Coding with Copilot and ChatGPT

I love coding with AI.

There, I said it. “You’re not a real developer,” I can hear you saying. And no, my profession is not primarily development1, but development definitely makes my job in IT easier.

Here are some tips that will make Copilot and ChatGPT code faster, better and more accurately for you.

Start with a Readme

When you can, start with a readme that explains what your project or script will do, before you write a single line of code. In this project, the readme was the very first file I made. I then pasted it into ChatGPT and asked that ChatGPT write a script to match.

Use examples in the readme: what do you want the syntax to be? Are there code examples of JSON or expected output you want to see? Start with the end in mine, and describe it as much detail as matters to you for the output.

Examples, Specifically

Both Copilot and ChatGPT work very well with examples. If you want to see a specific output, show it an example of what you want. If you were writing an API that exposes an endpoint with user data you might tell ChatGPT something along the lines of:

This is an unfinished endpoint to return user data from this project through a restful API. Clients expect to see JSON responses such as:
{
   "user": "[email protected]",
   "id": "some-guid",
   "phone": "555-123-1234",
   "nickname": "JD",
   "favorite color": "blue"
}

Some attributes are optional, so responses like this are also valid:
{
   "user": "[email protected]",
   "id": "another-guid"
}

Comments Galore

Comments seem to make both Copilot and ChatGPT better so I use them liberally. When ChatGPT gives me output I ask it to comment the code for a “junior developer.” In Python I have it generate docstrings for each function (documentation that describes what the function does).

With Copilot, comments can write your code for you. Write a comment like:

# Regex to separate split emails from domains, then put the domains into a sorted list

and then just wait for the autocomplete to give you the correct code, such as:

pattern = r'@([a-zA-Z0-9.-]+)'
domains = re.findall(pattern, emails)
sorted_domains = sorted(domains)

I also add examples and documentation in comments when I think the reference will help. If I am consuming a JSON API I may write:

def SaveAPIResponse(*args):
"""Takes the json response from Acme API and saves to the database.
A sample response would be:
{
   "user": {
      id": 12345,
      "username": "johndoe",
      "email": "[email protected]",
      "firstName": "John",
      "lastName": "Doe",
      "createdAt": "2024-08-05T22:04:55Z",
      "github": "johndoe"
     }
}
"""

You’ll see the accuracy explode.

One Thing at a Time

For the first couple of responses you can ask ChatGPT to output a lot, a 100+ lines of code isn’t crazy. When you get to troubleshooting, feed it one section at a time.

For instance, in my most recent project I decided to have ChatGPT write unit tests for me — because who likes writing those? They didn’t all work correctly, so I gave it one failing test at a time, correct either the test or the original code, and then went on to the next test.

Even when there is a similar root issue, one at a time is usually better.

Know When to Restart

For a certain amount of time ChatGPT seems to be more accurate with the more information you give it. But at some point in the conversation it seems to suffer from brain fog and stops any critical thinking and gives recycled output2. At this point, start a new chat.

Don’t just pick it up again, start fresh.

Your new chat might start like, “I’m picking up this project from another developer. She was working on adding feature XYZ to the script below. Will you check for errors and then finish the function? <paste the script>”

If relevant, include the readme or other documentation (again). “She left me these notes…” (This is also where it can be helpful to have documentation in comments, such as those above)

Prep Materials with AI

Sometimes you may have a lot of material or code to go through and you don’t want to muddy up the conversation. Just use a separate chat. For example, I may take a large snippet of JSON and ask ChatGPT to write documentation on the structure of it, and then use that documentation in my readme.

I might take a 100+ lines of JSON from something like this, and then ask ChatGPT to “write documentation for this JSON from the provider’s perspective, as through a restful API.” Then I’ll take that output and put it in the readme or the comments.

It keeps the main conversation from getting brain fogged, and should give you some clear output about expectations as well.

  1. If you look at my Github you will see projects such as this WordPress plugin that uses ChatGPT to add alt text to images, a docker/syslog project, a Dehashed command line API client, and more. I’m not alien to programming either. ↩︎
  2. Yes I know ChatGPT doesn’t “think” but I don’t know what to call an. AI that is essentially emulating brain fog… ↩︎

Roaring Kitty, Stock Manipulator?

The WSJ reports (gift link for paywall) that E*Trade is thinking about kicking Keith Gill — better known as Roaring Kitty or DeepFuckingValue — off of its platform. Gill is largely credited with driving the GameStop stock price to unrealistic levels, as evidenced by a PE ratio of 1,320 on June 4, 2024.

E*Trade is asking whether or not Gill manipulated the stock price, presumably via his Reddit and Twitter posts, especially after he resurfaced after silence for three years.

It is possible that Gill will find himself under an SEC investigation for this very question, especially now that he has 120,000 GameStop options worth $289 million. Gill will probably respond along the lines of, (1) he can’t be held responsible for what hundreds or thousands of amateur investors do, and (2) out of 306 million shares outstanding his portion is tiny and unable to influence the market.

But at this point his following is loyal and many will follow his lead, which will affect the stock price, where volume now exceeds 25 million. For comparison, Apple has 15 billion shares outstanding, approximately 50 times more than GameStop, with a trading volume of 62.5 million, which is less than three times that of GameStop.’s. Or more simply, Gill tweets and GameStop trading volumes goes through the roof.

It’s clear that Gill can significantly influence GameStop trading.

I don’t know if Gill is acting in good faith or not, I do know that he is in a position where he can influence this stock, and probably dozens of others that have prices low enough and some other measure of volatility that can be exploited by amateur traders. He may not have always had the influence, but he now does whether he realizes it or not.

In other words, he has a responsibility to be prudent in communications that will impact the stock price.

It made me think of Elon Musk, another figure who is able to significantly influence stock prices with a tweet. He often seems clueless that his has such power. Again, I don’t know if this is in good fatih. Like Gill he didn’t always have that kind of power. In many of his actions, he seems unaware that the repercussions of his behavior, as the world’s richest man, are orders of magnitude greater than anyone else’s.

In other words, he has a responsibility to be prudent in communications that will impact the stock price.

Neither man seems to understand what their influence is, or if they do, understand the idea of prudence. (Or perhaps don’t care, I don’t know.)

How Small Is A Small Business?

(If you are on the front page, click here to see just this post in a clearer view)

How big is a small business? There is no single definition, and any person you ask probably has their own idea.

The SBA publishes a list of their definitions of “small business” by industry and uses either revenue or employees. A business can be small with revenues up to $2.5 million, or up to $47 million depending on the industry. For industries that use headcount as the metric, a small company has 100 up to 1500 employees, again depending on the industry.

Why does this matter? I can think of two reasons:

  1. Most people have no idea how much the definition varies. I see articles in national news organizations that think of “small” as $100m or 500 employees, while other business owners may think $10m or $20m is small. Or 100k.

    I hope this helps people (1) understand how differently people think of and, (2) gives people some idea of what a common definition might look like.
  2. These definitions affect government contracts that businesses are eligible for.

On this page/post, you can search that list by industry or NAICS code to see what the definition of “small,” is, either by gross revenue or employees, whichever measure the SBA uses.

A random entry is below.

Search by Industry or NAICS Code:

Limit:

Average Limit for Sector:

Variance from Sector Average:

Average Limit for Subsector:

Variance from Subsector Average:



    The other thing this page demonstrates is how quickly AI will and is changing tech and data analysis: I found the data source and had the idea, but the code was generated entirely by ChatGPT. I am really blown away by gpt-4o, the context window is so much better. While you could put in tens of thousands of words (tokens) with gpt-4 the model still got lost quickly and you’d need to start a new chat.

    For this, I had multiple iterations and it never lost track of where we were, and always outputted the entire code at once. (YES! Can you believe it?)

    Data is loaded directly from the SBA API feed at https://api.sba.gov/naics/naics.json

    Find the code for this post at https://jonathanaddington.com/how-small-is-small-code/

    The Continuation of a Genocide

    The WSJ with an article out on the continuation of a genocide began twenty years ago:

    Sudan’s paramilitary Rapid Support Forces and other allied militias in recent days have attacked and torched villages in war-torn Darfur, according to satellite images and interviews with survivors, stirring fears of more mass killings in the region.

    Satellite images analyzed by Yale University’s Humanitarian Research Lab show significant new fire damage in 11 villages west of El Fasher since late March….

    Amani Jalia said she discovered the charred bodies of her elderly parents in their home in the village of Sarfaya, about 20 miles west of El Fasher following an attack by RSF fighters and Arab militia on March 29.

    “They were setting fires on all houses and firing in all directions,” Amani Jalia, who asked to be identified only by her first and middle names. “They were shouting and calling us slaves.”

    Another article described a mother forced to watch murderous fighters set fire to her house while her children were trappd inside, to be burned always.

    It is tempting to say that there are no easy answers — and there are not. The West, and America in particular, re-learns the dangers of foreign engagements in situations that don’t directly involve us every decade.

    But we can skip to the end to decide on the next action.

    History’s Guide tells us the violence will continue until it is out of control. Killings and absolute atrocities will reach a level that we can’t unwatch, that we can’t ignore, even with Ukraine/Russia and Israel/Gaza. The UN will decide to send in armed forces, or threaten an air campaign, something, to force the RSF to cease open atrocities and genocide.

    But only after tens of thousands are killed.

    It’s a double real-politik. Foreign engagements are tough, unpopular and have unintended consequences.

    But if we are likely to engage when the violence is high, the existing sides stronger and more dug in, then the rational thing is to jump in now, when we can prevent more harm, both for the region and for us.

    Not Every Breach Is A Critical Breach

    This week it was revealed that Cisco’s Duo had a vendor breached that handled VOIP & SMS for Duo. Duo does MFA, so this is potentially a big deal. I had a vendor send me this language for our own PR:

    The severity of this incident cannot be overstated. The compromised information could be exploited by cybercriminals to launch highly targeted attacks against you and your organization.  

    It can be overstated.

    It’s estimated that the attack affected 1,000 people.

    The exposed data is relatively minor1

    The data contained in these logs includes an employee’s:

    • Phone number
    • Carrier
    • Location data
    • Date
    • Time
    • Message type

    Bleeping Computer

      MSPs and cybersecurity professionals will undoubtedly fatigue the public if we cry wolf every time something happens in the cybersecurity realm.

      1. I’m sure someone will flame me for saying this. Of course any data can be used for phishing or other nefarious purposes. I’m not saying that it can’t be. But it also isn’t a full set of PII and credentials. Notably, names, addresses, employers and related applications are all missing from this list. ↩︎

      2020 Never Ended

      A surreal street scene with a large, melting clock face hanging from a street lamp post. The clock displays the time as just past 10:10 and the year 2020. The background features foggy city streets with silhouettes of buildings, bare trees, and a snow-covered ground, creating a cold and deserted atmosphere.

      I just finished How to Human by Carlos Whittaker. While, not the point of the book, a thesis within it is that 2020 — and all that 2020 was — made so many of us forget how human.

      We forgot that it is a human instinct to help each other. 

      We forgot to put empathy over politics.

      We forgot how to be generous to everybody, and not just those from our own tribe. 

      It is a very optimistic take on the last few years: the idea that the social and political climate that we live in today — which is more toxic than that any other time in living memory — is an output of the disaster that was 2020.

      Reading this section of the book made me realize that in many ways I feel like 2020 never ended for me.:

      • My primary office is still my bedroom. 
      • The racial discussions that began in 2020 are unresolved and still part of my life.
      • The political environment is crazier, more malicious, more dangerous, and more divisive among friends and close community than it was in 2019 (which is saying something.)
      • The 2020 presidential campaign never actually ended.

      My mind is never too far away from a hair-trigger. I feel like I struggle to ever really embrace the good things coming in the not-near future. I can see good things 4-8 weeks away but anything further out gets demoted by my attention which is more attuned to anything going wrong now, or that might go wrong, or that I just don’t think will go right.

      If a few years ago I had vision to see a mile ahead in life it is now down to a couple hundred yards, past that there is only fog that always looks dark. Not because life is that uncertain, because I am unable emotionally to process what will happen beyond that.

      In my mind, yesterday is always lockdown, George Floyd, January 6th, the Ukraine war, keeping a small business afloat during COVID, getting COVID, up-ending how I do all of life. Today I need to get through today, and I’ll worry about tomorrow, tomorrow because I don’t have any energy left today.*

      Anything good that happened in that time (and there was a lot for me) is somehow moved from the main story line of my life to the appendix as I re-read it in my mind.

      I didn’t even realize how much I thought this way until getting through the first chapter or two of the book. 

      Wow, looking back at what I just wrote, sounds a little like PTSD, eh?

      A few paragraphs ago this post was more of a public-journaling exercise: I did not plan out a conclusion, just a description of my own life and thoughts.

      But if my experience in any way matches yours, then maybe Carlos is right: many of us are still dealing with trauma — not of any one thing but of all the things — that cloud our feelings, our perception and our judgement. 

      I think our deeply inhuman response to everything that happened in 2020 left the deepest mark and, for some, the deepest wounds. The year 2020 jacked up humanity. It threw many of us off course, and the problem is that we can’t seem to rebound… it still feels like most of us got knocked off course and can’t find our way back. I’m still processing. Still working to understand. Maybe you are too? Why? Because 2020 was about so much more than 2020.

      Carlos Whittaker, How to Human

      Maybe in trying to cut through the fog we have forgotten “how to human,” as instead we find ourselves in a low-state of anxiety about everything. 

      Carlos has a prescription for us — if you want it listen to the book, it’s only six hours — but this is my first step. Acknowledging through writing, the effects that 2020 is still having on me. Not just reverberations, a very much right-now-still-in-the-present effects.

      My second step is to end 2020. Maybe not in 2021. Or 2022. Or 2023. More like April of 2024.

      Then I can start a new year.

      *Not like the birds of the air here, it’s just anxiety all around.

      Will Kaseya Make an Industry Shaking Announcement, Is It AI?

      Fred Voccola has been marketing a major announcement at Kaseya Connect.

      …in November, he previewed a Powered By Kaseya branding campaign that would roll out at this month’s Kaseya Connect Global 2024 conference. The CEO said the campaign “will disrupt the entire industry and that’s why end customers are going to start to look for MSPs powered by Kaseya, the same way that we bought a PC 15 years ago powered by Intel. We’re going to make it impossible for people not to be ‘Powered by Kaseya.’”

      At the Kaseya+Datto M&A Symposium for MSPs in London last December, Voccola added that Kaseya would deliver news in 2024 that will make the Datto acquisition “seem insignificant.” He certainly wasn’t talking about layoffs.

      At Robin Robin’s Bootcamp in Nashville in April of 2024 he said:

      We’re announcing in Vegas and three or four weeks, we believe we will fundamentally alter [the industry]. That’s a big statement. [This is a] 20, $16 billion bet, and this is my career bet — that we will fundamentally alter our industry for the better, change the dynamics of it, so this will be one of the most lucrative and rewarding industries on this planet period. 

      I think we found the way to do that, it’s a combination of a lot of things… it’s a culmination of everything we’ve done over the last decade. 

      I think the most interesting portion of those two quotes is “this is my career bet.” A $16bn bet would be a career bet for Vocolla for sure. A few months ago it would have been the Datto acquisition. With a valuation of nearly 10x ARR, it was a big bet that Datto would significantly outperform the market.

      Let’s talk about why it can’t be anything special, and then how it could be ground-breaking AI.

      The Pessimist

      Of course, for those of us in the industry, it is not remotely clear how “Powered by Kaseya” could “fundamentally” alter the Channel. Kaseya has a mixed reputation in the industry and virtually no reputation outside of it, except for those who remember its mammoth cybersecurity incident a few years ago.

      Honestly, it isn’t clear how any single announcement from any single company could “fundamentally” alter the MSP industry. AI has the biggest potential to transform how things are done — as in take tens of thousands or hundreds of thousands of low and mid-level tech jobs — but that will be a transition with incremental progress made by multiple companies.

      The second most interesting thing is him throwing out $16 billion dollars. Kaseya does $2 billion in ARR1, which means it isn’t anywhere near a $16 billion company,2 and nearly a third of that ARR came from the Datto acquisition3. It also doesn’t seem likely that this is simply more acquisitions, if for no reason than there are no rumors of deals remotely that big circulating, at least that I am aware of.

      The Optimist

      Let’s take two of the pessimistic ideas and flip them on their head: Kaseya doesn’t have that kind of money and AI doesn’t move that fast. In fact, the two of these together make more sense than other options, AI still attracts lots of money and high valuations, and Insight Partners has (or can raise) the money.

      I believe the biggest challenge to applying a general AI to IT is data: you need a lot of data to train on from a wide variety of industries, and Kaseya has that.

      • Kaseya owns two PSAs, full of 10+ years of tickets, solving processes and the ultimate solutions, from hundreds or thousands of MSPs serving probably every industry in the US (or the world?)
      • Kaseya owns two RMMs, also full of 10+ years of information
      • Kaseya owns the industry-leading IT documentation platform — IT Glue — which is full of documentation and SOPs for tens of thousands of IT environments

      In fact, Kaseya is probably one of only a handful of companies globally that has this much IT data from such a wide variety of sources. ConnectWise would be the only competitor here. Not even Microsoft has this kind of data.

      If Vocolla was talking about $16-$20in in R&D over several years both the total expense would make sense, and why he wasn’t sure if it was $16bn or $20bn, kind of a big gap to not know otherwise.

      Critically, Kaseya also has all of the pieces needed today. An interface for customers and AI (PSA), an interface between the AI and the endpoint (RMM), and documentation including passwords (IT Glue). And all of these are already validated tools. If you use Datto (Kaseya) Networking or are using their M365 RMM plugin, Kaseya also has network and cloud visibility into client platforms.

      Finally, Kaseya doesn’t need to invent a model from scratch. It’s possible to take an open-source model and fine-tune it, or partner with OpenAI/Microsoft to fine-tune a general LLM to work for IT. If you had a multi-model model you could ingest screen captures and, possibly, return keyboard and mice commands in an RPA-like product.

      It would be slow to start, sure, but well within the realm of possibility. It would also be expensive, but probably less expensive than a tech.

      It would also be one of the few products that might attract enough attention that “Powered by Kaseya” could mean something to a general audience.

      Now use your imagination and start tying all of these together: a client sends in a ticket to a PSA. KaseyaAI looks at the ticket and responds, possibly scheduling a remote session. Next, KaseyaAI remotes in with the RMM. It has access to passwords in IT Glue, along with client documentation. Between specific documentation, general IT knowledge and publicly available KBs it can solve most low level issues by itself. Finally, validating with the client that the issue is solved and closing the ticket.

      Kaseya could also automate RocketCyber (their SOC) this way. Get an alert, research it, and automatically remediate on the endpoint.

      Insight Partners currently lists 82 investments in ML/AI/Data on their portfolio page, and their news is absolutely dominated by AI stories. They have 99 investments in IT Infrastructure companies, although some of those overlap with AI.

      We’ll see in four weeks if my predications hold water.

      The second quote is my transcription, as always, I’ve lightly edited it for clarity.

      1. Per Robin Robins at the 2024 TMT Boot Camp. I’m pretty curious how Kaseya got to that level. ↩︎
      2. At least not shy of massive valuations ↩︎
      3. From the December 2021 Datto annual report: “As of December 31, 2021, our ARR was $658.4 million and our revenue for the year ended December 31, 2021 was $618.7 million, of which approximately 93% was recurring subscription revenue.” ↩︎

      Short Takes

      Like Twitter, but only here.

      🔓 Unlocked: Gambling!

      The idea that Uber eats somehow gamiified and allowed me to unlock the ability to gamble always amuses me.

      Screen displaying a status update for an order with an estimated arrival time of 7:50 PM and the latest arrival by 8:05 PM. Below the status, there is a promotional offer congratulating the user, Jonathan, on unlocking a Bet $5 Get $150 bonus offer with BetMGM. A 'Register Now' button is provided to take advantage of the offer. A disclaimer at the bottom indicates the promotion is for those 21 and older and provides a gambling problem helpline number.

      Do We Want An Armed Europe?

      Aaron MacLean in the WSJ with an op-ed reminding us what an armed Europe looked like in the 20th century. (And while he focuses on the 20th century the arguments would hole true for most of the previous 20 centuries)

      He asks:

      Do we want European states to rearm, to achieve something closer to strategic self-sufficiency, perhaps including nuclear proliferation to the east?

      And reminds us:

      Perhaps we forget the vast slaughterhouse into which the Continent transformed on two occasions in the first half of the last century

      He concludes:

      In the short run, the main risk is still that European nations will overfund their social priorities, underfund their security, and fail to deter further westward Russian expansion…

      There is… a risk for a disengaged America even if Europe does rearm. Putting these countries on their own feet may merely be the prelude to their hands reaching for one another’s throats. The two possibilities aren’t mutually exclusive…

      Report: no reason to fire Sam Altman

      Ars Technica

      After reportedly interviewing dozens of people and reviewing over 30,000 documents, [the legal firm hired to investigate Altman’s firing] found that while the prior board acted within its purview, Altman’s termination was unwarranted. “WilmerHale found that the prior Board acted within its broad discretion to terminate Mr. Altman,” OpenAI wrote, “but also found that his conduct did not mandate removal.”

      I am neutral on Sam Altman as a whole. I think that this episode is a net—negative for keeping AI development in check — especially at Open AI, as Sam Altman now essentially seems invincible.

      Slackb0t

      Tom McKay successfully masqueraded as a “Slackbot” on Slack after leaving Gizmodo in 2022, going unnoticed by the site’s management for several months. The Verge reports: If you’re not glued to Slack for most of the day like I am, then you might not know that Slackbot is the friendly robot that lives in the messaging service. It helps you do things like set reminders, find out your office’s Wi-Fi password, or let you know when you’ve been mentioned in a channel that you’re not a part of. When it was his time to leave, McKay swapped out his existing profile picture for one that resembled an angrier version of Slackbot’s actual icon. He also changed his name to “Slackbot.” You can’t just change your name on Slack to “Slackbot,” by the way, as the service will tell you that name’s already been taken. It does work if you use a special character that resembles one of the letters inside Slackbot, though, such as replacing “o” with the Unicode character “o.”

      🏈 2024 Super Bowl or The Moon 🌖

      One small step for man, one giant touchdown for the Chiefs. (Also: That was the most relevant blocked extra point in the history of football) BBC:

      Screenshot of a BBC news article with the headline "Super Bowl 2024 was most watched US TV broadcast since 1969 Moon landing," published 17 hours ago by Emma Saunders, Entertainment reporter. The accompanying image shows a group of excited fans, with one person in a red Kansas City Chiefs jersey with "CHAMPS" and the Super Bowl LIV logo on the hat, celebrating among the crowd.

      Preliminary US TV ratings put Sunday’s game just behind Apollo 11’s historic landing, which was seen by an estimated 125 to 150 million people.