Home / Companies / Metabase / Blog / May 2026

May 2026 Summaries

5 posts from Metabase

Filter
Month: Year:
Post Summaries Back to Blog
The concept of a Persistent Agent (pa) is introduced as a tool designed to streamline developers' workflows by handling routine tasks, thereby allowing them to focus more on coding. Unlike typical agents that function on a per-session basis, pa retains memory across sessions, enabling it to resume tasks without requiring repeated instructions from the user. By automating the start-of-day routines and managing both trivial and boring tasks, pa is able to free up approximately 15% of developers' time, which is crucial during busy or stressful periods. The tool integrates with common platforms like Slack, GitHub, and Linear, and is customizable for personal or work use. Users are encouraged to fork the Persistent Agent repository and adjust it to suit their individual needs, with the potential to enhance productivity by reducing the cognitive load associated with task management.
May 30, 2026 1,412 words in the original blog post.
Open source software is facing a challenging period as advancements in LLM-powered scanning tools are uncovering numerous security vulnerabilities in publicly accessible codebases. This trend began at the start of the year, with a notable increase in the volume and accuracy of vulnerability reports received by Metabase, indicating a broader improvement in automated code scanning capabilities. With the rise of competitive SaaS offerings for scanning, open source maintainers now face pressure to address vulnerabilities quickly, as these tools are capable of identifying exploitable flaws that were previously hard to detect. While this shift is expected to heighten security in the long run by encouraging thorough vulnerability patching, it poses immediate challenges for open source projects, especially non-commercial ones, which may lack the resources to handle the influx of reports. Consequently, some companies, like Cal.com, are considering transitioning to closed source to avoid the relentless cycle of vulnerability management. This evolution in security dynamics prompts software developers, both open and closed source, to prepare for increased scrutiny of their code and to adopt more robust patching and monitoring practices to maintain security integrity.
May 15, 2026 1,739 words in the original blog post.
Open-source software is facing increased scrutiny in 2026 due to advancements in automated security vulnerability scanning powered by large language models (LLMs), leading to a surge in the discovery of security issues in public code. This has resulted in a significant rise in the number and quality of vulnerability reports, as observed by companies like Metabase, which went from receiving a few reports per month to several per week, many of which are credible. While these developments enhance the security of open-source software by uncovering hidden flaws, they also create challenges for maintainers, who must address vulnerabilities quickly to prevent potential exploits. The landscape is rapidly changing, with many new SaaS services offering scanning solutions, and companies may consider going closed source to manage security risks more effectively. As coding agents become more adept at identifying vulnerabilities, both open and closed-source developers need to prioritize frequent security patches and adopt a proactive approach to mitigate potential threats.
May 14, 2026 1,740 words in the original blog post.
The Metabase AI Hackathon celebrated the open-sourcing of every AI feature in Metabase, showcasing innovative projects that utilized the platform's capabilities. Among the standout entries were "Meta Chess" by Marat Surmashev, which transformed a Metabase dashboard into an interactive chess game platform where AI agents Claude and Codex play against each other, demonstrating the versatility of the MCP server and file-based development. Another notable project was "Claude's Advice" by Owais Mumtaz, a practical application that used personal fitness data to generate actionable insights via the MCP server, underscoring the utility of Metabase's semantic layer. Both projects illustrated the creative potential of Metabase's AI features, with winners receiving mechanical keyboards as prizes. Participants were encouraged to explore AI tools within Metabase further, with the opportunity to build personalized projects outside of the hackathon setting.
May 13, 2026 572 words in the original blog post.
In an effort to enhance the performance of the Clojure development tool clojure-lsp, significant improvements were made to reduce its startup time and memory usage when handling large codebases, such as Metabase's. By examining heap memory issues and applying various optimizations, including increasing heap space, refining allocation techniques, and improving memoization, the tool's initialization time was halved and memory allocations reduced by two-thirds. The use of clj-async-profiler allowed for detailed profiling, which highlighted inefficiencies and informed the enhancements made, such as optimizing the deep-merge function and rewrite-clj library. These refinements, confirmed by benchmarks from clojure-lsp's maintainer Eric Dallo, have been incorporated into the tool's latest release, although further optimizations are possible to reduce memory usage even more.
May 13, 2026 1,917 words in the original blog post.