In the tech world, there is a constant flow of changes and keeping up with them means the choice for tools and technologies which are the most appropriate to invest your time in. In 2025 the best programming language or technology stack to learn really depends on your personal aims, hobbies, and apps you are going to create.
The interest in Java is dropping. February 2025 TIOBE programming community index. C++, which has long been the cornerstone of system programming and performance-critical applications, has officially overtaken Java to take second place in the TIOBE programming language popularity index. A new report from the Java vendor Azul claims that 88% of companies are considering moving off of Oracle Java to another alternative as a result of rising costs and restrictive policies from Oracle, among other issues.
The growing trend in the world of software development: speed matters. C++, Go, and Rust are gaining popularity because the need for computing power increases faster than speed of CPUs is increasing, sothere is a growing interest to the fast programming languages. While C++ is establishing itself, other fast languages are making significant strides. Go continues its top 10 ranking, while Rust has reached an all-time high.
Python still holds its place at the top of the programming world. Since the number of trained experts in the software industry is not enough to cover the growing need, professionals from many other fields are taking over programming skills with the help of Python. This ensures that Python maintains its position even as speed continues to be emphasized in programming language choices. Programs written with Python are often notoriously slow and inefficient. Python 3.14, due out later this year, is set to receive a new type of interpreter that can boost performance by up to 30% with no changes to existing code. Write Python like it’s 2025 and check Python Libraries That Will Make You Feel Like a Data Wizard.
There are also innovative alternatives to the popular languages are gaining steam—and one of them could be the perfect fit for your next project. Top programming languages to learn in 2025: Python, JavaScript, Rust, and more – maybe also Go. Check out also those 11 cutting-edge programming languages to learn now or decide it is better for you to not going to learn a new programming language this year.
Microsoft is actively pushing Visual Studio Code extensions for many uses and even replacing existing separate tools. GitHub Copilot is advertised as your AI pair programmer tool in Visual Studio Code. Check the Best VS Code Extensions to Boost Your Productivity.
Best Backend Frameworks for 2025: A Developer’s Guide to Making the Right Choice The stakes for choosing the right backend framework have never been higher. With the explosion of AI-powered applications, real-time processing requirements, and microservices architectures, your framework choice can make or break your project’s success.
Artificial intelligence (AI) is accelerating at an astonishing pace, quickly moving from emerging technologies to impacting coding a lot AI tools have come heavily to the coding. Coders use AI to help their coding in many ways. You can write code quickly. How to refactor code with GitHub Copilot. How To Build Web Components Using ChatGPT. There are also warnings that Using GitHub Copilot is one sure-fire way to never actually learn how to do coding.
The web has come a long way from static HTML pages to dynamic and highly interactive applications. When traditional JavaScript-based web apps struggle with performance-intensive tasks, WebAssembly (WASM) promises to enable near-native performance on the web. Read Why WebAssembly (WASM) is the Future of High-Performance Web Apps.
JavaScript in 2025 will see advancements in serverless architectures, integration with WebAssembly, adoption of microfrontends, and more. JavaScript is also a fighting field. Deno filed a petition with the United States Patent and Trademark Office to cancel Oracle’s trademark in November 2024. Oracle will not voluntarily release its trademark on the word “JavaScript”. Building Modern React Apps in 2025 – A Guide to Cutting-Edge Tools and Tech Stacks
The open source, cross-platform JavaScript runtime environment Node.js will soon support TypeScript by default, without extra configuration. Node 23 will be able to run TypeScript files without any extra configuration. Express is an extremely commonly used web server application framework in Node.js.
Open Source in 2025: Strap In, Disruption Straight Ahead article takes a look for new tensions to arise in the New Year over licensing, the open source AI definition, security and compliance, and how to pay volunteer maintainers. For good news check out Top Open Source Projects to Watch in 2025 and 13 top open-source tools you must use for your next big project in 2025.
The Mobile Development Tech Stack for 2025 selection is important because the right tech stack can make or break your mobile app. The mobile development tech stack for 2025 is rich with opportunities.
Must-Know 2025 Developer’s Roadmap and Key Programming Trends article says that in the world of coding trends, one thing is clear: classic languages like Java, Python, and JavaScript are still important, but they’re being joined by new favorites such as Go and Rust. And when you ask “Is JavaScript or Python 2025?” the answer is rarely simple – and could be that you need both.
Here are some points:
Python’s Growth in Data Work and AI: Python continues to lead because of its easy-to-read style and the huge number of libraries available for tasks from data work to artificial intelligence. Tools like TensorFlow and PyTorch make it a must-have.
JavaScript and Its Ongoing Role in Building Website: JavaScript (and by extension, TypeScript) is the basic building block. JavaScript is still essential for web work, running both the parts you see on a site and the behind-the-scenes work, but many coders are now preferring TypeScript for business projects. Try building a small web app using React.
The Rise of Go and Rust: For those looking at future coding languages 2025, Go and Rust are getting a lot of attention.
Java, C++, and C#: The Reliable Favorites: Even in 2025, there’s no ignoring that languages like Java, C++, and C# are still important. Java continues to be a top choice for large business applications and Android app development, while C++ is key in systems work and game development.
There are several shifts that every aspiring coder should keep in mind:
Adding Artificial Intelligence to Coding: The future of coding is closely linked with AI
Building for the Cloud: With cloud computing becoming common, languages that handle many tasks at once and run fast (like Go and Rust) are more important than ever.
The Need for Full-Stack Skills: Coders today are expected to handle both the front part of websites and the back-end work. JavaScript, along with tools like Node.js and modern front-end libraries, is key.
Focus on Safety and Speed: With online security becoming a big issue, languages that help avoid mistakes are getting more attention. Rust’s features that prevent memory errors and Go’s straightforward style are good examples.
Keep Learning and Stay Flexible: One thing that never changes in tech is change itself. What is popular in 2024 might be different in 2025.
Here’s a simple table that sums up some facts in plain language:
| Language | 2025 Trend | Main Advantage | Resource Link |
|---|---|---|---|
| Python | Leads in data work and AI | Easy to read, lots of tools | GeeksforGeeks |
| JavaScript | Essential for building websites | Works everywhere on the web | Snappify |
| TypeScript | Becoming popular in large projects | Helps catch errors early | Fullstack Academy |
| Go | Growing quickly in cloud computing | Fast and handles many tasks at once | Nucamp |
| Rust | New favorite for safe, low-level coding | Prevents common memory mistakes | The Ceres Group |
| Java | Still important for big business and Android work | Runs on many types of systems | Wikipedia |
Best Dev Stacks to Learn in 2025lists the top development stacks for 2025 to be:
1. MERN Stack (MongoDB, Express.js, React, Node.js)
2. MEVN Stack (MongoDB, Express.js, Vue.js, Node.js)
3. JAMstack (JavaScript, APIs, Markup)
4. T3 Stack (Next.js, TypeScript, tRPC, Tailwind CSS, Prisma)
5. Flutter Stack (Flutter, Firebase)
6. PERN Stack (PostgreSQL, Express.js, React, Node.js)
7. Django Stack (Django, PostgreSQL, React/Angular)
8. DevOps Stack (Docker, Kubernetes, Jenkins, Terraform)
9. AI/ML Stack (Python, TensorFlow, PyTorch, FastAPI)
10. Blockchain Development Stack (Solidity, Ethereum, Hardhat)
11. Spring Boot + React Stack
10 hot programming trends — and 10 going cold
Hot: Repatriation
Not: Cloud bills
Hot: AI partners
Not: Human pair programming
Hot: Rust
Not: C/C++
Hot: Wasm
Not: Interpreters
Hot: CPUs
Not: GPUs
Hot: Zero-knowledge proofs
Not: Digital signatures
Hot: Trustworthy ledgers
Not: Turing-complete ledgers
Hot: GraphQL
Not: REST
Hot: Static site generators
Not: Single-page apps
Hot: Database configuration
Not: Software programming
What’s trending in Software-driven Automation (SDA) in 2025? Here are some predictions:
1. Virtual Safe Control – A new and novel concept introduced by CODESYS and SILista, making it possible to implement Functional Safety controller reaching SIL2 or even SIL3 level, using generic hardware with help of software virtualisation. This will significantly decrease cost of hardware and speed up development cycle.
2. Open platforms – This trend started already last year, and now we’re seeing more and more automation vendors coming this way. #ctrlXOS opened the game, and there are other vendors like Phoenix coming the same way with their PLCnext Virtualised.
3. Model-based Design (MBD) – An old concept but not yet fully utilised in development. Maybe because lack of well integrated toolchains in the past. But now we’re seeing more and more industrial players adopting the methodology in their product development.
4. AI, of course, but how? Naturally AI can assist in efficient software development and testing. Also some algorithm optimisation and condition monitoring with AI and ML has been seen.
898 Comments
Tomi Engdahl says:
Researchers want to kill the vibe, propose better model for AI coding
MIT researchers offer cure for illegible software
https://www.theregister.com/2025/11/07/researchers_detail_legible_software_model/
Tomi Engdahl says:
The approach is detailed in a paper authored by MIT’s Eagon Meng and Daniel Jackson, titled “What You See is What it Does: A Structural Patten for Legible Software”. They flag up the problem of “illegible” modern software, which lacks “direct correspondence between code and observed behavior”.
Modern software is often, also, “insufficiently modular” they continue, “leading to a failure of three key requirements of robust coding”: incrementality, integrity, and transparency.
https://www.theregister.com/2025/11/07/researchers_detail_legible_software_model/
Tomi Engdahl says:
How I Use AI to Build Frontend Apps: My Candid, Messy Process
https://dev.to/blockopensource/how-i-use-ai-to-build-frontend-apps-my-candid-messy-process-3ehk
Tomi Engdahl says:
The future of programming and the new role of the programmer in the age of AI
https://www.cio.com/article/4085335/the-future-of-programming-and-the-new-role-of-the-programmer-in-the-ai-era.html
With AI platforms becoming high-level frameworks, engineers’ true value will not lie in memorizing syntax, but in orchestrating complex AI workflows, integrating services, and, above all, formulating the right questions.
Tomi Engdahl says:
TanStack Start: A New Meta Framework Powered by React or SolidJS
https://www.infoq.com/news/2025/11/tanstack-start-v1/
Tomi Engdahl says:
The best free AI for coding in 2025 – only 3 make the cut now
I’ve been subjecting AI models to a set of real-world programming tests for over two years. This time, we look solely at the free offerings. There are three worth your attention. The others, well, they need work
https://www.zdnet.com/article/the-best-free-ai-for-coding-in-2025-only-3-make-the-cut-now/
I’ve been around technology long enough that very little excites me, and even less surprises me. But shortly after OpenAI’s ChatGPT was released, I asked it to write a WordPress plugin for my wife’s e-commerce site. When it did, and the plugin worked, I was indeed surprised.
The arrival of coding agents
Then, in 2025, the world of AI-assisted coding intensified. Coding agents were introduced in the form of GitHub Copilot, Claude Code, Google Jules, and OpenAI Codex. For most of 2025, the AI companies have focused on integrating these agents into the programmer workflow, making them available in GitHub, the terminal, and in VS Code. This article helps to explain the range of AI coding tools available now:
Coding agents also started to get a lot more expensive. They take a lot of resources, and the AI companies are charging accordingly. My tests found that you can get about two days of use out of Codex using OpenAI’s $20/mo ChatGPT Plus plan, but if you want more, you need to spend $200/month for the Pro plan. Claude, Gemini, and Copilot follow similar cost structures.
That’s not to say it’s not worth it. Using the $20/month ChatGPT Plus plan, I did 24 days of coding in 12 hours. When I paid $200 for the ChatGPT Pro plan, I got 4 years of product development done in 4 days for $200, and I’m still stunned.
But not everyone wants to (or can) pay the AI fees. Fortunately, there are also free AI chatbots available. We’re changing the focus of this article a bit, from comparing LLM coding performance to comparing the performance of the free chatbots.
The short version
In this article, I’ll show you how each free chatbot performed against my tests. Performance was definitely not as good as the paid AI programs, but some of them weren’t bad. As a best practice, you’ll always want to test the results you’re given. You might also want to ask the AIs again if you don’t like the first results.
Best in show was Microsoft Copilot’s free version. I was deeply disappointed to find that Google’s Gemini chatbot turned in the worst results. Claude, widely known and loved among professional programmers for Claude Code, did not distinguish itself in free chatbot results.
Right after Copilot, scoring three correct out of four, were ChatGPT’s free tier and DeekSeek, the controversial AI out of China.
If you’re limited to using free chatbots, I’d recommend avoiding the free tiers of Claude, Meta, Grok, Perplexity, and Gemini.
Tomi Engdahl says:
Cursor Composer 1 vs Claude 4.5 Sonnet: The better coding model
https://composio.dev/blog/cursor-composer-1-vs-claude-4-5-sonnet-the-better-coding-model
Tomi Engdahl says:
https://wonderfulengineering.com/microsoft-is-discontinuing-one-of-its-oldest-office-apps-after-35-years/
Tomi Engdahl says:
https://www.reddit.com/r/rust/comments/1opluuh/i_made_a_pythonic_language_in_rust_that_compiles/
Tomi Engdahl says:
Hex Editor for Reverse Engineers, Programmers and people who value their retinas when working at 3 AM.
https://github.com/WerWolv/ImHex
Tomi Engdahl says:
https://snyk.io/news/snyk-launches-evo/
Tomi Engdahl says:
https://www.facebook.com/share/r/1SenBjzBYM/
I used to ship half-built, buggy apps w/ Ai too!
Building in Cursor would almost work… then loop, break, or ship vague, unusable code.
Constantly hallucinating and deleting my progress
But then I found a fix, I could now launch a new app every 4 weeks!
So what changed?
I wrote production-grade prompts
I gave Cursor a real blueprint to follow
I fed it PRDs (Product Requirement Docs) that spelled out features, file structure and how it should behave
Tomi Engdahl says:
https://python.plainenglish.io/8-python-visualization-tricks-that-make-data-pop-5585ea5f84d7
Tomi Engdahl says:
https://www.kdnuggets.com/top-5-agentic-coding-cli-tools
Tomi Engdahl says:
https://founderz.com/agent-a-thon-fz/?utm_medium=cpc&utm_source=facebook&utm_campaign=MSFT_AINSI-FN_LG_AGENT-A-THON&hsa_acc=214875694596136&hsa_cam=120238764501240768&hsa_grp=120238764501200768&hsa_ad=120238764501220768&hsa_src=fb&hsa_net=facebook&hsa_ver=3&fbclid=Iwb21leAOF6zFleHRuA2FlbQEwAGFkaWQBqyyFqLDwUHNydGMGYXBwX2lkDDM1MDY4NTUzMTcyOAhjYWxsc2l0ZQIyNQABHmQXTnJZXTS9lQ6HtJ1SEYu6zSWOi3WjyVTzmwC3GW4K8OXMk2CljKazFaLK_aem_K-0k96rINXbB8zuAIzC7Fw&utm_id=120238764501200768_v2_s14_e331_i20251115&utm_content=120238764501220768&utm_term=120238764501200768
Tomi Engdahl says:
https://madza.hashnode.dev/9-developer-productivity-tools-you-wish-you-knew-sooner
Tomi Engdahl says:
Stop using these outdated Linux commands before they cause problems
Linux offers many classic commands, but some are already outdated, insecure, or are now inefficient. We show you which commands you can leave behind and which you can switch to instead.
https://www.pcworld.com/article/2960504/old-insecure-inefficient-which-linux-commands-you-should-avoid-today.html
Table of Contents
egrep and fgrep
nslookup
ifconfig, route and netstat
iwconfig
scp
…
Tomi Engdahl says:
https://dawn.fi/uutiset/2025/11/16/suosituimmat-ohjelmointikielet-listaus
Tomi Engdahl says:
https://www.slashgear.com/2020363/vibe-coding-beginner-tips/
Tomi Engdahl says:
https://www.marktechpost.com/2025/11/15/how-to-build-memory-powered-agentic-ai-that-learns-continuously-through-episodic-experiences-and-semantic-patterns-for-long-term-autonomy/
Tomi Engdahl says:
motulator: Motor Drive and Grid Converter Simulator in Python
This open-source software includes simulation models and control methods for electric machine drives and grid converter systems. The machine models include an induction machine, a synchronous reluctance machine, and a permanent-magnet synchronous machine. For modeling grid converter systems, various subsystem models are provided, such as an LCL filter connected to an inductive-resistive grid.
https://aalto-electric-drives.github.io/motulator/
Tomi Engdahl says:
From vibe coding to context engineering: 2025 in software development
2025 has seen a significant shift in the use of AI in software engineering— a loose, vibes-based approach has given way to a systematic approach to managing how AI systems process context.
https://www.technologyreview.com/2025/11/05/1127477/from-vibe-coding-to-context-engineering-2025-in-software-development/
Tomi Engdahl says:
https://www.infoworld.com/article/4081105/revisiting-mojo-a-faster-python.html
Tomi Engdahl says:
https://python.plainenglish.io/12-python-scripts-to-automate-your-daily-tasks-dad1e42eb05d
Tomi Engdahl says:
Interaction Design
Academy Handbook
September 4, 2025
The Interaction Design Academy Handbook is a practical and actionable guide – by designers for designers.
https://www.reaktor.com/whitepaper/interaction-design-academy-handbook
Tomi Engdahl says:
Rakettiwebinaari: Kuka ohjaa tuotekehitystä?
https://www.youtube.com/watch?v=8XOoyeDcgm8
Tomi Engdahl says:
toon Bad
Yaml Worse
Xml Worst
Tomi Engdahl says:
Vibe coding: What is it good for? Absolutely nothing (Sorry, Linus)
Coding purists once considered BASIC harmful. AI can’t even manage that
https://www.theregister.com/2025/11/24/opinion_column_vibe_coding/
Opinion It is a truth universally acknowledged that a singular project possessed of prospects is in want of a team. That team has to be built from good developers with experience, judgement, analytic and logic skills, and strong interpersonal communication. Where AI coding fits in remains strongly contentious. Opinion on vibe coding in corporate IT is more clearly stated: you’re either selling the stuff or steering well clear.
The reasons are simple. Code generation is sold on promises of fast results from natural language prompts, not requiring specialist knowledge of how code actually works. This much is somewhat true, and impressive two-minute demos, if well chosen, are certainly possible. In this respect, vibe coding is much like the low-code/no-code movement that’s been around for 30 years.
Vibe coding really falls down thereafter because it is non-deterministic. Low/no-code platforms have consistency in how their interface responds to user input. Iterative tweaking works, from fiddling with fonts to restarting with a completely new approach. Vibe coding may give you different results over time for exactly the same prompts.
If there aren’t many production apps under the low/no-code banner after 30 years, the prospects for vibe coding are dim indeed. Even if vibe coding fulfills its most basic function, of quickly producing a prototype model to explore ideas, it will hit the principle that prototypes can’t be killed, instead mutating into monsters. Once something looks functional, the pressure from outside to build on it immediately is usually immense. That’s bad enough in any environment, but the vibe really won’t dig it, man.
BASIC met criticisms similar to vibe coding back in the day, being seen as encouraging bad programming practices and unstructured, impenetrable, unmaintainable code.
To get to the “doing something useful” stage in a modern computing environment means producing complex code with APIs and structures and no end of confectionery around the core logic. Hacking away at iterative prompts won’t build the internal framework of understanding that building code does, and without the dopamine hit of sudden understanding that fuels so many early coding experiences, the process won’t reward the autodidact to keep going for more of the same.
Vibe coding that doesn’t code would be a much better idea. Stuff that suggests where to start, what to learn, and helps build an environment where you can get results that quickly and clearly depend on discovering and trying out ideas. These tools exist already. They’re called books. They’re called tutorials.
If you don’t know much about the realities of coding, vibe coding sounds great. That’s one of generative AI’s biggest risk factors, the ability to inspire confidence independent of reality. Likewise, if you remember the days when you didn’t know much about coding, vibe coding sounds like a good way to help others take the same steps you did.
Tomi Engdahl says:
https://www.phoronix.com/news/Alex-Gaynor-Rust-Maintainer
Tomi Engdahl says:
https://www.makeuseof.com/linux-coming-for-windows-40th-birthday/
Tomi Engdahl says:
https://etn.fi/index.php/13-news/18200-kuka-tahansa-voi-kehittaeae-upeita-ohjelmistoja-lovable-hurmasi-slushin-jaelleen
Tomi Engdahl says:
https://github.com/radsecproxy/radsecproxy
Tomi Engdahl says:
https://fastapi.tiangolo.com/
Tomi Engdahl says:
Token-Oriented Object Notation (TOON) – Compact, human-readable, schema-aware JSON for LLM prompts. Spec, benchmarks, TypeScript SDK
https://github.com/toon-format/toon
Tomi Engdahl says:
The Tool Every Engineer Should Try: A Free AI IDE That Actually Works
https://www.elektormagazine.com/articles/google-antigravity-ide?fbclid=Iwb21leAOTKwRjbGNrA5Mq-2V4dG4DYWVtAjExAHNydGMGYXBwX2lkDDM1MDY4NTUzMTcyOAABHhOWtU6sSEIT6-v5f3SHXGSz6a8UD5XgYFCMpNZ6z7waJvo-Iq8YMzIKpLaG_aem_8Ovu_28akKdG7VrWy7hYNA
Google Antigravity IDE an AI-Driven Developer Environment — Free, Powerful, and Built to Supercharge Engineering Workflows
Introduction
Google Antigravity is a developer environment that is built around AI from the ground up. It’s like a super version of VS Code, but it works very differently inside. Instead of writing every line of code yourself, Antigravity uses an agent-first development model. You explain what you need, and the system creates agents that carry out the work. Because the tool is free, anyone can try it. After using it myself, it feels like a real upgrade for any engineer’s workstation.
What Makes Antigravity Different
Antigravity understands your entire project the moment you open a folder. It scans your files, understands the structure, and learns how the pieces connect. From there, you can ask it to add features, refactor older code, document missing parts, or even build entire modules. It also works very well with embedded and hardware workflows. You can drag in a sensor datasheet and ask it to generate a full driver for Arduino, Espressif ESP32, or STM32. It reads the registers, timing diagrams, and modes, then builds the whole library with examples
The real strength, however, is the agent system. Antigravity lets you create small agents that work like “mini employees.” Each one can take care of a single task. One agent can test the UI and fix bugs. Another can refactor the routes, and another one can update the documentation. While they work, you can focus on things that need your attention. It really feels like having a small team inside your IDE.
These agents do not just read your code. They also run and interact with your app. They open the web preview, click buttons, test forms, submit data, and report the results. If you approve their changes, they write the updates for you.
Tomi Engdahl says:
https://blog.frankel.ch/first-real-rust-project/
Tomi Engdahl says:
Zig lang is a modern, general-purpose, and statically typed systems programming language designed to be a simpler, safer, and more readable alternative to C. It is now moving away from Github to Codeberg for better privacy and safety and most importantly get away from forced Copilot which Microsoft refused to turn it off.
Tomi Engdahl says:
Popular JavaScript library can be hacked to allow attackers into user accounts
News
By Sead Fadilpašić published 2 days ago
A package with 26 million weekly downloads carried a major flaw
https://www.techradar.com/pro/security/popular-javascript-library-can-be-hacked-to-allow-attackers-into-user-accounts
Tomi Engdahl says:
How Closures Work in JavaScript: A Handbook for Developers
https://www.freecodecamp.org/news/how-closures-work-in-javascript-a-handbook-for-developers/
If you’re learning JavaScript, you’ve probably heard the term “closure” at some point. In many developers’ experience, just hearing this word can trigger anxiety.
What is a Closure?
The word “closure” literally means a “bond” or “enclosure.” Think of it like keeping a variable safely locked away, just like storing something inside a box.
Even though the box is closed, you can still use its contents when needed. This is why it’s called a closure: because you keep a function’s variables enclosed in such a way that, even if the outside world cannot access them directly, the function itself can still use them whenever required.
Functions as Objects
In JavaScript, whenever you write a function, the function is actually treated as an object. Every function in JavaScript works as an object. Just as you can console.log an object to see it, you can also inspect a function.
Closures aren’t actually that complicated at all when you break them down. They just might seem harder to grasp while you don’t understand them clearly. Many articles or tutorials don’t explain the topic deeply, which leaves you confused, asking questions like, “What exactly is a closure?” or “What does it really mean?”
Tomi Engdahl says:
Cursor 2.0 IDE Is Now Supercharged With AI and I’m Impressed
The new version has been built for low-latency agentic coding within Cursor and was trained with several tools, including codebase-wide semantic search.
https://thenewstack.io/cursor-2-0-ide-is-now-supercharged-with-ai-and-im-impressed/
The Cursor IDE has been recently updated to version 2.0, and it carries with it some powerful AI integration. This new update landed at the end of October, and it includes a new feature called Composer, which is a frontier model that is purported to be four times faster than similar models.
The new version has been built for low-latency agentic coding within Cursor and was trained with several tools, including codebase-wide semantic search. This training makes Cursor much more capable of understanding and working with larger codebases.
Cursor 2.0 also has a new, cleaner interface, so it should be even easier to hit the ground running. You’ll also find plenty of agents to enable/disable, such as:
Composer 1
Sonnet 4.5
Gemini 3 Pro
GPT-5.1 Codex High
GPT-5.1
GPT-5.1 Codex Mini
Grok Code
Gemini 2.5 Flash
Deepseek V3.1
Ollama
GPT-5.1 Codex Fast
Other features found in Cursor 2.0 include:
Multiple agents (up to 8) can be run in parallel.
Combined diff view when using multiple agents.
New dedicated Agent view.
Support for multistep coding tasks.
Integrated Chrome DevTools.
Seamless switching between integrated and regular Chrome browser.
Teams can now define and share custom commands and rules to streamline workflows.
Built-in speech-to-text functionality.
Enhanced language-specific features to make it easier to navigate and debug code.
Shell commands run in a secure, sandboxed environment.
Installing Cursor
This is actually quite easy. If you’re using macOS or Windows, simply download the associated installer file, double-click it, and walk through the installation wizard. Simple.
For Linux, you’ll need to download the required installer (such as .deb or .rpm). If your distribution is set up properly, you might be given the option to open the file with your default app store.
Configuring Cursor
Cursor works right out of the box. In fact, I opened my Python project, opened the agent, typed my query, and let it do its thing.
However, you might want to take care of a few configurations. To access the settings, click the gear icon near the top right of the main window. This will open a new tab, where you will see all the available options.
Cursor Pricing
Here’s how the Cursor pricing breaks down:
Hobby (Free): One-week Pro trial, limited agent requests and limited tab completions.
Pro ($20/mo): Everything in Hobby plus extended limits on agent, unlimited tab completions, background agents and maximum context windows.
Pro+ ($60/mo): Everything in Pro plus three times usage on all OpenAI, Claude and Gemini models.
Ultra ($200/mo): Everything in Pro+ plus 20 times usage on all OpenAI, Claude and Gemini models, and priority access to new features.
Tomi Engdahl says:
https://python.plainenglish.io/50-python-tricks-every-data-scientist-should-know-cf72213ee477
Tomi Engdahl says:
How to Use Vibe Coding Effectively as a Dev
Ankur Tyagi
Ankur Tyagi
It may seem like everyone is a vibe coder these days, and prompting seemed like it would become the new coding. But is this AI-generated code really deployable?
https://www.freecodecamp.org/news/how-to-use-vibe-coding-effectively-as-a-dev/
With so many AI dev tools out there now, code reviews become more critical than ever.
This article will explore what vibe coding means and how code reviews should adapt in the era of AI.
How to Implement Vibe Coding in Practice
In practice, vibe coding usually involves using AI assistants and adapting your workflow to a more interactive, prompt-driven style.
Step 1: Choose an AI assistant
Select a development env that supports AI code generation. Popular choices include Cursor and GitHub Copilot.
Step 2: Define your requirements
For example, when I ran an SEO inspection for my website, DevTools Academy, I used this prompt in Cursor:
“Now, act as a senior product engineer and UX strategist. Evaluate and improve https://www.devtoolsacademy.com with a practical, no-fluff lens.
Scope:
UX
SEO and technical SEO
Positioning and messaging
Copywriting and information architecture
What to add to stand out in the developer tools space.”
This prompt works well because it gives the AI a clear role, a defined scope, and a specific intent. AI knows it’s not just fixing SEO but also reviewing how the site communicates value to devs. That combination of clarity and context produces actionable insights instead of surface-level suggestions.
Step 3: Review the code
AI will produce initial code based on your prompt. Think of this as a prototype – it’s not perfect. Run the code and see how it behaves.
Let’s look at an example: here, CodeRabbit is reviewing one of my pull requests on GitHub. I had pushed a small fix to sort blog posts correctly and make sure the RSS feed reflects the latest publish date. Within seconds, CodeRabbit analyzed the diff, understood the intent behind my change, and explained exactly what the new code does.
It pointed out that the fix now sorts posts before mapping them, uses the sorted data for both items and the lastBuildDate, and ensures proper chronological order throughout the feed.
Step 4: Validate, debug, polish
Once AI generated code meets your expectations, do a final review.
Throughout the process, the core idea is that you collaborate with the AI. The AI agent serves as a coding assistant, making real-time suggestions, automating tedious boilerplate, and even generating entire modules on your behalf.
Why Isn’t Vibe Coded Output Production Ready?
Vibe coding moves fast: you describe intent, the AI produces something that runs, and you’re off to the next prompt. What’s missing is the slow, unglamorous work that usually turns a draft into shippable software, like shared context, architectural alignment, verification, and documentation.
AI generates plausible code based on patterns it has seen. But it doesn’t understand your team’s history, your system’s constraints, or the implicit rules that keep everything coherent over time.
That mismatch shows up the moment a “works on my machine” demo meets a real codebase.
Context gaps are the first crack.
AI only sees what you show it, so it’s easy for it to make the right local choice and the wrong global one: duplicating logic that already exists, choosing defaults that conflict with prior decisions, or introducing functions that don’t respect domain boundaries.
The result is code that looks reasonable in isolation but collides with existing assumptions and conventions once integrated.
Those gaps lead directly to integration blind spots.
The most serious risk is security by omission.
AI rarely includes robust input validation, clear authentication and authorization paths, or rate limiting unless you spell it out. Secrets handling and logging tend to be superficial or missing. That leaves common exposure points like request handlers, job processors, and webhook endpoints without the checks that prevent injection, SSRF, mass assignment, or data exfiltration.
Testing and correctness evidence are thin.
Quality suffers in quieter ways, too. Beyond “it runs,” there’s little to demonstrate behavior across edge cases or to guard against regressions.
Performance and scalability remain unknowns: extra network calls, N+1 patterns, and quadratic loops sneak in because nobody measured them. Dependencies and environments drift as versions aren’t pinned, infrastructure isn’t declared, and configuration lives only in the author’s head, making behavior differ across machines and CI.
Operability lags behind.
A lack of metrics, missing health/readiness probes, and no runbook make failures harder to detect and slower to recover from. Add in data quality and compliance concerns (PII handling, encoding assumptions, transitive license obligations), and you have code that demos well but isn’t ready for production’s reliability, security, and audit demands.
In short, vibe-coded output accelerates drafting but skips the shared understanding and evidence that make software safe to ship
Guidelines for AI Code Reviews
Your team should keep pre-AI engineering standards as the bar, including security, tests, readability, maintainability, performance, and docs. AI should change how fast you gather the evidence for those standards, not how much evidence you require. In other words, use AI to accelerate the path to your existing bar, never to lower it.
Using AI, you can generate code at speed. But if reviews take the same amount of time (or more time), you lose some of the benefit.
That means layering in automation (tests, static analysis, secret scans, SCA) and AI-assisted review to catch obvious issues quickly so human reviewers can focus on intent, architecture, and risk.
Well-used assistants can help here. For example, tools like CodeRabbit, GitHub Copilot PR Reviewer, Claude Code, Cursor’s Bugbot, Graphite’s AI Review, and Greptile can highlight potential bugs, security gaps, style deviations, and mismatched intent, and summarize diffs for faster context. Treat these as accelerators for your existing process, not as replacements for judgment.
Code Review Process in Vibe Coding
The fundamentals of good code reviews haven’t changed – and in fact, they’re more critical now.
Below are some key principles to maintain speed without sacrificing quality.
1. Trust, but verify.
A reviewer usually assumes the author understands the system. With vibe-coded output, the “author” may be an AI with limited context. If something looks odd or unnecessary, question it. Run the code, add/execute tests, or ask the developer/AI for clarification on intent and constraints.
2. Don’t let reviews become a bottleneck.
Vibe coding generates code quickly. If human review takes as long as hand-writing the change, you’ve erased the gain.
Combat this by front-loading automation: run unit/integration tests, static analysis (lint/SAST), secret scans, SCA, and basic perf checks in CI to clear the noise. Then reviewers spend their time on design trade-offs, boundary cases, and risk. The balance is: high standards, faster evidence.
3. Use AI code reviews wisely
AI can help review code just as it helps generate it. Modern “pair reviewer” tools scan a PR and surface likely bugs, security issues, missing tests, or style violations in minutes plus give natural-language summaries of the change.
Tools you can consider include CodeRabbit, GitHub Copilot PR Reviewer, Claude Code, Cursor Bugbot, Graphite, and Greptile. Many integrate with the CLI/IDE and GitHub/GitLab to leave actionable comments
4. Human judgment is still irreplaceable.
Even the best AI reviewer is an assistant. Keep humans accountable for correctness, security posture, architectural fit, and user impact. A healthy pattern is AI first-pass > human second-pass that inspects invariants, failure modes, and long-term maintainability.
5. Maintain a high bar for quality.
It’s tempting to accept “it runs” when an AI wrote it. Don’t. Stakeholders still expect software to be robust, secure, and maintainable. Keep DRY, readability, and testability standards. Insist on input validation, authZ checks where relevant, and sensible logging/metrics. If you can’t provide evidence that you met the bar, you haven’t met it.
6. Educate and document
When reviewers find bugs or security flaws in AI-generated code, capture the lesson.
Update internal guides with patterns like “When generating handlers, validate and bound inputs, add rate limits, log request IDs, avoid N+1 queries, and sanitize user-visible output.” Over time, bake these into prompts, templates, repo scaffolds, and CI checks so the next AI draft starts closer to done.
Checklist for Reviewing AI Generated Code
Here’s a checklist a human reviewer should go through before approving vibe-coded output:
1. Define the code’s purpose (scope & non-goals).
Be explicit about what this change does and does not do. Tie it to a user story/ticket and call out non-goals so “helpful” AI changes don’t creep in.
2. Verify X and Y (behavior and edge cases).
Be clear about what you’re verifying. For example, verify input parsing and pagination boundaries, verify that error paths return the correct status and body, and verify that database writes are idempotent. Run existing tests, add missing unit/integration tests, and reproduce edge inputs (empty, null, huge, unicode).
3. Perform code-quality checks (readability, DRY, refactor needs).
AI often produces verbose or duplicated logic. Ensure names are meaningful, side effects are clearly stated, and duplication is removed or minimized. Run linters/formatters, collapse repetition, and extract helpers where they aid clarity.
4. Analyze organization and structure (make sure it fits the architecture).
AI writes code in isolation. Confirm the change uses existing utilities, layers, and boundaries (domain/services/controllers/jobs). Check imports and module placement, avoid reinventing existing helpers, and align with repository conventions.
5. Validate inputs and assumptions (make the implicit explicit).
List the assumptions the AI made (default locale/timezone, allowed ranges, required fields). Add schema validation (DTO/class validators/JSON Schema). Empty, null, over-max, non-ASCII, unexpected enum, malicious strings. And finally, enforce limits/timeouts
6. Perform security audits (minimum pass).
AuthN/AuthZ: Confirm endpoint checks identity and authorization paths; deny-by-default.
Inputs: Sanitize/validate inputs, prevent injection (SQL/NoSQL/command), and escape user-visible output.
Secrets: No secrets in code/diff/logs, use env/secret manager, and rotate any test keys.
Abuse controls: Add rate limits, size limits, and timeouts on network and disk operations. Run SAST/secret scan/SCA, and fix or justify findings.
7. Do a performance evaluation (right now, at a small scale).
Look for N+1s, needless network calls, unbounded loops, quadratic sorts. Add a micro-benchmark or run a quick load test for hot paths. Set sensible cache/timeout/retry with jitter where applicable.
8. Manage dependencies (pin, justify, minimize).
Review any new libraries. Are they necessary? Maintained? License compatible? Pin versions, add lockfiles, or remove unused transitive adds.
9. Review documentation (what to add and where).
Ensure the docs are in line with the code. AI often changes some parts or adds code blocks at different places while resolving various issues. These changes might not make it into the docs.
10. Observability (see problems early).
Use structured logs with request/trace IDs, key counters/timers (success/error/latency), health/readiness probes, and a basic dashboard or alert stub.
11. Compliance and data handling (when applicable).
Identify any personally identifiable information (PII), document collection/retention, ensure masking/redaction in logs, verify dependency licenses and data-residency constraints.
How to Work Effectively with AI Tools
At this point, you can probably see why it’s very important to understand the actual skills involved in AI-assisted development.
There’s a pretty big difference between an experienced developer who uses AI tools to help them get more done, and a newbie who thinks AI can build the next Facebook or Google just with a simple prompt.
An inexperienced dev will ask AI something like “Hey, Build me Twitter and make no mistakes”
But an experienced developer who has a solid fundamentals might say say something like:
“AI, we’re building a Twitter replica. Use $SQL_Database, Use $Language, Avoid $Common_Pitfalls, Follow $Standard_Practices.”
“The generated code is prone to X problem, implement this fix.”
“Implementation of $X is flawed because of $Y, do $Z instead.”
So as you can see, you still need to know the how’s and the why’s and what depends on what. Often you’ll just need to make the changes manually, because it will be faster. And you don’t want to outsource the critical thinking part, which is the part that AI can’t actually do.
LLMs are good at information retrieval. If you know nothing about what you’re looking for, then asking an AI isn’t going to be that helpful (or that reliable). But if you have an idea, some background knowledge/context, and the skills to verify AI’s responses, then it can be really helpful.
I draft with Claude Code (or Copilot/Cursor), open a PR, and let an AI reviewer like CodeRabbit (or Copilot PR Reviewer / Cursor Bugbot or Greptile) do the first pass. CI runs tests and scans.
I repeat until everything’s green and the PR is ready to merge. It’s fast, but it’s still disciplined.
Tomi Engdahl says:
The query language for modern APIs
https://graphql.org/
GraphQL is open source and trusted by the industry
Facebook’s mobile apps have been powered by GraphQL since 2012. The GraphQL specification was open-sourced in 2015. Now it is used by industry-leading companies worldwide and supported by the GraphQL Foundation, hosted since 2018 by the non-profit Linux Foundation.
GraphQL is an open‑source query language for APIs and a server‑side runtime. It provides a strongly‑typed schema to define relationships between data, making APIs more flexible and predictable. And it isn’t tied to a specific database or storage engine — it works with your existing code and data, making it easier to evolve APIs over time.
When to Use Which?
Use GraphQL if:
You have a complex frontend (React/Next.js).
Mobile clients need minimal data.
You need to fetch deeply nested data.
Schema typing is important.
Use REST if:
Your API is simple.
You rely heavily on HTTP caching.
You want minimal setup and simplicity.
You’re building public APIs.
Tomi Engdahl says:
https://react.dev/learn/creating-a-react-app
Tomi Engdahl says:
Näin rakennettiin sovellus koodaamatta riviäkään
https://etn.fi/index.php/13-news/18235-naein-rakennettiin-sovellus-koodaamatta-riviaekaeaen
Kaksi päivää ennen perheen lahjontaa eräs kehittäjä päätti kokeilla jotain poikkeuksellista: voisiko täysiverisen Secret Santa -sovelluksen rakentaa reilussa vuorokaudessa ilman, että ihminen kirjoittaa riviäkään koodia? Vastaus osoittautui myöntäväksi. Tuloksena syntyi SecretSantaDraw.ai, tuotantokelpoinen ja maksullinen web-sovellus, joka rakennettiin kokonaan tekoälyn avulla 36 tunnissa.
Kyse ei ollut AI:n tuottamasta staattisesta laskeutumissivusta, vaan monivaiheisesta, React-frontendin ja Node/Express-backendin sisältävästä palvelusta. Sovellus luo Secret Santa -arvonnan, huomioi pariskunnat, lähettää sähköpostit osallistujille, sisältää Stripe-pohjaisen maksuseinän ja suojaa käyttöä Google reCAPTCHA -tarkistuksella. Kaikki ominaisuudet julkaistiin AI-agenttien tuottamien pull requestien kautta, ilman käsin tehtyä koodausta.
Kokonaisuutta ohjasi CodeBoxxin Nicolas Genestin käyttämä ”AI-only software factory” -työskentelytapa. ChatGPT 5.1 toimi pääarkkitehtina, GitHub Copilot täydensi toteutuksia ja Claude-Code hoiti laajempia refaktorointeja. Ihmisen rooli rajoittui ainoastaan tuotepäälliköksi: kuvailemaan ominaisuuksia, arvioimaan PR-muutoksia ja hyväksymään mergejä.
Sovellus rakentui prompttien varaan. Kun kehittäjä kuvaili esimerkiksi “festivemäistä, animaatioilla höystettyä kolmivaiheista käyttöpolkua”, AI-generoi React-komponentit, tilanhallinnan, tyylit ja animaatiot. Kun hän antoi ohjeen “tee pariskuntia huomioiva derangement-algoritmi”, ChatGPT loi valmiin backend-toteutuksen, joka läpäisi testit ilman manuaalisia korjauksia.
Myös julkaisuympäristö syntyi automaattisesti. Tekoäly rakensi DigitalOcean App Platform -määrittelyt, ympäristömuuttujat, SMTP-konfiguraation ja kunnontarkituksen. Dokumentaatio, ohjeet ja curl-esimerkit generoitiin samalla tavalla PR-prosessin kautta.
Kokeilu osoittaa, miten nopeasti ohjelmistokehityksen roolit ovat muuttumassa. AI ei vielä korvaa kehittäjiä, mutta siirtää fokuksen syntaksista suunnitteluun, validointiin ja tuotearkkitektuuriin.
Tomi Engdahl says:
https://secretsantadraw.ai/
Tomi Engdahl says:
Yksikin hallusinoitu C-koodirivi voi rikkoa muistin
https://etn.fi/index.php/opinion/18250-yksikin-hallusinoitu-c-koodirivi-voi-rikkoa-muistin
Tekoälyn vaikutukset koodaamiselle ovat mullistavia, mutta uusi työkalu tuo mukanaan uusia riskejä. Sulautetuissa järjestelmissä yksikin hallusinoitu C-rivikomento voi rikkoa muistin, häiritä keskeytysrutiinia tai aiheuttaa määrittelemätöntä käyttäytymistä, kirjoittaA NewRocketin toimitusjohtaja Frank Palermo.
Tekoälyn ympärillä vellova hype on synnyttänyt laajoja ennusteita ohjelmoinnin lopusta ja insinöörien roolien hiipumisesta. Niille ihmisille, jotka rakentavat järjestelmiä päivittäin, nämä väitteet eivät kuitenkaan heijasta todellisuutta, joka teknisissä tiimeissä parhaillaan muotoutuu. Tekoäly muuttaa työtä mutta ei otsikoiden väittämillä yksinkertaistetuilla tavoilla.
Tekoäly nopeuttaa joitakin tehtäviä, monimutkaistaa toisia ja siirtää vastuuta yhä ylemmäs tasoille, joihin suurin osa organisaatioista ei ole vielä sopeutunut. Tekoäly ei korvaa insinöörejä tai ohjelmoijia. Se muuttaa sitä, mistä he ovat vastuussa.
Selvin muutos näkyy kehityksen alkuvaiheessa. Suuret kielimallit pystyvät tuottamaan valmispohjia, luonnostelemaan matalan tason koodia ja jopa ehdottamaan yksikkötestejä. GitHubin tutkimuksen mukaan kehittäjät, jotka käyttivät GitHub Copilotia, suorittivat koodaustehtäviä 55 prosenttia nopeammin kuin ne, jotka eivät käyttäneet. Insinöörit eivät aloita projekteja enää tyhjällä tiedostolla vaan tekoälyapurin tuottamalla luonnoksella. Mutta vaikka työ tuntuu hetkellisesti nopeammalta, validointi hidastuu. Tekoälyn tuottama koodi vaatii huomattavasti enemmän läpikäyntiä, syvempää testausta ja tiukempaa tietoturvatarkastelua.
Sulautetuissa järjestelmissä yksikin hallusinoitu C-rivikomento voi rikkoa muistin, häiritä keskeytysrutiinia tai aiheuttaa määrittelemätöntä käyttäytymistä, joka ei koskaan näy mallin synteettisessä kehitysympäristössä. Tekoäly auttaa luomaan koodia, mutta se ei auta varmistamaan ajoituskäyttäytymistä, muistiturvallisuutta tai luotettavuutta kenttäolosuhteissa.
Laitesuunnittelijat näkevät jo nyt joitakin konkreettisimmista tuottavuushyödyistä. EDA-valmistajat hyödyntävät koneoppimista kaavioanalyysissä, sijoittelussa ja reitityksessä sekä ajoitusoptimoinnissa. Synopsys on raportoinut, että tekoälyavusteiset suunnittelutyövirrat saavuttavat jopa 3-kertaisen nopeuden suunnittelutilan tutkimisessa perinteisiin menetelmiin verrattuna.
Myös virheenkorjaus on muuttunut. Perinteinen debuggaus perustuu loogisten virheiden jäljittämiseen ja järjestelmän tilan analysointiin. Tekoäly tuo mukaan uuden tulkintakerroksen. Insinöörien on arvioitava, ovatko mallin ehdotukset järkeviä, turvallisia tai kattavia – ja korjattava hienovaraiset tai harhaanjohtavat tulokset. Debuggaus muuttuu hybridiksi tehtäväksi, joka vaatii sekä teknistä tarkkuutta että kasvavaa kyvykkyyttä mallien tuottamien tulosten auditointiin. Tekoäly voi ehdottaa suuntia, mutta insinöörit päättävät, ovatko nuo suunnat todellisuuspohjaisia.
Dokumentaatio ja perehdytys kokevat myös muutosta. Tekoäly voi tuottaa luettavaa dokumentaatiota koodipohjista, tiivistää arkkitehtuuripäätöksiä ja automatisoida osia perehdytysprosessista. Tämä vähentää sisäistä hallinnollista työtä ja auttaa juniorikehittäjiä sopeutumaan nopeammin.