disposable code and immutable infrastructure parallels

Charity Majors: disposable AI code requires immutable-infrastructure discipline to stay safe IT Revolution
TL;DW
  • Cost of software is defined by maintenance cost, not whether AI generates it; disposable code has low maintenance burden by design.
  • Trust in code builds over time through production exposure—no test suite matches two years of proven stability in production.
  • Immutable infrastructure lesson: mutability is the enemy of understanding; systems edited in-place fail in hard-to-diagnose, hard-to-reproduce ways.
  • Regenerate what you've defined, not patch what you haven't: stop maintaining hand-crafted artifacts, treat them as cache.
  • Code becomes replaceable cache when you specify commitments, evaluate them, and monitor continuously—not by rewriting in place.
  • Testing in production with feature flags, granular observability, and rollback paths enables safely deploying fresh code.
  • Undetected behavior change, performance regressions, and silent drift—not code newness—cause failures; new code with strong contracts is safer than old code without them.
  • Engineering and management must align on AI adoption: suppress engineer skepticism and you push honest skeptics into reflexive anti-AI corners.
  • Different system layers can safely change at different rates; databases and user-facing contracts require stable boundaries; internal logic can be disposable.
  • Managers forcing adoption without walking in engineers' shoes risk long-term resentment if wrong; bring skeptics along by showing hands-on evidence, not issuing mandates.

Majors maps the handcrafted-server-to-immutable-infra shift onto durable vs. disposable code, arguing mutability is the enemy of understanding in both domains. Safe high-velocity replacement requires stable interfaces, strong specs, continuous observability, granular feature flags, and clear rollback paths—not just AI-generated output.

self-efficacy as AI productivity multiplier

Narrow engineering specialization leaves AI tools with nothing to amplify, research finds IT Revolution
TL;DW
  • Self-efficacy—belief in capability to solve hard problems—predicted productivity gains 10x more strongly than any demographic or tool choice in a 158-engineer study across 28 countries.
  • Only 5% of AI tool users employ sophisticated strategies despite 90% adoption, per KPMG/UT Austin analysis of 1.3M code products—most miss productivity gains.
  • Specialized engineering roles (frontend/backend/QA separate) trap engineers in single automatable tasks; AI amplifies existing capabilities but cannot amplify what isn't there.
  • Mastery experiences—succeeding at challenging tasks you weren't sure you could do—build self-efficacy most powerfully; narrow roles reduce these opportunities.
  • 84% of engineers reported improved productivity with AI, yet 27% simultaneously reported worsening developer experience—productivity and capability are decoupling.
  • Broadening engineer scope (customer calls, on-call rotations, full lifecycle work) before adding AI tools likely unlocks amplification of diverse skills and experiences.
  • Leaders designing systems of work may themselves lack experience in broader engineering roles, limiting their ability to redesign roles that allow larger problem ownership.
  • Assisted capability through AI delegation differs from mastery; overreliance on AI completion may not build foundations for tomorrow's AI to amplify.
  • Self-efficacy deserves organizational focus despite being rarely discussed in productivity metrics; it appears central to sustainable AI-driven gains.
  • Systems are perfectly designed to produce their current results; productivity gaps may reflect role narrowness rather than adoption gaps or tool limitations.

Annie Vella's research shows self-efficacy predicts AI productivity gains better than tool choice or seniority—engineers who feel capable report 10x higher gains. The core problem: atomized roles (frontend, QA, platform) eliminate the cross-domain mastery experiences that build self-efficacy, so AI amplifies nothing. Fix is widening scope before adding tools.

agentic software factory at scale

Sky Point replaces 100 legacy healthcare SaaS vendors by shipping AI agents daily IT Revolution
TL;DW
  • SkyPoint replaced ~100 legacy SaaS vendors with AI-coded agentic products shipping daily instead of every two weeks.
  • Prior authorization agent (SkyO) eliminated denials by automating medical history validation, enabling patients to receive procedures same-day instead of rescheduling.
  • Engineers reported 5-12x output improvement post-AI-coding, but biggest frustration was cleaning up AI errors—solved via common UI and logging libraries.
  • R&D costs dropped 50% while shipping 20+ products; customer success and education costs rose as businesses needed internal champions to adopt agents.
  • Small product teams (2-3 engineers) outperformed larger teams; added headcount decreased velocity and output value per product.
  • Context collapse remains unsolved—agents still lack sufficient understanding of system state despite improvements in memory and telemetry capabilities.
  • Transitioned from analytics (dashboards nobody acted on) to agentic apps that perform actual work, creating direct customer exposure and measurable business value.
  • Deleted code exceeds added code by 3-4x monthly, indicating continuous refactoring required in daily-release SDLC with no traditional PRDs.
  • Compliance-as-code testing automated privacy and policy checks; built guardrails using Codex for validation checkpointing in high-trust R2 environments.
  • Cloud Code SDK serves as library within products; memory, messaging, and multi-channel integration (SMS, calls, Slack) coordinate agent workflows at scale.

CEO Tisson Mathew details the pivot from a quarterly analytics dashboard to an AI-native factory deploying agentic workflows—prior auths, referrals, consent forms—across 1,100 healthcare locations. Results: 5-12x engineer productivity, 50% lower R&D costs, 20+ products built by 2-3 person teams via daily GitHub Actions releases.

AI-accelerated zero-day vs. patch capacity gap

Linux Foundation: AI finds zero-days faster than patches ship, pushing mean time to exploit negative The Linux Foundation
TL;DW
  • AI models now find zero-day vulnerabilities before patches deploy, with exploitation occurring an average of 7 days before patches release, flipping the historic defender advantage.
  • Anthropic's Claude model found thousands of zero-days in weeks; its mythos variant produced working shell exploits 181 of several hundred attempts against Firefox JavaScript engines.
  • Open source dominates the AI stack across five layers: infrastructure (Linux/Kubernetes), training (PyTorch), inference (VLM/Ray), models (openweight models now lag frontier models by only 3-6 months, down from 1+ year), and agents (MCP protocol).
  • Open-weight models save enterprises approximately $25 billion collectively versus proprietary frontier models while achieving 90% performance parity within 3-6 months.
  • AI agents are dramatically increasing code production, not reducing developer demand; GitHub projects and code generation surged after November 2024 when coding AI reached competency parity with humans.
  • Data remains the major vulnerability in open source: training datasets are increasingly closed, fragmented by regional governments, and protected by paywalls, requiring collective data-sharing consortiums.
  • Open data sharing through models like Overture Maps Foundation (geospatial data shared by Meta, Microsoft, Amazon, TomTom) demonstrates viability of multi-billion-dollar data pooling at Linux Foundation scale.
  • Technical debt from 30 years of prioritizing features over security now requires coordinated remediation via AI-assisted testing, package signing standards, SBOMs, and supply chain artifact standards (SLSA).
  • Linux Foundation's Project Glasswing provides defender-exclusive early access to frontier AI models for vulnerability discovery before public release, establishing defensive parity against attackers.
  • Solving the security crisis requires collective will, not new technology: coordinated vulnerability disclosure, maintainer funding, AI-integrated development workflows, and 3-6 month remediation timeline before exploits escalate.

Jim Zemlin warns that a single frontier model discovered thousands of zero-days in weeks, and exploitation now precedes patches by a measurable margin. He calls for coordinated industry response: mandatory SBOMs, package signing, defensive AI in CI pipelines, and sustained maintainer funding to rebalance attacker-defender asymmetry.

OS primitives for agent exploration

Linux Foundation proposes branch() syscall + BranchFS for parallel AI agent exploration The Linux Foundation
TL;DW
  • Linux fork-explore-commit primitive combines copy-on-write filesystem with process isolation to enable safe parallel exploration for AI agents without root privilege.
  • BranchFS implements file-level copy-on-write in userspace; achieves 80% of native ext4 throughput with kernel 6.9+ pass-through optimization, microsecond-level copy overhead.
  • Proposed branch() system call provides atomic operations combining filesystem branching, process group isolation, and memory branching for reliable agent exploration.
  • First-commit-wins design avoids merge conflicts between parallel branches, simplifying AI agent exploration compared to Git-style conflict resolution.
  • BranchFS supports hierarchical nesting—branches can create sub-branches recursively—enabling tree-of-thought and multi-level reasoning patterns for AI agents.
  • Python BranchContext library abstracts Linux system calls; developers implement high-level logic without managing filesystems, processes, or kernel primitives directly.
  • Seven agentic patterns implemented: battle-of-strategies, speculative execution, tree-of-thoughts; enable agents to try parallel solutions and commit only the best result.
  • File-level COW suitable for coding agents that modify few files; 1MB copy costs ~200 microseconds, negligible compared to LLM inference time bottleneck.
  • Existing Linux primitives (overlay FS, BTRFS, namespaces) lack atomic composition; no single operation safely combines file isolation, process isolation, and nested branching.
  • Branch context is also useful as try-and-rollback mechanism for human developers in CI/CD pipelines, beyond agent-specific exploration scenarios.

BranchFS is a unprivileged copy-on-write filesystem that pairs with a proposed branch() syscall to give AI agents atomic fork-explore-commit semantics with nested branching and first-commit-wins conflict resolution. Benchmarks show branching in microseconds and filesystem throughput at 80%+ of native ext4.