Engineering Reads — 2026-05-21#

The Big Idea#

The software industry is constantly negotiating the tension between convenience and systemic fragility. Whether it’s abdicating code comprehension to LLMs, accepting endemic memory safety and supply-chain vulnerabilities as “acts of god,” or fighting complex tooling to retain local configuration control, our daily micro-choices compound into the security and maintainability baselines of the systems we operate.

Deep Reads#

[Bliki: Vibe Coding] · Martin Fowler · Source “Vibe coding,” a term coined by Andrej Karpathy, involves prompting an LLM to build software without the developer ever looking at the generated code. Fowler differentiates this from “Agentic Programming” (where engineers actively review LLM-generated code), arguing that true vibe coding intentionally ignores internal structure to maximize speed. This approach drastically accelerates prototyping and empowers non-programmers, but it heavily trades away correctness, maintainability, and security. LLM hallucinations and non-deterministic edits mean that unreviewed codebases quickly degrade into unmaintainable, vulnerable spaghetti code with a large attack surface. This is a must-read for engineering leaders and practitioners trying to formalize when to use LLMs for throwaway scripts versus robust, reviewed production systems.

2026-05-23

Blogs, AI, Tech

Css, Html, Screen-Readers, Web-Standards

Simon Willison — 2026-05-23#

Highlight#

Today’s update features a practical web standards TIL (Today I Learned) about the <dl> HTML element, proving there are still useful nuances to uncover in foundational markup regarding structure, styling, and accessibility.

Posts#

[On the dl] · Source Simon shares a few structural and historical insights regarding HTML description lists, prompted by an article by Ben Meyer. For practical formatting, he highlights that a single <dt> can be followed by multiple <dd> elements and that pairs can be grouped strictly inside a <div> for easier CSS styling. He also notes the 2008 HTML5 nomenclature shift from “definition lists” to “description lists” and includes a valuable link to Adrian Roselli concerning screen reader accessibility and ARIA labeling.

2026-05-20

Blogs

Software Engineering, Artificial Intelligence, Memory Safety, Static Analysis

Engineering Reads — 2026-05-20#

The Big Idea#

The boundaries of software engineering are being tested by the limits of strict specification: agentic coding tools fail when we cannot mathematically define our intent, while memory-unsafe languages continue to fail because we expect human discipline to substitute for structural guarantees.

Deep Reads#

Three more static code analysis sensors · Birgitta Böckeler · Source Birgitta Böckeler explores the effectiveness of using computational versus inferential sensors to evaluate software modularity. She observes that while traditional computational sensors are adequate for enforcing strict, rule-based dependency checks, they fall short when analyzing complex coupling data. Instead, utilizing an inferential sensor—essentially prompting an LLM to evaluate architectural boundaries—proves much more effective for nuanced reviews of system modularity. This highlights a compelling tradeoff: strict deterministic checks are brittle for high-level architectural constraints, whereas probabilistic inference can better grasp design intent. Engineers building or integrating AI coding agents should read this to understand where deterministic rules end and inferential checks must begin.

2026-05-22

Blogs, AI, Tech

Artificial Intelligence, Privacy, Memory, Advertising

Simon Willison — 2026-05-22#

Highlight#

Simon highlights a fascinating economic ripple effect of the AI boom: an impending spike in consumer electronics prices due to silicon wafer capacity constraints. As AI data centers demand more High-Bandwidth Memory (HBM), manufacturers are shifting production away from standard consumer RAM, which is already threatening the availability of cheap smartphones globally.

Posts#

[The memory shortage is causing a repricing of consumer electronics] · Source Simon links to an excellent breakdown by David Oks explaining why devices using memory are about to get significantly more expensive. With only three major memory manufacturers operating with fixed wafer capacities, the explosive growth in AI data centers is pushing High-Bandwidth Memory (HBM) allocation from 2% to an expected 20% by the end of 2026. Because a single gigabyte of HBM consumes over three times the wafer capacity of standard consumer RAM (DDR/LPDDR), consumer device memory is severely constrained—an effect already hitting the sub-$100 smartphone market that is critical to regions like Africa and South Asia.

2026-05-19

Blogs

Coding Agents, Static Analysis, Llm Tools, Token Optimization

Engineering Reads — 2026-05-19#

The Big Idea#

As AI coding agents transition from novelties to practical tools, engineering effort is shifting toward building reliable harnesses around them—whether through static analysis “sensors” to catch bad code early, or token-efficient, collision-resistant edit tools for constrained local models.

Deep Reads#

Maintainability sensors for coding agents · Birgitta Böckeler · Source Birgitta Böckeler introduces a mental model for “harness engineering” around coding agents, designed to intercept issues before they ever reach human reviewers. The core mechanism relies on a system of “guides and sensors” that increase the probability of correct agent behavior and enable automatic self-correction. In this installment, she explores using basic static analysis and code linting as the primary sensors to protect codebase maintainability. The approach shifts the burden of verifying agent output from manual human oversight to automated programmatic checks. Engineers building wrappers around LLM coding assistants should read this to understand how to design robust, automated feedback loops for AI systems.

2026-05-21

Blogs, AI, Tech

Datasette, Llms, Sqlite, Generative Ai, Sandboxing

Simon Willison — 2026-05-21#

Highlight#

The major news today is the official announcement of Datasette Agent, merging Simon’s three years of work on the LLM library with Datasette to create an extensible, conversational AI assistant for querying data. It represents a huge milestone for his ecosystem, opening the door for users to naturally interrogate their databases and easily build custom tools using a new plugin architecture.

Posts#

Datasette Agent Simon officially announced Datasette Agent, a conversational AI interface that lets users ask questions of the data stored in Datasette. The post features a live demo using Gemini 3.1 Flash-Lite to successfully query a blog database to find a bird-watching record. He highlights a growing plugin ecosystem—including charts, image generation, and sandbox execution—and notes that tools like Claude Code and OpenAI Codex are proving excellent at writing these extensions. Looking ahead, Simon teased a major refactor for his LLM library, a Claude Artifacts-style plugin, and a personal AI assistant named “Claw” built using his older Dogsheep tools.

2026-04-03

Blogs

Ai-Agents, Version Control, Recommendation Systems, Vector Search, Orchestration

Engineering Reads — 2026-04-03#

The Big Idea#

Relying purely on probabilistic systems—whether that means the unconstrained memory of LLM agents or pure vector search for recommendations—inevitably breaks down in production. Real-world systems require hard data constraints, from backing agent state with SQL-queryable Git ledgers to tempering semantic similarity with exact algorithmic keyword matching.

Deep Reads#

[Gas Town: from Clown Show to v1.0] · Steve Yegge · Medium LLM agents suffer from progressive dementia and a lack of working memory, fundamentally limiting their long-horizon planning capabilities. Yegge argues that the solution is a persistent, queryable data plane called “Beads,” which serves as an unopinionated memory system and universal ledger for agent work. By migrating from a fragile SQLite and JSONL architecture to Dolt—a SQL database with Git-like versioning—the system eliminates race conditions and merge conflicts, providing a complete historical log of every agent action. This shifts the orchestration paradigm from reading scrolling walls of raw text output by monolithic agents to interacting with a high-level supervisor interface that manages state deterministically. Engineers building multi-agent workflows should read this to understand why robust state management, deterministic save-games, and audit trails are more critical than raw agent reasoning.

2026-04-03

Blogs, AI, Tech

Security, Generative Ai, Ai-Security-Research, Open Source, Social-Engineering

Simon Willison — 2026-04-03#

Highlight#

The overarching theme today is the sudden, step-function improvement in AI-driven vulnerability research. Major open-source maintainers are simultaneously reporting that the era of “AI slop” security reports has ended, replaced by an overwhelming tsunami of highly accurate, AI-generated bug discoveries that are drastically changing the economics of exploit development.

Posts#

Vulnerability Research Is Cooked · Source Highlighting Thomas Ptacek’s commentary, Simon notes that frontier models are uniquely suited for exploit development due to their baked-in knowledge of bug classes, massive context of source code, and pattern-matching capabilities. Since LLMs never get bored constraint-solving for exploitability, agents simply pointing at source trees and searching for zero-days are set to drastically alter the security landscape. Simon is tracking this trend closely enough that he just created a dedicated ai-security-research tag to follow it.

2026-04-04

Blogs

Coding Agents, Llms, Software Engineering, Ai Tooling

Engineering Reads — 2026-04-04#

The Big Idea#

Raw LLM intelligence is no longer the primary bottleneck for AI-assisted development; the real engineering challenge is building the system scaffolding—memory, tool execution, and repository context—that turns a stateless model into an effective, autonomous coding agent.

Deep Reads#

[Components of A Coding Agent] · Sebastian Raschka · Sebastian Raschka Magazine The core insight of this piece is that an LLM alone is just a stateless text generator; to do useful software engineering, it needs a surrounding agentic architecture. Raschka details the necessary scaffolding: equipping the model with tool use, stateful memory, and deep repository context. The technical mechanism relies on building an environment where the model can fetch file structures, execute commands, and persist state across conversational turns rather than just blindly emitting isolated code snippets. The tradeoff here is a steep increase in system complexity—managing context windows, handling tool execution failures, and maintaining state transitions is often much harder than prompting the model itself. Systems engineers and developers building AI integrations should read this to understand the practical anatomy of modern autonomous developer tools.

2026-04-04

Blogs, AI, Tech

Github, Github-Actions, Commits, Platform Activity

Simon Willison — 2026-04-04#

Highlight#

Simon highlights a staggering growth in developer activity on GitHub, pointing to massive recent surges in both commit volume and GitHub Actions usage. This brief but potent link post captures the sheer scale of how rapidly AI-assisted programming and automated workflows are accelerating platform activity.

Posts#

[Quoting Kyle Daigle] · Source Simon shares a striking quote from GitHub COO Kyle Daigle that reveals an explosive surge in overall platform activity. Commit rates have jumped to 275 million per week, which is on pace for 14 billion this year compared to just 1 billion total commits in 2025. Additionally, GitHub Actions usage has skyrocketed to 2.1 billion minutes in just the current week alone, up from 1 billion minutes per week in 2025 and 500 million in 2023. This massive scale-up highlights the unprecedented velocity at which code is currently being generated, integrated, and tested across the developer ecosystem.