Technology Tales

The April 8^th, 2026 release of Visual Studio Code introduces a new preview companion app, VS Code Agents, designed to enhance agent-native development by enabling parallel task execution across projects, session monitoring and integration with existing customisations. Improvements to the integrated browser include clearer tool labels, support for long-running scripts, reduced duplicate tabs and pinch-to-zoom functionality on macOS. Terminal tools now allow agents to send input to background terminals and receive notifications about their status, improving interaction with processes that run in the background. The release also deprecates Edit Mode, which will be fully removed in a future version and includes fixes for issues related to terminal cursor positioning and keyboard input.

Version 2026.04.0 of Positron introduces several notable updates across its core features. Academic institutions running JupyterHub can now offer Positron Server to students at no cost, giving them access to Python and R support, the extension marketplace and an optional AI assistant by requesting a free teaching licence. The Notebook Editor, currently in alpha, gains cell reordering via drag and drop, an output action bar, replace functionality in the find widget, improved inline Data Explorers, truncatable long outputs and a range of bug fixes covering side-by-side notebooks, streaming output and scrollbar rendering. The AI assistant can now analyse the current cell output and propose a next step as a ghost cell. R support has been expanded with Shiny applications now running in console sessions rather than the terminal, enabling debugger use for the first time, alongside new support for conditional, log and hit count breakpoints. Two new commands allow users to browse installed RStudio addins and discover R Markdown templates directly from the command palette. Further changes include experimental inline output for Quarto documents, faster Python plot rendering, improved console startup performance, anonymous usage reporting during update checks and support on Posit Workbench for reading R version configuration files with extended metadata.

Visual Studio Code 1.114 introduces several improvements focused on enhancing the chat experience and streamlining development workflows. The image carousel now supports video playback in addition to images, allowing users to preview and navigate video files from chat attachments or the Explorer context menu with full playback controls. A new copy feature enables users to extract only the final Markdown response from chat conversations, excluding the agent's thinking process and tool calls. The codebase tool has been simplified to focus exclusively on semantic searches, eliminating the previous distinction between local and remote indexes and providing more consistent search results across projects of varying sizes. Users can now troubleshoot issues from previous chat sessions by referencing them with the troubleshoot skill command, making it easier to investigate problems after they occur. The update incorporates TypeScript 6.0 with important fixes and improvements, whilst the Python Environments extension receives bug fixes for environment manager selection and now recommends the Pixi extension when relevant environments are detected. Enterprise administrators gain the ability to disable the Claude agent integration through group policy settings, and the GitHub Pull Requests extension adds faster branch name caching and improved permalink handling. Additional refinements include fine-grained approval options for language model tools and various bug fixes contributed by the community.

Positron 2026.03.0 brings several significant improvements to the development environment, most notably enhanced statement execution for R that now handles syntax errors more gracefully by allowing code above errors to run reliably whilst providing clear notifications when attempting to execute problematic sections. The software now includes a built-in PDF viewer that automatically adapts to the current theme and works across desktop and server deployments. The notebook editor has matured considerably with interactive data grids for pandas and polars dataframes, options to show or hide individual cell outputs, raw cell support and new split and join commands using familiar keyboard shortcuts. Python users can now start interpreters on ARM systems, name virtual environments during creation, and benefit from improved autocomplete functionality for dictionary keys and dataframe columns. R users gain the ability to open data files directly, use bundled kernels in Quarto documents and access substantially improved debugging features including error and warning breakpoints, call stack synchronisation with the console and variables pane, and support for pausing execution during long computations. The assistant functionality has been enhanced with better error handling, additional model support and improved validation for connection drivers. Numerous bugs have been resolved across notebooks, console interactions, plotting and debugging workflows.

Security researchers have identified a significant new threat to software supply chains, in which AI coding assistants embedded within integrated development environments can be manipulated to act as privileged insider threats. A Microsoft senior security researcher has outlined an attack chain dubbed IDEsaster, which exploits legitimate IDE features such as tool execution, workspace configuration and agent automation to exfiltrate sensitive data including source code, encryption keys and credentials, with the threat affecting nearly all AI coding tools built on a common IDE platform. Because AI agents operating within these environments inherit the same elevated developer privileges, and because attacks exploit normal platform behaviour rather than software flaws, conventional vulnerability scanning is unlikely to catch them.

North Korean threat actors have already been observed exploiting auto-execution features in Visual Studio Code to run malicious scripts when developers open compromised project files, underscoring that these are not merely theoretical risks. Security professionals are calling for a new principle they term Secure for AI, which extends existing Secure by Design thinking to account for how AI components can be misused, and are recommending measures including least-privilege access, human review of automated changes, prompt integrity controls, and comprehensive software bills of materials that enumerate AI-specific components.

KDnuggets published a series of data science and Python programming articles covering several practical topics. An empirical analysis explored how the structure of a dataset influences coding style, finding that time-series data tends to produce window functions such as RANK() and DENSE_RANK(), multi-table schemas drive JOIN and GROUP BY patterns in SQL or .merge() and .groupby() in Pandas, and staged business rules typically lead to the use of common table expressions. A separate piece addressed Python performance, outlining five techniques for speeding up slow code, namely measuring before optimising, using built-in functions, avoiding repeated work inside loops, choosing appropriate data structures and using vectorised operations via NumPy and pandas instead of manual iteration. Another article introduced async programming in Python, explaining how the event loop, coroutines and the asyncio library enable concurrent handling of input and output bound tasks such as API requests, with practical guidance on error handling, semaphores for rate-limiting and correct usage within Jupyter notebooks. A further piece described five approaches to generating synthetic data without relying on external libraries, covering simple random generation with controlled relationships, simulation-based methods, time series creation, event log construction and template-driven text generation. Finally, a practical guide outlined five categories of automated data quality checking, covering missing value analysis, data type validation, duplicate record detection, outlier identification and cross-field consistency verification, with the aim of catching data problems before they affect analysis or downstream systems.

Visual Studio Code version 1.113 introduces a range of improvements to the agent and developer experience. A new Chat Customisations editor consolidates all chat-related settings into a single unified interface, organised across tabs for instructions, prompt files, custom agents and skills. Reasoning-capable models now expose a configurable thinking effort level directly within the model picker, removing the need to adjust separate settings. Subagents can now invoke other subagents, enabling more complex multistep workflows, and MCP server support has been extended to Copilot CLI and Claude agents alongside the ability to fork sessions and access debug logs within those environments. Image attachments in chat can now be opened in a full viewer with navigation, zoom, pan and thumbnail browsing. The integrated browser gains support for temporarily trusting self-signed certificates during development, along with improved tab management tools, including a Quick Open Browser Tab command and a close-all option. Finally, two refreshed default themes, VS Code Light and VS Code Dark, replace the previous Modern themes and will automatically align with the operating system light or dark mode preference for new users.

Transpiling involves converting source code written in one programming language or version into another, typically a different version of the same language, while maintaining readability and requiring further compilation or interpretation to execute. The distinction between transpiling and compiling is often blurred, with transpiling generally associated with outputting human-readable code rather than machine code, though both processes share similar stages like parsing and semantic analysis.

Tools such as Babel and Webpack play key roles in this process, with Babel translating modern JavaScript (e.g., ES6 arrow functions) into older, widely supported versions (e.g., ES5) and Webpack bundling these transpiled files for deployment. This is essential for ensuring compatibility with outdated browsers while leveraging modern language features, as seen in frameworks like React, where JSX syntax is transpiled into standard JavaScript. There are ongoing debates around terminology and practical applications, emphasising the importance of understanding these tools in contemporary web development workflows.

Here is where you get the "Secret Salt" codes for when you need to refresh such things as part of a password resetting routine: https://api.wordpress.org/secret-key/1.1/salt/. They are cryptographic keys use by self-hosted WordPress instances.

Using Version Control with RStudio

RStudio includes built-in support for two open-source version control systems, Git and Subversion, allowing developers and data scientists to track code changes, compare earlier versions and collaborate with others. Before using these features, both Git and Subversion must be installed separately on the user's workstation, and version control must then be activated through the Global Options menu under the Git/SVN tab.

The features are tied to the use of RStudio Projects and work with remote repositories hosted via services such as GitHub or GitLab, though local Git repositories can also be created without a remote connection. Once enabled, the interface adds a Git tab and dropdown menu providing access to common operations such as committing, pushing, pulling, diffing files and viewing history.

New projects can be created from existing local directories already under version control, cloned from a remote repository or converted from a project with no prior version control configured. SSH authentication using public and private key pairs is supported and can be managed through the version control options panel. Additional features include Git commit signing, terminal access with the working directory pre-set to the project root and, on Windows, integration with Git Bash. If the Git pane does not appear, this is typically caused by directory ownership restrictions or by Git not being activated for the current project, both of which can be resolved through straightforward configuration steps.