DAILY NEWS

Stay Ahead, Stay Informed – Every Day

Advertisement
Introducing Joanium: An Open-Source AI Desktop App That Can Actually Get Things Done



AI assistants today live in browser tabs. You open one for writing, another for code, a third because it’s better at research, and a fourth because your team uses it. Each one is locked to its own provider, its own pricing, and its own walled-off context. None of them can touch your files, run a command, or carry what they learned from one session into the next.

Joanium is built to change that.

Joanium is a local-first, open-source AI desktop app that runs on your machine, connects to nearly every major AI provider, and gives that AI the tools to actually act — not just respond.

Website: joanium.comSource code: github.com/Joanium/Joanium

One App, Every Model

Joanium supports Gemini, Claude, OpenAI models, and a growing list of additional providers including Fireworks, SambaNova, AI21, Lambda, and Hyperbolic — with live model fetching, so new releases show up without waiting on an update. You bring your own API keys and choose the right model for the task, the budget, or the moment, without rebuilding your workflow every time you switch.

An AI With Hands: 160+ Tool Integrations

Most AI tools can describe what they’d do. Joanium’s agents can go do it. With 160+ built-in tool integrations — covering platforms like GitHub, Gmail, YouTube, Linear, Netlify, Canva, and Stripe — Joanium can read your repos, draft and send emails, manage tickets, and interact with the services you already use, directly from a single interface.

Multiple Agents, Working Together

Rather than relying on one general-purpose assistant for everything, Joanium supports multi-agent execution along with a skills and personas system. You can configure agents for specific roles and let them collaborate on a task — closer to delegating work across a small team than managing a single chat window.

Full Visibility Into What Your AI Did

Two features sit at the core of how Joanium handles transparency:

Execution Replay — step through exactly what an agent did, in order, after the fact.Conversation forking with provenance tracking — branch a conversation in a new direction without losing the trail of where it came from.

When an AI is taking real actions on your behalf, being able to see — and audit — those actions isn’t a nice-to-have. It’s the baseline.

Built-In Browser, Git Integration, and a Marketplace

Joanium also includes an inbuilt browser for agents to use directly, native Git integration for working with repositories, a Daily Digest Agent that surfaces relevant updates automatically, and a Marketplace for discovering and installing additional tools and skills as the ecosystem grows.

Why Local-First, and Why Open Source

Most AI tools today route everything — your prompts, your files, your context — through someone else’s servers, under someone else’s terms. That tradeoff has been easy to ignore when AI was mostly a chat window. It gets harder to ignore once that AI is reading your emails, browsing on your behalf, and pushing to your repositories.

Joanium runs locally, and its source is fully open under the Apache 2.0 license. That means the code doing all of this is inspectable, forkable, and not contingent on a company’s roadmap or pricing decisions.

It’s also worth being precise about one thing: Joanium itself is free and open source, but using it still involves paying AI providers for API usage — there’s no way around that, and no product can honestly claim otherwise. What changes is who you pay and how much control you have over that. Instead of stacking multiple subscriptions regardless of use, you pay per request, choose your providers, and switch whenever it makes sense. For many people juggling several AI subscriptions today, that alone is a meaningful shift.

Get Started

Joanium is available now:

Website: joanium.comGitHub: github.com/Joanium/Joanium

Download it, connect an API key for a provider you already use, and explore what it can do. As an open-source project, feedback, issues, and contributions are welcome — and actively shape what gets built next.



Source link

How to Debug AI-Generated Code as a Beginner



You generated a feature in thirty seconds using Claude. It compiled. You deployed it. Then something broke in production.

Now you’re staring at an error traceback, and you realize something terrifying: you have no idea what the code actually does.

This is called “vibe coding,” and it’s the defining trap of learning to code in the age of AI. You can generate working code instantly. But when it breaks, you’re completely lost. You can’t debug what you don’t understand.

The instinct is to paste the error into Claude or ChatGPT and run whatever it suggests. That’s the wrong move. It leads to a cycle of patches stacking on patches until your codebase becomes unmaintainable. You need a different approach.

Why Debugging AI Code Is Different

Traditional debugging assumes you wrote the code. You remember what you were trying to do. You understand the control flow. You can trace execution paths in your head.

With AI-generated code, none of that is true. You’re reading code as if someone else wrote it. You lack the mental model of why it exists. You don’t understand the architectural choices.

This creates what researchers call “debugging by guessing.” Your code fails. You see an error message. You immediately paste the error into an LLM and run the suggested patch. Sometimes it works. Often it introduces new failures elsewhere.

The problem is that LLMs optimize for local fixes, not global understanding. They patch the symptom without addressing the cause. Over several iterations, your code accumulates redundant checks, swallowed exceptions, and tangled logic that only gets worse.

The cost shows up later. When a system needs modification. When a subtle bug appears. When you need to add a new feature that interacts with existing code. At that point, you hit a wall. The final 10% of the work—the parts that require understanding—becomes impossible.

The Wrong Way: Debugging by Copy-Paste

The moment your AI-generated code fails, the temptation is immediate. Copy the error. Paste it into Claude. Run the fix.

Resist this.

This workflow trains your brain to avoid productive struggle—the cognitive friction of sitting with a problem and working through it. When you skip it, you short-circuit learning.

Research from an Anthropic study shows developers using AI to generate code score 17% lower on comprehension tests than those who write code manually. They feel productive. They’re shipping features. But they’re building a codebase they can’t maintain.

The Right Way: Use AI as a Dialogue Partner

Flip the dynamic. Stop asking AI to fix your code. Start asking it to help you understand why the code is failing.

This is called Socratic debugging. Instead of pasting errors and accepting solutions, you use AI as a thinking partner that challenges you to diagnose the problem yourself.

Here’s how it works in practice. Your code fails. Instead of pasting the error, you write a precise prompt: “I’m getting this error. Don’t write any code. Instead, ask me clarifying questions to help me locate the bug myself.”

The AI now becomes a tutor. It asks you questions about what the code is supposed to do. It walks you through your mental model. It helps you narrow down where the failure might be. You’re doing the thinking. The AI is scaffolding your reasoning.

Another powerful approach: ask the AI to describe what the code does before you try to debug it. “Read this generated block of code and describe its execution path in plain English. Do not write any code.” This forces the AI to articulate the logic, which often exposes what’s actually happening versus what you thought was happening.

Or ask it to identify edge cases: “Identify potential edge cases and failure modes that could break this function. Do not write code.” This trains your brain to think defensively about code instead of assuming it works.

The key is constraining the AI from writing code. When you do, it becomes a thinking tool instead of a code generator.

Set Clear Boundaries in Your Codebase

Before you ask AI to generate anything, establish structure.

Break complex features into small, isolated modules with explicit files and hard folder boundaries. Once these boundaries exist, freeze your interfaces by writing contract tests that pin inputs and outputs. Then instruct the AI: “Work only in this file. Do not modify other files. Do not create new helper functions.”

This prevents the AI from generating duplicate code across multiple files. It prevents breaking changes in one area from silently failing elsewhere. It gives you architectural control.

This practice is called componentized thinking, and it’s essential for keeping AI-generated code maintainable.

Manage Your Chat Context Carefully

As a conversation with an LLM grows, the model’s token context window gets saturated. The model compresses earlier messages. It forgets folder structures. It renames variables. It hallucinates functions that were never written.

At this point, continuing the same conversation becomes counterproductive. Start a fresh chat instead.

Before you do, have the AI document the current progress in a markdown file. Write down what works, what’s unresolved, what you’ve tried. Then paste that summary into a new, clean session.

Better yet, maintain systematic documentation in your repository itself. Create a file called vision.md that describes the core features and user flow. Create a ConnectionGuide.txt that logs every port, database URI, and API endpoint. When you start a new chat, point the AI to these files instead of re-explaining everything.

Couple AI Guidance with Real Debugging Tools

Here’s the hard truth: AI can guide your thinking, but it can’t see your running code.

LLMs analyze static code. They can’t observe the live state of a program. When debugging runtime failures, they’re working from incomplete information. You need real tools to see what’s happening.

If you’re using Python, tools like Python Tutor or Thonny let you step through code line by line, watching variables update and the call stack unfold. Seeing the execution path visually is far more revealing than reading code.

For system-level issues, run diagnostics directly. If a file sync is stalled, use lsof to check file descriptor locks. Use ps to check active processes. Use netstat to see network connections. Have the AI suggest a diagnostic plan, then execute the commands yourself and verify the results.

This combination—AI for strategic guidance, real tools for tactical evidence—is far more powerful than either alone.

The Accountability Principle

Research on student learning reveals something striking. When students know they have to explain their code to another person, they study differently.

A study of university CS courses found that students with unrestricted AI access performed better when required to defend their code in oral interviews. Why? Because the upcoming defense forced them to actually understand what they generated. They studied their code. They tested it. They prepared explanations.

This accountability mechanism is powerful. You don’t need an actual person. You can create this for yourself. Before committing code, write a brief explanation: What does this do? Why does it solve the problem? What could break? If you can’t answer these clearly, you haven’t understood it well enough.

This discipline forces you to engage with your code rather than skating past it.

The Honest Path Forward

AI is genuinely useful for debugging. It can suggest diagnostic approaches. It can explain why something might fail. It can generate test cases to verify fixes.

But the developers who thrive are those who treat it as a thinking partner. They establish boundaries in their codebase. They manage their context windows. They use real debugging tools alongside AI guidance. They hold themselves accountable for understanding their code.

Platforms like Mimo structure learning around this exact principle. Rather than letting you generate entire applications, the curriculum emphasizes interactive debugging and understanding. You write code manually. You debug it manually. Then you learn where AI fits into that foundation.

This approach takes more time than copy-pasting fixes. It’s also the only approach that actually builds competence. Your goal isn’t to ship code as fast as possible, but to become a developer who understands systems, debugs problems systematically, and maintains code that lasts.



Source link

Securing the AI supply chain 🛡️



AI agents are reading code and dependencies at scale. This changes how we think about supply chain risk and the security of our builds.

Adding security checks during the build process is essential for modern development. Here is how you can use Snyk and Upsun to protect your workflow:

Implement Snyk to scan dependencies for vulnerabilities
Add automated scans directly to your build hook
Capture risks at build time before they reach production
Understand exactly what automated scanning can and cannot catch

Check out the full technical write-up to see how to implement these build time fixes:

AI agents are reading code at scale, including your dependencies. Why supply chain risk just changed, plus a build-time fix to add on Upsun.

developer.upsun.com



Source link