Discover the latest blog post on Google Cloud, where we delve into the pivotal role of AI in software development and its ability to accelerate the SDLC. Tabnine AI coding assistant empowers developers by predicting and suggesting code lines based on context and syntax, thereby boosting their productivity and enabling the creation of new content. With its adaptability to different coding preferences, Tabnine enhances code quality and enables developers to produce up to 40% more code.
Tabnine’s commitment to ethical practices is exemplified by its utilization of fully permissive open-source code and training on specific company data, resulting in powerful and personalized outcomes. Tabnine harnesses Google Cloud’s advanced computing power and sophisticated data segmentation to support its advanced capabilities.
In this blog post, Brandon Jung, Tabnine’s Vice President of Ecosystems, provides insights into the use of customized and open source AI models, fostering faster innovation. Additionally, we showcase the success story of CI&T, a global IT company with over 7,000 employees. CI&T adopted Tabnine in 2022 to support its extensive developer team working with 18 different coding languages. Through Tabnine, CI&T achieved an impressive 11% increase in productivity, with developers accepting 90% of the tool’s single-line coding suggestions. Luis Ribeiro, Head of Engineering and Digital Solutions at CI&T, emphasizes the significance of AI in driving efficiency and innovation, particularly in regulated industries such as healthcare, life sciences, and financial services.
For the complete blog post, visit the link here.
Tabnine is the AI coding assistant that helps development teams of every size use AI to accelerate and simplify the software development process without sacrificing privacy, security, or compliance. Tabnine boosts engineering velocity, code quality, and developer happiness by automating the coding workflow through AI tools customized to your team. Tabnine supports more than one million developers across companies in every industry.
Unlike generic coding assistants, Tabnine is the AI that you control:
It’s private. You choose where and how to deploy Tabnine (SaaS, VPC, or on-premises) to maximize control over your intellectual property. Rest easy knowing that Tabnine never stores or shares your company’s code.
It’s personalized. Tabnine delivers an optimized experience for each development team. It’s context-aware and delivers precise and personalized recommendations for code generation, code explanations, and guidance, and for test and documentation generation.
It’s protected. Tabnine is built with enterprise-grade security and compliance at its core. It’s trained exclusively on open source code with permissive licenses, ensuring that our customers are never exposed to legal liability.
Tabnine provides accurate and personalized code completions for code snippets, whole lines, and full functions. The Tabnine in IDE Chat allows developers to communicate with a chat agent in natural language and get assistance with various coding tasks, such as:
Learn more how to use Tabnine AI to analyze, create, and improve your code across every stage of development:
Try Tabnine for free today or contact us to learn how we can help accelerate your software development.
The world of software development is constantly evolving, and as developers, we want to stay up to date on the latest technological advancements. AI has emerged as a powerful tool that can help us write better code faster and more efficiently. To shed light on how to integrate AI into your coding workflow, we recently conducted a webinar with Dror Weiss, Tabnine’s CEO, and Brandon Jung, VP of Ecosystems. Here are some of the key insights from the webinar:
The initial step in incorporating AI into your coding workflow is to carefully select an appropriate AI tool that caters to your specific needs. Tabnine, being a leading AI coding assistant software development tool, is a popular choice among developers with over a million users relying on it for faster and more accurate coding. In fact, Tabnine produces about 30% of the code generated by its users. By utilizing deep learning algorithms to analyze the context of your code, it generates intelligent suggestions in real time, thereby saving time and minimizing the chances of errors. While AI can make developers more efficient and content, it’s crucial to assess your requirements, such as privacy regulations or company policies, before opting for an AI tool.
Adding AI assistance to coding practices yields significant improvements in various aspects of software development, including code reuse, API identification, password encryption, natural language-to-code conversion, and code consistency. One major AI-powered tool in this domain is Tabnine, which offers suggestions for appropriate syntax and variable names, resulting in enhanced code quality and heightened productivity. The combination of human intelligence with AI empowers developers to automate repetitive code, maintain workflow momentum, and prevent errors, enabling them to devote more attention to creative tasks.
By adopting Tabnine Enterprise, developers can leverage contextual code suggestions that streamline repetitive coding tasks and generate high-quality, industry-standard code.
Tabnine’s code suggestions stem from large language models trained exclusively on reputable open source licenses with permissive licensing. This integration presents several advantages, including the generation of approximately 30% of the code, automation of repetitive coding tasks, consistent and high-quality code suggestions across teams, noise reduction to facilitate focused coding, and prevention of common errors.
As the AI layer for coding progresses, it’s expected to become an integral part of the development stack, playing a pivotal role in every stage of the software development lifecycle.
When integrating AI into your organization, it’s essential to evaluate options based on factors such as code suggestion quality, performance, security, and IP protection. Additionally, IDE support and the tool’s ability to learn your code are important considerations. To begin, evaluate the AI tool with a group of 15-25 developers for one month and choose an internal champion to lead the implementation. Provide quick training to ensure your team can make the most of the tool. After the pilot period, analyze the ROI and assess the subjective productivity gains. If successful, expand usage to other groups and specialize AI guidance by connecting your code and domain experts. By following these steps, you can effectively integrate AI into your organization and enjoy the benefits of improved code quality, increased productivity, and reduced errors.
Tabnine Enterprise is designed to help software engineering teams improve the quality and speed of their code development process. By using Tabnine Enterprise, teams can take advantage of various tailored features and benefits, including industry-leading security and compliance standards. Additionally, Tabnine Enterprise offers the flexibility of running the tool on-premises or in a virtual private cloud (VPC), allowing for greater control over data and infrastructure. This enables teams to fully leverage the capabilities of Tabnine while adhering to their organization’s data security policies. To learn more about how Tabnine Enterprise can benefit your organization, don’t hesitate to contact our team of enterprise experts.
When utilizing AI tools, it’s essential to be aware of the potential risks involved and take necessary precautions to manage them. These risks encompass concerns regarding privacy, security, open source usage, IP, and maintaining control over your code. Tabnine Enterprise addresses these risks by implementing robust security measures, including the avoidance of training on customer code, running the tool locally within the customer’s environment, and refraining from training on non-permissive code.
Tabnine AI code completion models can run locally, on self-hosted servers, within VPC, or completely offline, ensuring you have complete control and ensuring compliance with your organization’s policies.
Tabnine models are exclusively trained on repositories with permissive open source licenses. The platform follows strict protocols where customer code is used solely for model querying and is immediately discarded after the query. Your code is never stored, shared, or incorporated into Tabnine’s open source trained AI model, ensuring the confidentiality of your proprietary code.
By considering these factors you can effectively manage the risks associated with AI integration into your coding practices.
Try Tabnine for free today or contact us to learn how we can help accelerate your software development.
In conclusion, integrating AI into your coding workflow can be a game-changer for developers, enabling them to write better code faster and more efficiently. By selecting the right AI tool for your specific needs, managing the potential risks associated with AI use, and leveraging the full potential of AI for code generation, review, optimization, and project management, you can take your coding workflow to the next level. To learn more about Tabnine and how it can help you optimize your coding workflow, check out the video of our recent webinar.
AI models like GPT-4 are in high demand, but establishing the optimized infrastructure to support them can be expensive and complex. There are many organizations facing the challenge of balancing security and compliance requirements while maintaining the computational power needed to run generative AI at a massive scale. For this reason, some organizations choose to host their systems in their own data centers.
Tabnine understands the challenges of acquiring the hardware necessary for these AI advancements. While our cloud solution provides a convenient and expedient option, we acknowledge that it may not meet the stringent security prerequisites of all our customers. In an article for TechTarget Business Technology, our CEO, Dror Weiss, discussed the obstacles associated with implementing generative AI in enterprise environments, including security, infrastructure demands, and integration with existing systems.
Tabnine AI coding assistant helps development teams of every size use AI to accelerate and simplify the software development process without sacrificing privacy, security, or compliance. Tabnine boosts engineering velocity, code quality, and developer happiness by automating the coding workflow through AI tools customized to your team. Tabnine supports more than one million developers across companies in every industry.
Unlike generic coding assistants, Tabnine is the AI that you control:
It’s private. You choose where and how to deploy Tabnine (SaaS, VPC, or on-premises) to maximize control over your intellectual property. Rest easy knowing that Tabnine never stores or shares your company’s code.
It’s personalized. Tabnine delivers an optimized experience for each development team. It’s context-aware and delivers precise and personalized recommendations for code generation, code explanations, and guidance, and for test and documentation generation.
It’s protected. Tabnine is built with enterprise-grade security and compliance at its core. It’s trained exclusively on open source code with permissive licenses, ensuring that our customers are never exposed to legal liability.
Tabnine provides accurate and personalized code completions for code snippets, whole lines, and full functions. The Tabnine in IDE Chat allows developers to communicate with a chat agent in natural language and get assistance with various coding tasks, such as:
Learn more how to use Tabnine AI to analyze, create, and improve your code across every stage of development:
Try Tabnine for free today or contact us to learn how we can help accelerate your software development.
As we continue to push the boundaries of AI, we must remain cognizant of these challenges. For a comprehensive understanding of this topic, we invite you to read the full article.
Tabnine CEO, Dror Weiss, shares his insights on the transformative potential of AI technology in an article published on Info World. Similar to the impact of mobile phones and the internet, he highlighted AI’s significance in shaping our future. Dror identified eight key features that enterprises should look for in AI coding assistants to streamline software development processes at the enterprise level. The article provides valuable insights that can help optimize software development processes using AI technology.
Read the full article on
Tabnine is an AI assistant tool used by over 1 million developers from thousands of companies worldwide. With Tabnine Enterprise, software engineering teams can quickly and efficiently write higher quality code, accelerating the entire software development lifecycle. Tabnine Enterprise supports a variety of programming languages and IDEs, as well as security and compliance standards designed for enterprise software development environments.
If you’re a Java developer who uses Eclipse, you can now benefit from Tabnine AI assistant. Tabnine for Eclipse provides advanced features to enhance your coding experience while keeping your code secure and private.
Tabnine is a secure AI coding assistant suitable for companies, and it’s available to all Eclipse users, including Starters, Pro, and Enterprise.
Streamline your coding workflow with Tabnine for Eclipse, available on Eclipse Marketplace.
If you’re an enterprise looking to incorporate AI into your software development lifecycle, Tabnine is an exceptional option.
By utilizing Tabnine Enterprise, you’ll have the opportunity to benefit from contextual code suggestions that can boost your productivity by streamlining repetitive coding tasks and producing high-quality, industry-standard code. Tabnine code suggestions are based on large language models that are exclusively trained on credible open-source licenses with permissive licensing. Moreover, with Tabnine Enterprise, you have the flexibility to run the model on-premises or on virtual private cloud (VPC), ensuring that you maintain full control over your data and infrastructure. This means you can leverage the power of Tabnine while complying with your enterprise’s data security policies. For more information on how Tabnine Enterprise can benefit your organization, feel free to contact our enterprise expert.
We recently had the pleasure of having a fantastic conversation with Liran Tal, who holds the position of Director of Developer Advocacy at Snyk and is also a GitHub Star. Get ready to delve into a captivating interview with Liran, along with our CTO Eran Yahav, and VP Product Yossi Salomon from Tabnine. During this interview, we discussed topics such as security vulnerabilities, generative AI for coding in open source, and the intriguing places that saying “yes” can take you.
Buckle up and enjoy!
How did you become such an expert in the world of open source?
I think it’s mainly about loving technology, trying out many new things, and not being afraid to dive into various new projects and opportunities. One of my secrets is that I almost always say yes to things – which can be good and bad. Honestly, it’s just a matter of being open and optimistic. With open source, it goes back to Linux. I started with Linux installations on all kinds of old computers, then ran BBSs in the days before the internet became mainstream in my country, and then I got into the KernelJanitors Linux mailing lists, etc.
So your advice would be to say yes to everything? Seems like a pretty risky approach, no?
I mean, it’s worked out pretty well for me. I know more or less how to manage my time.
My first exposure to the tech world was in a company that was a systems integrator, offering Linux services and implementing VoIP Asterisk systems. I was more in a SysAdmin kind of role, and I realized I wanted to get deeper into programming. So I went to several interviews, one of which was an absolute disaster – but there was one company that decided to give me a chance.
One of the first tasks I was given in my role there was to write a state machine in C++. I told the R&D manager that I’ve never written C++ before, and he handed me a book on C++ and told me to get to it. It took me a couple of weeks to read the book, and I started writing C++. That’s just an example of how important it is to say yes to opportunities. This is especially important in open-source, where there aren’t many set rules, and the guidelines are more oral, like “be a good citizen” or “don’t be an a******”. The most challenging thing about the open-source community is trying to move things forward since most contributors are working part-time on these projects. So if someone is willing to contribute, whether it’s coding, documentation, or anything else, they’re usually warmly welcomed.
Have there been any situations where you felt like you bit off more than you could chew?
For me, it’s all a learning experience. Even in my current role as a Developer Advocate at Snyk – I had no real idea what the role entailed. Before this role, I was either a development team leader or a programmer. I’ve done public speaking at conferences around the world for many years talking about open-source, Node.js, JavaScript, etc, but it was more of a hobby. Then someone from Snyk approached me and asked if I wanted to do it full-time. To be honest, I contemplated it for a couple of months – it was a pretty big career pivot that scared me – but I finally decided to go for it.
What are your day-to-day responsibilities in the role?
I’ve been very lucky in this role – I’m very proactive and I have lots of ideas, and this role gives me the opportunity to actually try them out. There are everyday responsibilities, including education, content creation, etc. For example, I also write command-line applications, so I created a CLI tool that scans all sorts of websites for security issues, called is-website-vulnerable. And it’s totally connected with the whole world of DevOps security. It didn’t even have a formal Jira story – it was a weekend side-project that suddenly exploded with over a thousand stars on GitHub. Lots of people started contributing to it and making such a CLI that puts everything in JSON, and then someone wrote a GitHub Action, and someone else connected it to his pipeline. That’s just one of many examples, especially when it comes to DevRel (developer relations), because it touches on so many other areas – product, development, end-user developers, education….
Over the last year, for example, I’ve done a lot of security research. I’m not a security researcher or analyst by trade, but I was fascinated by it, and ended up finding and disclosing a lot of security vulnerabilities in different open-source libraries.
One of the main concerns around generative AI is security. What, from your POV, is the right approach to introducing AI to enterprise R&D teams, and integrating it with secure coding paradigms?
The concern here is real and tangible. On the other hand, I feel like things are a bit…all over the place at the moment. For example, I use ChatGPT, and something I’ve noticed (with me as well) is there’s this kind of “I want to get it done fast” mentality amongst developers. For example, I tell ChatGPT what I need, it gives it to me, and I copy/paste and run it. But that’s not really that new, you know? Before ChatGPT, we did the same thing. We’d ask Google, it directed us to Stack Overflow, we found an answer, saw that a million people upvoted it, and we copy-pasted it. So it’s not like things have changed that much for developers.
But on Stack Overflow, you’ve got some indication regarding quality and trustworthiness: Upvotes, downvotes, stars, downloads, etc. ChatGPT speaks with absolute confidence, whether it’s speaking truth or nonsense.
The concern you raise is valid and would be even more pressing if ChatGPT was within the IDE. Currently, you have to copy-paste from the web chat into the IDE, which still involves some friction. It’s small, but still enough to make it impractical, so a developer probably won’t do it constantly. Once it’s within the IDE, it becomes a much larger source of concern. I’ll put a disclaimer in here – I’m not a data scientist, and I don’t pretend to be. The issue is around how the models are trained. The ChatGPT model that I’m familiar with generates code based on the code it’s been exposed to, which obviously includes bad code as well, with lots of security vulnerabilities. So the source of the data is definitely another concern. How was the model trained? How robust is the data? Is it secure, high-quality, high-performance, fast, efficient in terms of memory use, etc.? Has the function that ChatGPT generated for me been checked, secure-coded, tested, etc? We know that the answer to all of these is probably no.
So what are our expectations? It’s probably no worse than code written by a developer, but maybe our expectations are higher because supposedly a machine can do better.
I think that there’s an issue of awareness. Just this morning I arrived back from London. I was at a conference called CityJS, and I gave a lecture on “Path Traversal attacks”, teaching developers about a specific vulnerability that occurs in very popular open-source libraries that have been downloaded millions of times as well as impacted the Node.js runtime. The evening before my talk I was reviewing my slides and decided to open my lecture with a story. So I asked ChatGPT to create a file upload route in the Fastify web framework Node.js application, without any dependencies. The first code it generated looked really good. Functionally it almost worked. There was something small missing from the code – a method – which I fixed. It then regenerated the code for me. In both versions, there was a vulnerability that I noticed, but didn’t comment on, because I wanted to see how ChatGPT would handle it. In terms of the functionality, it now worked, but it still had a security vulnerability – basically, the code didn’t save the file in the correct way. So I opened my lecture by showing how commonplace these types of vulnerabilities are, even on code generated by ChatGPT – and I didn’t have to work hard to find an example at all.
So how do we educate developers about the risks?
Well, using common sense and discretion is a big part of it. The world of AI is here to help us work faster, but we still need to use our own judgment to steer it in the right direction. I was chatting with a friend who was consulting for a company and they showed him a bug generated by ChatGPT that he recognized from Stack Overflow – he’d seen the same bug in three different projects where developers had copied the same code, and ChatGPT had obviously trained on it as well. This highlights the importance of education. While augmented development can increase productivity, for critical tasks, we need to provide the machine with more detailed instructions, background, and context. We may need to use code repositories with low vulnerabilities or increase supervised learning for the models. It’s about using our judgment to direct the machine toward what we need.
In case you’re an enterprise looking to incorporate AI into your software development lifecycle, Tabnine is an exceptional option.
By utilizing Tabnine Enterprise, you’ll have the opportunity to benefit from contextual code suggestions that can boost your productivity by streamlining repetitive coding tasks and producing high-quality, industry-standard code. Tabnine code suggestions are based on Large Language Models that are exclusively trained on credible open-source licenses with permissive licensing.
What do you think about the idea of showing the developer how, for instance, a snippet of code is similar to a snippet on Stack Overflow? So for the example you mentioned, where code generated from ChatGPT had the same bug seen several times before in Stack Overflow, maybe something like that could be a help?
That could be an interesting direction. Let’s try to apply this thought process to other things that are already happening in the ecosystem. For example, open-source libraries. Let’s say a developer wants to implement a certain functionality. They’d search for it in the libraries, and would probably find quite a few components to choose from, since the ecosystem is very mature at this point. In reality, I think they’d probably look at the code, see if there are tests, how many stars it has, how many downloads and contributors, and use it. So even before the developer starts writing the code, on the component level, there often isn’t the awareness that you need to go in and make sure that the code looks like it should.
So what are the best practices? What do you suggest?
Well, for instance, at Snyk, we built a tool called Snyk Advisor, which examines four perspectives: Popularity, security, community, and maintenance, and then it provides a score for all 4. So for instance, let’s say there’s a package without a commit or release for over a year – that’s a flag that needs to be raised. The code might be amazing, with cross-platform testing and everything, but if it’s not maintained and has a vulnerability or even a bug, there’s no one to fix it on the spot, and you’ll end up stuck.
There’s another cheat that I don’t often speak about. Node.js’s Canary in the Goldmine (CITGM) is a technology that pulls down modules from npm and tests them to see if they’ll break when Node.js updates its versioning.
Another tip is to look at prolific maintainers, like Matteo Collina and others. Look at what they wrote or what they choose to use. That goes to reputation, so if you know that a certain developer chose to use a specific package, they probably already did their due diligence, so you can use it.
But say, for instance, the packages that make it into the Node test suite, they’re probably within the “trusted compute base,” right?
There could be packages that have been downloaded 5 million times but could be terrible and break things. The CI is there to ensure that nothing in the ecosystem is broken, but it’s not an assurance that a package is good and should be used. So it works well as a basic filter, but it’s not enough to ensure the quality of the package.
Let’s assume that in the future, code will be generated by tools like Tabnine, which are already in the IDE, and the volume of generated code (or copy-pasted) will be significantly larger than what we’re used to today. How will that affect the ecosystem, especially in the CICD? Does it transfer more responsibility to the gatekeepers? Obviously, developers will still be responsible for their code, but does it potentially transfer more responsibility to someone who’s supposed to catch issues further down in the SDLC funnel? As the manager of an R&D organization that adopts AI code generation, which processes and tools should I put in place to ensure that my code remains at the same quality as in the past? On the one hand, we’re creating systems that are far more accelerated. On the other hand, there’s a higher risk. So what can we do to ensure that production issues are prevented?
In the book by the Phoenix Project and the Accelerate report, as well as Puppet, which publishes a yearly “State of DevOps” report, they all talk about DevOps and link it to security. I think that the more mature an organization is, for example, when you’re already in the CICD phase with lots of feature flags, you’re very advanced in terms of technology, and you can fail fast, it’s much easier to integrate and use lots of different tools, for security and more. So maybe the controls won’t change much, but they’ll get sharper.
As code is being generated faster with tools like Tabnine, there needs to be a greater emphasis on code review to catch any issues. Even with all the other security-related DevOps processes like dynamic and static application testing, someone needs to review the code to ensure it’s correct and working, including edge cases. Code review tools and processes aren’t meant to distinguish between good or bad coders, but to identify and catch specific issues. It’s particularly important for less mature companies to have a defined code review process because generating lots of code doesn’t necessarily mean it’s good code, and mistakes and vulnerabilities can easily slip through without proper testing and review.
In other words, the bottleneck in the dev process could move from writing code to code review or maybe testing, while the throughput remains the same.
Yes. If I were to give a parallel to the world of dependencies. If I go back a couple of “generations”, during the time when everything was embedded, you’d open your editor, create a new file project, with a blank page, and start writing. Today, you want to create a project, let’s say it’s Java, you’ve got Spring Starter Project or Spring Boot or whatever. Your default is to enter, like, twenty dependencies. And with JavaScript, it becomes a bit larger. So the default is that you’ve got lots and lots of code, and what I’m writing is maybe 10% business logic or something like that. So this world has really accelerated in a dramatic way.