Ruff v0.7.0, Claude Fable 5 agents, Node security patches — Dev Signal
Ruff v0.7.0, Claude Fable 5 agents, Node security patches
Share:
Tool of the Week
Ruff v0.7.0 shipped: pytest style defaults flip
Ruff v0.7 fixes incomplete rollout of pytest rule defaults from v0.6, removes parentheses from @pytest.fixture and @pytest.mark decorators by default—aligns with official pytest project style.
If you upgraded to v0.6 and got inconsistent linting behavior across your team depending on config file contents, v0.7 fixes that. You'll see new violations on existing code unless you explicitly revert the defaults.
Replaces Black, Flake8 (plus plugins), isort, pydocstyle, pyupgrade with single binary. Upgrade path is low-friction for most users; pytest users must either accept new defaults or add fixture-parentheses/mark-parentheses config. Auto-fixable. Safe to upgrade now—breaking changes are minimal and intentional.
“Ruff is an extremely fast Python linter and formatter, written in Rust”
“executing tens or hundreds of times faster than any individual tool”
“all users will experience the new default behavior”
“these rules now adhere more closely to the style recommendations made by the official pytest project”
“you should be able to easily fix any new violations of these rules caused by this change by running ruff check . --fix”
python-toolinglintingpytestrustbreaking-changes
Dev Signal
Get issues like this in your inbox — free, 3x a week.
Quick Signals
Continue IDE plugins fix stability bugs across JetBrains VSCode
JetBrains and VSCode adapters patch 15+ crashes, memory leaks, and IDE freezes affecting sidebar rendering and message routing; VSCode bumps to 1.3.36, JetBrains to 65.
Sidebar freezes and crashes directly block AI-assisted workflows in IDEs—these fixes restore responsiveness for developers using Continue in production. Memory leak and message-type desync fixes prevent the tool from degrading session quality over time.
Update both adapters immediately if running JetBrains or VSCode—these are stability releases that fix regressions, not breaking changes. VSCode users: bump to 1.3.36. JetBrains users: pull v65. No configuration required. The remote config sync hardening and JCEF message chunking directly address freezing; worth deploying today.
“harden JetBrains remote config sync to prevent IDE freezes”
“resolve crashes in DiffStreamHandler — unsafe cast and negative line numbers”
“chunk large JCEF messages to prevent JetBrains sidebar freezes”
“prevent responseListeners memory leak in CoreMessenger”
“vscode 1.3.36”
ide-pluginsstabilityjb-jetbrainsvscodecrash-fix
Claude Fable 5 sustains multi-step agent workflows
Claude Fable 5 completes multi-day agent runs with fewer manual checkpoints, self-corrects through verification loops, and catches bugs prior models missed—available now on GitLab Duo Agent Platform.
Reduces iteration cost on high-stakes tasks (multi-file refactors, incident triage, IaC definitions) by delivering first-shot correctness on complex problems. Teams can assign harder problems to agents and check results asynchronously instead of babysitting execution.
Enjoying Dev Signal? Get every issue in your inbox.
Free forever · 3 issues a week · One-click unsubscribe
3 issues a week · Free forever · 4,200+ developers
Replaces manual checkpoint/re-prompting workflows in existing GitLab Duo agent setups. Requires GitLab Duo Agent Platform access (free trial available, included in Premium/Ultimate tiers). Start with your hardest unsolved problem to validate capability—routine tasks won't show the difference. Worth trying now if you're already on GitLab; marginal friction for existing users.
“Claude Fable 5 completes multi-step, goal-directed work that previous models could not sustain, and it does so with measurably fewer iterations”
“The agent workflows that previously required manual checkpoints or re-prompting can now run to completion”
“Claude Fable 5 reduces the human oversight cost per agent run”
“Early testers reported single-pass implementations of systems that previously took days of iteration with prior models”
“Claude Fable 5 is available across all tiers and all deployment models through GitLab's AI Gateway”
Google releases DiffusionGemma for 4x faster text generation
Parallel token diffusion replaces sequential generation, trading quality for speed: 1,000+ tokens/sec on H100, 3.8B active parameters fit in 18GB VRAM.
Cuts latency for latency-sensitive workloads (code infilling, inline editing) without architectural changes to inference pipelines. Enables local deployment on consumer GPUs where standard models won't fit.
Replaces Gemma 2 26B for speed-critical tasks only—acknowledge quality regression on all benchmarks. Requires HuggingFace integration, Unsloth quantization stack, or Nvidia NIM wrapper. Ready to test now; production use depends on tolerance for lower accuracy.
“generate text 4x faster than its existing Gemma models”
“can produce more than 1,000 tokens per second on a single Nvidia H100”
11 CVEs fixed across TLS hostname validation, WebCrypto output bounds, HTTP/2 memory exhaustion, and permission model gaps—upgrade required if you run untrusted code or expose crypto APIs.
TLS SNI case sensitivity and hostname normalization bypasses affect certificate validation; HTTP/2 originSet unbounded growth causes DoS; WebCrypto output length guards prevent buffer overruns. Permission model gaps let process.chdir and FileHandle.utimes escape scope restrictions.
This is a mandatory upgrade if running 26.x. No breaking changes. OpenSSL bumped to 3.5.7, undici to 8.5.0, llhttp to 9.4.2—all deps update in-place. Takes 10 minutes to deploy via package manager or binary download.
“This is a security release.”
“tls: normalize hostname for server identity checks (Matteo Collina) – High”
12B model runs on 16GB VRAM with near-26B performance and native audio support via unified architecture—no separate encoders.
Developers can now deploy multi-modal reasoning and agentic workflows locally on standard laptops without cloud inference costs or token metering. Native audio eliminates separate encoding overhead, reducing latency and memory for time-sensitive applications.
Replaces cloud inference for non-coding tasks; requires 16GB VRAM minimum. Ready to try now if your workload isn't coding-heavy (warning: community flags weak coding benchmarks vs. Qwen alternatives). Worth evaluating for audio/vision agentic pipelines on consumer hardware.
“Small enough to run locally on a mere 16GB of VRAM or unified memory”
“performs nearly as well as Gemma 4 26B — but at less than half the total memory footprint”
“passes those inputs directly into the LLM backbone”
“project[s] the raw audio signal into the same dimensional space as text tokens”
“Cloud is convenient, but you're paying per token forever, and your prompts go through someone else's server. local = one time setup, private, zero ongoing cost.”