In part three, we look at both sides of the AI contribution debate. A working patch, real demand, never submitted, rejected because AI was involved. But maintainers are unpaid volunteers, and AI halved the cost of contributing without touching the cost of review. Both sides have a point.
Conductor by Melty Labs makes parallel agent workflows practical by running multiple agents with separate tasks simultaneously. The trade-offs are real but manageable, and this is where development is heading.
This is Part 2 of Bots and Boundaries, a three-part series on AI agents in open source.
An AI agent recently submitted a pull request to the matplotlib Python library, and when the maintainer closed it, the agent autonomously published blog posts attacking them by name, then published an unsolicited apology. No human directed either action.
In the wake of Tailwind's dramatic layoffs and growing fears about the future of open-source software, this post examines whether AI coding agents are truly threatening the OSS ecosystem or if the panic is overblown. And it's a reaction to Andreas' idea that open source will no longer exist.
AI code review catches what humans miss and misses what humans catch. This guide compares the tools, shows what each catches, and walks through setup without replacing human judgment.
Here’s an uncomfortable truth: board members can’t delegate accountability. Not for budgets. Not for legal compliance. And no longer for cybersecurity.
Offboarding is a crucial part of security. Forgotten accounts and overlooked credentials can expose your systems to risk. This post offers real examples, a checklist approach, and clear steps to make offboarding more reliable across teams.
Using ARG or ENV for secrets in Dockerfiles can expose sensitive credentials in your final image. Instead, use Docker BuildKit’s --secret to pass secrets securely at build time. Learn how to protect your Docker builds across CLI, Docker Compose, GitHub Actions, and GCP.