While AI tools are lowering the barrier to development, the gap between speed and manageability is growing. In just over a year and a half, AI code assistants have grown from an experiment to an integral part of modern development environments. They are driving strong productivity growth, but organizations are not keeping up with the associated security and governance issues.
"A lot of these AI businesses are looking for readily available, structured databases of content," Robert Hahn, head of business affairs and licensing for The Guardian, told . "The Internet Archive's API would have been an obvious place to plug their own machines into and suck out the IP."
Gentoo's official migration from Microsoft-owned GitHub to Codeberg is underway, as the Linux distribution fulfills a pledge to ditch the code shack due to "continuous attempts to force Copilot usage for our repositories." The decision was made public last month, when Gentoo confirmed it intended to migrate repository mirrors and pull request contributions to the new home. On February 16, the organization revealed it now had a presence on Codeberg, where contributions could be submitted.
Dependabot sounded the alarm on a large scale. Thousands of repositories automatically received pull requests and warnings, including a high vulnerability score and signals about possible compatibility issues. According to Valsorda, this shows that the tool mainly checks whether a dependency is present, without analyzing whether the vulnerable code is actually accessible within a project.
On 13 January 2026, Bandcamp published "Keeping Bandcamp Human", declaring that "music and audio that is generated wholly or in substantial part by AI is not permitted on Bandcamp", alongside a strict prohibition on AI-enabled impersonation of other artists or styles. The post invites users to report releases that appear to rely heavily on generative tools, and it explicitly reserves the right to remove music "on suspicion of being AI-generated".
A few years ago, I put together what I felt was a truly innovative concept, which I presented in a conference poster at an international meeting in my field. After the presentation, I spoke to another early-career scientist about my work and how it might apply to their findings. Two years later, they scooped me by publishing a preprint paper that presented my idea, with many of the same verbal formulations and an identical flow of ideas, without any acknowledgement or attribution to my work.
AI coding tools have caused as many problems as they have solved, according to industry experts. The easy-to-use and accessible nature of AI coding tools has enabled a flood of bad code that threatens to overwhelm projects. Building new features is easier than ever, but maintaining them is just as hard and threatens to further fragment software ecosystems. The result is a more complicated story than simple software abundance.
New data is reinforcing a structural shift in how AI systems access publisher content: AI models are increasingly scraping publisher content, regardless of bot-blocking measures or content licensing deals meant to control usage, improve attribution or drive referral traffic. New research from analytics firms and bot-tracking companies shows AI tools are increasingly crawling publisher sites as inputs for AI-generated summaries and training, while sending back only limited referral traffic.
This extends to the software development community, which is seeing a near-ubiquitous presence of AI-coding assistants as teams face pressures to generate more output in less time. While the huge spike in efficiencies greatly helps them, these teams too often fail to incorporate adequate safety controls and practices into AI deployments. The resulting risks leave their organizations exposed, and developers will struggle to backtrack in tracing and identifying where - and how - a security gap occurred.
Software engineering didn't adopt AI agents faster because engineers are more adventurous, or the use case was better. They adopted them more quickly because they already had Git. Long before AI arrived, software development had normalized version control, branching, structured approvals, reproducibility, and diff-based accountability. These weren't conveniences. They were the infrastructure that made collaboration possible. When AI agents appeared, they fit naturally into a discipline that already knew how to absorb change without losing control.
The reason for this is Snap - a Linux application packaging format - creates a local Trash folder for each VS Code version, one that's separate from the system-managed Trash, according to a VS Code bug report dating back to November 11, 2024. Not only that, but Snap keeps older versions of VS Code after updates, potentially multiplying the number of local Trash folders and the trashed-but-not-deleted files therein. Emptying the system Trash folder doesn't affect the local instances.
One thing I always do when I prompt a coding agent is to tell it to ask me any questions that it might have about what I've asked it to do. (I need to add this to my default system prompt...) And, holy mackerel, if it doesn't ask good questions. It almost always asks me things that I should have thought of myself.
Central to the GA release is Agentic Chat. This functionality builds on the previously introduced Duo Chat but goes a step further by leveraging context from virtually every part of GitLab. Think of issues, merge requests, CI/CD pipelines, and security findings. Agentic Chat can not only advise, but also actually perform actions on behalf of developers, depending on the rights and approvals that have been set.
