2026-05-27

Simon Willison — 2026-05-27#

Highlight#

Simon makes a compelling case that April 2026 marks a new inflection point where frontier AI labs have found true product-market fit with coding agents. By analyzing sudden enterprise pricing pivots, sales hiring sprees, and massive inference compute deals, he illustrates how the enterprise adoption of AI agents is finally turning massive usage into real revenue.

Posts#

I think Anthropic and OpenAI have found product-market fit Simon argues that the sudden shift by OpenAI and Anthropic to charge enterprise customers full API token prices for agent usage signals true product-market fit. He notes that heavy coding agent users easily burn thousands of dollars in token equivalents, prompting labs to pivot away from middlemen like Cursor or Copilot to capture this enterprise value directly. The piece features some classic Simon dogfooding—using Claude Code and Datasette Agent to analyze AI lab job listings—and highlights a SpaceX S-1 filing revealing Anthropic’s staggering $1.25 billion monthly compute spend.

2026-05-28

Engineering Reads — 2026-05-28#

The Big Idea#

True systems mastery requires breaking down monolithic black boxes into understandable, isolated components. Whether you are mathematically decomposing a complex signal into orthogonal basis vectors or strictly isolating untrusted code within a mocked WebAssembly sandbox, engineering craft comes down to defining rigorous boundaries and understanding the mechanisms beneath the abstraction.

Deep Reads#

Notes on Fourier series · Eli Bendersky The trigonometric Fourier series is more than a signal processing trick; it is deeply rooted in linear algebra within a Hilbert space. Bendersky walks through the mechanics of decomposing a periodic function into an infinite sum of sinusoids, demonstrating how the integral formulas for coefficients are actually just projections calculating the dot product of a function against orthogonal basis vectors. The post grounds these continuous concepts with practical constraints, noting that functions need only be square-integrable and piecewise smooth to guarantee pointwise convergence. It bridges the gap between pure math and engineering intuition, trading abstract analysis for concrete examples like complex exponentials and periodic extensions of non-periodic intervals. Engineers looking to build intuition for frequency-domain transforms or those rusty on the linear algebraic foundations of signal processing should read this.

2026-05-28

Simon Willison — 2026-05-28#

Highlight#

Anthropic’s release of Claude Opus 4.8 brings welcome improvements to model honesty and prompt caching, which Simon immediately put to the test using his newly updated llm-anthropic CLI plugin to generate SVGs of pelicans riding bicycles.

Posts#

Claude Opus 4.8: “a modest but tangible improvement” Simon highlights Anthropic’s refreshing honesty in marketing this release as an incremental upgrade, noting the model’s decreased hallucination rate achieved by simply abstaining when uncertain. Key technical changes include a reduced prompt cache minimum of 1,024 tokens and the ability to insert system messages mid-conversation, which preserves cache hits and reduces input costs in agentic loops. He tested the model by generating SVG pelicans riding bicycles at different thinking levels via his LLM CLI, using Opus 4.8 to build the rendering HTML tool and relying on GPT-5.5 as a “code security blanket” to patch XSS vulnerabilities.

2026-05-29

Engineering Reads — 2026-05-29#

The Big Idea#

The standard multi-round technical interview is a fundamentally flawed simulation of work that yields terrible predictive signal and massive false positive/negative rates. It is slowly being replaced by a “campfire” model of paid, provisional work where candidates ship real tickets on an actual codebase, trading the low-fidelity noise of algorithmic whiteboarding for the high-fidelity assessment of real execution.

Deep Reads#

The Last Technical Interview · Steve Yegge Yegge argues that the standard tech interview loop is a statistically bankrupt pseudoscience that functions primarily as an unconscious bias filter and a “do I like you” dating round. Drawing from decades of internal data gathered via Amazon Bar Raisers and Google Hiring Committees, he points out that interviewer consensus is rare and interview scores correlate incredibly poorly with actual on-the-job performance. The proposed solution abandons work simulation entirely in favor of a “campfire” model: bringing candidates in to tackle real tasks on real codebases alongside the actual team over a few days. To solve the historical incentive problem—where senior engineers logically refused the risk of temporary, try-before-you-buy employment—Yegge suggests making these contributions portable. This means allowing candidates to walk away with a verified, compounding reputation stamp for their work regardless of the final hiring outcome, transforming the interview from an operational cost center into a mutually beneficial proof-of-work mechanism. Engineering leaders and hiring managers should read this to rethink how they extract signal from their hiring pipelines before the industry fully shifts beneath them.

2026-05-29

Simon Willison — 2026-05-29#

Highlight#

Today’s most significant update is the release of Datasette 1.0a31, a massive paradigm shift for the project that introduces UI support for executing write queries directly against the database.

Posts#

datasette 1.0a31 Simon has released a major alpha for Datasette, bringing a highly-requested evolution: users with the right permissions can now execute write queries and save “stored queries” (formerly “canned queries”) directly in the UI. This allows developers to set up templated insert, update, and delete operations against their databases. This release also marks the third post on the recently launched Datasette blog, highlighting his ongoing push for better project documentation.

2026-05-30

Engineering Reads — 2026-05-30#

The Big Idea#

The evolution of attention mechanisms reflects the industry’s ruthless drive to optimize foundational ML primitives, trading raw representational granularity for the memory and compute efficiency required to serve massive context windows. Understanding this shift requires tracing the arc from raw multi-head attention to the highly compressed, shared-state architectures powering today’s state-of-the-art open models.

Deep Reads#

Understanding and Coding Self-Attention, Multi-Head Attention, Causal Attention, and Cross-Attention in LLMs · Sebastian Raschka To reason effectively about modern language models, you have to strip away the high-level framework abstractions and implement the core mechanics from scratch. This piece provides a code-first deep dive into the foundational attention primitives: self, multi-head, causal, and cross-attention. By forcing you to confront the raw tensor operations and masking logic, it builds the structural intuition necessary to understand why these mechanisms eventually become bottlenecks at scale. While this covers foundational designs rather than cutting-edge optimizations, it is essential scaffolding. Any engineer looking to demystify the inner workings of transformer architectures should read this to ground their mental models in actual code.

2026-05-30

Simon Willison — 2026-05-30#

Highlight#

Today’s standout is Simon’s breakthrough in running ASGI apps entirely in the browser using Pyodide and Service Workers. Guided by Claude Opus 4.8, this research paves the way for a major architectural upgrade to Datasette Lite, solving longstanding issues with JavaScript execution and plugin compatibility that plagued the older Web Worker approach.

Posts#

Running Python ASGI apps in the browser via Pyodide + a service worker · Source Simon documents a successful experiment using Claude Opus 4.8 to transition Datasette Lite from Web Workers to Service Workers. The previous Web Worker approach intercepted navigation but unfortunately broke inline <script> tags and numerous Datasette plugins. The new service worker method successfully runs a basic ASGI FastCGI demo and Datasette 1.0a31. Simon plans to fully implement this upgrade into Datasette Lite once he completely wraps his head around the AI-generated solution.

2026-06-01

Engineering Reads — 2026-06-01#

The Big Idea#

The JavaScript package ecosystem suffers from a systemic vulnerability to supply-chain attacks, perpetuated not just by technical flaws, but by a cultural learned helplessness where developers treat catastrophic compromises as unavoidable acts of nature rather than solvable engineering failures.

Deep Reads#

“No way to prevent this” say users of only package manager where this regularly happens · xeiaso.net This alarming report dissects a massive supply-chain attack on Redhat Insights’ JavaScript packages via NPM, exposing how the ecosystem’s architecture normalizes severe security breaches. The technical mechanism of the payload is devastating: it steals credentials for AWS, GCP, Azure, Kubernetes, HashiCorp Vault, and CI systems, self-propagates using stolen NPM tokens via the bypass_2fa setting, and establishes deep persistence using VS Code task injection and Claude Code hooks. The author sharply critiques the community’s apathy, pointing out that NPM accounts for 90% of global supply-chain attacks over the last decade, yet users continually accept the risk instead of demanding robust maintainer authentication. The post forces practitioners to confront the tradeoff between the velocity of frictionless, massive dependency graphs and the catastrophic blast radius of a compromised package manager. Any engineer managing CI/CD pipelines or Node.js infrastructure should read this as a stark warning to audit their dependency verification and reprovision infected development hardware immediately.

2026-06-01

Simon Willison — 2026-06-01#

Highlight#

The standout piece today is a staggering security failure at Meta, where an overly empowered AI support bot allowed hackers to hijack high-profile Instagram accounts simply by asking. It serves as a stark, practical reminder of the dangers of wiring LLMs directly into sensitive operational workflows without robust authorization safeguards.

Posts#

Hackers Simply Asked Meta AI to Give Them Access to High-Profile Instagram Accounts. It Worked Simon highlights a massive security oversight where attackers successfully bypassed the Instagram account recovery process merely by instructing Meta’s AI support bot to link a new email address to a target username. He notes this barely qualifies as a sophisticated prompt injection, but rather a profound architectural failure where Meta granted an AI chatbot the ability to fast-forward through the entire account recovery process. The core takeaway is a blunt warning to developers: never wire your support bots to execute one-shot account takeovers.

2026-06-02

Engineering Reads — 2026-06-02#

The Big Idea#

The integration of AI into software engineering hasn’t eliminated our bottlenecks; it has merely shifted them from code generation to human attention, coordination, and system verification. To survive this shift without drowning in “generative debt,” teams must double down on strict engineering discipline, robust tooling, and rigorous testing rather than abandoning them for the sake of speed.

Deep Reads#

Fragments: June 2 · Martin Fowler Fowler curates several sharp perspectives on the realities of AI in software development, focusing heavily on how LLMs shift our operational constraints. He highlights Andy Osmani’s excellent framing of human attention as the “Global Interpreter Lock” (GIL) over parallel AI agents, and Pavel Voronin’s concept of “generative debt,” where models treat existing architectural cruft as precedent and confidently reproduce it. The piece notes that as code generation becomes cheap, the organizational bottleneck moves strictly to coordination, eating up the unstructured slack time where senior engineers do their actual strategic thinking. Engineering leaders should read this to re-anchor their expectations around AI tooling: it is a powerful amplifier of productivity, but also an amplifier of existing system rot and coordination overhead.