Good Morning! GitLab's recent release of version 17 and their 2024 Global DevSecOps Report highlight the growing importance of AI in software development. The new version incorporates AI-driven features to enhance code quality, security, and team collaboration, aiming to revolutionize how development teams work. Meanwhile, a significant security issue with Polyfill.io has affected over 100,000 websites, underscoring the risks of relying on third-party code sources. Last but definitely not least, researchers at UC Santa Cruz have come up with a new way to build AI language models.

— Forrest Knight & Meghanadh Vasireddy

GitLab’s DevSecOps Report Highlights AI Challenges

GitLab just released version 17, building on what they learned from their 2024 Global DevSecOps Report. This new version puts AI at the heart of development work.

Key Features:

1. Smarter Code Help: GitLab 17 uses big AI models to help write and check code. It can suggest better ways to code and do boring tasks on its own.

2. Better Security Checks: The new version is better at finding security problems early. It uses machine learning to spot issues before they become big problems.

3. Faster Workflows: AI looks at how things worked before and suggests ways to make pipelines run faster.

4. Improved Team Talk:

   AI now understands written text better

   Helps track issues and manage what teams need to do

   Makes it easier for tech and non-tech team members to work together

5. Clever Project Management: GitLab 17 can predict where projects might get stuck. It shows where problems might happen and how to use resources better.

This new version aims to change how development teams work. As more companies want to use AI in their development process, GitLab is trying to stay ahead by offering these new AI tools.

Read More Here

Polyfill.io Attack Affects Over 100,000 Websites

A big problem has hit Polyfill.io, a tool many websites use. Over 100,000 sites are now in trouble because of it. This all started when a Chinese company bought the polyfill.io web address in February 2024.

The Issue: The main source of Polyfill.io (cdn.polyfill.io) is now sending out bad code. This code mostly tries to cause problems for people using phones to visit websites.

The bad code is pretty smart. It:

• Only works at certain times and on certain phones

• Stops working if it thinks a website owner is looking

• Waits a bit before starting to avoid being caught

This whole mess shows why it can be risky to use code from other places on your website. Andrew Betts, who first made Polyfill.io, says it's best to just stop using it. He points out that new web browsers don't really need it anymore.

To stay safe, website owners can:

• Use something called "subresource integrity checks"

• Think about not using outside sources for important website code

Read More Here

AI Researchers Cut Out Complex Math in Language Models

Researchers at UC Santa Cruz have come up with a new way to build AI language models. Their method gets rid of complex math operations, which could make AI much more efficient.

Key Changes:

• They created a "MatMul-free LM" that only uses three simple values: -1, 0, and 1.

• They replaced the usual attention system with something simpler called MLGRU.

• They updated a part called the Gated Linear Unit to work with their new three-value system.

Their new model works about as well as the best current models, but it uses a lot less power and memory. They tested a model with 2.7 billion parameters, and it did just as well as a similar Llama-2 model on various tests.

While this new approach isn't as advanced as models like GPT-4 yet, the researchers think it could work even better than regular models when made much larger. However, they need to do more research to prove this is true for bigger models.

This new method could make AI easier to use and less expensive to run, potentially changing how we build and use language models in the future.

Read More Here

🔥 More Notes

• “I spent 18 months rebuilding my algorithmic trading platform in Rust. I’m filled with regret.”

• How Does Facebook Manage to Serve Billions of Users Daily?

• Qlok: A clock built in such a way its own code is used as the UI

Youtube Spotlight

Why you shouldn't believe the AI extinction lie

Was this forwarded to you? Sign Up Here