Broken Ownership
Have you been in any of these situations? Managers make decisions that’s out of their leagues and everyone else in the team ends up paying for it. Knowledgeable people passively observe without bothering to contribute. Sometimes they are denied access to the room. Developers act like code monkeys, throwing the code over a metaphorical wall for the QA to test and “DevOps” to run. In “you build it,
.app 1 .dev 1 #11WeeksOfAndroid 13 #11WeeksOfAndroid Android TV 1 #Android11 3 #DevFest16 1 #DevFest17 1 #DevFest18 1 #DevFest19 1 #DevFest20 1 #DevFest21 1 #DevFest22 1 #DevFest23 1 #hack4jp 3 11 weeks of Android 2 A MESSAGE FROM OUR CEO 1 A/B Testing 1 A4A 4 Accelerator 6 Accessibility 1 accuracy 1 Actions on Google 16 Activation Atlas 1 address validation API 1 Addy Osmani 1 ADK 2 AdMob 32 Ads
GraphQL is an incredible piece of technology that has captured a lot of mindshare since I first started slinging it in production in 2018. You won’t have to look far back on this (rather inactive) blog to see I have previously championed this technology. After building many a React SPA on top of a hodge podge of untyped JSON REST APIs, I found GraphQL a breath of fresh air. I was truly a GraphQL h
変更履歴を記録する
Version 1.1.0 # Changelog All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.1.0/), and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html). ## [Unreleased] ### Added - v1.1 Brazilian Portuguese translation. - v1.1 German Translation - v1.1 Spanish translation. - v1.1 Italian
TL;DR: Instead of redirecting API calls from HTTP to HTTPS, make the failure visible. Either disable the HTTP interface altogether, or return a clear HTTP error response and revoke API keys sent over the unencrypted connection. Unfortunately, many well-known API providers don't currently do so. Updated 2024-05-24: Added the Google Bug Hunter Team response to the report that the VirusTotal API resp
Today, we’re excited to announce that the Bluesky network is federating and opening up in a way that allows you to host your own data. What does this mean? Your data, such as your posts, likes, and follows, needs to be stored somewhere. With traditional social media, your data is stored by the social media company whose services you've signed up for. If you ever want to stop using that company's s
Q: I’ve noticed quite a bit of similarity between staff engineering roles and engineering management. What is your take on the similarities and differences?An interesting observation is how many leadership roles in Big Tech and at high-growth startups begin to utilize overlapping skill sets after a while. At these companies, everyone working in engineering or product is technical, meaning they hav
xz-backdoor.md FAQ on the xz-utils backdoor (CVE-2024-3094) This is still a new situation. There is a lot we don't know. We don't know if there are more possible exploit paths. We only know about this one path. Please update your systems regardless. This is a living document. Everything in this document is made in good faith of being accurate, but like I just said; we don't yet know everything abo
Hello! I’m slowly working on explaining git. One of my biggest problems is that after almost 15 years of using git, I’ve become very used to git’s idiosyncracies and it’s easy for me to forget what’s confusing about it. So I asked people on Mastodon: what git jargon do you find confusing? thinking of writing a blog post that explains some of git’s weirder terminology: “detached HEAD state”, “fast-
前回は「開発生産性」という言葉の広さから、きちんと組織のレイヤーを構造化しながら用語を分けてオーバーラップする部分を繋げていきましょうという話を紹介しました。第2回となる今回は、開発チームに焦点を当てていきます。ソフトウェア開発の現場では、Four Keysを中心とした「開発生産性のメトリクスはどうあるべきか」 や「認知負荷を下げるエコシステムはどう設計するべきか」といった議論が頻繁に行われています。こうしたソフトウェアアーキテクチャから生まれる開発生産性に関する議論はとても重要であり効果が高いものです。本記事ではそうした議論とは少し離れ、「エンジニアの継続的なフロー状態が生む開発生産性への重要度と、組織が開発チームに対する不安の定量化によるフロー状態の軽視がなぜ起こるのか」という観点で解説します。 以前の記事 【第1回】「開発生産性」はエンジニア"だけ"のモノではなくなった?──開発組織
The BBC on Mastodon: experimenting with distributed and decentralised social media
The BBC on Mastodon: experimenting with distributed and decentralised social media Posted by Tristan Ferne on 31 Jul 2023, last updated 31 Jul 2023 As the social media landscape ebbs and flows, the team at BBC Research & Development are researching social technologies and exploring possibilities for the BBC. One part of our work is to establish a BBC presence in the distributed collection of socia
50 Shades of Go: Traps, Gotchas, and Common Mistakes for New Golang Devs
50 Shades of Go: Traps, Gotchas, and Common Mistakes for New Golang Devs 50 Shades of Go in Other Languages Chinese Translation: blog post, segmentfault (by wuYin) - needs updates Another Chinese Translation: blog post (by Shadowwind LEY) - needs updates Russian Translation: blog post (by Ilia Ozhereliev, Mail.Ru Group Blog) - needs updates Overview Go is a simple and fun language, but, like any o
Published: August 4, 2023 Updated: October 27, 2023 Part 1: an intro about music, defaults, and bubbles Like a lot of people, there was a time when the only music I listened to was whatever was played on my local radio station. (A lot of people over 30 or so, anyway. If this doesn’t sound familiar to you yet, just stick with me for a minute here.) At the time, I was happy with that. It seemed like
Next.js 13 vs Remix: An In-depth case studyLast updated on 29 Sep 2023 by Prateek Surana • - min read When it comes to building web applications, React has been at the forefront for a while now, and its adoption continues to grow. Among the most common approaches to building web applications with React, Next.js stands out as one of the most preferred options. Next.js has also been in the limel
Async Rust Is A Bad Language
But to get at whatever the hell I mean by that, we need to talk about why async Rust exists in the first place. Let’s talk about: Modern Concurrency: They’re Green, They’re Mean, & They Ate My Machine Suppose we want our code to go fast. We have two big problems to solve: We want to use the whole computer. Code runs on CPUs, and in 2023, even my phone has eight of the damn things. If I want to use
Why SQLite Uses Bytecode
1. Introduction Every SQL database engine works in roughly the same way: It first translates the input SQL text into a "prepared statement". Then it "executes" the prepared statement to generate a result. A prepared statement is an object that represents the steps needed to accomplish the input SQL. Or, to think of it in another way, the prepared statement is the SQL statement translated into a fo
The Development of the C Language* Dennis M. Ritchie Bell Labs/Lucent Technologies Murray Hill, NJ 07974 USA dmr@bell-labs.com ABSTRACT The C programming language was devised in the early 1970s as a system implementation language for the nascent Unix operating system. Derived from the typeless language BCPL, it evolved a type structure; created on a tiny machine as a tool to improve a meager progr
SNSの現在地、その先
Table of Contents 青い鳥よどこへ行く 思い出話 前兆 加速 青空 停滞 現在地 未来 青い鳥よどこへ行く Twitterが名実ともに消失して𝕏となり、SNSにとって一つの転換期であることは間違いないだろう。備忘録としてまとめておきたい。 思い出話 前兆 まず、2022年11月ごろまで時計の針を戻す。時事に疎い私でも、イーロンマスクのTwitter買収によって何かが変わる予感はしていた。当時の私の直感は、これだった。 うーん イーロン体制に移行した今のTwitterはまさにひろゆきを追い出したJim時代の2chを感じる Jimもそんなにまともではないがひろゆき筆頭の連中よりはマシという認識だった — 電子馬🅴 (@Erechorse) November 7, 2022 もともとイーロンマスクへの印象は、「出してくるプロダクトの当たり外れは激しいが、当たると凄まじい、人間
「核抑止論者に問いたい。あなたは責任を負えるのか」 広島県知事あいさつ【全文】平和記念式典<2023年> | 中国新聞デジタル
「核抑止論者に問いたい。あなたは責任を負えるのか」 広島県知事あいさつ【全文】平和記念式典<2023年> 知事あいさつ(令和5年広島市平和記念式典) 本日、被爆78年を迎えるにあたり、原爆犠牲者の御霊(みたま)に、広島県民を代表して謹んで哀悼の誠(まこと)を捧げます。そして、今なお後遺症で苦しんでおられる被爆者や、御遺族の皆様に、心からお見舞いを申し上げます。 今、世界では、ロシアによる非道なウクライナ侵攻と核兵器による脅しが続き、北朝鮮は核及びミサイル開発を進め、一部の核保有国が核戦力の大幅な増強を図るなど、核兵器を巡る安全保障環境は厳しくなっています。日本においても、また世界においても、核戦力やその運用の強化を図るべしとの論が声高に叫ばれています。 そうした中、今年5月、ここ平和記念公園に、核兵器国3か国を含むG7首脳が集まり、資料館を訪問し、被爆者の声に耳を傾け、慰霊碑に献花して犠牲
LogLog Games
The article is also available in Chinese. Disclaimer: This post is a very long collection of thoughts and problems I've had over the years, and also addresses some of the arguments I've been repeatedly told. This post expresses my opinion the has been formed over using Rust for gamedev for many thousands of hours over many years, and multiple finished games. This isn't meant to brag or indicate su
What We Learned from a Year of Building with LLMs (Part I)
Join the O'Reilly online learning platform. Get a free trial today and find answers on the fly, or master something new and useful. Learn more It’s an exciting time to build with large language models (LLMs). Over the past year, LLMs have become “good enough” for real-world applications. The pace of improvements in LLMs, coupled with a parade of demos on social media, will fuel an estimated $200B
CVE-2024-4367 - Arbitrary JavaScript execution in PDF.js — Codean Labs
This post details CVE-2024-4367, a vulnerability in PDF.js found by Codean Labs. PDF.js is a JavaScript-based PDF viewer maintained by Mozilla. This bug allows an attacker to execute arbitrary JavaScript code as soon as a malicious PDF file is opened. This affects all Firefox users (<126) because PDF.js is used by Firefox to show PDF files, but also seriously impacts many web- and Electron-based a
David Chase and Russ Cox 19 September 2023 Go 1.21 includes a preview of a change to for loop scoping that we plan to ship in Go 1.22, removing one of the most common Go mistakes. The Problem If you’ve written any amount of Go code, you’ve probably made the mistake of keeping a reference to a loop variable past the end of its iteration, at which point it takes on a new value that you didn’t want.
We want to empower you to experiment with LLM models, build your own applications, and discover untapped problem spaces. That’s why we sat down with GitHub’s Alireza Goudarzi, a senior machine learning researcher, and Albert Ziegler, a principal machine learning engineer, to discuss the emerging architecture of today’s LLMs. In this post, we’ll cover five major steps to building your own LLM app,
The dark web is a part of the internet that lets people hide their identity and location from other people and from law enforcement. As a result, the dark web can be used to sell stolen personal info. How can you access the dark web? To access the dark web, you can’t use Google Search or browsers, such as Chrome or Safari. Instead, you need to use software designed specifically for this purpose, s
Docker Compose Watch, a tool to improve the inner loop of application development, is now generally available. Hot reload is one of those engineering workflow features that’s seemingly minor and simple but has cumulative benefits. If you can trust your app will update seamlessly as you code, without losing state, it’s one less thing pulling your focus from the work at hand. You can see your fronte
Migrating from Zod to Valibot: A Comparative Experience | Matthew Kwong
Friday, January 12, 2024 Migrating from Zod to Valibot: A Comparative Experience I've recently migrated the validation part of the contact form of my website (a.k.a. this website) from Zod to Valibot. And I would like to share with you the experience. What is Valibot? Valibot is commonly known as the "Zod alternative with a smaller bundle size". Similar to Zod, it is a schema validation library. I
Source:imgflip.comAs I write this on the 25th of April, I am still reeling from the announcement of IBM’s acquisition of Hashicorp. When I first heard the rumours yesterday, I was concerned about the future of possibly my favourite Infrastructure-as-code (IaC) tool. It has long been obvious that Hashicorp has been struggling to make money, making a $274 million loss in 2023. This undoubtedly led t
Release: Yarn 4.0 🪄⚗️ | Yarn
Today is the day! After more than a year of work, our team is excited to finally put a fancy "stable" sticker on the first release from the 4.x release line! To celebrate, let's make together a tour of the major changes; should you look for a more itemized list, take a look at the changelog. Breaking ChangesHere's what you need to know when upgrading from 3.x projects: We now require Node.js 18+.N
We've added JavaScript-native RPC to Cloudflare Workers
We've added JavaScript-native RPC to Cloudflare Workers04/05/2024 Cloudflare Workers now features a built-in RPC (Remote Procedure Call) system enabling seamless Worker-to-Worker and Worker-to-Durable Object communication, with almost no boilerplate. You just define a class: export class MyService extends WorkerEntrypoint { sum(a, b) { return a + b; } } And then you call it: let three = await env.
Piccolo - A Stackless Lua Interpreter 2024-05-01 History of piccolo A "Stackless" Interpreter Design Benefits of Stackless Cancellation Pre-emptive Concurrency Fuel, Pacing, and Custom Scheduling "Symmetric" Coroutines and coroutine.yieldto The "Big Lie" Rust Coroutines, Lua Coroutines, and Snarfing Zooming Out piccolo is an interpreter for the Lua language written in pure, mostly safe Rust with a
チームの公用語を英語にした話 A story about making English our team's official language - ANDPAD Tech Blog
See below for the English version. この記事はANDPAD Advent Calendar 2023 22日目の記事です。 こんにちは、リアーキテクティングチームの白土(@kei_s)です。今回は、我々のチームの公用語を英語にしたお話のご紹介です。 リアーキテクティングチームとは ANDPADシステムでの複数のドメインに横断した問題に対応するため、「リアーキテクティングチーム(略称: リアーキチーム)」という名前の専任チームを組織し開発課題に対応しています。現在主に Rails アプリケーションに関連する改善を行っています。ブログやイベントで取り組みをいくつかご紹介しているので、興味があればぜひご覧ください! Kaigi on Rails 2022 「実践 Rails アソシエーションリファクタリング」で伝えきれなかったこと - ANDPAD Tech B
♯1:レイヴ・カルチャーの思い出 | ele-king
2023年、少し嬉しいかもと思ったのが、日本におけるレイヴ・カルチャー再燃(しているらしい話)だった。え、まさか、ほんと? 人間歳を取ると無邪気さが減少しシニカルになり、老害化することは自分を見ていてもわかる。文化とは、上書きされ、アップデートしていくものだし、ぼくはこんにちの現場を知らないから、そもそも「再燃」について何か言える立場ではない。しかしぼくにも言えることがある。いまから30年以上前の、オリジナルなレイヴ・カルチャーの話だ。当時のリアル体験者のひとりとして、その場にいた当事者のひとりとして、それがどんなものだったのかを(ある程度のところまで)記しておくことも無益ではないだろう。 かつて、それがレイヴかどうかを判断するのは簡単だった。足がガクガクになるほど踊ったあとの朝の帰り道に、あるいは数日後に、「ところで誰がDJだったの?」、これがレイヴだった。たとえば、クラブでもフジロック
WebKit Features in Safari 17.4
Just like Safari 15.4 and Safari 16.4, this March’s release of Safari 17.4 is a significant one for web developers. We’re proud to announce another 46 features and 146 bug fixes. You can experience Safari 17.4 on iOS 17.4, iPadOS 17.4, macOS Sonoma 14.4, macOS Ventura, macOS Monterey, and in visionOS 1.1. Architectural improvements It’s always exciting to ship new features that you can use while b
[LinkedIn discussion, Twitter thread] Never before in my life had I seen so many smart people working on the same goal: making LLMs better. After talking to many people working in both industry and academia, I noticed the 10 major research directions that emerged. The first two directions, hallucinations and context learning, are probably the most talked about today. I’m the most excited about num
Internet Engineering Task Force (IETF) K. Davis Request for Comments: 9562 Cisco Systems Obsoletes: 4122 B. Peabody Category: Standards Track Uncloud ISSN: 2070-1721 P. Leach University of Washington May 2024 Universally Unique IDentifiers (UUIDs) Abstract This specification defines UUIDs (Universally Unique IDentifiers) -- also known as GUIDs (Globally Unique IDentifiers) -- and a Uniform Resou
Retries – An interactive study of common retry methods – Encore Blog
Requests over the network can fail. This is something we cannot avoid, and to write robust software we need to handle these failures or else they may be presented to users as errors. One of the most common techniques for handling a failed request is to retry it. In this post we're going to visually explore different methods of retrying requests, demonstrating why some common approaches are dangero
Never* use Datagrams Click-bait title, but hear me out. TCP vs UDP So you’re reading this blog over the internet. I would wager you do a lot of things over the internet. If you’ve built an application on the internet, you’ve undoubtedly had to decide whether to use TCP or UDP. Maybe you’re trying to make, oh I dunno, a live video protocol or something. There are more choices than just those two bu
On July 5, 2023, Meta launched Threads, the newest product in our family of apps, to an unprecedented success that saw it garner over 100 million sign ups in its first five days. A small, nimble team of engineers built Threads over the course of only five months of technical work. While the app’s production launch had been under consideration for some time, the business finally made the decision a
by Alistair Shepherd published on Dec 14, 2023 Carefully observing websites in the wild As the murderous tortoises start to converge on Ryūji’s hideout, they pull out their phone. It’s a cheap, older device but it’s survived the toils of the tortoise-ageddon well so far. Thankfully the internet still exists, although a bit slower, so they’re able to search online for how to scare tortoises away. T
j次のブックマーク
k前のブックマーク
lあとで読む
eコメント一覧を開く
oページを開く
BudouX: 読みやすい改行のための軽量な分かち書き器
Why, after 6 years, I’m over GraphQL
Your API Shouldn't Redirect HTTP to HTTPS
Bluesky: An Open Social Web - Bluesky
Engineering Leadership Skill Set Overlaps
xz-utils backdoor situation (CVE-2024-3094)
Confusing git terminology
なぜ、エンジニアの"フロー状態"は見落とされるのか? 継続的なフロー状態が開発生産性を高める
Things you forgot (or never knew) because of React
Next.js 13 vs Remix: An In-depth case study
The Development of the C Language
Fixing For Loops in Go 1.22 - The Go Programming Language
The architecture of today's LLM applications
What's the dark web? - Google One Help
Announcing Docker Compose Watch GA Release | Docker
The beginning of the end for Terraform?
kyju.org - Piccolo - A Stackless Lua Interpreter
Open challenges in LLM research
RFC 9562: Universally Unique IDentifiers (UUIDs)
Never* use Datagrams - Media over QUIC
How Meta built the infrastructure for Threads
Getting started with Web Performance 🚀 - HTMHell