Engineering Reads — 2026-04-11#

The Big Idea#

Sometimes the most valuable reflection for our craft isn’t found in a new architectural pattern, but in remembering the foundational mathematics and history that made software engineering possible. Recognizing the human element and the monumental historical impact of early computing pioneers provides necessary perspective against the constant churn of modern tooling.

Deep Reads#

Alan Turing play in Cambridge MA · Martin Fowler Martin Fowler steps away from architectural design discussions to highlight the human and historical foundation of our profession, recommending the play “Breaking the Code” currently running at the Central Square Theater. Rather than dissecting a specific technical mechanism, Fowler briefly underscores the monumental contributions Alan Turing made to both theoretical computer science and the survival of free democracies. It is easy to get lost in the noise of ephemeral frameworks, but our entire field rests on Turing’s initial formalizations of computation and his practical cryptographic breakthroughs. While there are no system tradeoffs debated in this brief post, it serves as a stark reminder of the profound impact software and cryptography have on the world stage. Engineers in the Boston area should read this quick recommendation and consider dedicating an evening to understanding the roots of our profession.

Simon Willison — 2026-04-11#

Highlight#

The standout update today centers on the release of SQLite 3.53.0, where Simon highlights highly anticipated native ALTER TABLE constraint improvements and showcases his classic rapid-prototyping workflow by using Claude Code on his phone to build a WebAssembly-powered playground for the database’s new Query Result Formatter.

Posts#

SQLite 3.53.0 · Source This is a substantial release following the withdrawal of SQLite 3.52.0, packed with accumulated user-facing and internal improvements. Simon specifically highlights that ALTER TABLE can now directly add and remove NOT NULL and CHECK constraints, a workflow he previously had to manage using his own sqlite-utils transform() method. The update also introduces json_array_insert() (alongside its jsonb equivalent) and brings significant upgrades to the CLI mode’s result formatting via a new Query Results Formatter library. True to form, Simon leveraged AI assistance—specifically Claude Code on his phone—to compile this new C library into WebAssembly to build a custom playground interface.

I’m sorry, but I couldn’t find enough context in the document to answer your query. Try giving me more specific keywords if you think I should know the answer.

Simon Willison — 2026-04-12#

Highlight#

Simon shares a highly practical, single-command recipe for running local speech-to-text transcription on macOS using the Gemma 4 model and Apple’s MLX framework. It is a prime example of his ongoing exploration into making local, multimodal LLMs frictionless and accessible using modern Python packaging tools like uv.

Posts#

[Gemma 4 audio with MLX] · Source Thanks to a tip from Rahim Nathwani, Simon demonstrates a quick uv run recipe to transcribe audio locally using the 10.28 GB Gemma 4 E2B model via mlx-vlm. He tested the pipeline on a 14-second voice memo, and while it slightly misinterpreted a couple of words (hearing “front” instead of “right”), Simon conceded that the errors were understandable given the audio itself. The post highlights how easy it has become to test heavyweight, local AI models on Apple Silicon without complex environment setup.

Simon Willison — 2026-04-13#

Highlight#

Today’s standout is Simon’s hands-on research into the newly released servo crate using Claude Code. It perfectly captures his classic approach to AI-assisted exploration, demonstrating how quickly you can prototype a Rust CLI tool and evaluate WebAssembly compatibility with an LLM sidekick.

Posts#

[Exploring the new servo crate] · Source Following the initial release of the embeddable servo browser engine on crates.io, Simon tasked Claude Code for web with exploring its capabilities. The AI successfully generated a working Rust CLI tool called servo-shot for taking web screenshots. While compiling Servo itself to WebAssembly proved unfeasible due to its heavy use of threads and SpiderMonkey dependencies, Claude instead built a playground page utilizing a WebAssembly build of the html5ever and markup5ever_rcdom crates to parse HTML fragments.

Engineering Reads — 2026-04-14#

The Big Idea#

The defining characteristic of good software engineering isn’t output volume, but the human constraints—specifically “laziness” and “doubt”—that force us to distill complexity into crisp abstractions and exercise restraint. As AI effortlessly generates code and acts on probabilistic certainty, our primary architectural challenge is deliberately designing simplicity and deferral into these systems.

Deep Reads#

[Fragments: April 14] · Martin Fowler · Martin Fowler’s Blog Fowler synthesizes recent reflections on how AI-native development challenges our classical engineering virtues. He draws on Bryan Cantrill to argue that human “laziness”—our finite time and cognitive limits—is the forcing function for elegant abstractions, whereas LLMs inherently lack this constraint and will happily generate endless layers of garbage to solve a problem. Through a personal anecdote about simplifying a playlist generator via YAGNI rather than throwing an AI coding agent at it, he highlights the severe risk of LLM-induced over-complication. The piece then shifts to adapting our practices, touching on Jessitron’s application of Test-Driven Development to multi-agent workflows and Mark Little’s advocacy for AI architectures that value epistemological “doubt” over decisive certainty. Engineers navigating the integration of LLMs into their daily workflows should read this to re-calibrate their mental models around the enduring value of human constraints and system restraint.

Simon Willison — 2026-04-14#

Highlight#

Simon highlights a fascinating paradigm shift in AI security: treating vulnerability discovery as an economic “proof of work” equation where spending more tokens yields better hardening. This creates a compelling new argument for the enduring value of open-source libraries in the age of vibe-coding, as the massive cost of AI security reviews can be shared across all of a project’s users.

Posts#

[datasette PR #2689: Replace token-based CSRF with Sec-Fetch-Site header protection] · Source Simon has replaced Datasette’s cumbersome token-based CSRF protection with a new middleware relying on the Sec-Fetch-Site header, inspired by Filippo Valsorda’s research and recent changes in Go 1.25. This modern approach eliminates the need to scatter hidden CSRF token inputs throughout templates or selectively disable protection for external APIs. Interestingly, while Claude Code handled the bulk of the commits under Simon’s guidance with cross-review by GPT-5.4, Simon chose to hand-write the PR description himself as an exercise in conciseness and keeping himself honest.

Simon Willison — 2026-04-15#

Highlight#

The standout exploration today is Simon’s hands-on dive into Google’s new Gemini 3.1 Flash TTS API. It perfectly captures his rapid-prototyping ethos: encountering a surprisingly complex new prompting paradigm for an audio model and immediately using Gemini 3.1 Pro to “vibe code” a UI to stress-test regional British accents.

Posts#

Gemini 3.1 Flash TTS Google released Gemini 3.1 Flash TTS, an audio-only output model controlled via standard Gemini API prompts. Simon points out that the prompting guide is highly unusual, so he put it to the test by prompting for charismatic Newcastle and Exeter accents. To speed up his experimentation, he used Gemini 3.1 Pro to instantly vibe code a custom UI for the API.

Engineering Reads — 2026-04-16#

The Big Idea#

The economics and mechanisms of AI are fundamentally shifting how we approach computing problems, proving that raw inference scale won’t overcome hard reasoning bottlenecks in cybersecurity, while simultaneously collapsing the friction required to build hyper-personalized software.

Deep Reads#

AI cybersecurity is not proof of work · antirez · http://antirez.com/news/163 Finding software vulnerabilities with LLMs is fundamentally bottlenecked by a model’s intrinsic intelligence (“I”), not the sheer compute scale of sampling (“M”). Antirez argues against the cryptographic “proof of work” analogy where throwing more GPUs at a problem eventually guarantees a collision; in code analysis, a model’s execution branches and meaningful exploration paths quickly saturate. For complex vulnerabilities like the OpenBSD SACK bug—which requires chaining missing start-window validations, integer overflows, and specific branch conditions—a weak model run infinitely will never genuinely understand the exploit. While small models might guess the right answer through pattern-matching hallucinations, stronger models might actually report fewer bugs because they hallucinate less but still fall short of true causal comprehension. Security engineers and AI researchers should read this to understand why the future of automated vulnerability research relies on qualitative improvements in model reasoning, rather than just scaling inference.

Simon Willison — 2026-04-16#

Highlight#

The most fascinating takeaway today is a surprising win for local AI: a 21GB quantized Qwen3.6 model running on a laptop beat Anthropic’s brand-new Claude Opus 4.7 at Simon’s “pelican riding a bicycle” SVG generation benchmark. This result leads Simon to conclude that his joke benchmark’s long-standing correlation with a model’s general utility has finally broken down.

Posts#

Qwen3.6-35B-A3B on my laptop drew me a better pelican than Claude Opus 4.7 · Source Simon put the day’s two major model releases—Alibaba’s Qwen3.6-35B-A3B and Anthropic’s Claude Opus 4.7—through his infamous “pelican riding a bicycle” SVG generation benchmark. Running locally on a MacBook Pro via LM Studio, the quantized Qwen model produced a better bicycle frame than Opus, and even won a “secret backup test” generating a flamingo riding a unicycle. Simon admits this breaks the historical correlation between his SVG benchmark and a model’s general usefulness, noting he highly doubts the 21GB local model is actually more capable than Anthropic’s proprietary flagship.