I enjoy reading tech radars from Thoughtworks. I always find a gem or two, a new idea, or an opportunity to challenge my current assumptions on best practices.

Volume 32 was released a couple of days ago. I won’t go through every blip, just a couple of highlights that caught my attention.

My top takeaways

1. Prompt Engineering techniques may be counter-productive for reasoning models. Popular techniques like chain-of-thought or few-shot prompting may not be needed and underperform due to reasoning models being already fine-tuned and having their own built-in prompt engineering mechanisms. From academic research:

”(…) advanced models may eliminate the need for prompt engineering in software engineering.”

2. Known methodologies like FuzzTesting or Threat modelling are more important than ever before. Generated code has unique security & compliance challenges and it’s prone to introduce errors in random places. I would add TDD/BDD to that list as well based on my article about vibe coding.
3. Connecting RAG with a graph database like Neo4j can be useful to enhance RAG results (GraphRAG). Thoughtworks used it to analyze legacy codebases. Additionally, visualizing data as a graph makes it more human-navigable.
4. We already have tools to apply AI-based UI tests as an alternative or complementary approach to e2e tests. Not so long ago e2e generation was an innovative service, but with a surge of AI computer use and MCP, new possibilities emerged.
5. Residuality Theory offers a way to test systems architecture by introducing stressors. Compared to chaos engineering it focuses on earlier parts of the design and can be used to identify chaos-experiment areas.
6. AI and no-code (especially together) increase the chances of growing shadow IT in the company. Non-technical employees tempted to increase performance by automating work themselves can accidentally leak data outside or make the system more scattered and dependent on third parties.
7. OpenTelemetry is quickly becoming the industry standard for observability. There is also a growing understanding of the need for tracing for complex systems. Another, but related topic is LLM observability need. It comes from compliance needs (EU ACT - read more) but also it’s a promise of easier debugging and performance tuning.
8. There is a surge of new tools around data centricity - not only for AI and RAG use cases but also to ease querying from multiple data sources.
9. Industry is accelerating thinking about post-quantum cryptography (especially after the news about Willow or Zuchongzhi 3.0).
10. Thoughtworks observes a Node overload - Node.js being used too often without considering any alternatives.

Interesting tools

A bunch of quick links that I found interesting.

AI-related

AI Assistants

1. Cline - VSCode extension to compete with Cursor, but you provide your API key. May end up being 10x more expensive than Cursor, but many people say it’s worth it…
2. OpenRouter - use it to test multiple AI models without vendor lock & leverage better rate limits. May be useful to combine with Cline.
3. Cody - AI assistant to analyze legacy codebases. Makes it easier for the entire dev team to navigate and understand the codebase. Free tier.
4. Unblocked - AI team assistant to help onboarding, and answer codebase-related questions. Paid.
5. Open WebUI - “Chat-GPT” like experience with a local AI model. Open source.
6. AnythingLLM - allows you to chat with large documents, and integrates with LLMs, and vector databases.
7. YOLO11 - computer vision model for real-time applications in edge devices.

AI-based browser testing

1. QA.tech - AI-based UI tests. Paid.
2. KaneAI - AI-based UI tests. Free tier.
3. Browser Use - enable AI to control your browser. Open source.

LLM Observability

1. Arize Phoenix - LLM tracing, evaluation and prompt management. Open source.
2. Helicone - another LLM observability platform. Open source.
3. Humanloop - platform which helps integrating human-in-the loop for AI systems. Also monitoring, tracing, guardrails. Free tier.

AI Data, security, compliance

1. Graphiti - build knowledge graphs for AI agents. Open source.
2. Synthesized - connect to your pipeline to enable AI-based data anonymization for non-prod envs. Alternatively, use it to generate production-like data in massive quantities for performance tests. Free tier.
3. Tonic.ai - similar use case as above. Paid.
4. Redactive - a tool to connect your RAG resources in a controlled and secure manner.
5. NeMo - Guardrails - toolkit from NVIDIA to add guardrails to LLMs.

Others

1. Module Federation - divide a large web app into micro-frontends allowing teams to scale and deploy independently while sharing dependencies and components.
2. Android XR SDK - a new SDK for spatial apps (XR headsets, glasses).
3. Effect - a stronger alternative to Promise/try-catch or async/await.
4. liboqs - quantum-resistant cryptography which we may need one day…
5. JSON Crack - turn any JSON, YAML etc into a visual graph in VSCode.
6. uv - extremely fast Python package manager.
7. Plerion - alternative to Wiz.
8. Dapr - APIs for building secure and reliable microservices.
9. Restate - manage your distributed transactions.
10. Trino - query data from multiple sources like a single logical table.
11. Group Sequential Tests - engine from ABsmartly that helps speed up A/B test results by up to 80%.
12. Grafana Alloy - collect all your telemetry data (logs, metrics, traces) with one product.
13. Railway - a new PaaS platform.
14. Chainloop - a tool for compliance team to gather & enforce security policies in CI/CD workflows.
15. turbopuffer - serverless search engine for vector and full-test search on object storage.
16. OpenRewrite - automatic large-scale refactoring ecosystem based on rules.
17. Tuple - software to support pair programming.

Summary

It’s clear to see that industry trends are being shaped and moulded by AI in multiple areas. AI changes the perspective of the business on technology - it’s easier than ever before to oversimplify how complex and difficult it is. That will turn into growing expectations, shorter deadlines, and less respect towards engineers. However… it may be a fairytale if you happen to be a security or compliance specialist - there will be a lot to do in upcoming years :)

If I tempted you to read more - you can dive deeper into Volume 32. If you’d like to see my past review from 2023 - it’s here.