Carl George joins the show to talk about Texas Linux Fest, Omarchy, Linux desktop environments, configuring Linux, and more. Use the code CHL15 for 15% off your ticket to Texas Linux Fest.

Join the discussion

Changelog++ members get a bonus 10 minutes at the end of this episode and zero ads. Join today!

Sponsors:

• CodeRabbit – AI-native code reviews, built for the modern dev stack. — CodeRabbit is your always-on code reviewer—flagging hallucinations, surfacing smells, and enforcing standards, all without leaving your IDE or GitHub PRs. Trusted by top teams to ship better code, faster.
  Start free at CodeRabbit.ai
• Depot – 10x faster builds? Yes please. Build faster. Waste less time. Accelerate Docker image builds, and GitHub Actions workflows. Easily integrate with your existing CI provider and dev workflows to save hours of build time.
• Fly.io – The home of Changelog.com — Deploy your apps close to your users — global Anycast load-balancing, zero-configuration private networking, hardware isolation, and instant WireGuard VPN connections. Push-button deployments that scale to thousands of instances. Check out the speedrun to get started in minutes.

Featuring:

• Carl George – GitHub, LinkedIn, X
• Jerod Santo – GitHub, LinkedIn, Mastodon, X
• Adam Stacoviak – Website, GitHub, LinkedIn, Mastodon, X

Show Notes:

Use the code CHLG15 for 15% off your ticket to Texas Linux Fest.

Something missing or broken? PRs welcome!

Download audio: https://op3.dev/e/https://cdn.changelog.com/uploads/friends/109/changelog--friends-109.mp3

I recently wrote about Mark Russinovich, Microsoft’s Azure CTO, talking about how Rust code is shipping in Windows, but I didn’t cover the whole of what he said at RustConf 2025 earlier this month in Seattle. In fact, I didn’t even cover the half.

While I wrote primarily about Microsoft rewriting Windows components in Rust, that was just the opening act for Russinovich in his keynote at the event. He spent much of his talk showing off projects that reveal how far down the Rust rabbit hole Microsoft has actually gone.

Virtual Machines in a Millisecond

His Hyperlight discussion was genuinely impressive. Russinovich showed a system that spins up virtual machines (VMs) in 1.5 milliseconds. Not containers — actual VMs with proper isolation boundaries.

“Look, we don’t want a full-blown hypervisor with a full-blown operating system just to run some user code we don’t trust,” he said, pulling up slides showing the architecture. “This is way overkill for running a tiny function.”

Hyperlight started as a C# prototype but got rewritten in Rust when performance became critical. It’s now handling real traffic in Azure Front Door, where customers can deploy edge functions that process network requests. The use case makes sense — you need strong isolation for untrusted code, but traditional VMs are too slow for functions that might run thousands of times per second.

What’s impressive about Hyperlight is how minimal it is. No guest OS, just a small runtime that provides APIs to the code running inside. It supports WebAssembly and native binaries, but either way, the attack surface is tiny compared to a full VM stack.

In addition, it is all open source, Russinovich said.

Useful Build Integration

Microsoft also tackled the issue of how to use Rust in existing projects without rewriting everything.

Their answer is a Cargo plugin for MSBuild that lets you drop Rust modules into C++ and C# codebases. Russinovich admitted this was born from necessity: “We can’t just tell teams to throw away millions of lines of working code.”

The plugin is straightforward: You write your Rust code, Cargo builds it and MSBuild treats it like any other dependency. But getting the linking and ABI details right took serious work. Microsoft also open sourced this, which suggests it thinks other companies will face the same problem.

This feels like the kind of practical tooling that could move the needle on Rust adoption. Most companies are not going to rewrite entire applications, but they might replace security-critical modules if it’s easy enough.

Guidelines That Don’t Suck

Russinovich said Microsoft also published its “Pragmatic Rust Guidelines” — essentially its internal playbook for how to write Rust code at enterprise scale. He was straight up about this: “If you’re an experienced Rust developer, none of this will surprise you. It’s really for people who are new.”

What is interesting is that they made two versions — one for humans and a condensed version specifically formatted for AI coding assistants. “You can drop this into your Copilot instructions and the AI will actually follow it,” Russinovich noted.

The guidelines cover things like error handling patterns, Foreign Function Interface (FFI) best practices and when to use different async runtimes. Nothing revolutionary, but having official Microsoft recommendations could help teams avoid common pitfalls.

The AI-optimized version is a smart touch, as a lot of Rust code is getting written with AI assistance these days. Having guidelines that work well with those tools shows Microsoft is thinking practically about how development happens.

Rewriting the Crown Jewels

Then Russinovich explained that Microsoft is in the process of rewriting its SymCrypt cryptographic library in Rust.

SymCrypt is not just another library. It’s Microsoft’s cryptographic core — the code that handles RSA, elliptic curves and every other piece of crypto across Windows, Azure and Office. “This is literally the most sensitive code we have,” Russinovich said.

But it’s not just doing a straight port. Microsoft Research has formal verification tools for Rust, so it’s proving the mathematical properties of the new crypto code. The verified Rust can even be transpiled back to C++ for easier integration with existing systems.

New algorithms like ML-KEM (the post-quantum key exchange standard) are being written in Rust from scratch. This suggests Microsoft thinks Rust will be its crypto language going forward, not just for new projects, but for its most critical existing code.

The fact that it’s willing to touch SymCrypt at all shows how confident it has become in Rust tooling and developer expertise.

AI-Powered Code Translation

The most futuristic part of the talk involved Microsoft’s GraphRAG technology applied to code translation. Russinovich demoed a tool that automatically converts Python applications to Rust while preserving structure and functionality.

He showed a simple side-scrolling game written in Python: three files, maybe 200 lines total. The translation tool analyzed the code structure, understood the relationships between modules and generated equivalent Rust code that compiled and ran identically.

“Normal LLM [large language model] translation gives you garbage,” Russinovich said, showing broken code from a standard ChatGPT translation. “But if you give the AI a semantic understanding of the whole codebase, it can reason about what the code actually does.”

The demo worked, but it is unclear how well this scales to larger, more complex codebases. A three-file Python game is one thing; a million-line C++ application is another entirely.

Still, if Microsoft can make automated translation reliable, it could solve the biggest barrier to Rust adoption. Most companies have enormous existing codebases that they cannot afford to rewrite manually.

The Reality Check

However, Russinovich was surprisingly candid about Rust’s rough edges. Microsoft’s internal surveys show developers still struggle with interop, async debugging and dynamic linking, he said. The learning curve for C++ developers is genuinely difficult.

“It’s a shock when you’re coming from C++,” he admitted. “Your brain has to completely rewire how you think about memory and ownership.”

But even developers who complain about Rust don’t want to go back to C++, he said. After a few months, they adapt and become advocates. Performance is consistently better. Whole categories of bugs just disappear.

Microsoft has put serious effort into tooling improvements — Visual Studio Code integration, debugger support, better error messages. They also have found that AI coding assistants help a lot with Rust’s learning curve.

The Bigger Picture

Russinovich’s presentation revealed the scope of Microsoft’s bet on Rust. It’s not just using it for new projects — it’s systematically replacing C++ in its most critical systems. Win32k.sys, Hyper-V, SymCrypt, Azure Data Explorer. These are not experiments; they are production systems handling massive scale.

The driver framework extends this beyond Microsoft’s own code. If hardware vendors start writing Rust drivers, Windows gets more secure without Microsoft doing all the work.

Combined with AI translation tools, this could create a tipping point. Right now, Rust adoption is limited by the effort required to get started. But if you can automatically translate existing code and easily integrate Rust modules into existing projects, the barriers start disappearing.

Whether this truly happens depends on execution. Automated translation needs to work reliably on complex codebases. Build integration needs to be seamless. Safe abstractions for driver development need to be complete and well-documented.

But Microsoft seems committed to making it work. As Russinovich put it: “Rust is permeating our core infrastructure. This is just going to accelerate.”

The post Microsoft Goes All-in on Rust for Core Infrastructure and Much More appeared first on The New Stack.

I just posted on how to use a PowerShell script in a flexible manner to perform different tasks with generative AI locally with Ollama, but I realized I hadn’t gone into just how cool and simple it was to run this on my laptop, along with the beauty of the script output.

Pulling from the Demo

For the demo scenario, the following exists:

• A Postgres 17.5 database, source and target for a migration.
• Four migration scripts requiring code review for the following:
  • Syntax
  • Row Level Security issues inside the database (RLS referenced in the prompt)
  • Missing index options
• Flyway CLI is configured and in use for the databases and will be used as the orchestrator.

There is a series of scripts and the parameters/variables are set beforehand for the postgres user password, Flyway path, database connection info, etc.

The ai-review.ps1 script, called as part of the parent script, is written as follows:

param(
[string]$HostName,
[int]$Port,
[string]$Database,
[string]$User,
[string]$Password
)

# AI-assisted review using Ollama 

$ollama = Get-Command ollama -ErrorAction SilentlyContinue
if (-not $ollama) {
Write-Host "Ollama not found. Skipping AI review." -ForegroundColor DarkYellow
exit 0
}

$model = $env:AI_REVIEW_MODEL
if (-not $model) { $model = "qwen2.5-coder" } # choose any local model you have

#Gather SQL diffs(new files)

$files = Get-ChildItem ../sql -Filter "V__.sql" | Sort-Object Name
$summary = @()
foreach($f in $files){
$content = Get-Content $f.FullName -Raw
$summary += "### File: $($f.Name)n````sqln$content`n````"
}
$prompt = @"
You are an expert database reviewer. Analyze these PostgreSQL migration files for:

- security issues (e.g., missing RLS, overly broad grants)-peformance pitfalls (missing indexes, risky scans) -rollback/reversibility notes -correctness and deployment risks

Respond with concise bullet points and a PASS/REVIEW flag per file.
$($summary -join "nn")
"@

Write-Host "Running AI review with model '$model'…" -ForegroundColor Cyan
$result = & ollama run $model $prompt
$result | Set-Content -Path ./ai_review_report.md
Write-Host "AI review written to ./ai_review_report.md" -ForegroundColor Green

If you read through the script, once the parameters are set, the script goes in and performs a number of checks to verify that Ollama and the LLM can be found, as well as the DDL files.  It then tells Ollama as part of the AI prompt that it is an “expert database reviewer” and as part of this Postgres DDL review, it will check for the list I discussed in the first section of this post.  It then will print the results in a report named “ai_review_report.md”.

The End-to-End

What does the execution of the parent script, in it’s full end-to-end look like?

As this is part of a larger scripting scenario, notice it tests connectivity, performs the code review, outputs the report, verifies integrity, runs the Flyway migrations, performs some smoke tests and then looks at some top queries on the Postgres cluster after testing the new code that’s been released.  

AI Code Review Report

The report, which is the goal of the ai-review.ps1 is the most important part, as that is the focus of this post:

The Ollama AI and Qwen 2.5 LLM used the prompt posed to it and created a summary report with information on each of the four scripts, checking on security, performance, rollback/reversibility and correctness, then granted a FAIL, REVIEW or PASS status flag to each of the scripts.  If any of the scripts had received a FAIL status, the migration would have exited and rolled back as part of the migration requirements.

In Summary

AI can do a lot of things, but rarely do we ask if it should or explain how it solves a problem that plagues us every day.  Code reviews is a demand on many developer and DBAs time that can be offloaded to AI quite easily and in a way that doesn’t require a lot of GPU or tokens to perform when done with a lightweight AI such as Ollama with a local LLM.

When working with database migrations, automation is the key to speed and safety. Redgate Flyway already helps us structure and deploy migrations consistently, but what if we could add AI-powered checks directly into our existing pipelines and do so in a safe manner as well?  I’ve been promoting this as part of my open-source and Postgres event sessions for the last few weeks and I’d like to discuss it further.  Recently Ollama offered the option for a Windows 11 installation.  No GPU or tokens required, (although having GPUs won’t hurt) I did timed tests and found it to be a solid choice for simple generative AI work when needed locally and even added optimization options for folks who are interested. 

Now armed with a local AI and LLM, I began combining PowerShell scripts with to create command line solutions for tasks that incorporated what I was working with, (link to the code below) including Flyway CLI and Postgres. With this post, I’d like to narrow in on how a single, flexible PowerShell pattern can drive code reviews, performance checks, conflict detection, and even release documentation as part of projects, as this is how I often view the code that I write. 

I am going to ask for one thing though: no one judge my PowerShell code too harshly, that’s an area I’m still a novice.

Prerequisites

Before jumping in, let’s discuss what you’ll need to get this to work:

• Flyway installed and configured with your database.
• Ollama installed locally (e.g., running ollama and running a qwen2.5 LLM downloaded locally also).
• PowerShell 7.x (though most examples will work in Windows PowerShell 5.1).
• A local database of your preferred flavor.  For my example here, I have a Postgres 17.5 database running on my PC.

Base Script: AI-Powered Code Review

I’ve pulled out the code from the overall script, but here’s the minimal script that reviews a SQL migration file.  You can add or subtract from the AI prompt to have the review do more or less as  you require:

param(
   [string]$SqlFile
)

# Load migration script contents
$sqlContent = Get-Content $SqlFile -Raw
# Run AI review with Ollama
$review = & ollama run qwen2.5 "Review this SQL migration for syntax issues, style problems, and possible risks: $sqlContent"

Write-Host "=== AI Review for $SqlFile ==="
Write-Output $review

Run it with:
.\ai-review.ps1 -SqlFile ".\migrations\V1__create_table.sql"

You’ll get natural-language feedback from the local model, flagging potential issues before running flyway migrate.  Manual review is expected at this state, but you could add in a parser to look for any file flagged for review or fail, stopping the migration if found in the code review.

Extending the Script for Other Tasks

Because the script is prompt-driven, you only need to change the prompt text to perform a new kind of check. Let’s walk through some examples as we build this out to do more.  This is what I really loved about this script.  You see how an AI prompt is issued as part of the PowerShell script, so why not take that further and perform other tasks?

1. Performance Impact Check

param(

    [string]$SqlFile

)

$sqlContent = Get-Content $SqlFile -Raw

$review = & ollama run qwen2.5 "Analyze the following SQL migration for potential performance issues on large data sets. Suggest indexing, partitioning, or query rewrites if needed: $sqlContent"

Write-Host "=== Performance Analysis for $SqlFile ==="

Write-Output $review

This helps you catch long-running changes (e.g., unindexed ALTER TABLE … ADD COLUMN on massive tables) early.  Depending on the platform, you could look for potential lock escalation problems in SQL Server or TX waits or TEMP usage in Oracle, too.

2. Conflict Detection with Existing Schema

param(

    [string]$SqlFile,

    [string]$SchemaDump

)

$sqlContent = Get-Content $SqlFile -Raw

$schemaContent = Get-Content $SchemaDump -Raw

$review = & ollama run qwen2.5 "Check if the following migration conflicts with the existing schema. Highlight duplicate indexes, conflicting constraints, or dropped columns still in use. Migration: $sqlContent Existing Schema: $schemaContent"

Write-Host "=== Conflict Check for $SqlFile ==="

Write-Output $review

Pair this with a schema export (pg_dump -s for Postgres, expdp (DataPump) of the metadata for Oracle, sqlpackage for SQL Server) to give the model context.  The script appears simple, but can be expanded upon to perform platform specific tasks, creating a framework that all platforms can be based from for AI actions and use local AI, offering a more secure method to begin an organization AI testing method from.

3. Standards / Best Practices Validation

param(

    [string]$SqlFile

)

$sqlContent = Get-Content $SqlFile -Raw

$review = & ollama run qwen2.5 "Check this SQL migration against best practices: use of transactions, consistent naming conventions, avoiding SELECT *, correct use of primary keys, etc. Return specific issues and recommendations. Script: $sqlContent"

Write-Host "=== Standards Check for $SqlFile ==="

Write-Output $review

This enforces team or company-level guidelines automatically.  I don’t know a DBA out there that wouldn’t find this useful and couldn’t build on this to help developers help themselves and create recommended practices.  It also offers us a way to identify if AI solutions provide value or if they don’t, while not requiring a lot of time-laden or cost heavy investment.

4. Automatic Documentation Generation

param(

    [string]$SqlFile

)

$sqlContent = Get-Content $SqlFile -Raw

$review = & ollama run qwen2.5 "Summarize the following SQL migration in plain English for release notes. Include the affected tables, columns, and purpose of the change: $sqlContent"

Write-Host "=== Release Note for $SqlFile ==="

Write-Output $review

Now your migration can generate its own release note entry and one less tedious/manual task that most of us dislike performing. 

Orchestrating with Flyway

As the original script is based off was part of a larger demonstration script suite I wrote, I can’t help but mention, these were all part of steps to make deployments more robust.  Any of these scripting options I put in this post could be integrated as scripts into a larger Flyway-driven pipeline. Here’s an example run.ps1 orchestrator, (although not as dynamic as my goal to create in my end product):

param(

    [string]$Stage = "All",

    [string]$MigrationsPath = ".\migrations"

)

$migrationFiles = Get-ChildItem $MigrationsPath -Filter *.sql

foreach ($file in $migrationFiles) {

    if ($Stage -eq "All" -or $Stage -eq "Review") {

        .\ai-review.ps1 -SqlFile $file.FullName

    }

    if ($Stage -eq "Performance") {

        .\ai-performance.ps1 -SqlFile $file.FullName

    }

    if ($Stage -eq "Conflicts") {

        .\ai-conflicts.ps1 -SqlFile $file.FullName -SchemaDump ".\schema_dump.sql"

    }

    if ($Stage -eq "Docs") {

        .\ai-docs.ps1 -SqlFile $file.FullName

    }

}

if ($Stage -eq "All" -or $Stage -eq "Migrate") {

    flyway migrate

}

Once your Flyway project is created, this allows you to call the following from the command line and simply let it do the automation with Flyway as the orchestrator:

.\run.ps1 -Stage Review

.\run.ps1 -Stage All

Depending on if you’re running a specific check or all, you can run different AI-driven checks as part of your release cycle.

Why Local AI Fits This Workflow

Running Ollama locally avoids the two biggest barriers to adopting AI in database workflows:

• Security: SQL scripts and schema never leave your environment.
• Control: You choose the model (Qwen, Llama, Mistral, etc.) and tune prompts without API quotas or vendor lock-in. 
• Performance:  Depending on the resources available and requirements, you can build out or simplify as needed.

This makes it a practical way to embed AI into CI/CD pipelines where sensitive schema changes are in play.

Worth it

By wrapping Ollama calls inside PowerShell, you unlock a reusable, modular pattern for some of the most common needs we may use expensive tools or consume time manually on:

• Code review – catch mistakes before they run.
• Performance checks – anticipate slowdowns.
• Conflict detection – spot schema collisions.
• Best practices validation – enforce standards.
• Documentation generation – automate release notes.

Each task is simply a different prompt. Combined with Flyway, this becomes a flexible foundation for AI-augmented DevOps pipelines that are secure, local, and adaptable. If you’d like to download the original script suite demo and cheat sheet to get started, feel free to go over to my GitHub zip file and download it.  Have fun with it, as I think AI should be fun…and I prefer when it’s fun AND SAFE.

Have enough Copilot buttons in your life? No you don’t — have another one! This one pops up in the latest Windows 11 Insider Preview when mousing over an open app in your taskbar; it lets you share the contents with Copilot Vision.

Want to know who is celebrating in that dogpile on the mound, or dig a little deeper on that sculpture you took a photo of? Just click that “Share with Copilot” button that pops up in the window preview. Copilot Vision scans what’s on your screen, analyzes it, and lets you discuss the contents of the window with Microsoft’s AI chatbot to get more context, including offering tutorials. 

Of course, it doesn’t exactly seem like Windows users are clamoring for more Copilot in their lives. There’s already buttons popping up in Microsoft Paint, Notepad, in the taskbar, on your keyboard, and right on the front of some PCs. There’s even another, more useful Copilot feature in the same Windows 11 preview that translates on-screen text. Microsoft does say it’s just “trying out this taskbar capability”, so don’t be shocked if it gets axed in an upcoming build before it actually ships to regular users.

Gallup: A record-low 35% of Americans are satisfied with the quality of education that K-12 students receive in the U.S. today, marking an eight-percentage-point decline since last year. This is one point below the previous historical low recorded in 2000 and 2023 for this Gallup question that dates back to 1999. Several other ratings of the U.S. K-12 education system provide a similarly bleak assessment. Only about one-quarter of Americans think K-12 schools are headed in the right direction, while just one in five rate them as "excellent" or "good" at preparing students for today's jobs and one in three say the same for college. Yet, parents of current K-12 students are nearly twice as satisfied with their own child's education as they are with education in the U.S. K-12 parents are also slightly more likely than U.S. adults in general to rate different aspects of education positively, including the direction of education in the U.S. and schools' preparation of students for the workforce and for college. Still, none of these ratings is near the majority level.

Read more of this story at Slashdot.