Anthropic is bringing Claude Code directly into Slack, letting developers spin up coding sessions from chat threads and automate workflows without leaving the app. TechCrunch reports: Previously, developers could only get lightweight coding help via Claude in Slack -- like writing snippets, debugging, and explanations. Now they can tag @Claude to spin up a complete coding session using Slack context like bug reports or feature requests. Claude analyzes recent messages to determine the right repository, posts progress updates in threads, and shares links to review work and open pull requests.

The move reflects a broader industry shift: AI coding assistants are migrating from IDEs (integrated development environment, where software development happens) into collaboration tools where teams already work. [...] While Anthropic has not yet confirmed when it would make a broader rollout available, the timing is strategic. The AI coding market is getting more competitive, and differentiation is starting to depend more on integration depth and distribution than model capability alone.

Wired published an article by California-based writer/programmer Sheon Han arguing that Ruby "is not a serious programming language."

Han believes that the world of programming has "moved on", and "everything Ruby does, another language now does better, leaving it without a distinct niche. Ruby is easy on the eyes. Its syntax is simple, free of semicolons or brackets. More so even thanPython — a language known for its readability — Ruby reads almost like plain English... Ruby, you might've guessed, is dynamically typed. Python and JavaScript are too, but over the years, those communities have developed sophisticated tools to make them behave more responsibly. None of Ruby's current solutions are on par with those. It's far too conducive to what programmers call "footguns," features that make it all too easy to shoot yourself in the foot.

Critically, Ruby's performance profile consistently ranks near the bottom (read: slowest) among major languages. You may remember Twitter's infamous "fail whale," the error screen with a whale lifted by birds that appeared whenever the service went down. You could say that Ruby was largely to blame. Twitter's collapse during the 2010 World Cup served as a wake-up call, and the company resolved to migrate its backend to Scala, a more robust language.

The move paid off: By the 2014 World Cup, Twitter handled a record 32 million tweets during the final match without an outage. Its new Scala-based backend could process up to 100 times faster than Ruby. In the 2010s, a wave of companies replaced much of their Ruby infrastructure, and when legacy Ruby code remained, new services were written in higher-performance languages.

You may wonderwhy people are still using Ruby in 2025. It survives because of its parasitic relationship with Ruby on Rails, the web framework that enabled Ruby's widespread adoption and continues to anchor its relevance.... Rails was the framework of choice for a new generation of startups. The main code bases of Airbnb, GitHub, Twitter, Shopify, and Stripe were built on it.
He points out on Stack Overflow's annual developer survey, Ruby has slipped from a top-10 technology in 2013 to #18 this year — "behind evenAssembly" — calling Ruby "a kind of professional comfort object, sustained by the inertia of legacy code bases and the loyalty of those who first imprinted upon it." But the article drew some criticism on X.com. ("You should do your next piece about how Vim isn't a serious editor and continue building your career around nerd sniping developers.")

Other reactions...

• "Maybe WIRED is just not a serious medium..."

• "FWIW — Ruby powered Shopify through another Black Friday / Cyber Monday — breaking last year's record."

• "Maybe you should have taken a look at TypeScript..."

Wired's subheading argues that Ruby "survives on affection, not utility. Let's move on." Are they right? Share your own thoughts and experiences in the comments.

Is Ruby still a 'serious' programming language?

U.S. regulators are pressing Waymo for answers after Texas officials reported 19 instances of its self-driving cars illegally passing stopped school buses, including cases that occurred after Waymo claimed to have deployed a software fix. Longtime Slashdot reader BrendaEM shares the report from Reuters: In a November 20 letter posted by NHTSA, the Austin Independent School District said five incidents occurred in November after Waymo said it had made software updates to resolve the issue and asked the company to halt operations around schools during pick-up and drop-off times until it could ensure the vehicles would not violate the law. "We cannot allow Waymo to continue endangering our students while it attempts to implement a fix," a lawyer for the school district wrote, citing one incident involving a Waymo that was "recorded driving past a stopped school bus only moments after a student crossed in front of the vehicle, and while the student was still in the road."

The letter prompted NHTSA to ask Waymo on November 24 if it would comply with the request to cease self-driving operations during student pick-up and drop-off times, adding: "Was an appropriate software fix implemented or developed to mitigate this concern? And if so, does Waymo plan to file a recall for the fix?" The school district told Reuters on Thursday that Waymo refuses to halt operations around schools and said another incident involving a self-driving car and an actively loading school bus occurred on December 1, which "indicates that those programming changes did not resolve the issue or our concerns."

In a statement, Waymo did not answer why it had refused to halt operations around Austin schools or answer if it would issue a recall. "We're deeply invested in safe interaction with school buses. We swiftly implemented software updates to address this and will continue to rapidly improve," Waymo said. NHTSA said in a letter to Waymo on Wednesday that it was demanding answers to a series of questions by January 20 about incidents involving school buses and details of software updates to address safety concerns.

"Amazon suggested its engineers eschew AI code generation tools from third-party companies in favor of its own ," reports Reuters, "a move to bolster its proprietary Kiro service, which it released in July, according to an internal memo viewed by Reuters." In the memo, posted to Amazon's internal news site, the company said, "While we continue to support existing tools in use today, we do not plan to support additional third party, AI development tools.

"As part of our builder community, you all play a critical role shaping these products and we use your feedback to aggressively improve them," according to the memo.

The guidance would seem to preclude Amazon employees from using other popular software coding tools like OpenAI's Codex, Anthropic's Claude Code, and those from startup Cursor. That is despite Amazon having invested about $8 billion into Anthropic and reaching a seven-year $38 billion deal with OpenAI to sell it cloud-computing services..."To make these experiences truly exceptional, we need your help," according to the memo, which was signed by Peter DeSantis, senior vice president of AWS utility computing, and Dave Treadwell, senior vice president of eCommerce Foundation. "We're making Kiro our recommended AI-native development tool for Amazon...."

In October, Amazon revised its internal guidance for OpenAI's Codex to "Do Not Use" following a roughly six month assessment, according to a memo reviewed by Reuters. And Claude Code was briefly designated as "Do Not Use," before that was reversed following a reporter inquiry at the time.
The article adds that Amazon "has been fighting a reputation that it is trailing competitors in development of AI tools as rivals like OpenAI and Google speed ahead..."

Curiosity Stream, the decade-old science documentary streaming service founded by Discovery Channel's John Hendricks, expects its AI licensing business to generate more revenue than its 23 million subscribers by 2027 -- possibly earlier. The company's Q3 2025 earnings revealed a 41% year-over-year revenue increase, driven largely by deals licensing its content to train large language models. Year-to-date AI licensing brought in $23.4 million through September, already exceeding half of what the subscription business generated for all of 2024.

The streaming service's library contains 2 million hours of content, but the "overwhelming majority" is earmarked for AI licensing rather than subscriber viewing, CEO Clint Stinchcomb said during the earnings call. Curiosity Stream is licensing 300,000 hours of its own programming and 1.7 million hours of third-party content to hyperscalers and AI developers. The company has completed 18 AI-related deals across video, audio, and code assets.

"Security, development, and AI now move as one," says Microsoft's director of cloud/AI security product marketing.

Microsoft and GitHub "have launched a native integration between Microsoft Defender for Cloud and GitHub Advanced Security that aims to address what one executive calls decades of accumulated security debt in enterprise codebases..." according to The New Stack: The integration, announced this week in San Francisco at the Microsoft Ignite 2025 conference and now available in public preview, connects runtime intelligence from production environments directly into developer workflows. The goal is to help organizations prioritize which vulnerabilities actually matter and use AI to fix them faster. "Throughout my career, I've seen vulnerability trends going up into the right. It didn't matter how good of a detection engine and how accurate our detection engine was, people just couldn't fix things fast enough," said Marcelo Oliveira, VP of product management at GitHub, who has spent nearly a decade in application security. "That basically resulted in decades of accumulation of security debt into enterprise code bases." According to industry data, critical and high-severity vulnerabilities constitute 17.4% of security backlogs, with a mean time to remediation of 116 days, said Andrew Flick, senior director of developer services, languages and tools at Microsoft, in a blog post. Meanwhile, applications face attacks as frequently as once every three minutes, Oliveira said.

The integration represents the first native link between runtime intelligence and developer workflows, said Elif Algedik, director of product marketing for cloud and AI security at Microsoft, in a blog post... The problem, according to Flick, comes down to three challenges: security teams drowning in alert fatigue while AI rapidly introduces new threat vectors that they have little time to understand; developers lacking clear prioritization while remediation takes too long; and both teams relying on separate, nonintegrated tools that make collaboration slow and frustrating... The new integration works bidirectionally. When Defender for Cloud detects a vulnerability in a running workload, that runtime context flows into GitHub, showing developers whether the vulnerability is internet-facing, handling sensitive data or actually exposed in production. This is powered by what GitHub calls the Virtual Registry, which creates code-to-runtime mapping, Flick said...

In the past, this alert would age in a dashboard while developers worked on unrelated fixes because they didn't know this was the critical one, he said. Now, a security campaign can be created in GitHub, filtering for runtime risk like internet exposure or sensitive data, notifying the developer to prioritize this issue.
GitHub Copilot "now automatically checks dependencies, scans for first-party code vulnerabilities and catches hardcoded secrets before code reaches developers," the article points out — but GitHub's VP of product management says this takes things even further.

"We're not only helping you fix existing vulnerabilities, we're also reducing the number of vulnerabilities that come into the system when the level of throughput of new code being created is increasing dramatically with all these agentic coding agent platforms."

A promotional video for Amazon's Kiro software development system took a unique approach, writes GeekWire. "Instead of product diagrams or keynote slides, a crew from Seattle's Packrat creative studio used action figures on a miniature set to create a stop-motion sequence..."

"Can the software development hero conquer the 'AI Slop Monster' to uncover the gleaming, fully functional robot buried beneath the coding chaos?" Kiro (pronounced KEE-ro) is Amazon's effort to rethink how developers use AI. It's an integrated development environment that attempts to tame the wild world of vibe coding... But rather than simply generating code from prompts [in "vibe mode"], Kiro breaks down requests into formal specifications, design documents, and task lists [in "spec mode"]. This spec-driven development approach aims to solve a fundamental problem with vibe coding: AI can quickly generate prototypes, but without structure or documentation, that code becomes unmaintainable...

The market for AI-powered development tools is booming. Gartner expects AI code assistants to become ubiquitous, forecasting that 90% of enterprise software engineers will use them by 2028, up from less than 14% in early 2024... Amazon launched Kiro in preview in July, to a strong response. Positive early reviews were tempered by frustration from users unable to gain access. Capacity constraints have since been resolved, and Amazon says more than 250,000 developers used Kiro in the first three months...

Now, the company is taking Kiro out of preview into general availability, rolling out new features and opening the tool more broadly to development teams and companies... During the preview period, Kiro handled more than 300 million requests and processed trillions of tokens as developers explored its capabilities, according to stats provided by the company. Rackspace used Kiro to complete what they estimated as 52 weeks of software modernization in three weeks, according to Amazon executives. SmugMug and Flickr are among other companies espousing the virtues of Kiro's spec-driven development approach. Early users are posting in glowing terms about the efficiencies they're seeing from adopting the tool... startups in most countries can apply for up to 100 free Pro+ seats for a year's worth of Kiro credits.
Kiro offers property-based testing "to verify that generated code actually does what developers specified," according to the article — plus a checkpointing system that "lets developers roll back changes or retrace an agent's steps when an idea goes sideways..."

"And yes, they've been using Kiro to build Kiro, which has allowed them to move much faster."

"PHP 8.5 landed on Thursday with a long-awaited pipe operator and a new standards-compliant URI parser," reports the Register, "marking one of the scripting language's more substantial updates... " The pipe operator allows function calls to be chained together, which avoids the extraneous variables and nested statements that might otherwise be involved. Pipes tend to make code more readable than other ways to implement serial operations. Anyone familiar with the Unix/Linux command line or programming languages like R, F#, Clojure, or Elixir may have used the pipe operator. In JavaScript, aka ECMAScript, a pipe operator has been proposed, though there are alternatives like method chaining.

Another significant addition is the URI extension, which allows developers to parse and modify URIs and URLs based on both the RFC 3986 and the WHATWG URL standards. Parsing with URIs and URLs â" reading them and breaking them down into their different parts â" is a rather common task for web-oriented applications. Yet prior versions of PHP didn't include a standards-compliant parser in the standard library. As noted by software developer Tim Düsterhus, the parse_url() function that dates back to PHP 4 doesn't follow any standard and comes with a warning that it should not be used with untrusted or malformed URLs.

Other noteworthy additions to the language include: Clone With, for updating properties more efficiently; the #[\NoDiscard] attribute, for warning when a return value goes unused; the ability to use static closures and first-class callables in constant expressions; and persistent cURL handles that can be shared across multiple PHP requests.

An anonymous reader shares a report: A Microsoft executive is questioning why more people aren't impressed with AI, a week after the company touted the evolution of Windows into an "agentic OS," which immediately triggered backlash.

"Jeez there so many cynics! It cracks me up when I hear people call AI underwhelming," tweeted Mustafa Suleyman, the CEO for Microsoft's AI group. Suleyman added that he grew up playing the old-school 2D Snake game on a Nokia phone. "The fact that people are unimpressed that we can have a fluent conversation with a super smart AI that can generate any image/video is mindblowing to me," he wrote.

Linus Torvalds is "fairly positive" about vibe coding as a way for people to get computers to do things they otherwise could not. The Linux kernel maintainer made the comments during an interview at the Linux Foundation Open Source Summit in Seoul earlier this month. But he cautioned that vibe coding would be a "horrible, horrible idea from a maintenance standpoint" for production code.

Torvalds told Dirk Hohndel, head of open source at Verizon, that computers have become more complicated than when he learned to code by typing in programs from computer magazines. He said vibe coding offers a path into computing for newcomers. The kernel maintainer is not using AI-assisted coding himself. He said his role has shifted from rejecting new ideas to sometimes pushing for them against opposition from longstanding maintainers who "kind of get stuck in a rut."

Rust is "actually becoming a real part of the kernel instead of being this experimental thing," he said. Torvalds said AI crawlers have been "very disruptive to a lot of our infrastructure" because they gather data from kernel.org source code. Kernel maintainers receive bugs and security notices that are "made up by people who misuse AI," though the problem is smaller than for other projects such as curl.

Linux kernel maintainers "are grappling with how to integrate AI-generated contributions without compromising the project's integrity," reports WebProNews: The latest push comes from a proposal by Sasha Levin, a prominent kernel developer at NVIDIA, who has outlined guidelines for tool-generated submissions. Posted to the kernel mailing list, these guidelines aim to standardize how AI-assisted patches are handled. According to Phoronix, the v3 iteration of the proposal [posted by Intel engineer Dave Hansen] emphasizes transparency and accountability, requiring developers to disclose AI involvement in their contributions. This move reflects broader industry concerns about the quality and copyright implications of machine-generated code.

Linus Torvalds, the creator of Linux, has weighed in on the debate, advocating for treating AI tools no differently than traditional coding aids. As reported by heise online, Torvalds sees no need for special copyright treatment for AI contributions, stating that they should be viewed as extensions of the developer's work. This perspective aligns with the kernel's pragmatic approach to innovation. The proposal, initially put forward by Levin in July 2025, includes a 'Co-developed-by' tag for AI-assisted patches, ensuring credit and traceability. OSTechNix details how tools like GitHub Copilot and Claude are specifically addressed, with configurations to guide their use in kernel development... ZDNET warns that without official policy, AI could 'creep' into the kernel and cause chaos...

The New Stack provides insight into how AI is already assisting kernel maintainers with mundane tasks. According to The New Stack, large language models (LLMs) are being used like 'novice interns' for drudgery work, freeing up experienced developers for complex problems... The Linux kernel's approach could set precedents for other open-source projects. With AI integration accelerating, projects like those in the Linux Foundation are watching closely... Recent kernel releases, such as 6.17.7, include performance improvements that indirectly support AI applications, as noted in Linux Compatible.

"Windows is evolving into an agentic OS," Microsoft's president of Windows Pavan Davuluri posted on X.com, "connecting devices, cloud, and AI to unlock intelligent productivity and secure work anywhere."

But former Uber software engineer and engineering manager Gergely Orosz was unimpressed. "Can't see any reason for software engineers to choose Windows with this weird direction they are doubling down on. So odd because Microsoft has building dev tools in their DNA... their OS doesn't look like anything a builder who wants OS control could choose. Mac or Linux it is for devs."

Davuluri "has since disabled replies on his original post..." notes the blog Windows Central, "which some people viewed as an attempt to shut out negative feedback." But he also replied to that comment... Davuluri says "we care deeply about developers. We know we have work to do on the experience, both on the everyday usability, from inconsistent dialogs to power user experiences. When we meet as a team, we discuss these pain points and others in detail, because we want developers to choose Windows..." The good news is Davuluri has confirmed that Microsoft is listening, and is aware of the backlash it's receiving over the company's obsession with AI in Windows 11. That doesn't mean the company is going to stop with adding AI to Windows, but it does mean we can also expect Microsoft to focus on the other things that matter too, such as stability and power user enhancements.
Elsewhere on X.com, Microsoft CEO Satya Nadella shared his own thoughts on "the net benefit of the AI platform wave ." The Times of India reports: Nadella said tech companies should focus on building AI systems that create more value for the people and businesses using them, not just for the companies that make the technology. He cited Bill Gates to emphasize the same: "A platform is when the economic value of everybody that uses it exceeds the value of the company that creates it."Tesla CEO Elon Musk responded to Nadella's post with a facepalm emoji.

Nadella said this idea matters even more during the current AI boom, where many firms risk giving away too much of their own value to big tech platforms. "The real question is how to empower every company out there to build their own AI-native capabilities," he wrote. Nadella says Microsoft's partnership with OpenAI is an example of zero-sum mindset industry... [He also cited Microsoft's "work to bring AMD into the fleet."]
More from Satya Nadella's post: Thanks to AI, the [coding] category itself has expanded and may ultimately become one of the largest software categories. I don't ever recall any analyst ever asking me about how much revenue Visual Studio makes! But now everyone is excited about AI coding tools. This is another aspect of positive sum, when the category itself is redefined and the pie becomes 10x what it was! With GitHub Copilot we compete for our share and with GitHub and Agent HQ we also provide a platform for others.

Of course, the real test of this era won't be when another tech company breaks a valuation record. It will be when the overall economy and society themselves reach new heights. When a pharma company uses AI in silico to bring a new therapy to market in one year instead of twelve. When a manufacturer uses AI to redesign a supply chain overnight. When a teacher personalizes lessons for every student. When a farmer predicts and prevents crop failure.That's when we'll know the system is working.

Let us move beyond zero-sum thinking and the winner-take-all hype and focus instead on building broad capabilities that harness the power of this technology to achieve local success in each firm, which then leads to broad economic growth and societal benefits. And every firm needs to make sure they have control of their own destiny and sovereignty vs just a press release with a Tech/AI company or worse leak all their value through what may seem like a partnership, except it's extractive in terms of value exchange in the long run.

Android's security team published a blog post this week about their experience using Rust. Its title? "Move fast and fix things." Last year, we wrote about why a memory safety strategy that focuses on vulnerability prevention in new code quickly yields durable and compounding gains. This year we look at how this approach isn't just fixing things, but helping us move faster.

The 2025 data continues to validate the approach, with memory safety vulnerabilities falling below 20% of total vulnerabilities for the first time. We adopted Rust for its security and are seeing a 1000x reduction in memory safety vulnerability density compared to Android's C and C++ code. But the biggest surprise was Rust's impact on software delivery. With Rust changes having a 4x lower rollback rate and spending 25% less time in code review, the safer path is now also the faster one... Data shows that Rust code requires fewer revisions. This trend has been consistent since 2023. Rust changes of a similar size need about 20% fewer revisions than their C++ counterparts... In a self-reported survey from 2022, Google software engineers reported that Rust is both easier to review and more likely to be correct. The hard data on rollback rates and review times validates those impressions.

Historically, security improvements often came at a cost. More security meant more process, slower performance, or delayed features, forcing trade-offs between security and other product goals. The shift to Rust is different: we are significantly improving security and key development efficiency and product stability metrics.

With Rust support now mature for building Android system services and libraries, we are focused on bringing its security and productivity advantages elsewhere. Android's 6.12 Linux kernel is our first kernel with Rust support enabled and our first production Rust driver. More exciting projects are underway, such as our ongoing collaboration with Arm and Collabora on a Rust-based kernel-mode GPU driver. [They've also been deploying Rust in firmware for years, and Rust "is ensuring memory safety from the ground up in several security-critical Google applications," including Chromium's parsers for PNG, JSON, and web fonts.]
2025 was the first year more lines of Rust code were added to Android than lines of C++ code...

An anonymous reader shared this report from The Register: Yet another supply chain attack has hit the npm registry in what Amazon describes as "one of the largest package flooding incidents in open source registry history" — but with a twist. Instead of injecting credential-stealing code or ransomware into the packages, this one is a token farming campaign.

Amazon Inspector security researchers, using a new detection rule and AI assistance, originally spotted the suspicious npm packages in late October, and, by November 7, the team had flagged thousands. By November 12, they had uncovered more than 150,000 malicious packages across "multiple" developer accounts. These were all linked to a coordinated tea.xyz token farming campaign, we're told. This is a decentralized protocol designed to reward open-source developers for their contributions using the TEA token, a utility asset used within the tea ecosystem for incentives, staking, and governance.

Unlike the spate of package poisoning incidents over recent months, this one didn't inject traditional malware into the open source code. Instead, the miscreants created a self-replicating attack, infecting the packages with code to automatically generate and publish, thus earning cryptocurrency rewards on the backs of legitimate open source developers. The code also included tea.yaml files that linked these packages to attacker-controlled blockchain wallet addresses.
At the moment, Tea tokens have no value, points out CSO Online. "But it is suspected that the threat actors are positioning themselves to receive real cryptocurrency tokens when the Tea Protocol launches its Mainnet, where Tea tokens will have actual monetary value and can be traded..." In an interview on Friday, an executive at software supply chain management provider Sonatype, which wrote about the campaign in April 2024, told CSO that number has now grown to 153,000. "It's unfortunate that the worm isn't under control yet," said Sonatype CTO Brian Fox. And while this payload merely steals tokens, other threat actors are paying attention, he predicted. "I'm sure somebody out there in the world is looking at this massively replicating worm and wondering if they can ride that, not just to get the Tea tokens but to put some actual malware in there, because if it's replicating that fast, why wouldn't you?"

When Sonatype wrote about the campaign just over a year ago, it found a mere 15,000 packages that appeared to come from a single person. With the swollen numbers reported this week, Amazon researchers wrote that it's "one of the largest package flooding incidents in open source registry history, and represents a defining moment in supply chain security...." For now, says Sonatype's Fox, the scheme wastes the time of npm administrators, who are trying to expel over 100,000 packages. But Fox and Amazon point out the scheme could inspire others to take advantage of other reward-based systems for financial gain, or to deliver malware.
After deplooying a new detection rule "paired with AI", Amazon's security researchers' write, "within days, the system began flagging packages linked to the tea.xyz protocol... By November 7, the researchers flagged thousands of packages and began investigating what appeared to be a coordinated campaign. The next day, after validating the evaluation results and analyzing the patterns, they reached out to OpenSSF to share their findings and coordinate a response.
Their blog post thanks the Open Source Security Foundation (OpenSSF) for rapid collaboration, while calling the incident "a defining moment in supply chain security..."

It's been trying to measure the popularity of programming languages since 2000 using metrics like the number of engineers, courses, and third-party vendors. And "The November 2025 TIOBE Index brings another twist below Python's familiar lead," writes TechRepublic. "C solidifies its position as runner-up, C++ and Java lose some ground, and C# moves sharply upward, narrowing the gap with Java to less than a percentage point..."

TIO CEO Paul Jansen said this month that "Instead of Python, programming language C# is now the fastest rising language," How did C# achieve this? Java and C# are battling for a long time in the same areas. Right now it seems like C# has removed every reason why not to use C# instead of Java: it is cross platform nowadays, it is open source and it contains all new language features a developer wants. While the financial world is still dominated by Java, all other terrains show equal shares between Java and C#. Besides this, Microsoft is going strong and C# is still their most backed programming language.

Interesting note: C# has never been higher than Java in the TIOBE index. Currently the difference between the two rivals is less than 1%. There are exciting times ahead of us. Is C# going to surpass Java for the first time in the TIOBE index history?
"The fact that C# has been in the news for the successive betas and pre-release candidates prior to the release of C# 14 may have bumped up its percentage share in the last few months," notes a post on the site i-Programmer. But they also point out that by TIOBE's reckoning, Java — having been overtaken by Python in 2021 — "has been in decline ever since."

TechRepublic summarizes the rest of the Top Ten: JavaScript stays in sixth place at 3.42%, and Visual Basic edges up to seventh with 3.31%. Delphi/Object Pascal nudges upward to eighth at 2.06%, while Perl returns to the top 10 in ninth at 1.84% after a sharp year-over-year climb. SQL rounds out the list at tenth with 1.80%, maintaining a foothold that shows the enduring centrality of relational databases. Go, which held eighth place in October, slips out of the top 10 entirely.
Here's how TIOBE's methodology ranks programming language popularity in November:

1. Python
2. C
3. C++
4. Java
5. C#
6. JavaScript
7. Visual Basic
8. Delphi/Object Pascal
9. Perl
10. SQL

YouTube TV and Disney have ended their two-week carriage standoff, restoring ESPN, ABC, and other Disney networks under a new multiyear deal. Variety reports: Under the new agreement, ESPN's full lineup of sports -- including content from ESPN Unlimited -- will be made available on YouTube TV to base-plan subscribers at no additional cost by the end of 2026. In addition, access to a selection of live and on-demand programming from ESPN Unlimited will be available inside YouTube TV.

The deal also lets YouTube include the Disney+ and Hulu bundle as part of "select YouTube offerings." According to Disney, "select networks" will be included in various genre-specific packages that YouTube TV expects to launch in the future. [...] The deal supersedes their prior distribution agreement, inked in December 2021 after a two-day blackout.

Dave Knott writes: Microsoft has released Visual Studio 2026, the first major version of their flagship compiler in almost four years. Release notes are available here. The compiler has also been updated, including improved (but not yet 100%) C++23 core language and standard library implementations.

Longtime Slashdot reader theodp writes: The UK Department for Education is "replacing its narrowly focused computer science GCSE with a broader, future-facing computing GCSE [General Certificate of Secondary Education] and exploring a new qualification in data science and AI for 16-18-year-olds." The move aims to correct unintended consequences of a shift made more than a decade ago from the existing ICT (Information and Communications Technology) curriculum, which focused on basic digital skills, to a more rigorous Computer Science curriculum at the behest of major tech firms and advocacy groups to address concerns about the UK's programming talent pipeline.

The UK pivot from rigorous CS to AI literacy comes as tech-backed nonprofit Code.org leads a similar shift in the U.S., pivoting from its original 2013 mission calling for rigorous CS for U.S. K-12 students to a new mission that embraces AI literacy. Code.org next month will replace its flagship Hour of Code event with a new Hour of AI "designed to bring AI education into the mainstream" with the support of its partners, including Microsoft, Google, and Amazon. Code.org has pledged to engage 25 million learners with the new Hour of AI this school year.

Linux kernel developers are moving toward enabling Microsoft C Extensions (-fms-extensions) by default in Linux 6.19, with Linus Torvalds signaling no objection. While some dislike relying on Microsoft-style behavior, the patches in kbuild-next suggest the project is ready to "bite the bullet" and adopt the extensions system-wide. Phoronix reports: Rasmus Villemoes argued with Kbuild: enable -fms-extensions that would allow for "prettier code" and others have noted in the past the potential for saving stack space and all around being beneficial in being able to leverage the Microsoft C behavior: "Once in a while, it turns out that enabling -fms-extensions could allow some slightly prettier code. But every time it has come up, the code that had to be used instead has been deemed 'not too awful' and not worth introducing another compiler flag for. That's probably true for each individual case, but then it's somewhat of a chicken/egg situation. If we just 'bite the bullet' as Linus says and enable it once and for all, it is available whenever a use case turns up, and no individual case has to justify it..."

The second patch is kbuild: Add '-fms-extensions' to areas with dedicated CFLAGS to ensure -fms-extensions is passed for the CPU architectures that rely on their own CFLAGS being set rather than the main KBUILD_CFLAGS. Linus Torvalds chimed in on the prior mailing list discussion and doesn't appear to be against enabling -fms-extensions beginning with the Linux 6.19 kernel.

New submitter benramsey writes: The PHP Foundation has launched a search for its next executive director.

The Executive Director serves as the operational leader of the PHP Foundation, defining its strategic vision and translating it into reality while managing day-to-day operations and serving as the primary bridge between the Board, staff, community, and sponsors.

While the programming language PHP is over 30 years old, the PHP Foundation was only created in 2021. The Executive Director will be responsible for maturing the foundation's internal structure and will play a crucial role in ensuring the foundation can effectively support this vital ecosystem.

Interested parties are encouraged to submit a cover letter describing their interest and relevant experience, resume or CV, and a brief vision statement detailing the applicant's understanding of the position, key opportunities and challenges they see for the foundation, and their approach to the role.