🎧 Listen to this episode

Richard opens Daily Reading List #753 by noting a theme: today’s list digs into the how of our work — how we architect systems, how we stay motivated on products people dislike, how we think about AI in our teams, and how we swap to cloud-managed services.

Is Event-Driven Architecture Overkill for Most Apps? — Derek Comartin’s main point is that people confuse scaling with the actual reason you’d reach for events. Events aren’t about handling more traffic; they’re about decoupling responsibilities in time. When a package gets delivered, recording that delivery is one responsibility. Sending a push notification, an SMS, or a webhook are separate concerns that react independently. Derek also draws a sharp line between commands (instructions to do something) and events (statements of fact that something happened), and clarifies that event sourcing — recording state as a series of events — is an entirely different utility from event-driven notifications.

Explore Benjamin Franklin’s scientific discoveries on NotebookLM — Google and the Royal Society have loaded Franklin’s original 18th-century papers, manuscripts, and handwritten letters into NotebookLM, where you can chat with the content, listen to an AI-generated audio discussion, watch video overviews, and take a quiz on his scientific concepts. A great demonstration of what becomes possible when rich archival material meets interactive AI.

Axios NPM Distribution Compromised in Supply Chain Attack — On March 31st, a threat actor compromised an axios maintainer’s npm account and published two malicious versions (1.14.1, 0.30.4). Axios is present in ~80% of cloud environments and gets ~100 million weekly downloads. The malicious versions dropped a lightweight remote access trojan via a trojanized dependency called plain-crypto-js. Wiz observed execution in ~3% of affected environments. This is the second major npm supply chain attack in one week.

Every Building You’ve Ever Been In Was Designed By Software Built in 1997 — The architecture, engineering, and construction (AEC) industry is a $13 trillion global sector that technology has largely bypassed. Most firms run desktop applications from the late 1990s. Construction professionals spend 35% of their time on non-productive activities. Autodesk’s Revit has 95%+ market share and ~$3B in ARR. 85% of construction projects exceed their budgets, and rework costs the US industry $177 billion annually — over 70% of which traces back to design errors.

Working on products people hate — Sean Goedecke, a GitHub engineer who’s worked on Copilot, reflects on what it’s like when users dislike what you build. His key insight: engineering quality doesn’t predict user love. Some beloved features have shaky internals; some beautifully built features fail. But there’s a silver lining — people only hate products they’re actually using. If you’re thick-skinned enough, making a widely-used but annoying product slightly better is pretty high-impact work.

AI is splitting companies into two groups — Matt Asay shares contrasting conversations: a hedge fund with fleets of agents in production, and a bank with barely any LLM use. McKinsey data shows 88% of companies use AI somewhere, but only a third are scaling it. Encouraging: engineering openings are at their highest in three years, up 78%, with 45% at entry/mid-level. The real divide isn’t access to AI — it’s between teams integrating AI into repeatable work and teams treating it as an experiment.

Agent to UI Protocol (A2UI) with Agent Development Kit (ADK) — Mete Atamel explains A2UI, Google’s generative UI protocol that lets AI agents produce rich, interactive user interfaces — cards, buttons, text fields, lists — as part of their responses. Key distinction: AG-UI connects your app to the agentic backend; A2UI is the spec agents use to describe UI to render. They’re complementary.

ADK Go 1.0 Arrives! — The Agent Development Kit for Go hits 1.0 with native OpenTelemetry tracing, a plugin system for self-healing logic (retry-and-reflect), human-in-the-loop confirmations for sensitive operations, and YAML-based agent configuration. A significant milestone for production-grade AI agents in Go.

How to build production-ready AI agents with Google-managed MCP servers — Google’s managed MCP endpoints let agents securely interact with Maps, BigQuery, GKE, Cloud Run, and more. Security highlights: IAM deny policies that block tool calls at the platform level regardless of what the LLM decides, and Model Armor for scanning all MCP traffic for prompt injection and malicious content.

Tech Conferences Aren’t Dead. But Why We Go Is Changing — Mark Hazell, organizer of Devoxx UK, argues we don’t go to conferences to learn things we could Google. We go for deep focus, conversations with peers, and structured learning. His philosophy: no private speaker rooms, everyone welcome and equal. When people feel comfortable, real connections follow.

Spanner’s multi-model advantage for the era of agentic AI — Instead of separate databases for relational, key-value, graph, vector, and full-text search, Spanner consolidates them. MakeMyTrip shared their experience consolidating MongoDB, Neo4j, Elasticsearch, and Qdrant into one Spanner instance — 75% reduction in operational complexity, 9% improvement in AI answer-quality.

When product managers ship code: AI just broke the software org chart — Andrew Filev at Zencoder found that when AI collapsed implementation costs, the bottleneck shifted from engineering capacity to decision velocity. A PM built and shipped a feature in one day. A designer fixed visual drift directly. The compound effect: when people build directly, their specs get sharper, agent output improves, and iteration cycles shrink.

How ID.me Scaled to 145M Users While Reducing Operational Risk — ID.me migrated 50TB to Google Cloud’s AlloyDB, handling 40,000 users/minute and 120,000 transactions/second during tax season. They use AlloyDB read pools as data clean rooms for fraud detection and saw a 40% reduction in data team work completion time.

Source: Daily Reading List – March 31, 2026 (#753) by Richard Seroter

Articles covered:

1. Is Event-Driven Architecture Overkill for Most Apps? — CodeOpinion
2. Explore Benjamin Franklin’s scientific discoveries on NotebookLM — Google Blog
3. Axios NPM Distribution Compromised in Supply Chain Attack — Wiz
4. Every Building You’ve Ever Been In Was Designed By Software Built in 1997 — a16z
5. Working on products people hate — Sean Goedecke
6. AI is splitting companies into two groups — InfoWorld
7. Agent to UI Protocol (A2UI) with ADK — Google Cloud / Medium
8. ADK Go 1.0 Arrives! — Google Developers Blog
9. How to build AI agents with Google-managed MCP servers — Google Cloud Blog
10. Tech Conferences Aren’t Dead. But Why We Go Is Changing — ShiftMag
11. Spanner’s multi-model advantage for agentic AI — Google Cloud Blog
12. When product managers ship code — VentureBeat
13. How ID.me Scaled to 145M Users — Google Cloud Blog