The unwritten thing is that if you need seniors to review every single change from junior and mid-level engineers, and those engineers are mostly using Kiro to write their CRs, then what stops the senior from just writing the CRs with Kiro themselves?
I am not in that specific meeting but it made me chuckle that a weekly ops meeting will somehow get media attention. It's been an Amazon thing forever. Wait until the public learns about CoEs!
Exactly. This is real world pushback on the "software is solved" narrative from AI labs. Also, most orgs try to copy Amazon for some reason more than big tech firms. "At our org, we disagree and commit" - yeah you made that one up yourself. Anyway, this is going to have a lot of impact in my view.
There was nothing mentioned in the meeting or messaging about PRs with AI contributions. There are no extra requirements for review or scrutiny of AI-generated-code. The media reports about this have been excessively misleading about this.
There's an explicit tension: SWEs would love that as a "get out of jail free" card, but their management chain is being evaluated by ajassy on AI/ML adoption. Admitting AI code as the root cause of a CoE is gonna look really bad unless/until your peers are also copping to it.
I think its a question 2 or 3 in a why chain, but 4 and 5 need to be why the agent screwed up, and there needs to be action items that are around giving the ai better guardrails, context, or tooling.
"get a person to look at it" is a cop-out action item, and best intentions only. nothing that you could actually apply to make development better across the whole company
> you could reduce headcount via attrition which is better in some ways
I don't think reducing via attrition is better for the company, for the employees 100%, but attrition would be your people moving to other companies and retirement. It means that you are effectively bleeding your people with options (usually above average) and those with the most experience in favor of "the rest".
It's a nuanced trade-off. It's worse for the company as you said, it may be worse for the employees because some will leave from burnout without severance, those remaining will have more work to do typically.
But my point was that what was presented was a false dichotomy and that framing it as such is disingenuous to employees receiving those comms.
I guess you could consider it that, I read "prolonged bleeding" as more smaller layoffs. That's a fair point. Although then I'd say it's still disingenuous to frame it that negatively when many may see it as a better option.
My pet peeve with AI is that it tends to work better in codebase where humans do well and for the same reason.
Large orchestration package without any tests that relies on a bunch of microservices to work? Claude Code will be as confused as our SDEs.
This in turns lead to broader effort to refactor our antiquated packages in the name of "making it compatible with AI" which actually means compatible with humans.
In my opinion it’s not just compatible with AI its code that now fits in your head. Lots of famous “we can rewrite it later” remarks throughout my career… Well the AI can rewrite it, and now you can understand it.
Always make it write out a plan, write out unit tests that match the codebase as-is, and if adjusted are only changed in how they call the code in the future, giving you confidence that the rewrite didn't break core logic.
It's an interesting world for sure, I maintain a somewhat popular package and got a form to fill from a Deloitte consultant about security once.
They seemed genuinely confused when I told them I was not going to fill compliance form and make patching commitments for free. Really makes you wonder how many maintainers are letting themselves be taken advantage of.
The people who maintain open source software are considered "the vendor" by these compliance types. When it comes to open source, the user is really the vendor and the user has responsibility to themselves for compliance (this is pretty much spelled out in the licence and WARRANTY file). The compliance industry doesn't acknowledge how open source works and have tried, since forever, to shoehorn it into a paid vendor model. Open source maintainers creating destination/marketing websites espousing the advantages of their software as if it is a sellable/buyable product doesn't help and perpetuates that perception.
> got a form to fill from a Deloitte consultant about security once.
It could be someone trying to extract free work, but in my experience this person was probably trained by someone else about how to handle vendor compliance for contracted vendors.
Some times the people in these grunt work consulting positions aren't really knowledgable about the space. They're in those positions because they can follow directions and will diligently grind out billable hours. Their default mode for getting things done is to try what worked last time, and if that fails they just start looking for names to send the request to until someone does it.
As others mentioned, you could have said "Compliance forms are $1000, payable to ____" and the consultant may have diligently gone through their mental process about where to direct invoices for work.
Yeah, that's what I do. Anytime anyone from a company sends an email about whatever, who wants me to help them (for their company) in private with something, I ask if they're willing to pay for my time spent on it, maybe 20% says yes. Most of the time they end up getting redirected to use the same venues the rest of the community has access to too.
Assuming you want to. But if you do, understand that accepting payment for services creates obligation to deliver, and possibly liability for poor performance. You may or may not want that.
I do talk with OSS devs about “we need X for security and we are willing to provide X amount of funding”
You’d be amazed how much OSS devs will do for you when your request of something they wanted to do anyways (but had no impetus for prioritization) is matched by a healthy rate
No kidding. I don't maintain anything of enough popularity to warrant being approached like that, but a good hourly-rate answer would be the no-brainer response.
The compliance form thing is wild but predictable. I'm on the other side of that equation now. Companies will pay me to handle their compliance mapping but balk at paying an open source maintainer to fill out a security questionnaire for software they depend on in production. The disconnect is that compliance teams budget for vendors but have no line item for 'critical open source dependency we treat like a vendor but isn't one.
Look I am all for Euro-skepticism, but "boycotting the best products" on an article about Microsoft Teams which is well known to be clawing its way into companies despite very negative feedback due to advantageous pricing when you are integrated with Office 365 (which is itself monopolistic behavior). Is not one.
The reality is that chat apps nowadays have little moat, blocking the worst offenders for sovereignty's sake it perfectly logical.
Yeah I don't know their stack but I have a service that is a collection of microservices and Opus can debug them fine by aggregating the logs tied to the same faulty request ID.
In general for those tasks though the question is more "How would a human do it". If it's impossible for a human because your tooling is so bad you can't even get the logs across services for a single ID, that seems like a pretty serious design issue.
In general looking at the prompt though, this is also not very representative. You don't have an SOP that you can share with your agent? How do you expect new hires to onboard?
> all within walking distance of your apartment, you don’t need to deal with the hassles of finding stuff within a massive supermarket.
Is that really a thing though? I feel like arguing for quality is a strong argument, but between walking between small shops at the end of my work day and just doing one supermarket feels more efficient.
Finding stuff within a supermarket is also not hard once you've been once or twice.
You need to be able to afford it as it it is more expensive, but yes it is.
I have the luck to live in a well served area: I have a Carrefour supermarket at about 200m from home yet I have 3 small markets closer than that. If I have to buy one or two things it doesn't matter if the supermarket is cheaper, in my mind spending 10 euros instead of 9 or 8 is worth it if it takes 5 minutes instead of 15. Moreover instead of having to interact with a bored cashier or an automated checkout machine, I will have a chat with a real person (yes, a cashier is a real person too, but most of the time doesn't act like one) . He will ask me how I am doing, put my stuff in the shopping bag and gasp smile at me. I think we lost sight of how those small things makes our life better.
The interesting part is, I always have to buy just 2-3 things because if it takes 5 minutes, whenever I need I just go out and buy it, so half of my shopping is not at the "big" supermarket.
I have to add though: I work from home, so for me shopping means having to go out just for that. Maybe if I was working at an office the dynamics would be different as I could just stop at a supermarket one the way home.
Because many settings still aren't available in the "Settings" app, you often have to dig into the Control Panel (most notably for power options). Microsoft support forums and ChatGPT, which I think would be used by non-technical users when they encounter an issue, seem to both default to recommending going straight to the Control Panel to change settings.
