shares the journey of building InfluxDB, from its start as an error logging system to becoming a time-series database, and from being written in Go to being rewritten in Rust. Along the way, he discusses both technical lessons, such as Time-Structure Merge Trees, and business challenges, including the impact of a flawed pricing model.

GraphQL Full Course from Beginner to Pro

This comprehensive four-hour tutorial walks viewers through GraphQL from foundational concepts to advanced implementation, covering schema design, querying techniques, mutations, error handling, and best practices. It is a perfect resource for both newcomers and experienced developers aiming to master GraphQL in real-world projects.

Every programming language environment has an interface for streaming data. Using real world examples of compression, files, sockets, and network protocols, this talk critically examines a variety of strategies for designing an input/output abstraction. We'll watch the data closely as it flows through the pipeline, as well as examining how error conditions are handled. Finally, I'll draw a non-obvious connection between I/O and multithreading, and explain my evil/genius/ridiculous (take your pick) plan to put ALL I/O behind one massive interface, making a lot of people happy/angry (take your pick).

Learn the essential concepts of DevSecOps and why integrating security throughout the software development lifecycle is more important than ever. You’ll learn how DevSecOps bakes it into every stage, from planning and coding to testing and deployment.


Interesting Projects, Tools and Libraries

The Open-Source AI Router to aggregate, govern, and secure your AI stack

Clone and recreate any website as a modern React app in seconds.

Servy lets you run any app as a Windows service with full control over working directory, startup type, process priority, logging, health checks, environment variables, dependencies, pre-launch scripts and parameters. A fully managed alternative to NSSM.

A complete 64-bit virtual machine implementation featuring a custom CPU architecture, assembler, compiler, and development environment built in Java with JavaFX.

Dyad is a local, open-source AI app builder. It's fast, private, and fully under your control — like Lovable, v0, or Bolt, but running right on your machine.


Our Other Newsletters

Python Weekly - A free weekly newsletter featuring the best hand curated news, articles, tools and libraries, new releases, jobs etc related to Python.


Founder Weekly - A free weekly newsletter for entrepreneurs featuring best curated content, must read articles, how to guides, tips and tricks, resources, events and more.