Among other things, this includes the ability to trace code from source to binary packages across both platforms, single sign-on support and unified project structures.
© 2024 TechCrunch. All rights reserved. For personal use only.
OpenAI’s Superalignment team, responsible for developing ways to govern and steer “superintelligent” AI systems, was promised 20% of the company’s compute resources, according to a person from that team. But requests for a fraction of that compute were often denied, blocking the team from doing their work. That issue, among others, pushed several team members […]
© 2024 TechCrunch. All rights reserved. For personal use only.
OpenAI’s Superalignment team, responsible for developing ways to govern and steer “superintelligent” AI systems, was promised 20% of the company’s compute resources, according to a person from that team. But requests for a fraction of that compute were often denied, blocking the team from doing their work. That issue, among others, pushed several team members […]
© 2024 TechCrunch. All rights reserved. For personal use only.
Firebase Genkit is an open source framework that enables developers to quickly build AI into new and existing applications.
© 2024 TechCrunch. All rights reserved. For personal use only.
It is a universal truth of human nature that the developers who build the code should not be the ones to test it. First of all, most of them pretty much detest that task. Second, like any good auditing protocol, those who do the work should not be the ones who verify it.
Not surprisingly, then, code testing in all its forms – usability, language- or task-specific tests, end-to-end testing – has been a focus of a growing cadre of generative AI startups. Every week, TechCrunch covers another one like Antithesis (raised $47 million); CodiumAI (raised $11 million) QA Wolf (raised $20 million). And new ones are emerging all the time, like new Y Combinator graduate Momentic.
Another is year-old startup Nova AI, an Unusual Academy accelerator grad that’s raised a $1 million pre-seed round. It is attempting to best its competitors with its end-to-end testing tools by breaking many of the Silicon Valley rules of how startups should operate, founder CEO Zach Smith tells TechCrunch.
Whereas the standard Y Combinator approach is to start small, Nova AI is aiming at mid-size to large enterprises with complex code-bases and a burning need now. Smith declined to name any customers using or testing its product except to describe them as mostly late-stage (series C or beyond) venture-backed startups in ecommerce, fintech or consumer products, and “heavy user experiences. Downtime for these features is costly.”
Nova AI’s tech sifts through its customers’ code to automatically build tests automatically using GenAI. It is particularly geared toward continuous integration and continuous delivery/deployment (CI/CD) environments where engineers are constantly shipping bits and pieces into their production code.
The idea for Nova AI came from the experiences Smith and his cofounder Jeffrey Shih had when they were engineers working for big tech companies. Smith is a former Googler who worked on cloud-related teams that helped customers use a lot of automation technology. Shih had previously worked at Meta (also at Unity and Microsoft before that) with a rare AI speciality involving synthetic data. They’ve since added a third cofounder, AI data scientist Henry Li.
Another rule Nova AI is not following: while boatloads of AI startups are building on top of OpenAI’s industry leading GPT, Nova AI is using OpenAI’s Chat GPT-4 as little as possible, only to help it generate some code and to do some labeling tasks. No customer data is being fed to OpenAI.
While OpenAI promises that the data of those on a paid business plan is not being used to train its models, enterprises still do not trust OpenAI, Smith tells us. “When we’re talking to large enterprises, they’re like, ‘We don’t want our data going into OpenAI,” Smith said.
The engineering teams of large companies are not the only ones that feel this way. OpenAI is fending off a number of lawsuits from those who don’t want it to use their work for model training, or believe their work wound up, unauthorized and unpaid for, in its outputs.
Nova AI is instead heavily relying on open source models like Llama developed by Meta and StarCoder (from the BigCoder community, which was developed by ServiceNow and Hugging Face), as well as building its own models. They aren’t yet using Google’s Gemma with customers, but have tested it and “seen good results,” Smith says.
For instance, he explains that a common use for OpenAI GPT4 is to “produce vector embeddings” on data so LLM models can use the vectors for semantic search. Vector embeddings translate chunks of text into numbers so the LLM can perform various operations, such as cluster them with other chunks of similar text. Nova AI is using OpenAI’s GPT4 for this on the customer’s source code, but is going to lengths not to send any data into OpenAI.
“In this case, instead of using OpenAI’s embedding models, we deploy our own open-source embedding models so that when we need to run through every file, we aren’t just sending it to OpenAi,” Smith explained.
While not sending customer data to OpenAI appeases nervous enterprises, open source AI models are also cheaper and more than sufficient for doing targeted specific tasks, Smith has found. In this case, they work well for writing tests.
“The open LLM industry is really proving that they can beat GPT 4 and these big domain providers, when you go really narrow,” he said. “We don’t have to provide some massive model that can tell you what your grandma wants for her birthday. Right? We need to write a test. And that’s it. So our models are fine-tuned specifically for that.”
Open source models are also progressing quickly. For instance, Meta recently introduced a new version of Llama that’s earning accolades in technology circles and that may convince more AI startups to look at OpenAI alternatives.
Flipboard, a Web 2.0-era social magazine app that is reinventing itself to capitalize on the renewed push toward an open social web, is deepening its ties to the fediverse, the social network of interconnected servers that includes apps like Mastodon, Pixelfed, PeerTube and, in time, Instagram Threads, among others. On Thursday, the company announced it’s expanding its fediverse integrations to 400 more Flipboard creators and introducing fediverse notifications in the Flipboard app itself.
The latter will allow Flipboard users to see their new followers and other activity around the content they share in the fediverse directly in the Flipboard app. This follows last year’s introduction of a Mastodon integration in the app, replacing Twitter, and the introduction of support for ActivityPub, the social networking protocol that powers the open source, decentralized social networks that include Mastodon and others.
In February, Flipboard announced it would begin to add its creators and their social magazines to the fediverse as well, meaning that the curated magazines of links and other social posts that its creators typically share within the Flipboard app could now find a broader audience. By sharing creators’ posts and links with the wider fediverse, Flipboard’s publishing partners gained their own native ActivityPub feeds so they could be discovered by Mastodon users and those on other federated social apps. That initial push toward federation was started with 1,000 Flipboard magazines and today adds 400 more. In total, Flipboard says there are now over 11,000 curated Flipboard magazines available to federated social networking users.
“This is a major step toward fully federating our platform,” noted Flipboard CEO Mike McCue in an announcement. “We’re not just making curated content on Flipboard viewable, but enabling two-way communication so users can see activity and engage with fediverse communities. Personally, it has made my curation even more exciting as I know it’s reaching new people who may share my interests.”
The expanded set of accounts includes public accounts with one or two public magazines that have activity curated in the past 30 days and don’t have any trust and safety violations. They’ve also participated in Flipboard community programs. Accounts will be alerted to their federated status via email.
While Flipboard is working toward federating its users’ accounts by default, people will be able to “unfederate” by toggling off the “Federate” button in their Flipboard settings.
In addition to the newly federated magazines, Flipboard is also bringing a more integrated fediverse experience to its own app. With the version arriving Thursday (ver. 4.3.25), Flipboard users will be able to see their new followers from the fediverse in their Flipboard profile, while their Flipboard notifications will now include fediverse reactions and conversations.
This notification window will now contain three sections: Replies, Activity and News. In Replies, users will be able to see and reply to posts from people both on Flipboard and in the fediverse, as well as any other fediverse @mentions. When they respond, their reply is also sent back to the fediverse, making Flipboard more of a fediverse client app than before. The Activity tab, meanwhile, will show users the likes, follows and boosts (the fediverse’s take on the retweet), along with other Flipboard activity. The News section (previously called Content) will now showcase breaking news and other stories recommended by Flipboard’s editorial team.
The company had already begun curating content for fediverse users across a handful of “news desks” (dedicated fediverse accounts) that directed users to interesting articles and links across topics. There is a broader news desk, plus those dedicated to Tech, Culture and Science. This existing curation can help fuel the newly rebranded News section in the Flipboard app.
At an event in London on Tuesday, Meta confirmed that it plans an initial release of Llama 3 — the next generation of its large language model used to power generative AI assistants — within the next month.
This confirms a report published on Monday by The Information that Meta was getting close to launch.
“Within the next month, actually less, hopefully in a very short period of time, we hope to start rolling out our new suite of next-generation foundation models, Llama 3,” said Nick Clegg, Meta’s president of global affairs. He described what sounds like the release of several different iterations or versions of the product. “There will be a number of different models with different capabilities, different versatilities [released] during the course of this year, starting really very soon.”
The plan, Meta Chief Product Officer Chris Cox added, will be to power multiple products across Meta with Llama 3.
Meta has been scrambling to catch up to OpenAI, which took it and other big tech companies like Google by surprise when it launched ChatGPT over a year ago and the app went viral, turning generative AI questions and answers into everyday, mainstream experiences.
Meta has largely taken a very cautious approach with AI, but that hasn’t gone over well with the public, with previous versions of Llama criticized as too limited. (Llama 2 was released publicly in July 2023. The first version of Llama was not released to the public, yet it still leaked online.)
Llama 3, which is bigger in scope than its predecessors, is expected to address this, with capabilities not just to answer questions more accurately but also to field a wider range of questions that might include more controversial topics. It hopes this will make the product catch on with users.
“Our goal over time is to make a Llama-powered Meta AI be the most useful assistant in the world,” said Joelle Pineau, vice president AI Research. “There’s quite a bit of work remaining to get there.” The company did not talk about the size of the parameters it’s using in Llama 3, nor did it offer any demos of how it would work. It’s expected to have about 140 billion parameters, compared to 70 billion for the biggest Llama 2 model.
Most notably, Meta’s Llama families, built as open source products, represent a different philosophical approach to how AI should develop as a wider technology. In doing so, Meta is hoping to play into wider favor with developers versus more proprietary models.
But Meta is also playing it more cautiously, it seems, especially when it comes to other generative AI beyond text generation. The company is not yet releasing Emu, its image generation tool, Pineau said.
“Latency matters a lot along with safety along with ease of use, to generate images that you’re proud of and that represent whatever your creative context is,” Cox said.
Ironically — or perhaps predictably (heh) — even as Meta works to launch Llama 3, it does have some significant generative AI skeptics in the house.
Yann LeCun, the celebrated AI academic who is also Meta’s chief AI scientist, took a swipe at the limitations of generative AI overall and said his bet is on what comes after it. He predicts that will be joint embedding predicting architecture (JEPA), a different approach both to training models and producing results, which Meta has been using to build more accurate predictive AI in the area of image generation.
“The future of AI is JEPA. It’s not generative AI,” he said. “We’re going to have to change the name of Chris’s product division.”
Ghost, the open source alternative to Substack’s newsletter platform, is considering joining the fediverse, the social network of interconnected servers that includes apps like Mastodon, Pixelfed, PeerTube, Flipboard and, more recently, Instagram Threads, among others. According to a post from Ghost founder John O’Nolan, the company — which is structured as a nonprofit — is considering federating Ghost over ActivityPub, the social networking protocol that powers the fediverse.
O’Nolan said that the most requested feature over the past few years has been to federate his software. “It seems like there are many potential ways to do it. Curious to hear how you would want it to work?” he asked in a post on Threads, which was syndicated to Mastodon via Threads’ own integration with ActivityPub.
The survey asks users if they use any ActivityPub platforms like Mastodon or Threads, and how they would expect ActivityPub functionality to work in Ghost, if it were to be added. It also asks how federation would personally benefit Ghost users. It invites survey respondents to optionally provide an email address if they want to be contacted for more input in the future, as well.
Image Credits: Ghost
While the launch of a survey isn’t necessarily a commitment to federating Ghost, it is another signal pointing to the broader reshaping of the web that’s now underway.
Following Twitter’s acquisition by billionaire Elon Musk, online users have experienced the downsides of putting their trust in centralized platforms: With a shift in ownership, Twitter was overhauled to be a different type of platform called X, with revised ethics and long-term ambitions. (Musk wants X to be an “everything” app for transactions, creator content, video, shopping and more and takes a more hands-off role in terms of content moderation.)
For those unhappy with Musk’s changes, having a portable social networking identity suddenly seemed like an idea that had more value. That is, if you don’t like the way your Mastodon server (or other federated service) is run, you can pick up your profile and move it elsewhere, followers in tow.
With Ghost, however, the idea could be to federate the accounts of the writers who use Ghost to publish their content. Their posts, which would also be published on the web and to their newsletter subscribers, could also exist in the fediverse, where others could read, like and reply to the post from their preferred app. These replies could also potentially syndicate back to Ghost, where they could exist as comments.
Assuming Ghost went this route, it would be similar to how WordPress federated with ActivityPub after the acquisition of an ActivityPub blog plug-in. When enabled, WordPress blogs can be followed by people on apps like Mastodon and others in the fediverse and then receive replies as comments on their own sites.
After seeing O’Nolan’s post, Mastodon CTO Renaud Chaput reached out to help with the ActivityPub integration, which O’Nolan accepted.
Ghost has gained attention as a Substack rival in recent months for the same reason that some have fled X: People disagree about how platforms should be moderated. Substack has taken to promoting free speech, as Musk does on X, but that’s also led to the platform being used by pro-Nazi publications, as detailed by The Atlantic late last year.
As a result, one of Substack’s more high-profile writers, Casey Newton, formerly of The Verge, left Substack and migrated to Ghost instead.
“I’m not aware of any major U.S. consumer internet platform that does not explicitly ban praise for Nazi hate speech, much less one that welcomes them to set up shop and start selling subscriptions,” Newton wrote at the time.
In addition to Newton, other notable Ghost users include 404 Media, Buffer, Kickstarter, David Sirota’s The Lever and Tangle, to name a few.
Today, Ghost has been installed over 3 million times, which would make for a healthy addition to the wider fediverse and its roughly 13+ million total users, around 1.5 million of which are active monthly. (This figure doesn’t include Threads’ 130+ million monthly active users as it’s not fully integrated with ActivityPub as of yet.)
Seven open source foundations are coming together to create common specifications and standards for Europe’s Cyber Resilience Act (CRA), regulation adopted by the European Parliament last month.
The Apache Software Foundation, Blender Foundation, Eclipse Foundation, OpenSSL Software Foundation, PHP Foundation, Python Software Foundation, and Rust Foundation revealed their intentions to pool their collective resources and connect the dots between existing security best practices in open source software development — and ensure that the much-maligned software supply chain is up to the task when the new legislation comes into force in three years.
It’s estimated that between 70% and 90% of software today is made up of open source components, many of which are developed for free by programmers in their own time and on their own dime.
The Cyber Resilience Act was first unveiled in draft form nearly two years ago, with a view toward codifying best cybersecurity practices for both hardware and software products sold across the European Union. It’s designed to force all manufacturers of any internet-connected product to stay up-to-date with all the latest patches and security updates, with penalties in place for shortcomings.
These noncompliance penalties include fines of up to €15 million, or 2.5% of global turnover.
The legislation in its initial guise prompted fierce criticism from numerous third-party bodies, including more than a dozen open source industry bodies that last year wrote an open letter saying that the Act could have a “chilling effect” on software development. The crux of the complaints centered on how “upstream” open source developers might be held liable for security defects in downstream products, thus deterring volunteer project maintainers from working on critical components for fear of legal retribution (this is similar to concerns that abounded around the EU AI Act, which was greenlighted last month).
The wording within the CRA regulation did offer some protections for the open source realm, insofar as developers not concerned with commercializing their work were technically exempt. However, the language was open to interpretation in terms of what exactly fell under the “commercial activity” banner — would sponsorships, grants, and other forms of financial assistance count, for example?
Some changes to the text were eventually made, and the revised legislation substantively addressed the concerns through clarifying open source project exclusions, and carves out a specific role for what it calls “open source stewards,” which includes not-for profit foundations.
“In general, we are pleased with the outcome… the process worked, and the open source community was listened to,” Eclipse Foundation executive director Mike Milinkovich told TechCrunch. “One of the most interesting aspects of the final regulation is that it recognizes ‘open source software stewards’ as a form of economic actor which are part of the overall software supply chain. This is the first piece of legislation globally that recognizes the role played by foundations and other forms of community stewards.”
Although the new regulation has already been rubber stamped, it won’t come into force until 2027, giving all parties time to meet the requirements and iron out some of the finer details of what’s expected of them. And this is what the seven open source foundations are coming together for now.
“There is an enormous amount of work that will need to be done over the next three years in order to implement the CRA,” Milinkovich said. “Keep in mind that the CRA is the first law anywhere in the world regulating the software industry as a whole. The implications of this go far beyond the open source community and will impact startups and small enterprises as well as the global industry players.”
The manner in which many open source projects evolve has meant that they often have patchy documentation (if any at all), which makes it difficult to support audits and makes it difficult for downstream manufacturers and developers to develop their own CRA processes.
Many of the better-resourced open source initiatives already have decent best practice standards in place, relating to things like coordinated vulnerability disclosures and peer review, but each entity might use different methodologies and terminologies. By coming together as one, this should go some way toward treating open source software development as a single “thing” bound by the same standards and processes.
Throw into the mix other proposed regulation, including the Securing Open Source Software Act in the U.S., and it’s clear that the various foundations and “open source stewards” will come under greater scrutiny for their role in the software supply chain.
“While open source communities and foundations generally adhere to and have historically established industry best practices around security, their approaches often lack alignment and comprehensive documentation,” the Eclipse Foundation wrote in a blog post today. “The open source community and the broader software industry now share a common challenge: legislation has introduced an urgent need for cybersecurity process standards.”
The new collaboration, while consisting of seven foundations initially, will be spearheaded in Brussels by the Eclipse Foundation, which is home to hundreds of individual open source projects spanning developer tools, frameworks, specifications, and more. Members of the foundation include Huawei, IBM, Microsoft, Red Hat and Oracle.
Founded in 2017, Atoms Lanka Solutions is a provider of IT consulting and software development services. Throughout the company’s history, we have worked with over 160 customers from 5+ countries..
