Episode 306 of Thinking Elixir. Security takes center stage this week as the EEF’s Jonatan Männchen highlights that atom exhaustion accounts for roughly one tenth of all CVEs in the BEAM ecosystem and Sobelow can help catch it before it hits production. Hackney users get an urgent nudge to upgrade to v4.0.3, which patches 9 CVEs including high-severity issues and fixes missing HTTP/3 certificate verification, thanks in part to Peter Ullrich’s AI-assisted vulnerability research. On the exciting side, the new Elixir 1.20-rc.6 type system is proving its worth in the real world, with Tyler Young reporting it caught ~500 issues, including outright bugs, that 1.19 completely missed. Dannote releases “vibe”, an ambitious BEAM-native coding agent for Elixir/OTP projects featuring a TUI, LiveView web console, subagents, and more!